From 609fe2cae2459d721ac11d23cd27b8a94397ef3c Mon Sep 17 00:00:00 2001 From: "jmc@openbsd.org" Date: Mon, 14 Apr 2025 05:41:42 +0000 Subject: [PATCH 001/687] upstream: rework the text for -3 to make it clearer what default behaviour is, and adjust the text for -R to make them more consistent; issue raised by mikhail mp39590; behaviour explained by naddy ok djm OpenBSD-Commit-ID: 15ff3bd1518d86c84fa8e91d7aa72cfdb41dccc8 --- scp.1 | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/scp.1 b/scp.1 index aa2e2d8b53f8..ff739e8b8304 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.113 2024/12/06 15:12:56 djm Exp $ +.\" $OpenBSD: scp.1,v 1.114 2025/04/14 05:41:42 jmc Exp $ .\" -.Dd $Mdocdate: December 6 2024 $ +.Dd $Mdocdate: April 14 2025 $ .Dt SCP 1 .Os .Sh NAME @@ -76,15 +76,16 @@ The options are as follows: .Bl -tag -width Ds .It Fl 3 Copies between two remote hosts are transferred through the local host. -Without this option the data is copied directly between the two remote -hosts. -Note that, when using the legacy SCP protocol (via the +This mode is the default, +but see also the +.Fl R +option for copying data directly between two remote hosts. +Note that when using the legacy SCP protocol (via the .Fl O flag), this option selects batch mode for the second host as .Nm cannot ask for passwords or passphrases for both hosts. -This mode is the default. .It Fl 4 Forces .Nm @@ -278,7 +279,9 @@ Quiet mode: disables the progress meter as well as warning and diagnostic messages from .Xr ssh 1 . .It Fl R -Copies between two remote hosts are performed by connecting to the origin +Copies between two remote hosts are transferred through the local host +by default. +This option instead copies between two remote hosts by connecting to the origin host and executing .Nm there. From f3d465530e75cb6c02e2cde1d15e6c4bb51ebfd9 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 15 Apr 2025 04:00:42 +0000 Subject: [PATCH 002/687] upstream: basic benchmarking support for the unit test framework enable with "make UNITTEST_BENCHMARK=yes" ok dtucker@ OpenBSD-Regress-ID: 7f16a2e247f860897ca46ff87bccbe6002a32564 --- Makefile.in | 7 + regress/Makefile | 31 +-- regress/unittests/Makefile.inc | 25 ++- regress/unittests/authopt/Makefile | 4 +- regress/unittests/authopt/tests.c | 8 +- regress/unittests/bitmap/Makefile | 7 +- regress/unittests/bitmap/tests.c | 30 ++- regress/unittests/conversion/Makefile | 4 +- regress/unittests/conversion/tests.c | 8 +- regress/unittests/hostkeys/Makefile | 4 +- regress/unittests/hostkeys/tests.c | 11 +- regress/unittests/kex/Makefile | 4 +- regress/unittests/kex/test_kex.c | 68 +++++-- regress/unittests/kex/tests.c | 9 +- regress/unittests/match/Makefile | 4 +- regress/unittests/match/tests.c | 8 +- regress/unittests/misc/Makefile | 4 +- regress/unittests/misc/tests.c | 8 +- regress/unittests/sshbuf/tests.c | 10 +- regress/unittests/sshkey/test_sshkey.c | 163 ++++++++++++++- regress/unittests/sshkey/tests.c | 10 +- regress/unittests/sshsig/tests.c | 8 +- regress/unittests/test_helper/test_helper.c | 211 +++++++++++++++++--- regress/unittests/test_helper/test_helper.h | 24 ++- regress/unittests/utf8/Makefile | 7 +- regress/unittests/utf8/tests.c | 8 +- 26 files changed, 580 insertions(+), 105 deletions(-) diff --git a/Makefile.in b/Makefile.in index 4617cebcd5e4..5a7a1bd101e3 100644 --- a/Makefile.in +++ b/Makefile.in @@ -782,6 +782,13 @@ unit: regress-unit-binaries OBJ="$(BUILDDIR)/regress" \ $@ && echo $@ tests passed +unit-bench: regress-unit-binaries + cd $(srcdir)/regress || exit $$?; \ + $(MAKE) \ + .CURDIR="$(abs_top_srcdir)/regress" \ + .OBJDIR="$(BUILDDIR)/regress" \ + OBJ="$(BUILDDIR)/regress" $@ + TEST_SSH_SSHD="$(BUILDDIR)/sshd" interop-tests t-exec file-tests extra-tests: regress-prep regress-binaries $(TARGETS) diff --git a/regress/Makefile b/regress/Makefile index 7e7f95b58a2c..8b69e14e998f 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -292,26 +292,33 @@ t-extra: ${EXTRA_TESTS:=.sh} interop: ${INTEROP_TARGETS} # Unit tests, built by top-level Makefile -unit: +unit unit-bench: set -e ; if test -z "${SKIP_UNIT}" ; then \ V="" ; \ test "x${USE_VALGRIND}" = "x" || \ V=${.CURDIR}/valgrind-unit.sh ; \ - $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf ; \ + ARGS=""; \ + test "x$@" = "xunit-bench" && ARGS="-b"; \ + test "x${UNITTEST_FAST}" = "x" || ARGS="$$ARGS -f"; \ + test "x${UNITTEST_SLOW}" = "x" || ARGS="$$ARGS -F"; \ + test "x${UNITTEST_VERBOSE}" = "x" || ARGS="$$ARGS -v"; \ + test "x${UNITTEST_BENCH_DETAIL}" = "x" || ARGS="$$ARGS -B"; \ + test "x${UNITTEST_BENCH_ONLY}" = "x" || ARGS="$$ARGS -O ${UNITTEST_BENCH_ONLY}"; \ + $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf $${ARGS}; \ $$V ${.OBJDIR}/unittests/sshkey/test_sshkey \ - -d ${.CURDIR}/unittests/sshkey/testdata ; \ + -d ${.CURDIR}/unittests/sshkey/testdata $${ARGS}; \ $$V ${.OBJDIR}/unittests/sshsig/test_sshsig \ - -d ${.CURDIR}/unittests/sshsig/testdata ; \ + -d ${.CURDIR}/unittests/sshsig/testdata $${ARGS}; \ $$V ${.OBJDIR}/unittests/authopt/test_authopt \ - -d ${.CURDIR}/unittests/authopt/testdata ; \ - $$V ${.OBJDIR}/unittests/bitmap/test_bitmap ; \ - $$V ${.OBJDIR}/unittests/conversion/test_conversion ; \ - $$V ${.OBJDIR}/unittests/kex/test_kex ; \ + -d ${.CURDIR}/unittests/authopt/testdata $${ARGS}; \ + $$V ${.OBJDIR}/unittests/bitmap/test_bitmap $${ARGS}; \ + $$V ${.OBJDIR}/unittests/conversion/test_conversion $${ARGS}; \ + $$V ${.OBJDIR}/unittests/kex/test_kex $${ARGS}; \ $$V ${.OBJDIR}/unittests/hostkeys/test_hostkeys \ - -d ${.CURDIR}/unittests/hostkeys/testdata ; \ - $$V ${.OBJDIR}/unittests/match/test_match ; \ - $$V ${.OBJDIR}/unittests/misc/test_misc ; \ + -d ${.CURDIR}/unittests/hostkeys/testdata $${ARGS}; \ + $$V ${.OBJDIR}/unittests/match/test_match $${ARGS}; \ + $$V ${.OBJDIR}/unittests/misc/test_misc $${ARGS}; \ if test "x${TEST_SSH_UTF8}" = "xyes" ; then \ - $$V ${.OBJDIR}/unittests/utf8/test_utf8 ; \ + $$V ${.OBJDIR}/unittests/utf8/test_utf8 $${ARGS}; \ fi \ fi diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index 98e280486ab1..ad7fdad84a53 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.16 2024/01/11 01:45:58 djm Exp $ +# $OpenBSD: Makefile.inc,v 1.17 2025/04/15 04:00:42 djm Exp $ .include .include @@ -7,6 +7,9 @@ UNITTEST_FAST?= no # Skip slow tests (e.g. less intensive fuzzing). UNITTEST_SLOW?= no # Include slower tests (e.g. more intensive fuzzing). UNITTEST_VERBOSE?= no # Verbose test output (inc. per-test names). +UNITTEST_BENCHMARK?= no # Run unit tests in benchmarking mode. +UNITTEST_BENCH_DETAIL?=no # Detailed benchmark statistics. +UNITTEST_BENCH_ONLY?= # Run only these benchmarks MALLOC_OPTIONS?= CFGJRSUX TEST_ENV?= MALLOC_OPTIONS=${MALLOC_OPTIONS} @@ -69,8 +72,8 @@ DPADD+=${.CURDIR}/../test_helper/libtest_helper.a .PATH: ${.CURDIR}/${SSHREL} -LDADD+= -lutil -DPADD+= ${LIBUTIL} +LDADD+= -lutil -lm +DPADD+= ${LIBUTIL} ${LIBM} .if (${OPENSSL:L} == "yes") LDADD+= -lcrypto @@ -82,11 +85,21 @@ DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} UNITTEST_ARGS?= -.if (${UNITTEST_VERBOSE:L} != "no") +.if (${UNITTEST_VERBOSE:L:R} != "no") UNITTEST_ARGS+= -v .endif -.if (${UNITTEST_FAST:L} != "no") +.if (${UNITTEST_FAST:L:R} != "no") UNITTEST_ARGS+= -f -.elif (${UNITTEST_SLOW:L} != "no") +.elif (${UNITTEST_SLOW:L:R} != "no") UNITTEST_ARGS+= -F .endif + +.if (${UNITTEST_BENCHMARK:L:R} != "no") +UNITTEST_ARGS+= -b +.endif +.if (${UNITTEST_BENCH_DETAIL:L:R} != "no") +UNITTEST_ARGS+= -B +.endif +.if (${UNITTEST_BENCH_ONLY:L} != "") +UNITTEST_ARGS+= -O "${UNITTEST_BENCH_ONLY}" +.endif diff --git a/regress/unittests/authopt/Makefile b/regress/unittests/authopt/Makefile index 3045ec708165..8bed7a915dfa 100644 --- a/regress/unittests/authopt/Makefile +++ b/regress/unittests/authopt/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.7 2023/01/15 23:35:10 djm Exp $ +# $OpenBSD: Makefile,v 1.8 2025/04/15 04:00:42 djm Exp $ PROG=test_authopt SRCS=tests.c @@ -22,6 +22,6 @@ SRCS+=utf8.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} -d ${.CURDIR}/testdata + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} -d ${.CURDIR}/testdata .include diff --git a/regress/unittests/authopt/tests.c b/regress/unittests/authopt/tests.c index d9e190305e76..5285f0db5746 100644 --- a/regress/unittests/authopt/tests.c +++ b/regress/unittests/authopt/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: tests.c,v 1.4 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for keys options functions. @@ -576,3 +576,9 @@ tests(void) test_cert_parse(); test_merge(); } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/bitmap/Makefile b/regress/unittests/bitmap/Makefile index fe30acc77394..c38cc7918cc1 100644 --- a/regress/unittests/bitmap/Makefile +++ b/regress/unittests/bitmap/Makefile @@ -1,14 +1,15 @@ -# $OpenBSD: Makefile,v 1.4 2017/12/21 00:41:22 djm Exp $ +# $OpenBSD: Makefile,v 1.5 2025/04/15 04:00:42 djm Exp $ PROG=test_bitmap SRCS=tests.c # From usr.sbin/ssh -SRCS+=bitmap.c atomicio.c +SRCS+=bitmap.c atomicio.c misc.c xmalloc.c fatal.c log.c cleanup.c match.c +SRCS+=sshbuf.c sshbuf-getput-basic.c sshbuf-misc.c ssherr.c addr.c addrmatch.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} .include diff --git a/regress/unittests/bitmap/tests.c b/regress/unittests/bitmap/tests.c index 576b863f4066..b8eae2313215 100644 --- a/regress/unittests/bitmap/tests.c +++ b/regress/unittests/bitmap/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: tests.c,v 1.3 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for bitmap.h bitmap API * @@ -23,7 +23,7 @@ #include "bitmap.h" -#define NTESTS 131 +#define DEFAULT_NTESTS 131 void tests(void) @@ -32,10 +32,15 @@ tests(void) struct bitmap *b; BIGNUM *bn; size_t len; - int i, j, k, n; + int i, j, k, n, ntests = DEFAULT_NTESTS; u_char bbuf[1024], bnbuf[1024]; int r; + if (test_is_fast()) + ntests /= 4; + else if (test_is_slow()) + ntests *= 2; + TEST_START("bitmap_new"); b = bitmap_new(); ASSERT_PTR_NE(b, NULL); @@ -44,9 +49,9 @@ tests(void) TEST_DONE(); TEST_START("bitmap_set_bit / bitmap_test_bit"); - for (i = -1; i < NTESTS; i++) { - for (j = -1; j < NTESTS; j++) { - for (k = -1; k < NTESTS; k++) { + for (i = -1; i < ntests; i++) { + for (j = -1; j < ntests; j++) { + for (k = -1; k < ntests; k++) { bitmap_zero(b); BN_clear(bn); @@ -67,7 +72,7 @@ tests(void) /* Check perfect match between bitmap and bn */ test_subtest_info("match %d/%d/%d", i, j, k); - for (n = 0; n < NTESTS; n++) { + for (n = 0; n < ntests; n++) { ASSERT_INT_EQ(BN_is_bit_set(bn, n), bitmap_test_bit(b, n)); } @@ -99,7 +104,7 @@ tests(void) bitmap_zero(b); ASSERT_INT_EQ(bitmap_from_string(b, bnbuf, len), 0); - for (n = 0; n < NTESTS; n++) { + for (n = 0; n < ntests; n++) { ASSERT_INT_EQ(BN_is_bit_set(bn, n), bitmap_test_bit(b, n)); } @@ -107,7 +112,7 @@ tests(void) /* Test clearing bits */ test_subtest_info("clear %d/%d/%d", i, j, k); - for (n = 0; n < NTESTS; n++) { + for (n = 0; n < ntests; n++) { ASSERT_INT_EQ(bitmap_set_bit(b, n), 0); ASSERT_INT_EQ(BN_set_bit(bn, n), 1); } @@ -123,7 +128,7 @@ tests(void) bitmap_clear_bit(b, k); BN_clear_bit(bn, k); } - for (n = 0; n < NTESTS; n++) { + for (n = 0; n < ntests; n++) { ASSERT_INT_EQ(BN_is_bit_set(bn, n), bitmap_test_bit(b, n)); } @@ -135,4 +140,9 @@ tests(void) TEST_DONE(); #endif } +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/conversion/Makefile b/regress/unittests/conversion/Makefile index 5793c4934845..f9f5859ac5e8 100644 --- a/regress/unittests/conversion/Makefile +++ b/regress/unittests/conversion/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2021/01/09 12:24:30 dtucker Exp $ +# $OpenBSD: Makefile,v 1.5 2025/04/15 04:00:42 djm Exp $ PROG=test_conversion SRCS=tests.c @@ -11,6 +11,6 @@ SRCS+=match.c addr.c addrmatch.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} .include diff --git a/regress/unittests/conversion/tests.c b/regress/unittests/conversion/tests.c index 5b526f7afa07..d65e6326fd4e 100644 --- a/regress/unittests/conversion/tests.c +++ b/regress/unittests/conversion/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.4 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: tests.c,v 1.5 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for conversions * @@ -50,3 +50,9 @@ tests(void) ASSERT_INT_EQ(convtime("1000000000000000000000w"), -1); TEST_DONE(); } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/hostkeys/Makefile b/regress/unittests/hostkeys/Makefile index 04d93359acaa..79a9d5745419 100644 --- a/regress/unittests/hostkeys/Makefile +++ b/regress/unittests/hostkeys/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.10 2023/01/15 23:35:10 djm Exp $ +# $OpenBSD: Makefile,v 1.11 2025/04/15 04:00:42 djm Exp $ PROG=test_hostkeys SRCS=tests.c test_iterate.c @@ -20,6 +20,6 @@ SRCS+=utf8.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} -d ${.CURDIR}/testdata + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} -d ${.CURDIR}/testdata .include diff --git a/regress/unittests/hostkeys/tests.c b/regress/unittests/hostkeys/tests.c index 92c7646ad164..a14ba19b3abe 100644 --- a/regress/unittests/hostkeys/tests.c +++ b/regress/unittests/hostkeys/tests.c @@ -1,10 +1,14 @@ -/* $OpenBSD: tests.c,v 1.1 2015/02/16 22:18:34 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.2 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for known_hosts-related API. * * Placed in the public domain */ +#include + +#include "../test_helper/test_helper.h" + void tests(void); void test_iterate(void); /* test_iterate.c */ @@ -14,3 +18,8 @@ tests(void) test_iterate(); } +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index ca4f0ee38639..b76ee8edc813 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.16 2024/09/09 03:13:39 djm Exp $ +# $OpenBSD: Makefile,v 1.17 2025/04/15 04:00:42 djm Exp $ PROG=test_kex SRCS=tests.c test_kex.c test_proposal.c @@ -35,7 +35,7 @@ SRCS+=digest-openssl.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} .include diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index caf8f57f75d6..84dada301b8f 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_kex.c,v 1.9 2024/09/09 03:13:39 djm Exp $ */ +/* $OpenBSD: test_kex.c,v 1.10 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test KEX * @@ -8,6 +8,7 @@ #include "includes.h" #include +#include #include #ifdef HAVE_STDINT_H #include @@ -76,7 +77,8 @@ run_kex(struct ssh *client, struct ssh *server) } static void -do_kex_with_key(char *kex, int keytype, int bits) +do_kex_with_key(char *kex, char *cipher, char *mac, + struct sshkey *key, int keytype, int bits) { struct ssh *client = NULL, *server = NULL, *server2 = NULL; struct sshkey *private, *public; @@ -85,9 +87,14 @@ do_kex_with_key(char *kex, int keytype, int bits) char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; char *keyname = NULL; - TEST_START("sshkey_generate"); - ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0); - TEST_DONE(); + if (key != NULL) { + private = key; + keytype = key->type; + } else { + TEST_START("sshkey_generate"); + ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0); + TEST_DONE(); + } TEST_START("sshkey_from_private"); ASSERT_INT_EQ(sshkey_from_private(private, &public), 0); @@ -97,6 +104,14 @@ do_kex_with_key(char *kex, int keytype, int bits) memcpy(kex_params.proposal, myproposal, sizeof(myproposal)); if (kex != NULL) kex_params.proposal[PROPOSAL_KEX_ALGS] = kex; + if (cipher != NULL) { + kex_params.proposal[PROPOSAL_ENC_ALGS_CTOS] = cipher; + kex_params.proposal[PROPOSAL_ENC_ALGS_STOC] = cipher; + } + if (mac != NULL) { + kex_params.proposal[PROPOSAL_MAC_ALGS_CTOS] = mac; + kex_params.proposal[PROPOSAL_MAC_ALGS_STOC] = mac; + } keyname = strdup(sshkey_ssh_name(private)); ASSERT_PTR_NE(keyname, NULL); kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname; @@ -167,7 +182,8 @@ do_kex_with_key(char *kex, int keytype, int bits) TEST_DONE(); TEST_START("cleanup"); - sshkey_free(private); + if (key == NULL) + sshkey_free(private); sshkey_free(public); ssh_free(client); ssh_free(server); @@ -179,19 +195,37 @@ do_kex_with_key(char *kex, int keytype, int bits) static void do_kex(char *kex) { -#if 0 - log_init("test_kex", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1); -#endif + struct sshkey *key = NULL; + char name[256]; + + if (test_is_benchmark()) { + snprintf(name, sizeof(name), "generate %s", kex); + TEST_START(name); + ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 0, &key), 0); + TEST_DONE(); + snprintf(name, sizeof(name), "KEX %s", kex); + BENCH_START(name); + /* + * NB. use a cipher/MAC here that requires minimal bits from + * the KEX to avoid DH-GEX taking forever. + */ + do_kex_with_key(kex, "aes128-ctr", "hmac-sha2-256", key, + KEY_ED25519, 256); + BENCH_FINISH("kex"); + sshkey_free(key); + return; + } + #ifdef WITH_OPENSSL - do_kex_with_key(kex, KEY_RSA, 2048); -#ifdef WITH_DSA - do_kex_with_key(kex, KEY_DSA, 1024); -#endif -#ifdef OPENSSL_HAS_ECC - do_kex_with_key(kex, KEY_ECDSA, 256); -#endif /* OPENSSL_HAS_ECC */ + do_kex_with_key(kex, NULL, NULL, NULL, KEY_RSA, 2048); +# ifdef WITH_DSA + do_kex_with_key(kex, NULL, NULL, NULL, KEY_DSA, 1024); +# endif /* WITH_DSA */ +# ifdef OPENSSL_HAS_ECC + do_kex_with_key(kex, NULL, NULL, NULL, KEY_ECDSA, 256); +# endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ - do_kex_with_key(kex, KEY_ED25519, 256); + do_kex_with_key(kex, NULL, NULL, NULL, KEY_ED25519, 256); } void diff --git a/regress/unittests/kex/tests.c b/regress/unittests/kex/tests.c index d3044f033767..a3ef19ef410a 100644 --- a/regress/unittests/kex/tests.c +++ b/regress/unittests/kex/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.3 2023/03/06 12:15:47 dtucker Exp $ */ +/* $OpenBSD: tests.c,v 1.4 2025/04/15 04:00:42 djm Exp $ */ /* * Placed in the public domain */ @@ -16,3 +16,10 @@ tests(void) kex_proposal_tests(); kex_proposal_populate_tests(); } + +void +benchmarks(void) +{ + printf("\n"); + kex_tests(); +} diff --git a/regress/unittests/match/Makefile b/regress/unittests/match/Makefile index 939163d30ef5..7b17e5689344 100644 --- a/regress/unittests/match/Makefile +++ b/regress/unittests/match/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.5 2021/01/09 12:24:31 dtucker Exp $ +# $OpenBSD: Makefile,v 1.6 2025/04/15 04:00:42 djm Exp $ PROG=test_match SRCS=tests.c @@ -11,6 +11,6 @@ SRCS+=cleanup.c atomicio.c addr.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} .include diff --git a/regress/unittests/match/tests.c b/regress/unittests/match/tests.c index f00d1f9348fc..2ca6c769ae3f 100644 --- a/regress/unittests/match/tests.c +++ b/regress/unittests/match/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.8 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: tests.c,v 1.9 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for matching functions * @@ -129,3 +129,9 @@ tests(void) * int addr_match_cidr_list(const char *, const char *); */ } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/misc/Makefile b/regress/unittests/misc/Makefile index d2be393ad703..7282be13a667 100644 --- a/regress/unittests/misc/Makefile +++ b/regress/unittests/misc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.9 2023/01/06 02:59:50 djm Exp $ +# $OpenBSD: Makefile,v 1.10 2025/04/15 04:00:42 djm Exp $ PROG=test_misc SRCS=tests.c @@ -28,6 +28,6 @@ SRCS+= atomicio.c cleanup.c fatal.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} .include diff --git a/regress/unittests/misc/tests.c b/regress/unittests/misc/tests.c index 32699541413e..7611a0d3b645 100644 --- a/regress/unittests/misc/tests.c +++ b/regress/unittests/misc/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.10 2023/01/06 02:59:50 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.11 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for misc helper functions. * @@ -39,3 +39,9 @@ tests(void) test_hpdelim(); test_ptimeout(); } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/sshbuf/tests.c b/regress/unittests/sshbuf/tests.c index 29916a10bc5b..eb801fb3b302 100644 --- a/regress/unittests/sshbuf/tests.c +++ b/regress/unittests/sshbuf/tests.c @@ -1,10 +1,12 @@ -/* $OpenBSD: tests.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.2 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * * Placed in the public domain */ +#include + #include "../test_helper/test_helper.h" void sshbuf_tests(void); @@ -28,3 +30,9 @@ tests(void) sshbuf_getput_fuzz_tests(); sshbuf_fixed(); } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 5bf4b65cc055..fc744eb7430f 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.25 2024/08/15 00:52:23 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.26 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -36,6 +36,7 @@ #include "ssh2.h" void sshkey_tests(void); +void sshkey_benchmarks(void); static void put_opt(struct sshbuf *b, const char *name, const char *value) @@ -133,6 +134,55 @@ signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg, free(sig); } +static void +signature_bench(const char *name, int ktype, int bits, const char *sig_alg, + const u_char *d, size_t l) +{ + struct sshkey *k; + size_t len; + u_char *sig; + char testname[256]; + + snprintf(testname, sizeof(testname), "sign %s", name); + TEST_START(testname); + ASSERT_INT_EQ(sshkey_generate(ktype, bits, &k), 0); + ASSERT_PTR_NE(k, NULL); + + BENCH_START(testname); + ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, + NULL, NULL, 0), 0); + free(sig); + BENCH_FINISH("sign"); + + sshkey_free(k); + TEST_DONE(); +} + +static void +verify_bench(const char *name, int ktype, int bits, const char *sig_alg, + const u_char *d, size_t l) +{ + struct sshkey *k; + size_t len; + u_char *sig; + char testname[256]; + + snprintf(testname, sizeof(testname), "verify %s", name); + TEST_START(testname); + ASSERT_INT_EQ(sshkey_generate(ktype, bits, &k), 0); + ASSERT_PTR_NE(k, NULL); + + ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, + NULL, NULL, 0), 0); + BENCH_START(testname); + ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, NULL, 0, NULL), 0); + BENCH_FINISH("verify"); + + free(sig); + sshkey_free(k); + TEST_DONE(); +} + static void banana(u_char *s, size_t l) { @@ -165,6 +215,19 @@ signature_tests(struct sshkey *k, struct sshkey *bad, const char *sig_alg) } } +static void +signature_benchmark(const char *name, int ktype, int bits, + const char *sig_alg, int bench_verify) +{ + u_char buf[256]; + + banana(buf, sizeof(buf)); + if (bench_verify) + verify_bench(name, ktype, bits, sig_alg, buf, sizeof(buf)); + else + signature_bench(name, ktype, bits, sig_alg, buf, sizeof(buf)); +} + static struct sshkey * get_private(const char *n) { @@ -537,3 +600,101 @@ sshkey_tests(void) TEST_DONE(); #endif /* WITH_OPENSSL */ } + +void +sshkey_benchmarks(void) +{ + struct sshkey *k = NULL; + +#ifdef WITH_OPENSSL + BENCH_START("generate RSA-1024"); + TEST_START("generate KEY_RSA"); + ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); + + BENCH_START("generate RSA-2048"); + TEST_START("generate KEY_RSA"); + ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 2048, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); + +#ifdef WITH_DSA + BENCH_START("generate DSA-1024"); + TEST_START("generate KEY_DSA"); + ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); +#endif + + BENCH_START("generate ECDSA-256"); + TEST_START("generate KEY_ECDSA"); + ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); + + BENCH_START("generate ECDSA-384"); + TEST_START("generate KEY_ECDSA"); + ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 384, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); + + BENCH_START("generate ECDSA-521"); + TEST_START("generate KEY_ECDSA"); + ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 521, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); +#endif /* WITH_OPENSSL */ + + BENCH_START("generate ED25519"); + TEST_START("generate KEY_ED25519"); + ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k), 0); + ASSERT_PTR_NE(k, NULL); + sshkey_free(k); + TEST_DONE(); + BENCH_FINISH("keys"); + +#ifdef WITH_OPENSSL + /* sign */ + signature_benchmark("RSA-1024/SHA1", KEY_RSA, 1024, "ssh-rsa", 0); + signature_benchmark("RSA-1024/SHA256", KEY_RSA, 1024, "rsa-sha2-256", 0); + signature_benchmark("RSA-1024/SHA512", KEY_RSA, 1024, "rsa-sha2-512", 0); + signature_benchmark("RSA-2048/SHA1", KEY_RSA, 2048, "ssh-rsa", 0); + signature_benchmark("RSA-2048/SHA256", KEY_RSA, 2048, "rsa-sha2-256", 0); + signature_benchmark("RSA-2048/SHA512", KEY_RSA, 2048, "rsa-sha2-512", 0); +#ifdef WITH_DSA + signature_benchmark("DSA-1024", KEY_DSA, 1024, NULL, 0); +#endif + signature_benchmark("ECDSA-256", KEY_ECDSA, 256, NULL, 0); + signature_benchmark("ECDSA-384", KEY_ECDSA, 384, NULL, 0); + signature_benchmark("ECDSA-521", KEY_ECDSA, 521, NULL, 0); + signature_benchmark("ED25519", KEY_ED25519, 0, NULL, 0); + + /* verify */ + signature_benchmark("RSA-1024/SHA1", KEY_RSA, 1024, "ssh-rsa", 1); + signature_benchmark("RSA-1024/SHA256", KEY_RSA, 1024, "rsa-sha2-256", 1); + signature_benchmark("RSA-1024/SHA512", KEY_RSA, 1024, "rsa-sha2-512", 1); + signature_benchmark("RSA-2048/SHA1", KEY_RSA, 2048, "ssh-rsa", 1); + signature_benchmark("RSA-2048/SHA256", KEY_RSA, 2048, "rsa-sha2-256", 1); + signature_benchmark("RSA-2048/SHA512", KEY_RSA, 2048, "rsa-sha2-512", 1); +#ifdef WITH_DSA + signature_benchmark("DSA-1024", KEY_DSA, 1024, NULL, 1); +#endif + signature_benchmark("ECDSA-256", KEY_ECDSA, 256, NULL, 1); + signature_benchmark("ECDSA-384", KEY_ECDSA, 384, NULL, 1); + signature_benchmark("ECDSA-521", KEY_ECDSA, 521, NULL, 1); +#endif /* WITH_OPENSSL */ + signature_benchmark("ED25519", KEY_ED25519, 0, NULL, 1); +} diff --git a/regress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c index 78aa9223d42b..5511e7b8900d 100644 --- a/regress/unittests/sshkey/tests.c +++ b/regress/unittests/sshkey/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.2 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -12,6 +12,7 @@ void sshkey_tests(void); void sshkey_file_tests(void); void sshkey_fuzz_tests(void); +void sshkey_benchmarks(void); void tests(void) @@ -20,3 +21,10 @@ tests(void) sshkey_file_tests(); sshkey_fuzz_tests(); } + +void +benchmarks(void) +{ + printf("\n"); + sshkey_benchmarks(); +} diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c index 80966bdd2c27..7fcf9488d270 100644 --- a/regress/unittests/sshsig/tests.c +++ b/regress/unittests/sshsig/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.4 2024/01/11 01:45:59 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.5 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -142,3 +142,9 @@ tests(void) sshbuf_free(msg); free(namespace); } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index e23128aa5599..b75f7701401b 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.c,v 1.13 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_helper.c,v 1.14 2025/04/15 04:00:42 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -21,18 +21,21 @@ #include #include - -#include +#include + +#include #include -#include +#include +#include +#include +#include #ifdef HAVE_STDINT_H # include #endif +#include #include #include -#include #include -#include #ifdef WITH_OPENSSL #include @@ -43,12 +46,21 @@ # include #endif -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - #include "entropy.h" #include "test_helper.h" #include "atomicio.h" +#include "match.h" +#include "misc.h" +#include "xmalloc.h" +#define BENCH_FAST_DEADLINE 1 +#define BENCH_NORMAL_DEADLINE 10 +#define BENCH_SLOW_DEADLINE 60 +#define BENCH_SAMPLES_ALLOC 8192 +#define BENCH_COLUMN_WIDTH 40 + +#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) + #define TEST_CHECK_INT(r, pred) do { \ switch (pred) { \ case TEST_EQ: \ @@ -123,6 +135,15 @@ static const char *data_dir = NULL; static char subtest_info[512]; static int fast = 0; static int slow = 0; +static int benchmark_detail_statistics = 0; + +static int benchmark = 0; +static const char *bench_name = NULL; +static char *benchmark_pattern = NULL; +static struct timespec bench_start_time, bench_finish_time; +static struct timespec *bench_samples; +static int bench_skip, bench_nruns, bench_nalloc; +double bench_accum_secs; int main(int argc, char **argv) @@ -147,8 +168,17 @@ main(int argc, char **argv) } } - while ((ch = getopt(argc, argv, "Ffvqd:")) != -1) { + while ((ch = getopt(argc, argv, "O:bBFfvqd:")) != -1) { switch (ch) { + case 'b': + benchmark = 1; + break; + case 'B': + benchmark = benchmark_detail_statistics = 1; + break; + case 'O': + benchmark_pattern = xstrdup(optarg); + break; case 'F': slow = 1; break; @@ -168,7 +198,8 @@ main(int argc, char **argv) break; default: fprintf(stderr, "Unrecognised command line option\n"); - fprintf(stderr, "Usage: %s [-v]\n", __progname); + fprintf(stderr, "Usage: %s [-vqfFbB] [-d data_dir] " + "[-O pattern]\n", __progname); exit(1); } } @@ -178,9 +209,12 @@ main(int argc, char **argv) if (verbose_mode) printf("\n"); - tests(); + if (benchmark) + benchmarks(); + else + tests(); - if (!quiet_mode) + if (!quiet_mode && !benchmark) printf(" %u tests ok\n", test_number); return 0; } @@ -274,7 +308,7 @@ test_done(void) active_test_name = NULL; if (verbose_mode) printf("OK\n"); - else if (!quiet_mode) { + else if (!quiet_mode && !benchmark) { printf("."); fflush(stdout); } @@ -290,6 +324,12 @@ test_subtest_info(const char *fmt, ...) va_end(ap); } +int +test_is_benchmark(void) +{ + return benchmark; +} + void ssl_err_check(const char *file, int line) { @@ -382,23 +422,6 @@ assert_string(const char *file, int line, const char *a1, const char *a2, test_die(); } -static char * -tohex(const void *_s, size_t l) -{ - u_int8_t *s = (u_int8_t *)_s; - size_t i, j; - const char *hex = "0123456789abcdef"; - char *r = malloc((l * 2) + 1); - - assert(r != NULL); - for (i = j = 0; i < l; i++) { - r[j++] = hex[(s[i] >> 4) & 0xf]; - r[j++] = hex[s[i] & 0xf]; - } - r[j] = '\0'; - return r; -} - void assert_mem(const char *file, int line, const char *a1, const char *a2, const void *aa1, const void *aa2, size_t l, enum test_predicate pred) @@ -593,3 +616,131 @@ assert_ptr(const char *file, int line, const char *a1, const char *a2, test_die(); } +static double +tstod(const struct timespec *ts) +{ + return (double)ts->tv_sec + ((double)ts->tv_nsec / 1000000000.0); +} + +void +bench_start(const char *file, int line, const char *name) +{ + char *cp; + + if (bench_name != NULL) { + fprintf(stderr, "\n%s:%d internal error: BENCH_START() called " + "while previous benchmark \"%s\" incomplete", + file, line, bench_name); + abort(); + } + cp = xstrdup(name); + lowercase(cp); + bench_skip = benchmark_pattern != NULL && + match_pattern_list(cp, benchmark_pattern, 1) != 1; + free(cp); + + bench_name = name; + bench_nruns = 0; + if (bench_skip) + return; + free(bench_samples); + bench_nalloc = BENCH_SAMPLES_ALLOC; + bench_samples = xcalloc(sizeof(*bench_samples), bench_nalloc); + bench_accum_secs = 0; +} + +int +bench_done(void) +{ + return bench_skip || bench_accum_secs >= (fast ? BENCH_FAST_DEADLINE : + (slow ? BENCH_SLOW_DEADLINE : BENCH_NORMAL_DEADLINE)); +} + +void +bench_case_start(const char *file, int line) +{ + clock_gettime(CLOCK_REALTIME, &bench_start_time); +} + +void +bench_case_finish(const char *file, int line) +{ + struct timespec ts; + + clock_gettime(CLOCK_REALTIME, &bench_finish_time); + timespecsub(&bench_finish_time, &bench_start_time, &ts); + if (bench_nruns >= bench_nalloc) { + if (bench_nalloc >= INT_MAX / 2) { + fprintf(stderr, "\n%s:%d benchmark %s too many samples", + __FILE__, __LINE__, bench_name); + abort(); + } + bench_samples = xrecallocarray(bench_samples, bench_nalloc, + bench_nalloc * 2, sizeof(*bench_samples)); + bench_nalloc *= 2; + } + bench_samples[bench_nruns++] = ts; + bench_accum_secs += tstod(&ts); +} + +static int +tscmp(const void *aa, const void *bb) +{ + const struct timespec *a = (const struct timespec *)aa; + const struct timespec *b = (const struct timespec *)bb; + + if (timespeccmp(a, b, ==)) + return 0; + return timespeccmp(a, b, <) ? -1 : 1; +} + +void +bench_finish(const char *file, int line, const char *unit) +{ + double std_dev = 0, mean_spr, mean_rps, med_spr, med_rps; + int i; + + if (bench_skip) + goto done; + + if (bench_nruns < 1) { + fprintf(stderr, "\n%s:%d benchmark %s never ran", file, line, + bench_name); + abort(); + } + /* median */ + qsort(bench_samples, bench_nruns, sizeof(*bench_samples), tscmp); + i = bench_nruns / 2; + med_spr = tstod(&bench_samples[i]); + if (bench_nruns > 1 && bench_nruns & 1) + med_spr = (med_spr + tstod(&bench_samples[i - 1])) / 2.0; + med_rps = (med_spr == 0.0) ? INFINITY : 1.0/med_spr; + /* mean */ + mean_spr = bench_accum_secs / (double)bench_nruns; + mean_rps = (mean_spr == 0.0) ? INFINITY : 1.0/mean_spr; + /* std. dev */ + std_dev = 0; + for (i = 0; i < bench_nruns; i++) { + std_dev = tstod(&bench_samples[i]) - mean_spr; + std_dev *= std_dev; + } + std_dev /= (double)bench_nruns; + std_dev = sqrt(std_dev); + if (benchmark_detail_statistics) { + printf("%s: %d runs in %0.3fs, %0.03f/%0.03f ms/%s " + "(mean/median), std.dev %0.03f ms, " + "%0.2f/%0.2f %s/s (mean/median)\n", + bench_name, bench_nruns, bench_accum_secs, + mean_spr * 1000, med_spr * 1000, unit, std_dev * 1000, + mean_rps, med_rps, unit); + } else { + printf("%-*s %0.2f %s/s\n", BENCH_COLUMN_WIDTH, + bench_name, med_rps, unit); + } + done: + bench_name = NULL; + bench_nruns = 0; + free(bench_samples); + bench_samples = NULL; + bench_skip = 0; +} diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h index 66302201cec3..23338af38882 100644 --- a/regress/unittests/test_helper/test_helper.h +++ b/regress/unittests/test_helper/test_helper.h @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.h,v 1.9 2018/10/17 23:28:05 djm Exp $ */ +/* $OpenBSD: test_helper.h,v 1.10 2025/04/15 04:00:42 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -39,6 +39,7 @@ typedef void (test_onerror_func_t)(void *); /* Supplied by test suite */ void tests(void); +void benchmarks(void); const char *test_data_file(const char *name); void test_start(const char *n); @@ -49,6 +50,7 @@ int test_is_verbose(void); int test_is_quiet(void); int test_is_fast(void); int test_is_slow(void); +int test_is_benchmark(void); void test_subtest_info(const char *fmt, ...) __attribute__((format(printf, 1, 2))); void ssl_err_check(const char *file, int line); @@ -285,6 +287,26 @@ void assert_u64(const char *file, int line, #define ASSERT_U64_GE(a1, a2) \ assert_u64(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_GE) +/* Benchmarking support */ +#define BENCH_START(name) \ + do { \ + bench_start(__FILE__, __LINE__, name); \ + while (!bench_done()) { \ + bench_case_start(__FILE__, __LINE__); \ + do { +#define BENCH_FINISH(unit) \ + } while (0); \ + bench_case_finish(__FILE__, __LINE__); \ + } \ + bench_finish(__FILE__, __LINE__, unit); \ + } while (0) + +void bench_start(const char *file, int line, const char *name); +void bench_case_start(const char *file, int line); +void bench_case_finish(const char *file, int line); +void bench_finish(const char *file, int line, const char *unit); +int bench_done(void); + /* Fuzzing support */ struct fuzz; diff --git a/regress/unittests/utf8/Makefile b/regress/unittests/utf8/Makefile index f8eec0484f8f..e89536500822 100644 --- a/regress/unittests/utf8/Makefile +++ b/regress/unittests/utf8/Makefile @@ -1,14 +1,15 @@ -# $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $ +# $OpenBSD: Makefile,v 1.6 2025/04/15 04:00:42 djm Exp $ PROG=test_utf8 SRCS=tests.c # From usr.bin/ssh -SRCS+=utf8.c atomicio.c +SRCS+=utf8.c atomicio.c misc.c xmalloc.c match.c ssherr.c cleanup.c fatal.c +SRCS+=sshbuf.c sshbuf-getput-basic.c sshbuf-misc.c addr.c addrmatch.c log.c REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} - env ${TEST_ENV} ./${PROG} + env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} .include diff --git a/regress/unittests/utf8/tests.c b/regress/unittests/utf8/tests.c index 8cf524ddb210..3fb63415e1ad 100644 --- a/regress/unittests/utf8/tests.c +++ b/regress/unittests/utf8/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.4 2017/02/19 00:11:29 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.5 2025/04/15 04:00:42 djm Exp $ */ /* * Regress test for the utf8.h *mprintf() API * @@ -102,3 +102,9 @@ tests(void) one(0, "double_fit", "a\343\201\201", 7, 5, -1, "a\\343"); one(0, "double_spc", "a\343\201\201", 13, 13, 13, "a\\343\\201\\201"); } + +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} From 1ec5b39f1f673beac039bb42c98a11aa2b08a0b2 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 15 Apr 2025 09:22:25 +0000 Subject: [PATCH 003/687] upstream: Cast signalled_keydrop to int when logging to prevent warning on platforms where sig_atomic_t is not the same as int. bz#3811, patch from jlduran at gmail com. OpenBSD-Commit-ID: b6bc9e9006e7f81ade57d41a48623a4323deca6c --- ssh-agent.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index c27c5a956f2c..55b9f44f4d4a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.310 2025/02/18 08:02:48 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.311 2025/04/15 09:22:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2526,7 +2526,7 @@ main(int ac, char **av) } if (signalled_keydrop) { logit("signal %d received; removing all keys", - signalled_keydrop); + (int)signalled_keydrop); remove_all_identities(); signalled_keydrop = 0; } From 849c2fd894aa87a7e40c71e8d5bda5392b1205be Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 15 Apr 2025 21:58:49 +1000 Subject: [PATCH 004/687] Look for sqrt(), possibly in libm. The unit tests now use sqrt(), which in some platforms (notably DragonFlyBSD and Solaris) is not in libc but rather libm. Since only the unit tests use this, add TESTLIBS and if necessary put libm in it. --- Makefile.in | 2 +- configure.ac | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 5a7a1bd101e3..f15ac558aea7 100644 --- a/Makefile.in +++ b/Makefile.in @@ -557,7 +557,7 @@ regress-prep: ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile REGRESSLIBS=libssh.a $(LIBCOMPAT) -TESTLIBS=$(LIBS) $(CHANNELLIBS) +TESTLIBS=$(LIBS) $(CHANNELLIBS) @TESTLIBS@ regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ diff --git a/configure.ac b/configure.ac index ee77a0484b19..bbddca00908b 100644 --- a/configure.ac +++ b/configure.ac @@ -1449,6 +1449,11 @@ AC_CHECK_FUNC([getspnam], , AC_SEARCH_LIBS([basename], [gen], [AC_DEFINE([HAVE_BASENAME], [1], [Define if you have the basename function.])]) +dnl sqrt() only used in unit tests. +AC_CHECK_FUNC([sqrt], , + [AC_CHECK_LIB([m], [sqrt], [TESTLIBS="$TESTLIBS -lm"])]) +AC_SUBST([TESTLIBS]) + dnl zlib defaults to enabled zlib=yes AC_ARG_WITH([zlib], From 46e52fdae08b89264a0b23f94391c2bf637def34 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 16 Apr 2025 22:29:17 +1000 Subject: [PATCH 005/687] Provide INFINITY if it's not provided. INFINITY is specified in c99, so define if not provided. --- configure.ac | 5 +++++ defines.h | 7 +++++++ 2 files changed, 12 insertions(+) diff --git a/configure.ac b/configure.ac index bbddca00908b..69b74add8d00 100644 --- a/configure.ac +++ b/configure.ac @@ -2280,6 +2280,11 @@ AC_CHECK_DECLS([offsetof], , , [ #include ]) +AC_CHECK_DECLS([INFINITY], , + AC_CHECK_DECLS(__builtin_inff), + [#include ] +) + # extra bits for select(2) AC_CHECK_DECLS([howmany, NFDBITS], [], [], [[ #include diff --git a/defines.h b/defines.h index d2baeb9407bd..3721ae16ef92 100644 --- a/defines.h +++ b/defines.h @@ -986,4 +986,11 @@ struct winsize { /* The ML-KEM768 implementation also uses C89 features */ # define USE_MLKEM768X25519 1 #endif + +#if defined(HAVE_DECL_INFINITY) && HAVE_DECL_INFINITY == 0 +# if defined(HAVE_DECL___BUILTIN_INFF) && HAVE_DECL___BUILTIN_INFF == 1 +# define INFINITY __builtin_inff() +# endif +#endif + #endif /* _DEFINES_H */ From 9b50cb171b5c56184ce6fa3994ce62f9882d2daf Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 17 Apr 2025 16:51:14 +1000 Subject: [PATCH 006/687] Add includes.h for new tests. Fixes builds on older platforms. --- regress/unittests/hostkeys/tests.c | 2 ++ regress/unittests/sshbuf/tests.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/regress/unittests/hostkeys/tests.c b/regress/unittests/hostkeys/tests.c index a14ba19b3abe..c6e17fad09cb 100644 --- a/regress/unittests/hostkeys/tests.c +++ b/regress/unittests/hostkeys/tests.c @@ -5,6 +5,8 @@ * Placed in the public domain */ +#include "includes.h" + #include #include "../test_helper/test_helper.h" diff --git a/regress/unittests/sshbuf/tests.c b/regress/unittests/sshbuf/tests.c index eb801fb3b302..95a34a8c8e97 100644 --- a/regress/unittests/sshbuf/tests.c +++ b/regress/unittests/sshbuf/tests.c @@ -5,6 +5,8 @@ * Placed in the public domain */ +#include "includes.h" + #include #include "../test_helper/test_helper.h" From 52bddbc1a7f53a1e5c871767913648eb639ac6d5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 18 Apr 2025 08:10:32 +1000 Subject: [PATCH 007/687] Include time.h for clock_gettime(). --- regress/unittests/test_helper/test_helper.c | 1 + 1 file changed, 1 insertion(+) diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index b75f7701401b..7783d65a4f4a 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #ifdef WITH_OPENSSL From c627b468d3b99e487e2b24c90958ae57e633d681 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 18 Apr 2025 08:14:16 +1000 Subject: [PATCH 008/687] cygwin-install-action now puts setup.exe on D: --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index f6c4a5c84fb5..05ac755a79de 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -184,7 +184,7 @@ while [ ! -z "$PACKAGES" ] && [ "$tries" -gt "0" ]; do fi ;; setup) - if /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then + if /cygdrive/d/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then PACKAGES="" fi ;; From 76631fdd04824c3e50ea6551d3611b1fe0216a41 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 18 Apr 2025 08:18:52 +1000 Subject: [PATCH 009/687] Add 10.0 branch to test status page. --- .github/ci-status.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/ci-status.md b/.github/ci-status.md index 68275715dfb1..d47e59e1e5ea 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -6,6 +6,10 @@ master : [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) +10.0 : +[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_10_0)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_10_0) +[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_10_0)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_10_0) + 9.9 : [![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_9)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_9) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_9)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_9) From b5b405fee7f3e79d44e2d2971a4b6b4cc53f112e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 20 Apr 2025 09:07:57 +1000 Subject: [PATCH 010/687] Set Windows permssions on regress dir. Prevents "unprotected private key file" error when running tests. --- .github/setup_ci.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 05ac755a79de..e3e28da6f1b1 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -12,7 +12,15 @@ case "$host" in echo Setting CYGWIN system environment variable. setx CYGWIN "binmode" echo Removing extended ACLs so umask works as expected. + set -x setfacl -b . regress + icacls regress /c /t /q /Inheritance:d + icacls regress /c /t /q /Grant ${LOGNAME}:F + icacls regress /c /t /q /Remove:g "Authenticated Users" \ + BUILTIN\\Administrators BUILTIN Everyone System Users + takeown /F regress + icacls regress + set +x PACKAGES="$PACKAGES,autoconf,automake,cygwin-devel,gcc-core" PACKAGES="$PACKAGES,make,openssl,libssl-devel,zlib-devel" ;; From c991273c18afc490313a9f282383eaf59d9c13b9 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 30 Apr 2025 05:23:15 +0000 Subject: [PATCH 011/687] upstream: fix a out-of-bounds read if the known_hosts file is truncated after the hostname. Reported by the OpenAI Security Research Team ok deraadt@ OpenBSD-Commit-ID: c0b516d7c80c4779a403826f73bcd8adbbc54ebd --- hostfile.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/hostfile.c b/hostfile.c index c5669c703735..a4a5a9a5e3a3 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.95 2023/02/21 06:48:18 dtucker Exp $ */ +/* $OpenBSD: hostfile.c,v 1.96 2025/04/30 05:23:15 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -810,6 +810,12 @@ hostkeys_foreach_file(const char *path, FILE *f, hostkeys_foreach_fn *callback, /* Find the end of the host name portion. */ for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++) ; + if (*cp2 == '\0') { + verbose_f("truncated line at %s:%lu", path, linenum); + if ((options & HKF_WANT_MATCH) == 0) + goto bad; + continue; + } lineinfo.hosts = cp; *cp2++ = '\0'; From e048230106fb3f5e7cc07abc311c6feb5f52fd05 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 30 Apr 2025 05:26:15 +0000 Subject: [PATCH 012/687] upstream: make writing known_hosts lines more atomic, by writing the entire line in one operation and using unbuffered stdio. Usually writes to this file are serialised on the "Are you sure you want to continue connecting?" prompt, but if host key checking is disabled and connections were being made with high concurrency then interleaved writes might have been possible. feedback/ok deraadt@ millert@ OpenBSD-Commit-ID: d11222b49dabe5cfe0937b49cb439ba3d4847b08 --- hostfile.c | 52 ++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 40 insertions(+), 12 deletions(-) diff --git a/hostfile.c b/hostfile.c index a4a5a9a5e3a3..e941fc4509ad 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.96 2025/04/30 05:23:15 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.97 2025/04/30 05:26:15 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -434,7 +434,7 @@ lookup_marker_in_hostkeys(struct hostkeys *hostkeys, int want_marker) } static int -write_host_entry(FILE *f, const char *host, const char *ip, +format_host_entry(struct sshbuf *entry, const char *host, const char *ip, const struct sshkey *key, int store_hash) { int r, success = 0; @@ -449,22 +449,50 @@ write_host_entry(FILE *f, const char *host, const char *ip, free(lhost); return 0; } - fprintf(f, "%s ", hashed_host); - } else if (ip != NULL) - fprintf(f, "%s,%s ", lhost, ip); - else { - fprintf(f, "%s ", lhost); + if ((r = sshbuf_putf(entry, "%s ", hashed_host)) != 0) + fatal_fr(r, "sshbuf_putf"); + } else if (ip != NULL) { + if ((r = sshbuf_putf(entry, "%s,%s ", lhost, ip)) != 0) + fatal_fr(r, "sshbuf_putf"); + } else { + if ((r = sshbuf_putf(entry, "%s ", lhost)) != 0) + fatal_fr(r, "sshbuf_putf"); } free(hashed_host); free(lhost); - if ((r = sshkey_write(key, f)) == 0) + if ((r = sshkey_format_text(key, entry)) == 0) success = 1; else error_fr(r, "sshkey_write"); - fputc('\n', f); + if ((r = sshbuf_putf(entry, "\n")) != 0) + fatal_fr(r, "sshbuf_putf"); + /* If hashing is enabled, the IP address needs to go on its own line */ if (success && store_hash && ip != NULL) - success = write_host_entry(f, ip, NULL, key, 1); + success = format_host_entry(entry, ip, NULL, key, 1); + return success; +} + +static int +write_host_entry(FILE *f, const char *host, const char *ip, + const struct sshkey *key, int store_hash) +{ + int r, success = 0; + struct sshbuf *entry = NULL; + + if ((entry = sshbuf_new()) == NULL) + fatal_f("allocation failed"); + if ((r = format_host_entry(entry, host, ip, key, store_hash)) != 1) { + debug_f("failed to format host entry"); + goto out; + } + if ((r = fwrite(sshbuf_ptr(entry), sshbuf_len(entry), 1, f)) != 1) { + error_f("fwrite: %s", strerror(errno)); + goto out; + } + success = 1; + out: + sshbuf_free(entry); return success; } @@ -520,9 +548,9 @@ add_host_to_hostfile(const char *filename, const char *host, if (key == NULL) return 1; /* XXX ? */ hostfile_create_user_ssh_dir(filename, 0); - f = fopen(filename, "a+"); - if (!f) + if ((f = fopen(filename, "a+")) == NULL) return 0; + setvbuf(f, NULL, _IONBF, 0); /* Make sure we have a terminating newline. */ if (fseek(f, -1L, SEEK_END) == 0 && fgetc(f) != '\n') addnl = 1; From 566443b5f5d7bc4c5310313b4e46232760850c7a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 5 May 2025 02:40:30 +0000 Subject: [PATCH 013/687] upstream: correct log messages; the reap function is used for more than just the preauth process now OpenBSD-Commit-ID: 768c5b674bd77802bb197c31dba78559f1174c02 --- monitor_wrap.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/monitor_wrap.c b/monitor_wrap.c index bd900b2f06ec..c30a7902d386 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.138 2024/10/22 06:13:00 dtucker Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.139 2025/05/05 02:40:30 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -126,17 +126,17 @@ mm_reap(void) } if (WIFEXITED(status)) { if (WEXITSTATUS(status) != 0) { - debug_f("preauth child exited with status %d", + debug_f("child exited with status %d", WEXITSTATUS(status)); cleanup_exit(255); } } else if (WIFSIGNALED(status)) { - error_f("preauth child terminated by signal %d", + error_f("child terminated by signal %d", WTERMSIG(status)); cleanup_exit(signal_is_crash(WTERMSIG(status)) ? EXIT_CHILD_CRASH : 255); } else { - error_f("preauth child terminated abnormally (status=0x%x)", + error_f("child terminated abnormally (status=0x%x)", status); cleanup_exit(EXIT_CHILD_CRASH); } From 80162f9d7e7eadca4ffd0bd1c015d38cb1821ab6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 5 May 2025 02:48:06 +0000 Subject: [PATCH 014/687] upstream: Move agent listener sockets from /tmp to under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8). This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent. Moving the default directory has the consequence that the OS will no longer clean up stale agent sockets, so ssh-agent now gains this ability. To support $HOME on NFS, the socket path includes a truncated hash of the hostname. ssh-agent will by default only clean up sockets from the same hostname. ssh-agent gains some new flags: -U suppresses the automatic cleanup of stale sockets when it starts. -u forces a cleanup without keeping a running agent, -uu forces a cleanup that ignores the hostname. -T makes ssh-agent put the socket back in /tmp. feedback deraadt@ naddy@, doitdoitdoit deraadt@ OpenBSD-Commit-ID: 8383dabd98092fe5498d5f7f15c7d314b03a93e1 --- Makefile.in | 6 ++-- hostfile.c | 2 +- misc.c | 17 ++++++++++- misc.h | 8 ++++- pathnames.h | 9 +++++- session.c | 34 +++------------------ ssh-agent.1 | 32 ++++++++++++++++---- ssh-agent.c | 85 +++++++++++++++++++++++++++++++++++++++++++---------- 8 files changed, 136 insertions(+), 57 deletions(-) diff --git a/Makefile.in b/Makefile.in index f15ac558aea7..4550e17951f4 100644 --- a/Makefile.in +++ b/Makefile.in @@ -140,7 +140,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ - uidswap.o platform-listen.o $(SKOBJS) + uidswap.o platform-listen.o misc-agent.o $(SKOBJS) SSHD_AUTH_OBJS=sshd-auth.o \ auth2-methods.o \ @@ -155,7 +155,7 @@ SSHD_AUTH_OBJS=sshd-auth.o \ sandbox-null.o sandbox-rlimit.o sandbox-darwin.o \ sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-solaris.o \ sftp-server.o sftp-common.o \ - uidswap.o $(SKOBJS) + uidswap.o misc-agent.o $(SKOBJS) SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o @@ -163,7 +163,7 @@ SCP_OBJS= scp.o progressmeter.o $(SFTP_CLIENT_OBJS) SSHADD_OBJS= ssh-add.o $(SKOBJS) -SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o $(SKOBJS) +SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o misc-agent.o $(SKOBJS) SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(SKOBJS) diff --git a/hostfile.c b/hostfile.c index e941fc4509ad..4b4a0e31ef38 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.97 2025/04/30 05:26:15 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.98 2025/05/05 02:48:07 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/misc.c b/misc.c index dd0bd032ae3c..25465dcd2d4f 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.198 2024/10/24 03:14:37 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.199 2025/05/05 02:48:06 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -3138,3 +3138,18 @@ signal_is_crash(int sig) } return 0; } + +char * +get_homedir(void) +{ + char *cp; + struct passwd *pw; + + if ((cp = getenv("HOME")) != NULL && *cp != '\0') + return xstrdup(cp); + + if ((pw = getpwuid(getuid())) != NULL && *pw->pw_dir != '\0') + return xstrdup(pw->pw_dir); + + return NULL; +} diff --git a/misc.h b/misc.h index efecdf1ad6f9..a7afa23e8e92 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.110 2024/09/25 01:24:04 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.111 2025/05/05 02:48:06 djm Exp $ */ /* * Author: Tatu Ylonen @@ -108,6 +108,7 @@ int parse_pattern_interval(const char *, char **, int *); int path_absolute(const char *); int stdfd_devnull(int, int, int); int lib_contains_symbol(const char *, const char *); +char *get_homedir(void); void sock_set_v6only(int); @@ -231,6 +232,11 @@ int ptimeout_get_ms(struct timespec *pt); struct timespec *ptimeout_get_tsp(struct timespec *pt); int ptimeout_isset(struct timespec *pt); +/* misc-agent.c */ +char *agent_hostname_hash(void); +int agent_listener(const char *, const char *, int *, char **); +void agent_cleanup_stale(const char *, int); + /* readpass.c */ #define RP_ECHO 0x0001 diff --git a/pathnames.h b/pathnames.h index 1158bec96781..e07395cb6f26 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.32 2024/05/17 00:30:24 djm Exp $ */ +/* $OpenBSD: pathnames.h,v 1.34 2025/05/05 02:48:06 djm Exp $ */ /* * Author: Tatu Ylonen @@ -67,6 +67,13 @@ */ #define _PATH_SSH_USER_DIR ".ssh" + +/* + * The directory in which ssh-agent sockets and agent sockets forwarded by + * sshd reside. This directory should not be world-readable. + */ +#define _PATH_SSH_AGENT_SOCKET_DIR _PATH_SSH_USER_DIR "/agent" + /* * Per-user file containing host keys of known hosts. This file need not be * readable by anyone except the user him/herself, though this does not diff --git a/session.c b/session.c index 6444c77f31c2..630e0e6a353c 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.341 2025/04/09 07:00:03 djm Exp $ */ +/* $OpenBSD: session.c,v 1.342 2025/05/05 02:48:06 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -175,7 +175,6 @@ static char *auth_info_file = NULL; /* Name and directory of socket for authentication agent forwarding. */ static char *auth_sock_name = NULL; -static char *auth_sock_dir = NULL; /* removes the agent forwarding socket */ @@ -185,7 +184,6 @@ auth_sock_cleanup_proc(struct passwd *pw) if (auth_sock_name != NULL) { temporarily_use_uid(pw); unlink(auth_sock_name); - rmdir(auth_sock_dir); auth_sock_name = NULL; restore_uid(); } @@ -205,32 +203,15 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) /* Temporarily drop privileged uid for mkdir/bind. */ temporarily_use_uid(pw); - /* Allocate a buffer for the socket name, and format the name. */ - auth_sock_dir = xstrdup("/tmp/ssh-XXXXXXXXXX"); - - /* Create private directory for socket */ - if (mkdtemp(auth_sock_dir) == NULL) { + if (agent_listener(pw->pw_dir, "sshd", &sock, &auth_sock_name) != 0) { + /* a more detailed error is already logged */ ssh_packet_send_debug(ssh, "Agent forwarding disabled: " - "mkdtemp() failed: %.100s", strerror(errno)); + "couldn't create listener socket"); restore_uid(); - free(auth_sock_dir); - auth_sock_dir = NULL; goto authsock_err; } - - xasprintf(&auth_sock_name, "%s/agent.%ld", - auth_sock_dir, (long) getpid()); - - /* Start a Unix listener on auth_sock_name. */ - sock = unix_listener(auth_sock_name, SSH_LISTEN_BACKLOG, 0); - - /* Restore the privileged uid. */ restore_uid(); - /* Check for socket/bind/listen failure. */ - if (sock < 0) - goto authsock_err; - /* Allocate a channel for the authentication agent socket. */ nc = channel_new(ssh, "auth-listener", SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, @@ -241,16 +222,9 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) authsock_err: free(auth_sock_name); - if (auth_sock_dir != NULL) { - temporarily_use_uid(pw); - rmdir(auth_sock_dir); - restore_uid(); - free(auth_sock_dir); - } if (sock != -1) close(sock); auth_sock_name = NULL; - auth_sock_dir = NULL; return 0; } diff --git a/ssh-agent.1 b/ssh-agent.1 index 533ad6d3a6d2..3b515ac42384 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.82 2025/02/09 18:24:08 schwarze Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.83 2025/05/05 02:48:06 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: February 9 2025 $ +.Dd $Mdocdate: May 5 2025 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -43,13 +43,14 @@ .Sh SYNOPSIS .Nm ssh-agent .Op Fl c | s -.Op Fl \&Dd +.Op Fl \&DdTU .Op Fl a Ar bind_address .Op Fl E Ar fingerprint_hash .Op Fl O Ar option .Op Fl P Ar allowed_providers .Op Fl t Ar life .Nm ssh-agent +.Op Fl TU .Op Fl a Ar bind_address .Op Fl E Ar fingerprint_hash .Op Fl O Ar option @@ -59,6 +60,8 @@ .Nm ssh-agent .Op Fl c | s .Fl k +.Nm ssh-agent +.Fl u .Sh DESCRIPTION .Nm is a program to hold private keys used for public key authentication. @@ -74,8 +77,8 @@ Bind the agent to the .Ux Ns -domain socket .Ar bind_address . -The default is -.Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt . +The default is to create a socket at a random path matching +.Pa $HOME/.ssh/agent/s.* .It Fl c Generate C-shell commands on standard output. This is the default if @@ -173,6 +176,11 @@ Generate Bourne shell commands on standard output. This is the default if .Ev SHELL does not look like it's a csh style of shell. +.It Fl T +Bind the agent socket in a randomised subdirectory of the form +.Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt , +instead of the default behaviour of using a randomised name matching +.Pa $HOME/.ssh/agent/s.* . .It Fl t Ar life Set a default value for the maximum lifetime of identities added to the agent. The lifetime may be specified in seconds or in a time format specified in @@ -186,6 +194,20 @@ If a command (and optional arguments) is given, this is executed as a subprocess of the agent. The agent exits automatically when the command given on the command line terminates. +.It Fl U +Instructs +.Nm +not to clean up stale agent sockets under +.Pa $HOME/.ssh/agent/ . +.It Fl u +Instructs +.Nm +to only clean up stale agent sockets under +.Pa $HOME/.ssh/agent/ +and then exit immediately. +If this option is given twice, +.Nm +will delete stale agent sockets regardless of the host name that created them. .El .Pp There are three main ways to get an agent set up. diff --git a/ssh-agent.c b/ssh-agent.c index 55b9f44f4d4a..8a88ef3fd1c0 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.311 2025/04/15 09:22:25 dtucker Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.312 2025/05/05 02:48:06 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2208,20 +2208,23 @@ static void usage(void) { fprintf(stderr, - "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" + "usage: ssh-agent [-c | -s] [-DdTU] [-a bind_address] [-E fingerprint_hash]\n" " [-O option] [-P allowed_providers] [-t life]\n" - " ssh-agent [-a bind_address] [-E fingerprint_hash] [-O option]\n" + " ssh-agent [-TU] [-a bind_address] [-E fingerprint_hash] [-O option]\n" " [-P allowed_providers] [-t life] command [arg ...]\n" - " ssh-agent [-c | -s] -k\n"); + " ssh-agent [-c | -s] -k\n" + " ssh-agent -u\n"); exit(1); } int main(int ac, char **av) { - int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0; + int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0; + int s_flag = 0, T_flag = 0, u_flag = 0, U_flag = 0; int sock = -1, ch, result, saved_errno; - char *shell, *format, *fdstr, *pidstr, *agentsocket = NULL; + char *homedir = NULL, *shell, *format, *pidstr, *agentsocket = NULL; + char *fdstr; const char *errstr = NULL; const char *ccp; #ifdef HAVE_SETRLIMIT @@ -2256,7 +2259,7 @@ main(int ac, char **av) __progname = ssh_get_progname(av[0]); seed_rng(); - while ((ch = getopt(ac, av, "cDdksE:a:O:P:t:")) != -1) { + while ((ch = getopt(ac, av, "cDdksTuUE:a:O:P:t:")) != -1) { switch (ch) { case 'E': fingerprint_hash = ssh_digest_alg_by_name(optarg); @@ -2313,6 +2316,15 @@ main(int ac, char **av) usage(); } break; + case 'T': + T_flag++; + break; + case 'u': + u_flag++; + break; + case 'U': + U_flag++; + break; default: usage(); } @@ -2320,9 +2332,14 @@ main(int ac, char **av) ac -= optind; av += optind; - if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag)) + if (ac > 0 && + (c_flag || k_flag || s_flag || d_flag || D_flag || u_flag)) usage(); + log_init(__progname, + d_flag ? SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_INFO, + SYSLOG_FACILITY_AUTH, 1); + if (allowed_providers == NULL) allowed_providers = xstrdup(DEFAULT_ALLOWED_PROVIDERS); if (websafe_allowlist == NULL) @@ -2358,6 +2375,14 @@ main(int ac, char **av) printf("echo Agent pid %ld killed;\n", (long)pid); exit(0); } + if (u_flag) { + if ((homedir = get_homedir()) == NULL) + fatal("Couldn't determine home directory"); + agent_cleanup_stale(homedir, u_flag > 1); + printf("Deleted stale agent sockets in ~/%s\n", + _PATH_SSH_AGENT_SOCKET_DIR); + exit(0); + } /* * Minimum file descriptors: @@ -2391,22 +2416,52 @@ main(int ac, char **av) sock = 3; } - /* Otherwise, create private directory for agent socket */ - if (sock == -1) { - if (agentsocket == NULL) { + if (sock == -1 && agentsocket == NULL && !T_flag) { + /* Default case: ~/.ssh/agent/[socket] */ + if ((homedir = get_homedir()) == NULL) + fatal("Couldn't determine home directory"); + if (!U_flag) + agent_cleanup_stale(homedir, 0); + if (agent_listener(homedir, "agent", &sock, &agentsocket) != 0) + fatal_f("Couldn't prepare agent socket"); + if (strlcpy(socket_name, agentsocket, + sizeof(socket_name)) >= sizeof(socket_name)) { + fatal_f("Socket path \"%s\" too long", + agentsocket); + } + free(homedir); + free(agentsocket); + agentsocket = NULL; + } else if (sock == -1) { + if (T_flag) { + /* + * Create private directory for agent socket + * in $TMPDIR. + */ mktemp_proto(socket_dir, sizeof(socket_dir)); if (mkdtemp(socket_dir) == NULL) { perror("mkdtemp: private socket dir"); exit(1); } - snprintf(socket_name, sizeof socket_name, - "%s/agent.%ld", socket_dir, - (long)parent_pid); + snprintf(socket_name, sizeof(socket_name), + "%s/agent.%ld", socket_dir, (long)parent_pid); } else { /* Try to use specified agent socket */ socket_dir[0] = '\0'; - strlcpy(socket_name, agentsocket, sizeof socket_name); + if (strlcpy(socket_name, agentsocket, + sizeof(socket_name)) >= sizeof(socket_name)) { + fatal_f("Socket path \"%s\" too long", + agentsocket); + } + } + /* Listen on socket */ + prev_mask = umask(0177); + if ((sock = unix_listener(socket_name, + SSH_LISTEN_BACKLOG, 0)) < 0) { + *socket_name = '\0'; /* Don't unlink existing file */ + cleanup_exit(1); } + umask(prev_mask); } closefrom(sock == -1 ? STDERR_FILENO + 1 : sock + 1); From 12912429cf39cfeca97dd18a8f875ad9824d1751 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 5 May 2025 03:35:06 +0000 Subject: [PATCH 015/687] upstream: missing file in previous commit OpenBSD-Commit-ID: e526c97fcb2fd9f0b7b229720972426ab437d7eb --- misc-agent.c | 329 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 329 insertions(+) create mode 100644 misc-agent.c diff --git a/misc-agent.c b/misc-agent.c new file mode 100644 index 000000000000..d065ab0e5b7a --- /dev/null +++ b/misc-agent.c @@ -0,0 +1,329 @@ +/* + * Copyright (c) 2025 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "digest.h" +#include "log.h" +#include "misc.h" +#include "pathnames.h" +#include "ssh.h" +#include "xmalloc.h" + +/* stuff shared by agent listeners (ssh-agent and sshd agent forwarding) */ + +#define SOCKET_HOSTNAME_HASHLEN 10 /* length of hostname hash in socket path */ + +/* used for presenting random strings in unix_listener_tmp and hostname_hash */ +static const char presentation_chars[] = + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + +/* returns a text-encoded hash of the hostname of specified length (max 64) */ +static char * +hostname_hash(size_t len) +{ + char hostname[NI_MAXHOST], p[65]; + u_char hash[64]; + int r; + size_t l, i; + + l = ssh_digest_bytes(SSH_DIGEST_SHA512); + if (len > 64) { + error_f("bad length %zu > max %zd", len, l - 1); + return NULL; + } + if (gethostname(hostname, sizeof(hostname)) == -1) { + error_f("gethostname: %s", strerror(errno)); + return NULL; + } + if ((r = ssh_digest_memory(SSH_DIGEST_SHA512, + hostname, strlen(hostname), hash, sizeof(hash))) != 0) { + error_fr(r, "ssh_digest_memory"); + return NULL; + } + memset(p, '\0', sizeof(p)); + for (i = 0; i < l; i++) + p[i] = presentation_chars[ + hash[i] % (sizeof(presentation_chars) - 1)]; + /* debug3_f("hostname \"%s\" => hash \"%s\"", hostname, p); */ + p[len] = '\0'; + return xstrdup(p); +} + +char * +agent_hostname_hash(void) +{ + return hostname_hash(SOCKET_HOSTNAME_HASHLEN); +} + +/* + * Creates a unix listener at a mkstemp(3)-style path, e.g. "/dir/sock.XXXXXX" + * Supplied path is modified to the actual one used. + */ +static int +unix_listener_tmp(char *path, int backlog) +{ + struct sockaddr_un sunaddr; + int good, sock = -1; + size_t i, xstart; + mode_t prev_mask; + + /* Find first 'X' template character back from end of string */ + xstart = strlen(path); + while (xstart > 0 && path[xstart - 1] == 'X') + xstart--; + + memset(&sunaddr, 0, sizeof(sunaddr)); + sunaddr.sun_family = AF_UNIX; + prev_mask = umask(0177); + for (good = 0; !good;) { + sock = -1; + /* Randomise path suffix */ + for (i = xstart; path[i] != '\0'; i++) { + path[i] = presentation_chars[ + arc4random_uniform(sizeof(presentation_chars)-1)]; + } + debug_f("trying path \"%s\"", path); + + if (strlcpy(sunaddr.sun_path, path, + sizeof(sunaddr.sun_path)) >= sizeof(sunaddr.sun_path)) { + error_f("path \"%s\" too long for Unix domain socket", + path); + break; + } + + if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) { + error_f("socket: %.100s", strerror(errno)); + break; + } + if (bind(sock, (struct sockaddr *)&sunaddr, + sizeof(sunaddr)) == -1) { + if (errno == EADDRINUSE) { + error_f("bind \"%s\": %.100s", + path, strerror(errno)); + close(sock); + sock = -1; + continue; + } + error_f("bind \"%s\": %.100s", path, strerror(errno)); + break; + } + if (listen(sock, backlog) == -1) { + error_f("listen \"%s\": %s", path, strerror(errno)); + break; + } + good = 1; + } + umask(prev_mask); + if (good) { + debug3_f("listening on unix socket \"%s\" as fd=%d", + path, sock); + } else if (sock != -1) { + close(sock); + sock = -1; + } + return sock; +} + +/* + * Create a subdirectory under the supplied home directory if it + * doesn't already exist + */ +static int +ensure_mkdir(const char *homedir, const char *subdir) +{ + char *path; + + xasprintf(&path, "%s/%s", homedir, subdir); + if (mkdir(path, 0700) == 0) + debug("created directory %s", path); + else if (errno != EEXIST) { + error_f("mkdir %s: %s", path, strerror(errno)); + return -1; + } + free(path); + return 0; +} + +static int +agent_prepare_sockdir(const char *homedir) +{ + if (homedir == NULL || *homedir == '\0' || + ensure_mkdir(homedir, _PATH_SSH_USER_DIR) != 0 || + ensure_mkdir(homedir, _PATH_SSH_AGENT_SOCKET_DIR) != 0) + return -1; + return 0; +} + + +/* Get a path template for an agent socket in the user's homedir */ +static char * +agent_socket_template(const char *homedir, const char *tag) +{ + char *hostnamehash, *ret; + + if ((hostnamehash = hostname_hash(SOCKET_HOSTNAME_HASHLEN)) == NULL) + return NULL; + xasprintf(&ret, "%s/%s/s.%s.%s.XXXXXXXXXX", + homedir, _PATH_SSH_AGENT_SOCKET_DIR, hostnamehash, tag); + free(hostnamehash); + return ret; +} + +int +agent_listener(const char *homedir, const char *tag, int *sockp, char **pathp) +{ + int sock; + char *path; + + *sockp = -1; + *pathp = NULL; + + if (agent_prepare_sockdir(homedir) != 0) + return -1; /* error already logged */ + if ((path = agent_socket_template(homedir, tag)) == NULL) + return -1; /* error already logged */ + if ((sock = unix_listener_tmp(path, SSH_LISTEN_BACKLOG)) == -1) { + free(path); + return -1; /* error already logged */ + } + /* success */ + *sockp = sock; + *pathp = path; + return 0; +} + +static int +socket_is_stale(const char *path) +{ + int fd, r; + struct sockaddr_un sun; + socklen_t l = sizeof(r); + + /* attempt non-blocking connect on socket */ + memset(&sun, '\0', sizeof(sun)); + sun.sun_family = AF_UNIX; + if (strlcpy(sun.sun_path, path, + sizeof(sun.sun_path)) >= sizeof(sun.sun_path)) { + debug_f("path for \"%s\" too long for sockaddr_un", path); + return 0; + } + if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) { + error_f("socket: %s", strerror(errno)); + return 0; + } + set_nonblock(fd); + /* a socket without a listener should yield an error immediately */ + if (connect(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) { + debug_f("connect \"%s\": %s", path, strerror(errno)); + close(fd); + return 1; + } + if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &r, &l) == -1) { + debug_f("getsockopt: %s", strerror(errno)); + close(fd); + return 0; + } + if (r != 0) { + debug_f("socket error on %s: %s", path, strerror(errno)); + close(fd); + return 1; + } + close(fd); + debug_f("socket %s seems still active", path); + return 0; +} + +void +agent_cleanup_stale(const char *homedir, int ignore_hosthash) +{ + DIR *d; + struct dirent *dp; + struct stat sb; + char *prefix = NULL, *dirpath, *path; + struct timespec now, sub; + + /* Only consider sockets last modified > 1 hour ago */ + if (clock_gettime(CLOCK_REALTIME, &now) != 0) { + error_f("clock_gettime: %s", strerror(errno)); + return; + } + sub.tv_sec = 60 * 60; + sub.tv_nsec = 0; + timespecsub(&now, &sub, &now); + + /* Only consider sockets from the same hostname */ + if (!ignore_hosthash) { + if ((path = agent_hostname_hash()) == NULL) { + error_f("couldn't get hostname hash"); + return; + } + xasprintf(&prefix, "s.%s.", path); + free(path); + } + + xasprintf(&dirpath, "%s/%s", homedir, _PATH_SSH_AGENT_SOCKET_DIR); + if ((d = opendir(dirpath)) == NULL) { + if (errno != ENOENT) + error_f("opendir \"%s\": %s", dirpath, strerror(errno)); + free(dirpath); + return; + } + while ((dp = readdir(d)) != NULL) { + if (dp->d_type != DT_SOCK && dp->d_type != DT_UNKNOWN) + continue; + if (fstatat(dirfd(d), dp->d_name, + &sb, AT_SYMLINK_NOFOLLOW) != 0 && errno != ENOENT) { + error_f("stat \"%s/%s\": %s", + dirpath, dp->d_name, strerror(errno)); + continue; + } + if (!S_ISSOCK(sb.st_mode)) + continue; + if (timespeccmp(&sb.st_mtim, &now, >)) { + debug3_f("Ignoring recent socket \"%s/%s\"", + dirpath, dp->d_name); + continue; + } + if (!ignore_hosthash && + strncmp(dp->d_name, prefix, strlen(prefix)) != 0) { + debug3_f("Ignoring socket \"%s/%s\" " + "from different host", dirpath, dp->d_name); + continue; + } + xasprintf(&path, "%s/%s", dirpath, dp->d_name); + if (socket_is_stale(path)) { + debug_f("cleanup stale socket %s", path); + unlinkat(dirfd(d), dp->d_name, 0); + } + free(path); + } + closedir(d); + free(dirpath); + free(prefix); +} + From 6ab8133c067a8e91ba69ce7ca04f95b50f2f2d7b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 5 May 2025 14:59:30 +1000 Subject: [PATCH 016/687] depend --- .depend | 1 + 1 file changed, 1 insertion(+) diff --git a/.depend b/.depend index 152905fb7b78..975d4427a2fb 100644 --- a/.depend +++ b/.depend @@ -79,6 +79,7 @@ loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h +misc-agent.o: digest.h log.h ssherr.h misc.h pathnames.h ssh.h xmalloc.h misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssherr.h ssh.h sshbuf.h moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h ssherr.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h sk-api.h srclimit.h From 7a7cc3cf721fe7fe9f4925d92bb7c694b8550a7f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 5 May 2025 18:51:34 +1000 Subject: [PATCH 017/687] Cygwin install in back on D: --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index e3e28da6f1b1..9b2767a8514d 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -192,7 +192,7 @@ while [ ! -z "$PACKAGES" ] && [ "$tries" -gt "0" ]; do fi ;; setup) - if /cygdrive/d/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then + if /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then PACKAGES="" fi ;; From 7c0e6626e4be53efcfbb92f0c6382a76f1138e38 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 5 May 2025 19:08:48 +1000 Subject: [PATCH 018/687] includes.h for compat, time.h for clock_gettime. --- misc-agent.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/misc-agent.c b/misc-agent.c index d065ab0e5b7a..a8605302ef8c 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -14,6 +14,8 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "includes.h" + #include #include #include @@ -25,6 +27,9 @@ #include #include #include +#ifdef HAVE_TIME_H +# include +#endif #include #include "digest.h" From 27861e9b15151898841097c14ee974c026093131 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 5 May 2025 19:09:25 +1000 Subject: [PATCH 019/687] Supply timespecsub if needed. --- defines.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/defines.h b/defines.h index 3721ae16ef92..a1bd6fad345e 100644 --- a/defines.h +++ b/defines.h @@ -515,6 +515,13 @@ struct winsize { } while (0) #endif +#ifndef timespeccmp +#define timespeccmp(tsp, usp, cmp) \ + (((tsp)->tv_sec == (usp)->tv_sec) ? \ + ((tsp)->tv_nsec cmp (usp)->tv_nsec) : \ + ((tsp)->tv_sec cmp (usp)->tv_sec)) +#endif + #ifndef TIMEVAL_TO_TIMESPEC #define TIMEVAL_TO_TIMESPEC(tv, ts) { \ (ts)->tv_sec = (tv)->tv_sec; \ From 61525ba967ac1bb7394ea0792aa6030bcbbad049 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 5 May 2025 20:45:42 +1000 Subject: [PATCH 020/687] Handle systems that don't have st_mtim. Ignores nanoseconds, but it's checking for >1h old so a few nanoseconds shouldn't matter much. Fixes build on Mac OS X. --- misc-agent.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/misc-agent.c b/misc-agent.c index a8605302ef8c..f13ccdf26b5d 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -270,7 +270,7 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) struct dirent *dp; struct stat sb; char *prefix = NULL, *dirpath, *path; - struct timespec now, sub; + struct timespec now, sub, *mtimp = NULL; /* Only consider sockets last modified > 1 hour ago */ if (clock_gettime(CLOCK_REALTIME, &now) != 0) { @@ -309,7 +309,14 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) } if (!S_ISSOCK(sb.st_mode)) continue; - if (timespeccmp(&sb.st_mtim, &now, >)) { +#ifdef HAVE_STRUCT_STAT_ST_MTIM + mtimp = &sb.st_mtim; +#else + sub.tv_sec = sb.st_mtime; + sub.tv_nsec = 0; + mtimp = ⊂ +#endif + if (timespeccmp(mtimp, &now, >)) { debug3_f("Ignoring recent socket \"%s/%s\"", dirpath, dp->d_name); continue; From 57eb87b15bd0343372f99d661ce95efb25a16f1e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 6 May 2025 08:07:23 +1000 Subject: [PATCH 021/687] Boringssl now puts libcrypto in a different place. --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 9b2767a8514d..df70c96ecb8a 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -248,7 +248,7 @@ if [ ! -z "${INSTALL_BORINGSSL}" ]; then cd ${HOME}/boringssl && mkdir build && cd build && cmake -GNinja -DCMAKE_POSITION_INDEPENDENT_CODE=ON .. && ninja && mkdir -p /opt/boringssl/lib && - cp ${HOME}/boringssl/build/crypto/libcrypto.a /opt/boringssl/lib && + cp ${HOME}/boringssl/build/libcrypto.a /opt/boringssl/lib && cp -r ${HOME}/boringssl/include /opt/boringssl) fi From d2480827b3ef6ec119965822afdff35d734b2dee Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 6 May 2025 08:15:34 +1000 Subject: [PATCH 022/687] New location of cygwin setup. --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index df70c96ecb8a..e4c7b041aa50 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -192,7 +192,7 @@ while [ ! -z "$PACKAGES" ] && [ "$tries" -gt "0" ]; do fi ;; setup) - if /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then + if /cygdrive/d/cygwin/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then PACKAGES="" fi ;; From 5fd6ef297dec23e3574646b6334087131230d0a6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 6 May 2025 19:01:00 +1000 Subject: [PATCH 023/687] Add minimal implementations of fstatat and unlinkat. Fixes build on some pre-POSIX.1-2008 platforms. --- configure.ac | 2 ++ openbsd-compat/bsd-misc.c | 40 +++++++++++++++++++++++++++++++++++++++ openbsd-compat/bsd-misc.h | 8 ++++++++ 3 files changed, 50 insertions(+) diff --git a/configure.ac b/configure.ac index 69b74add8d00..b19f790cdd54 100644 --- a/configure.ac +++ b/configure.ac @@ -2004,6 +2004,7 @@ AC_CHECK_FUNCS([ \ fnmatch \ freeaddrinfo \ freezero \ + fstatat \ fstatfs \ fstatvfs \ futimes \ @@ -2099,6 +2100,7 @@ AC_CHECK_FUNCS([ \ timegm \ timingsafe_bcmp \ truncate \ + unlinkat \ unsetenv \ updwtmpx \ utimensat \ diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 226a5915bd1d..b26b4ba4670e 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -220,6 +220,46 @@ fchmodat(int fd, const char *path, mode_t mode, int flag) } #endif +#ifndef HAVE_FSTATAT +/* + * A limited implementation of fstatat that just has what OpenSSH uses: + * cwd-relative and absolute paths, with or without following symlinks. + */ +int +fstatat(int dirfd, const char *path, struct stat *sb, int flag) +{ + if (dirfd != AT_FDCWD && path && path[0] != '/') { + errno = ENOSYS; + return -1; + } + if (flag == 0) + return stat(path, sb); + else if (flag == AT_SYMLINK_NOFOLLOW) + return lstat(path, sb); + errno = ENOSYS; + return -1; +} +#endif + +#ifndef HAVE_UNLINKAT +/* + * A limited implementation of unlinkat that just has what OpenSSH uses: + * cwd-relative and absolute paths. + */ +int +unlinkat(int dirfd, const char *path, int flag) +{ + if (dirfd != AT_FDCWD && path && path[0] != '/') { + errno = ENOSYS; + return -1; + } + if (flag == 0) + return unlink(path); + errno = ENOSYS; + return -1; +} +#endif + #ifndef HAVE_TRUNCATE int truncate(const char *path, off_t length) { diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 61ead1b7fad0..edb0fcc8ca2b 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -77,6 +77,14 @@ int fchmodat(int, const char *, mode_t, int); int fchownat(int, const char *, uid_t, gid_t, int); #endif +#ifdef HAVE_FSTATAT +int fstatat(int, const char *, struct stat *, int); +#endif + +#ifdef HAVE_UNLINKAT +int unlinkat(int, const char *, int); +#endif + #ifndef HAVE_TRUNCATE int truncate (const char *, off_t); #endif /* HAVE_TRUNCATE */ From fe883543bece18c975fa53aa02104f0433645d99 Mon Sep 17 00:00:00 2001 From: "jmc@openbsd.org" Date: Mon, 5 May 2025 05:47:28 +0000 Subject: [PATCH 024/687] upstream: - add full stop to the text in -a - move the -U and -u text to the correct place OpenBSD-Commit-ID: 2fb484337a0978c703f61983bb14bc5cbaf898c2 --- ssh-agent.1 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ssh-agent.1 b/ssh-agent.1 index 3b515ac42384..9f56e3efdc08 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.83 2025/05/05 02:48:06 djm Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.84 2025/05/05 05:47:28 jmc Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -78,7 +78,7 @@ Bind the agent to the socket .Ar bind_address . The default is to create a socket at a random path matching -.Pa $HOME/.ssh/agent/s.* +.Pa $HOME/.ssh/agent/s.* . .It Fl c Generate C-shell commands on standard output. This is the default if @@ -189,11 +189,6 @@ A lifetime specified for an identity with .Xr ssh-add 1 overrides this value. Without this option the default maximum lifetime is forever. -.It Ar command Op Ar arg ... -If a command (and optional arguments) is given, -this is executed as a subprocess of the agent. -The agent exits automatically when the command given on the command -line terminates. .It Fl U Instructs .Nm @@ -208,6 +203,11 @@ and then exit immediately. If this option is given twice, .Nm will delete stale agent sockets regardless of the host name that created them. +.It Ar command Op Ar arg ... +If a command (and optional arguments) is given, +this is executed as a subprocess of the agent. +The agent exits automatically when the command given on the command +line terminates. .El .Pp There are three main ways to get an agent set up. From 928f8dcc1bb622c25be409c34374b655d0149373 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 5 May 2025 05:51:11 +0000 Subject: [PATCH 025/687] upstream: Now that there's an I-D for certificate keys, refer to that instead of the much more basic format description we had previously. OpenBSD-Commit-ID: cf01e0727a813fee8626ad7b3aa240621cc92014 --- PROTOCOL | 4 +- PROTOCOL.certkeys | 326 ---------------------------------------------- 2 files changed, 2 insertions(+), 328 deletions(-) delete mode 100644 PROTOCOL.certkeys diff --git a/PROTOCOL b/PROTOCOL index 26387793febc..a0a9837efe3e 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -41,7 +41,7 @@ https://www.openssh.com/txt/draft-miller-secsh-compression-delayed-00.txt OpenSSH introduces new public key algorithms to support certificate authentication for users and host keys. These methods are documented -in the file PROTOCOL.certkeys +in at https://datatracker.ietf.org/doc/draft-miller-ssh-cert/ 1.4. transport: Elliptic Curve cryptography @@ -792,4 +792,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.55 2024/01/08 05:05:15 djm Exp $ +$OpenBSD: PROTOCOL,v 1.56 2025/05/05 05:51:11 djm Exp $ diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys deleted file mode 100644 index 0a212c635c5d..000000000000 --- a/PROTOCOL.certkeys +++ /dev/null @@ -1,326 +0,0 @@ -This document describes a simple public-key certificate authentication -system for use by SSH. - -Background ----------- - -The SSH protocol currently supports a simple public key authentication -mechanism. Unlike other public key implementations, SSH eschews the use -of X.509 certificates and uses raw keys. This approach has some benefits -relating to simplicity of configuration and minimisation of attack -surface, but it does not support the important use-cases of centrally -managed, passwordless authentication and centrally certified host keys. - -These protocol extensions build on the simple public key authentication -system already in SSH to allow certificate-based authentication. The -certificates used are not traditional X.509 certificates, with numerous -options and complex encoding rules, but something rather more minimal: a -key, some identity information and usage options that have been signed -with some other trusted key. - -A sshd server may be configured to allow authentication via certified -keys, by extending the existing ~/.ssh/authorized_keys mechanism to -allow specification of certification authority keys in addition to -raw user keys. The ssh client will support automatic verification of -acceptance of certified host keys, by adding a similar ability to -specify CA keys in ~/.ssh/known_hosts. - -All certificate types include certification information along with the -public key that is used to sign challenges. In OpenSSH, ssh-keygen -performs the CA signing operation. - -Certified keys are represented using new key types: - - ssh-rsa-cert-v01@openssh.com - ssh-dss-cert-v01@openssh.com - ecdsa-sha2-nistp256-cert-v01@openssh.com - ecdsa-sha2-nistp384-cert-v01@openssh.com - ecdsa-sha2-nistp521-cert-v01@openssh.com - ssh-ed25519-cert-v01@openssh.com - -Two additional types exist for RSA certificates to force use of -SHA-2 signatures (SHA-256 and SHA-512 respectively): - - rsa-sha2-256-cert-v01@openssh.com - rsa-sha2-512-cert-v01@openssh.com - -These RSA/SHA-2 types should not appear in keys at rest or transmitted -on the wire, but do appear in a SSH_MSG_KEXINIT's host-key algorithms -field or in the "public key algorithm name" field of a "publickey" -SSH_USERAUTH_REQUEST to indicate that the signature will use the -specified algorithm. - -Protocol extensions -------------------- - -The SSH wire protocol includes several extensibility mechanisms. -These modifications shall take advantage of namespaced public key -algorithm names to add support for certificate authentication without -breaking the protocol - implementations that do not support the -extensions will simply ignore them. - -Authentication using the new key formats described below proceeds -using the existing SSH "publickey" authentication method described -in RFC4252 section 7. - -New public key formats ----------------------- - -The certificate key types take a similar high-level format (note: data -types and encoding are as per RFC4251 section 5). The serialised wire -encoding of these certificates is also used for storing them on disk. - -#define SSH_CERT_TYPE_USER 1 -#define SSH_CERT_TYPE_HOST 2 - -RSA certificate - - string "ssh-rsa-cert-v01@openssh.com" - string nonce - mpint e - mpint n - uint64 serial - uint32 type - string key id - string valid principals - uint64 valid after - uint64 valid before - string critical options - string extensions - string reserved - string signature key - string signature - -DSA certificate - - string "ssh-dss-cert-v01@openssh.com" - string nonce - mpint p - mpint q - mpint g - mpint y - uint64 serial - uint32 type - string key id - string valid principals - uint64 valid after - uint64 valid before - string critical options - string extensions - string reserved - string signature key - string signature - -ECDSA certificate - - string "ecdsa-sha2-nistp256-cert-v01@openssh.com" | - "ecdsa-sha2-nistp384-cert-v01@openssh.com" | - "ecdsa-sha2-nistp521-cert-v01@openssh.com" - string nonce - string curve - string public_key - uint64 serial - uint32 type - string key id - string valid principals - uint64 valid after - uint64 valid before - string critical options - string extensions - string reserved - string signature key - string signature - -ED25519 certificate - - string "ssh-ed25519-cert-v01@openssh.com" - string nonce - string pk - uint64 serial - uint32 type - string key id - string valid principals - uint64 valid after - uint64 valid before - string critical options - string extensions - string reserved - string signature key - string signature - -The nonce field is a CA-provided random bitstring of arbitrary length -(but typically 16 or 32 bytes) included to make attacks that depend on -inducing collisions in the signature hash infeasible. - -e and n are the RSA exponent and public modulus respectively. - -p, q, g, y are the DSA parameters as described in FIPS-186-2. - -curve and public key are respectively the ECDSA "[identifier]" and "Q" -defined in section 3.1 of RFC5656. - -pk is the encoded Ed25519 public key as defined by RFC8032. - -serial is an optional certificate serial number set by the CA to -provide an abbreviated way to refer to certificates from that CA. -If a CA does not wish to number its certificates, it must set this -field to zero. - -type specifies whether this certificate is for identification of a user -or a host using a SSH_CERT_TYPE_... value. - -key id is a free-form text field that is filled in by the CA at the time -of signing; the intention is that the contents of this field are used to -identify the identity principal in log messages. - -"valid principals" is a string containing zero or more principals as -strings packed inside it. These principals list the names for which this -certificate is valid; hostnames for SSH_CERT_TYPE_HOST certificates and -usernames for SSH_CERT_TYPE_USER certificates. As a special case, a -zero-length "valid principals" field means the certificate is valid for -any principal of the specified type. - -"valid after" and "valid before" specify a validity period for the -certificate. Each represents a time in seconds since 1970-01-01 -00:00:00. A certificate is considered valid if: - - valid after <= current time < valid before - -critical options is a set of zero or more key options encoded as -below. All such options are "critical" in the sense that an implementation -must refuse to authorise a key that has an unrecognised option. - -extensions is a set of zero or more optional extensions. These extensions -are not critical, and an implementation that encounters one that it does -not recognise may safely ignore it. - -Generally, critical options are used to control features that restrict -access where extensions are used to enable features that grant access. -This ensures that certificates containing unknown restrictions do not -inadvertently grant access while allowing new protocol features to be -enabled via extensions without breaking certificates' backwards -compatibility. - -The reserved field is currently unused and is ignored in this version of -the protocol. - -The signature key field contains the CA key used to sign the -certificate. The valid key types for CA keys are ssh-rsa, -ssh-dss, ssh-ed25519 and the ECDSA types ecdsa-sha2-nistp256, -ecdsa-sha2-nistp384, ecdsa-sha2-nistp521. "Chained" certificates, where -the signature key type is a certificate type itself are NOT supported. -Note that it is possible for a RSA certificate key to be signed by a -Ed25519 or ECDSA CA key and vice-versa. - -signature is computed over all preceding fields from the initial string -up to, and including the signature key. Signatures are computed and -encoded according to the rules defined for the CA's public key algorithm -(RFC4253 section 6.6 for ssh-rsa and ssh-dss, RFC5656 for the ECDSA -types, and RFC8032 for Ed25519). - -Critical options ----------------- - -The critical options section of the certificate specifies zero or more -options on the certificate's validity. The format of this field -is a sequence of zero or more tuples: - - string name - string data - -Options must be lexically ordered by "name" if they appear in the -sequence. Each named option may only appear once in a certificate. - -The name field identifies the option. The data field contains -option-specific information encoded as zero or more values inside -the string. I.e. an empty data field would be encoded as a zero- -length string (00 00 00 00), and data field that holds a single -string value "a" would be encoded as (00 00 00 05 00 00 00 01 65). - -All options are "critical"; if an implementation does not recognise -a option, then the validating party should refuse to accept the -certificate. - -Custom options should append the originating author or organisation's -domain name to the option name, e.g. "my-option@example.com". - -No critical options are defined for host certificates at present. The -supported user certificate options and the contents and structure of -their data fields are: - -Name Format Description ------------------------------------------------------------------------------ -force-command string Specifies a command that is executed - (replacing any the user specified on the - ssh command-line) whenever this key is - used for authentication. - -source-address string Comma-separated list of source addresses - from which this certificate is accepted - for authentication. Addresses are - specified in CIDR format (nn.nn.nn.nn/nn - or hhhh::hhhh/nn). - If this option is not present, then - certificates may be presented from any - source address. - -verify-required empty Flag indicating that signatures made - with this certificate must assert FIDO - user verification (e.g. PIN or - biometric). This option only makes sense - for the U2F/FIDO security key types that - support this feature in their signature - formats. - -Extensions ----------- - -The extensions section of the certificate specifies zero or more -non-critical certificate extensions. The encoding and ordering of -extensions in this field is identical to that of the critical options, -as is the requirement that each name appear only once. - -If an implementation does not recognise an extension, then it should -ignore it. - -Custom options should append the originating author or organisation's -domain name to the option name, e.g. "my-option@example.com". - -No extensions are defined for host certificates at present. The -supported user certificate extensions and the contents and structure of -their data fields are: - -Name Format Description ------------------------------------------------------------------------------ -no-touch-required empty Flag indicating that signatures made - with this certificate need not assert - FIDO user presence. This option only - makes sense for the U2F/FIDO security - key types that support this feature in - their signature formats. - -permit-X11-forwarding empty Flag indicating that X11 forwarding - should be permitted. X11 forwarding will - be refused if this option is absent. - -permit-agent-forwarding empty Flag indicating that agent forwarding - should be allowed. Agent forwarding - must not be permitted unless this - option is present. - -permit-port-forwarding empty Flag indicating that port-forwarding - should be allowed. If this option is - not present, then no port forwarding will - be allowed. - -permit-pty empty Flag indicating that PTY allocation - should be permitted. In the absence of - this option PTY allocation will be - disabled. - -permit-user-rc empty Flag indicating that execution of - ~/.ssh/rc should be permitted. Execution - of this script will not be permitted if - this option is not present. - -$OpenBSD: PROTOCOL.certkeys,v 1.20 2024/12/06 16:02:12 djm Exp $ From a32d28d792567253bb601362f36391f155f8f772 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 6 May 2025 05:40:56 +0000 Subject: [PATCH 026/687] upstream: finally remove DSA signature support from OpenSSH. feedback/ok tb@, ok deraadt@ OpenBSD-Commit-ID: bfe6ee73c1b676c81a2901030c791f8ec888228f --- .depend | 3 +- Makefile.in | 2 +- PROTOCOL | 11 +- TODO | 2 +- authfd.c | 4 +- authfile.c | 3 +- configure.ac | 1 - contrib/cygwin/ssh-user-config | 3 +- dns.c | 5 +- hostfile.c | 6 +- openbsd-compat/openssl-compat.h | 3 - pathnames.h | 4 +- readconf.c | 5 +- ssh-add.c | 5 +- ssh-dss.c | 457 -------------------------------- ssh-keygen.c | 89 +------ ssh-keyscan.c | 26 +- ssh-keysign.c | 5 +- ssh.c | 8 +- ssh_config | 3 +- sshconnect.c | 5 +- sshd-auth.c | 5 +- sshd-session.c | 3 +- sshd.c | 3 +- sshkey.c | 42 +-- sshkey.h | 11 +- 26 files changed, 41 insertions(+), 673 deletions(-) delete mode 100644 ssh-dss.c diff --git a/.depend b/.depend index 975d4427a2fb..3e64eb84a6a5 100644 --- a/.depend +++ b/.depend @@ -79,7 +79,7 @@ loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h -misc-agent.o: digest.h log.h ssherr.h misc.h pathnames.h ssh.h xmalloc.h +misc-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h misc.h pathnames.h ssh.h xmalloc.h misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssherr.h ssh.h sshbuf.h moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h ssherr.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h sk-api.h srclimit.h @@ -129,7 +129,6 @@ sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-com srclimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h addr.h canohost.h log.h ssherr.h misc.h srclimit.h xmalloc.h servconf.h openbsd-compat/sys-queue.h match.h ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h digest.h ssh-sk.h sk-api.h hostfile.h ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h myproposal.h -ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-ecdsa-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h sshbuf.h ssherr.h digest.h sshkey.h ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-ed25519-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h digest.h diff --git a/Makefile.in b/Makefile.in index 4550e17951f4..ae86a712b17b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -105,7 +105,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ log.o match.o moduli.o nchan.o packet.o \ readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ atomicio.o dispatch.o mac.o misc.o utf8.o \ - monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-ecdsa-sk.o \ + monitor_fdpass.o rijndael.o ssh-ecdsa.o ssh-ecdsa-sk.o \ ssh-ed25519-sk.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o smult_curve25519_ref.o \ diff --git a/PROTOCOL b/PROTOCOL index a0a9837efe3e..f99173c527b7 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -34,7 +34,6 @@ The method is documented in: https://www.openssh.com/txt/draft-miller-secsh-compression-delayed-00.txt 1.3. transport: New public key algorithms "ssh-rsa-cert-v01@openssh.com", - "ssh-dsa-cert-v01@openssh.com", "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ecdsa-sha2-nistp384-cert-v01@openssh.com" and "ecdsa-sha2-nistp521-cert-v01@openssh.com" @@ -765,15 +764,15 @@ authorized_keys files, are formatted as a single line of text consisting of the public key algorithm name followed by a base64-encoded key blob. The public key blob (before base64 encoding) is the same format used for the encoding of public keys sent on the wire: as described in RFC4253 -section 6.6 for RSA and DSA keys, RFC5656 section 3.1 for ECDSA keys -and the "New public key formats" section of PROTOCOL.certkeys for the -OpenSSH certificate formats. +section 6.6 for RSA keys, RFC5656 section 3.1 for ECDSA keys and +https://datatracker.ietf.org/doc/draft-miller-ssh-cert/ +for the OpenSSH certificate formats. 5.2 Private key format OpenSSH private keys, as generated by ssh-keygen(1) use the format described in PROTOCOL.key by default. As a legacy option, PEM format -(RFC7468) private keys are also supported for RSA, DSA and ECDSA keys +(RFC7468) private keys are also supported for RSA and ECDSA keys and were the default format before OpenSSH 7.8. 5.3 KRL format @@ -792,4 +791,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.56 2025/05/05 05:51:11 djm Exp $ +$OpenBSD: PROTOCOL,v 1.57 2025/05/06 05:40:56 djm Exp $ diff --git a/TODO b/TODO index b76529c960a0..e9e2d96e6e1d 100644 --- a/TODO +++ b/TODO @@ -7,7 +7,7 @@ Documentation: - Install FAQ? -- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it +- General FAQ on S/Key, TIS, RSA, RSA2, etc and suggestions on when it would be best to use them. - Create a Documentation/ directory? diff --git a/authfd.c b/authfd.c index e04ad0cf2d02..66797880af84 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.134 2023/12/18 14:46:56 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.135 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -601,8 +601,6 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, #ifdef WITH_OPENSSL case KEY_RSA: case KEY_RSA_CERT: - case KEY_DSA: - case KEY_DSA_CERT: case KEY_ECDSA: case KEY_ECDSA_CERT: case KEY_ECDSA_SK: diff --git a/authfile.c b/authfile.c index 4a2f21eb7f6d..bf485baf237a 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.145 2024/09/22 12:56:21 jsg Exp $ */ +/* $OpenBSD: authfile.c,v 1.146 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -328,7 +328,6 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, switch (type) { #ifdef WITH_OPENSSL case KEY_RSA: - case KEY_DSA: case KEY_ECDSA: #endif /* WITH_OPENSSL */ case KEY_ED25519: diff --git a/configure.ac b/configure.ac index b19f790cdd54..221d5f5618bf 100644 --- a/configure.ac +++ b/configure.ac @@ -3078,7 +3078,6 @@ if test "x$openssl" = "xyes" ; then AC_CHECK_FUNCS([ \ BN_is_prime_ex \ DES_crypt \ - DSA_generate_parameters_ex \ EVP_DigestSign \ EVP_DigestVerify \ EVP_DigestFinal_ex \ diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config index 3858722f646d..35802d06ecba 100644 --- a/contrib/cygwin/ssh-user-config +++ b/contrib/cygwin/ssh-user-config @@ -246,9 +246,8 @@ done check_user_homedir check_user_dot_ssh_dir create_identity id_rsa rsa "SSH2 RSA" -create_identity id_dsa dsa "SSH2 DSA" +create_identity id_ed25519 ed25519 "SSH2 Ed25519" create_identity id_ecdsa ecdsa "SSH2 ECDSA" -create_identity identity rsa1 "(deprecated) SSH1 RSA" fix_authorized_keys_perms echo diff --git a/dns.c b/dns.c index 939241440777..c01c7bebee18 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.44 2023/03/10 04:06:21 dtucker Exp $ */ +/* $OpenBSD: dns.c,v 1.45 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -88,9 +88,6 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, case KEY_RSA: *algorithm = SSHFP_KEY_RSA; break; - case KEY_DSA: - *algorithm = SSHFP_KEY_DSA; - break; case KEY_ECDSA: *algorithm = SSHFP_KEY_ECDSA; break; diff --git a/hostfile.c b/hostfile.c index 4b4a0e31ef38..4cec57da50c6 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.98 2025/05/05 02:48:07 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.99 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -150,8 +150,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) } /* - * Parses an RSA (number of bits, e, n) or DSA key from a string. Moves the - * pointer over the key. Skips any whitespace at the beginning and at end. + * Parses an RSA key from a string. Moves the pointer over the key. + * Skips any whitespace at the beginning and at end. */ int diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 6b8fff412951..a7c41c235b5c 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -45,9 +45,6 @@ void ssh_libcrypto_init(void); #ifndef OPENSSL_RSA_MAX_MODULUS_BITS # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 #endif -#ifndef OPENSSL_DSA_MAX_MODULUS_BITS -# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 -#endif #ifdef LIBRESSL_VERSION_NUMBER # if LIBRESSL_VERSION_NUMBER < 0x3010000fL diff --git a/pathnames.h b/pathnames.h index e07395cb6f26..9e76dbba841f 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.34 2025/05/05 02:48:06 djm Exp $ */ +/* $OpenBSD: pathnames.h,v 1.35 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen @@ -36,7 +36,6 @@ */ #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" -#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" #define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key" @@ -87,7 +86,6 @@ * Name of the default file containing client-side authentication key. This * file should only be readable by the user him/herself. */ -#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa" #define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" #define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" #define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519" diff --git a/readconf.c b/readconf.c index 7cbe7d2c2dc5..a56cbe0da7d0 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.398 2025/03/18 04:53:14 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.399 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2869,9 +2869,6 @@ fill_default_options(Options * options) add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ED25519_SK, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); -#ifdef WITH_DSA - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0); -#endif } if (options->escape_char == -1) options->escape_char = '~'; diff --git a/ssh-add.c b/ssh-add.c index 0035cb84a0c1..18897a0a834d 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.173 2024/09/06 02:30:44 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.174 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -85,9 +85,6 @@ static char *default_files[] = { _PATH_SSH_CLIENT_ID_ED25519, _PATH_SSH_CLIENT_ID_ED25519_SK, _PATH_SSH_CLIENT_ID_XMSS, -#ifdef WITH_DSA - _PATH_SSH_CLIENT_ID_DSA, -#endif NULL }; diff --git a/ssh-dss.c b/ssh-dss.c deleted file mode 100644 index aea661377f5c..000000000000 --- a/ssh-dss.c +++ /dev/null @@ -1,457 +0,0 @@ -/* $OpenBSD: ssh-dss.c,v 1.50 2024/01/11 01:45:36 djm Exp $ */ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" - -#if defined(WITH_OPENSSL) && defined(WITH_DSA) - -#include - -#include -#include -#include - -#include -#include - -#include "sshbuf.h" -#include "ssherr.h" -#include "digest.h" -#define SSHKEY_INTERNAL -#include "sshkey.h" - -#include "openbsd-compat/openssl-compat.h" - -#define INTBLOB_LEN 20 -#define SIGBLOB_LEN (2*INTBLOB_LEN) - -static u_int -ssh_dss_size(const struct sshkey *key) -{ - const BIGNUM *dsa_p; - - if (key->dsa == NULL) - return 0; - DSA_get0_pqg(key->dsa, &dsa_p, NULL, NULL); - return BN_num_bits(dsa_p); -} - -static int -ssh_dss_alloc(struct sshkey *k) -{ - if ((k->dsa = DSA_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - return 0; -} - -static void -ssh_dss_cleanup(struct sshkey *k) -{ - DSA_free(k->dsa); - k->dsa = NULL; -} - -static int -ssh_dss_equal(const struct sshkey *a, const struct sshkey *b) -{ - const BIGNUM *dsa_p_a, *dsa_q_a, *dsa_g_a, *dsa_pub_key_a; - const BIGNUM *dsa_p_b, *dsa_q_b, *dsa_g_b, *dsa_pub_key_b; - - if (a->dsa == NULL || b->dsa == NULL) - return 0; - DSA_get0_pqg(a->dsa, &dsa_p_a, &dsa_q_a, &dsa_g_a); - DSA_get0_pqg(b->dsa, &dsa_p_b, &dsa_q_b, &dsa_g_b); - DSA_get0_key(a->dsa, &dsa_pub_key_a, NULL); - DSA_get0_key(b->dsa, &dsa_pub_key_b, NULL); - if (dsa_p_a == NULL || dsa_p_b == NULL || - dsa_q_a == NULL || dsa_q_b == NULL || - dsa_g_a == NULL || dsa_g_b == NULL || - dsa_pub_key_a == NULL || dsa_pub_key_b == NULL) - return 0; - if (BN_cmp(dsa_p_a, dsa_p_b) != 0) - return 0; - if (BN_cmp(dsa_q_a, dsa_q_b) != 0) - return 0; - if (BN_cmp(dsa_g_a, dsa_g_b) != 0) - return 0; - if (BN_cmp(dsa_pub_key_a, dsa_pub_key_b) != 0) - return 0; - return 1; -} - -static int -ssh_dss_serialize_public(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - int r; - const BIGNUM *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key; - - if (key->dsa == NULL) - return SSH_ERR_INVALID_ARGUMENT; - DSA_get0_pqg(key->dsa, &dsa_p, &dsa_q, &dsa_g); - DSA_get0_key(key->dsa, &dsa_pub_key, NULL); - if (dsa_p == NULL || dsa_q == NULL || - dsa_g == NULL || dsa_pub_key == NULL) - return SSH_ERR_INTERNAL_ERROR; - if ((r = sshbuf_put_bignum2(b, dsa_p)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_q)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_g)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_pub_key)) != 0) - return r; - - return 0; -} - -static int -ssh_dss_serialize_private(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - int r; - const BIGNUM *dsa_priv_key; - - DSA_get0_key(key->dsa, NULL, &dsa_priv_key); - if (!sshkey_is_cert(key)) { - if ((r = ssh_dss_serialize_public(key, b, opts)) != 0) - return r; - } - if ((r = sshbuf_put_bignum2(b, dsa_priv_key)) != 0) - return r; - - return 0; -} - -static int -ssh_dss_generate(struct sshkey *k, int bits) -{ - DSA *private; - - if (bits != 1024) - return SSH_ERR_KEY_LENGTH; - if ((private = DSA_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if (!DSA_generate_parameters_ex(private, bits, NULL, 0, NULL, - NULL, NULL) || !DSA_generate_key(private)) { - DSA_free(private); - return SSH_ERR_LIBCRYPTO_ERROR; - } - k->dsa = private; - return 0; -} - -static int -ssh_dss_copy_public(const struct sshkey *from, struct sshkey *to) -{ - const BIGNUM *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key; - BIGNUM *dsa_p_dup = NULL, *dsa_q_dup = NULL, *dsa_g_dup = NULL; - BIGNUM *dsa_pub_key_dup = NULL; - int r = SSH_ERR_INTERNAL_ERROR; - - DSA_get0_pqg(from->dsa, &dsa_p, &dsa_q, &dsa_g); - DSA_get0_key(from->dsa, &dsa_pub_key, NULL); - if ((dsa_p_dup = BN_dup(dsa_p)) == NULL || - (dsa_q_dup = BN_dup(dsa_q)) == NULL || - (dsa_g_dup = BN_dup(dsa_g)) == NULL || - (dsa_pub_key_dup = BN_dup(dsa_pub_key)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (!DSA_set0_pqg(to->dsa, dsa_p_dup, dsa_q_dup, dsa_g_dup)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_p_dup = dsa_q_dup = dsa_g_dup = NULL; /* transferred */ - if (!DSA_set0_key(to->dsa, dsa_pub_key_dup, NULL)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_pub_key_dup = NULL; /* transferred */ - /* success */ - r = 0; - out: - BN_clear_free(dsa_p_dup); - BN_clear_free(dsa_q_dup); - BN_clear_free(dsa_g_dup); - BN_clear_free(dsa_pub_key_dup); - return r; -} - -static int -ssh_dss_deserialize_public(const char *ktype, struct sshbuf *b, - struct sshkey *key) -{ - int ret = SSH_ERR_INTERNAL_ERROR; - BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL, *dsa_pub_key = NULL; - - if (sshbuf_get_bignum2(b, &dsa_p) != 0 || - sshbuf_get_bignum2(b, &dsa_q) != 0 || - sshbuf_get_bignum2(b, &dsa_g) != 0 || - sshbuf_get_bignum2(b, &dsa_pub_key) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (!DSA_set0_pqg(key->dsa, dsa_p, dsa_q, dsa_g)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_p = dsa_q = dsa_g = NULL; /* transferred */ - if (!DSA_set0_key(key->dsa, dsa_pub_key, NULL)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_pub_key = NULL; /* transferred */ -#ifdef DEBUG_PK - DSA_print_fp(stderr, key->dsa, 8); -#endif - /* success */ - ret = 0; - out: - BN_clear_free(dsa_p); - BN_clear_free(dsa_q); - BN_clear_free(dsa_g); - BN_clear_free(dsa_pub_key); - return ret; -} - -static int -ssh_dss_deserialize_private(const char *ktype, struct sshbuf *b, - struct sshkey *key) -{ - int r; - BIGNUM *dsa_priv_key = NULL; - - if (!sshkey_is_cert(key)) { - if ((r = ssh_dss_deserialize_public(ktype, b, key)) != 0) - return r; - } - - if ((r = sshbuf_get_bignum2(b, &dsa_priv_key)) != 0) - return r; - if (!DSA_set0_key(key->dsa, NULL, dsa_priv_key)) { - BN_clear_free(dsa_priv_key); - return SSH_ERR_LIBCRYPTO_ERROR; - } - return 0; -} - -static int -ssh_dss_sign(struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) -{ - DSA_SIG *sig = NULL; - const BIGNUM *sig_r, *sig_s; - u_char digest[SSH_DIGEST_MAX_LENGTH], sigblob[SIGBLOB_LEN]; - size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); - struct sshbuf *b = NULL; - int ret = SSH_ERR_INVALID_ARGUMENT; - - if (lenp != NULL) - *lenp = 0; - if (sigp != NULL) - *sigp = NULL; - - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA) - return SSH_ERR_INVALID_ARGUMENT; - if (dlen == 0) - return SSH_ERR_INTERNAL_ERROR; - - if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, - digest, sizeof(digest))) != 0) - goto out; - - if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - - DSA_SIG_get0(sig, &sig_r, &sig_s); - rlen = BN_num_bytes(sig_r); - slen = BN_num_bytes(sig_s); - if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) { - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } - explicit_bzero(sigblob, SIGBLOB_LEN); - BN_bn2bin(sig_r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); - BN_bn2bin(sig_s, sigblob + SIGBLOB_LEN - slen); - - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((ret = sshbuf_put_cstring(b, "ssh-dss")) != 0 || - (ret = sshbuf_put_string(b, sigblob, SIGBLOB_LEN)) != 0) - goto out; - - len = sshbuf_len(b); - if (sigp != NULL) { - if ((*sigp = malloc(len)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sshbuf_ptr(b), len); - } - if (lenp != NULL) - *lenp = len; - ret = 0; - out: - explicit_bzero(digest, sizeof(digest)); - DSA_SIG_free(sig); - sshbuf_free(b); - return ret; -} - -static int -ssh_dss_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) -{ - DSA_SIG *dsig = NULL; - BIGNUM *sig_r = NULL, *sig_s = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; - size_t len, hlen = ssh_digest_bytes(SSH_DIGEST_SHA1); - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - char *ktype = NULL; - - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; - if (hlen == 0) - return SSH_ERR_INTERNAL_ERROR; - - /* fetch signature */ - if ((b = sshbuf_from(sig, siglen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if (sshbuf_get_cstring(b, &ktype, NULL) != 0 || - sshbuf_get_string(b, &sigblob, &len) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (strcmp("ssh-dss", ktype) != 0) { - ret = SSH_ERR_KEY_TYPE_MISMATCH; - goto out; - } - if (sshbuf_len(b) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } - - if (len != SIGBLOB_LEN) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* parse signature */ - if ((dsig = DSA_SIG_new()) == NULL || - (sig_r = BN_new()) == NULL || - (sig_s = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig_r) == NULL) || - (BN_bin2bn(sigblob + INTBLOB_LEN, INTBLOB_LEN, sig_s) == NULL)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (!DSA_SIG_set0(dsig, sig_r, sig_s)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - sig_r = sig_s = NULL; /* transferred */ - - /* sha1 the data */ - if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, dlen, - digest, sizeof(digest))) != 0) - goto out; - - switch (DSA_do_verify(digest, hlen, dsig, key->dsa)) { - case 1: - ret = 0; - break; - case 0: - ret = SSH_ERR_SIGNATURE_INVALID; - goto out; - default: - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - - out: - explicit_bzero(digest, sizeof(digest)); - DSA_SIG_free(dsig); - BN_clear_free(sig_r); - BN_clear_free(sig_s); - sshbuf_free(b); - free(ktype); - if (sigblob != NULL) - freezero(sigblob, len); - return ret; -} - -static const struct sshkey_impl_funcs sshkey_dss_funcs = { - /* .size = */ ssh_dss_size, - /* .alloc = */ ssh_dss_alloc, - /* .cleanup = */ ssh_dss_cleanup, - /* .equal = */ ssh_dss_equal, - /* .ssh_serialize_public = */ ssh_dss_serialize_public, - /* .ssh_deserialize_public = */ ssh_dss_deserialize_public, - /* .ssh_serialize_private = */ ssh_dss_serialize_private, - /* .ssh_deserialize_private = */ ssh_dss_deserialize_private, - /* .generate = */ ssh_dss_generate, - /* .copy_public = */ ssh_dss_copy_public, - /* .sign = */ ssh_dss_sign, - /* .verify = */ ssh_dss_verify, -}; - -const struct sshkey_impl sshkey_dss_impl = { - /* .name = */ "ssh-dss", - /* .shortname = */ "DSA", - /* .sigalg = */ NULL, - /* .type = */ KEY_DSA, - /* .nid = */ 0, - /* .cert = */ 0, - /* .sigonly = */ 0, - /* .keybits = */ 0, - /* .funcs = */ &sshkey_dss_funcs, -}; - -const struct sshkey_impl sshkey_dsa_cert_impl = { - /* .name = */ "ssh-dss-cert-v01@openssh.com", - /* .shortname = */ "DSA-CERT", - /* .sigalg = */ NULL, - /* .type = */ KEY_DSA_CERT, - /* .nid = */ 0, - /* .cert = */ 1, - /* .sigonly = */ 0, - /* .keybits = */ 0, - /* .funcs = */ &sshkey_dss_funcs, -}; - -#endif /* WITH_OPENSSL && WITH_DSA */ diff --git a/ssh-keygen.c b/ssh-keygen.c index 89c3ed287628..3217f084d384 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.477 2024/12/04 14:24:20 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.478 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -70,18 +70,14 @@ #define DEFAULT_KEY_TYPE_NAME "ed25519" /* - * Default number of bits in the RSA, DSA and ECDSA keys. These value can be + * Default number of bits in the RSA and ECDSA keys. These value can be * overridden on the command line. * - * These values, with the exception of DSA, provide security equivalent to at - * least 128 bits of security according to NIST Special Publication 800-57: - * Recommendation for Key Management Part 1 rev 4 section 5.6.1. - * For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for - * which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only - * SHA1 we limit the DSA key size 1k bits. + * These values provide security equivalent to at least 128 bits of security + * according to NIST Special Publication 800-57: Recommendation for Key + * Management Part 1 rev 4 section 5.6.1. */ #define DEFAULT_BITS 3072 -#define DEFAULT_BITS_DSA 1024 #define DEFAULT_BITS_ECDSA 256 static int quiet = 0; @@ -185,9 +181,6 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) int nid; switch(type) { - case KEY_DSA: - *bitsp = DEFAULT_BITS_DSA; - break; case KEY_ECDSA: if (name != NULL && (nid = sshkey_ecdsa_nid_from_name(name)) > 0) @@ -203,10 +196,6 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) } #ifdef WITH_OPENSSL switch (type) { - case KEY_DSA: - if (*bitsp != 1024) - fatal("Invalid DSA key length: must be 1024 bits"); - break; case KEY_RSA: if (*bitsp < SSH_RSA_MINIMUM_MODULUS_SIZE) fatal("Invalid RSA key length: minimum is %d bits", @@ -262,12 +251,6 @@ ask_filename(struct passwd *pw, const char *prompt) name = _PATH_SSH_CLIENT_ID_ED25519; else { switch (sshkey_type_from_shortname(key_type_name)) { -#ifdef WITH_DSA - case KEY_DSA_CERT: - case KEY_DSA: - name = _PATH_SSH_CLIENT_ID_DSA; - break; -#endif #ifdef OPENSSL_HAS_ECC case KEY_ECDSA_CERT: case KEY_ECDSA: @@ -382,12 +365,6 @@ do_convert_to_pkcs8(struct sshkey *k) EVP_PKEY_get0_RSA(k->pkey))) fatal("PEM_write_RSA_PUBKEY failed"); break; -#ifdef WITH_DSA - case KEY_DSA: - if (!PEM_write_DSA_PUBKEY(stdout, k->dsa)) - fatal("PEM_write_DSA_PUBKEY failed"); - break; -#endif #ifdef OPENSSL_HAS_ECC case KEY_ECDSA: if (!PEM_write_EC_PUBKEY(stdout, @@ -410,12 +387,6 @@ do_convert_to_pem(struct sshkey *k) EVP_PKEY_get0_RSA(k->pkey))) fatal("PEM_write_RSAPublicKey failed"); break; -#ifdef WITH_DSA - case KEY_DSA: - if (!PEM_write_DSA_PUBKEY(stdout, k->dsa)) - fatal("PEM_write_DSA_PUBKEY failed"); - break; -#endif #ifdef OPENSSL_HAS_ECC case KEY_ECDSA: if (!PEM_write_EC_PUBKEY(stdout, @@ -491,10 +462,6 @@ do_convert_private_ssh2(struct sshbuf *b) u_int magic, i1, i2, i3, i4; size_t slen; u_long e; -#ifdef WITH_DSA - BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL; - BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL; -#endif BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL; BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL; BIGNUM *rsa_dmp1 = NULL, *rsa_dmq1 = NULL; @@ -526,10 +493,6 @@ do_convert_private_ssh2(struct sshbuf *b) if (strstr(type, "rsa")) { ktype = KEY_RSA; -#ifdef WITH_DSA - } else if (strstr(type, "dsa")) { - ktype = KEY_DSA; -#endif } else { free(type); return NULL; @@ -539,27 +502,6 @@ do_convert_private_ssh2(struct sshbuf *b) free(type); switch (key->type) { -#ifdef WITH_DSA - case KEY_DSA: - if ((dsa_p = BN_new()) == NULL || - (dsa_q = BN_new()) == NULL || - (dsa_g = BN_new()) == NULL || - (dsa_pub_key = BN_new()) == NULL || - (dsa_priv_key = BN_new()) == NULL) - fatal_f("BN_new"); - buffer_get_bignum_bits(b, dsa_p); - buffer_get_bignum_bits(b, dsa_g); - buffer_get_bignum_bits(b, dsa_q); - buffer_get_bignum_bits(b, dsa_pub_key); - buffer_get_bignum_bits(b, dsa_priv_key); - if (!DSA_set0_pqg(key->dsa, dsa_p, dsa_q, dsa_g)) - fatal_f("DSA_set0_pqg failed"); - dsa_p = dsa_q = dsa_g = NULL; /* transferred */ - if (!DSA_set0_key(key->dsa, dsa_pub_key, dsa_priv_key)) - fatal_f("DSA_set0_key failed"); - dsa_pub_key = dsa_priv_key = NULL; /* transferred */ - break; -#endif case KEY_RSA: if ((r = sshbuf_get_u8(b, &e1)) != 0 || (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) || @@ -734,14 +676,6 @@ do_convert_from_pkcs8(struct sshkey **k, int *private) (*k)->pkey = pubkey; pubkey = NULL; break; -#ifdef WITH_DSA - case EVP_PKEY_DSA: - if ((*k = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("sshkey_new failed"); - (*k)->type = KEY_DSA; - (*k)->dsa = EVP_PKEY_get1_DSA(pubkey); - break; -#endif #ifdef OPENSSL_HAS_ECC case EVP_PKEY_EC: if ((*k = sshkey_new(KEY_UNSPEC)) == NULL) @@ -817,12 +751,6 @@ do_convert_from(struct passwd *pw) fprintf(stdout, "\n"); } else { switch (k->type) { -#ifdef WITH_DSA - case KEY_DSA: - ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL, - NULL, 0, NULL, NULL); - break; -#endif #ifdef OPENSSL_HAS_ECC case KEY_ECDSA: ok = PEM_write_ECPrivateKey(stdout, @@ -3329,7 +3257,7 @@ usage(void) fprintf(stderr, "usage: ssh-keygen [-q] [-a rounds] [-b bits] [-C comment] [-f output_keyfile]\n" " [-m format] [-N new_passphrase] [-O option]\n" - " [-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa]\n" + " [-t ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa]\n" " [-w provider] [-Z cipher]\n" " ssh-keygen -p [-a rounds] [-f keyfile] [-m format] [-N new_passphrase]\n" " [-P old_passphrase] [-Z cipher]\n" @@ -3805,11 +3733,6 @@ main(int argc, char **argv) n += do_print_resource_record(pw, _PATH_HOST_RSA_KEY_FILE, rr_hostname, print_generic, opts, nopts); -#ifdef WITH_DSA - n += do_print_resource_record(pw, - _PATH_HOST_DSA_KEY_FILE, rr_hostname, - print_generic, opts, nopts); -#endif n += do_print_resource_record(pw, _PATH_HOST_ECDSA_KEY_FILE, rr_hostname, print_generic, opts, nopts); diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 3436c0b5c7c6..7b1e0ca86500 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.165 2024/12/06 15:17:15 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.166 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -62,15 +62,14 @@ int IPv4or6 = AF_UNSPEC; int ssh_port = SSH_DEFAULT_PORT; -#define KT_DSA (1) -#define KT_RSA (1<<1) -#define KT_ECDSA (1<<2) -#define KT_ED25519 (1<<3) -#define KT_XMSS (1<<4) -#define KT_ECDSA_SK (1<<5) -#define KT_ED25519_SK (1<<6) +#define KT_RSA (1) +#define KT_ECDSA (1<<1) +#define KT_ED25519 (1<<2) +#define KT_XMSS (1<<3) +#define KT_ECDSA_SK (1<<4) +#define KT_ED25519_SK (1<<5) -#define KT_MIN KT_DSA +#define KT_MIN KT_RSA #define KT_MAX KT_ED25519_SK int get_cert = 0; @@ -240,10 +239,6 @@ keygrab_ssh2(con *c) int r; switch (c->c_keytype) { - case KT_DSA: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? - "ssh-dss-cert-v01@openssh.com" : "ssh-dss"; - break; case KT_RSA: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "rsa-sha2-512-cert-v01@openssh.com," @@ -743,11 +738,6 @@ main(int argc, char **argv) int type = sshkey_type_from_shortname(tname); switch (type) { -#ifdef WITH_DSA - case KEY_DSA: - get_keytypes |= KT_DSA; - break; -#endif case KEY_ECDSA: get_keytypes |= KT_ECDSA; break; diff --git a/ssh-keysign.c b/ssh-keysign.c index 955f7b0abad9..4d65dd1d33a0 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.75 2025/02/15 01:48:30 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.76 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -200,9 +200,6 @@ main(int argc, char **argv) i = 0; /* XXX This really needs to read sshd_config for the paths */ -#ifdef WITH_DSA - key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); -#endif key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_XMSS_KEY_FILE, O_RDONLY); diff --git a/ssh.c b/ssh.c index dc4886d0ecdf..b2172b810a61 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.612 2025/04/09 01:24:40 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.613 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1746,15 +1746,9 @@ main(int ac, char **av) L_CERT(_PATH_HOST_ECDSA_KEY_FILE, 0); L_CERT(_PATH_HOST_ED25519_KEY_FILE, 1); L_CERT(_PATH_HOST_RSA_KEY_FILE, 2); -#ifdef WITH_DSA - L_CERT(_PATH_HOST_DSA_KEY_FILE, 3); -#endif L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 4); L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 5); L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 6); -#ifdef WITH_DSA - L_PUBKEY(_PATH_HOST_DSA_KEY_FILE, 7); -#endif L_CERT(_PATH_HOST_XMSS_KEY_FILE, 8); L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9); if (loaded == 0) diff --git a/ssh_config b/ssh_config index cc5663562e95..238a0c5e371b 100644 --- a/ssh_config +++ b/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.36 2023/08/02 23:04:38 djm Exp $ +# $OpenBSD: ssh_config,v 1.37 2025/05/06 05:40:56 djm Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -30,7 +30,6 @@ # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa # IdentityFile ~/.ssh/id_ecdsa # IdentityFile ~/.ssh/id_ed25519 # Port 22 diff --git a/sshconnect.c b/sshconnect.c index c86182d13673..b306fa3cc24f 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.369 2024/12/06 16:21:48 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.370 2025/05/06 05:40:56 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1626,9 +1626,6 @@ show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) { int type[] = { KEY_RSA, -#ifdef WITH_DSA - KEY_DSA, -#endif KEY_ECDSA, KEY_ED25519, KEY_XMSS, diff --git a/sshd-auth.c b/sshd-auth.c index 30eecd8a4723..5de06a5baa49 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.3 2025/01/16 06:37:10 dtucker Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.4 2025/05/06 05:40:56 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -250,7 +250,6 @@ list_hostkey_types(void) append_hostkey_type(b, "rsa-sha2-512"); append_hostkey_type(b, "rsa-sha2-256"); /* FALLTHROUGH */ - case KEY_DSA: case KEY_ECDSA: case KEY_ED25519: case KEY_ECDSA_SK: @@ -271,7 +270,6 @@ list_hostkey_types(void) append_hostkey_type(b, "rsa-sha2-256-cert-v01@openssh.com"); /* FALLTHROUGH */ - case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_ED25519_CERT: case KEY_ECDSA_SK_CERT: @@ -297,7 +295,6 @@ get_hostkey_public_by_type(int type, int nid, struct ssh *ssh) for (i = 0; i < options.num_host_key_files; i++) { switch (type) { case KEY_RSA_CERT: - case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_ED25519_CERT: case KEY_ECDSA_SK_CERT: diff --git a/sshd-session.c b/sshd-session.c index c64eb29fcefd..60f887e92d7b 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.12 2025/03/12 22:43:44 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.13 2025/05/06 05:40:56 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -485,7 +485,6 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) for (i = 0; i < options.num_host_key_files; i++) { switch (type) { case KEY_RSA_CERT: - case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_ED25519_CERT: case KEY_ECDSA_SK_CERT: diff --git a/sshd.c b/sshd.c index 4a93e29e4c04..03732bb09c50 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.617 2025/04/07 08:12:22 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.618 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -1658,7 +1658,6 @@ main(int ac, char **av) switch (keytype) { case KEY_RSA: - case KEY_DSA: case KEY_ECDSA: case KEY_ED25519: case KEY_ECDSA_SK: diff --git a/sshkey.c b/sshkey.c index ab80752b8d0b..55a156818962 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.148 2024/12/03 15:53:51 tb Exp $ */ +/* $OpenBSD: sshkey.c,v 1.149 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -119,10 +119,6 @@ extern const struct sshkey_impl sshkey_rsa_sha256_impl; extern const struct sshkey_impl sshkey_rsa_sha256_cert_impl; extern const struct sshkey_impl sshkey_rsa_sha512_impl; extern const struct sshkey_impl sshkey_rsa_sha512_cert_impl; -# ifdef WITH_DSA -extern const struct sshkey_impl sshkey_dss_impl; -extern const struct sshkey_impl sshkey_dsa_cert_impl; -# endif #endif /* WITH_OPENSSL */ #ifdef WITH_XMSS extern const struct sshkey_impl sshkey_xmss_impl; @@ -152,10 +148,6 @@ const struct sshkey_impl * const keyimpls[] = { &sshkey_ecdsa_sk_webauthn_impl, # endif /* ENABLE_SK */ # endif /* OPENSSL_HAS_ECC */ -# ifdef WITH_DSA - &sshkey_dss_impl, - &sshkey_dsa_cert_impl, -# endif &sshkey_rsa_impl, &sshkey_rsa_cert_impl, &sshkey_rsa_sha256_impl, @@ -451,8 +443,6 @@ sshkey_type_plain(int type) switch (type) { case KEY_RSA_CERT: return KEY_RSA; - case KEY_DSA_CERT: - return KEY_DSA; case KEY_ECDSA_CERT: return KEY_ECDSA; case KEY_ECDSA_SK_CERT: @@ -475,8 +465,6 @@ sshkey_type_certified(int type) switch (type) { case KEY_RSA: return KEY_RSA_CERT; - case KEY_DSA: - return KEY_DSA_CERT; case KEY_ECDSA: return KEY_ECDSA_CERT; case KEY_ECDSA_SK: @@ -3322,20 +3310,6 @@ sshkey_private_to_blob_pem_pkcs8(struct sshkey *key, struct sshbuf *buf, goto out; switch (key->type) { -#ifdef WITH_DSA - case KEY_DSA: - if (format == SSHKEY_PRIVATE_PEM) { - success = PEM_write_bio_DSAPrivateKey(bio, key->dsa, - cipher, passphrase, len, NULL, NULL); - } else { - if ((pkey = EVP_PKEY_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - success = EVP_PKEY_set1_DSA(pkey, key->dsa); - } - break; -#endif #ifdef OPENSSL_HAS_ECC case KEY_ECDSA: if (format == SSHKEY_PRIVATE_PEM) { @@ -3403,7 +3377,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, { switch (key->type) { #ifdef WITH_OPENSSL - case KEY_DSA: case KEY_ECDSA: case KEY_RSA: break; /* see below */ @@ -3578,19 +3551,6 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, prv->pkey = pk; if ((r = sshkey_check_rsa_length(prv, 0)) != 0) goto out; -#ifdef WITH_DSA - } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA && - (type == KEY_UNSPEC || type == KEY_DSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - prv->dsa = EVP_PKEY_get1_DSA(pk); - prv->type = KEY_DSA; -#ifdef DEBUG_PK - DSA_print_fp(stderr, prv->dsa, 8); -#endif -#endif #ifdef OPENSSL_HAS_ECC } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_EC && (type == KEY_UNSPEC || type == KEY_ECDSA)) { diff --git a/sshkey.h b/sshkey.h index 19bbbac7dc0f..5fa410b9431d 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.66 2025/04/02 04:28:03 tb Exp $ */ +/* $OpenBSD: sshkey.h,v 1.67 2025/05/06 05:40:56 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -30,9 +30,6 @@ #ifdef WITH_OPENSSL #include -#ifdef WITH_DSA -#include -#endif #include # ifdef OPENSSL_HAS_ECC # include @@ -46,7 +43,6 @@ #else /* WITH_OPENSSL */ # define BIGNUM void # define RSA void -# define DSA void # define EC_KEY void # define EC_GROUP void # define EC_POINT void @@ -62,11 +58,9 @@ struct sshbuf; /* Key types */ enum sshkey_types { KEY_RSA, - KEY_DSA, KEY_ECDSA, KEY_ED25519, KEY_RSA_CERT, - KEY_DSA_CERT, KEY_ECDSA_CERT, KEY_ED25519_CERT, KEY_XMSS, @@ -129,8 +123,6 @@ struct sshkey_cert { struct sshkey { int type; int flags; - /* KEY_DSA */ - DSA *dsa; /* KEY_ECDSA and KEY_ECDSA_SK */ int ecdsa_nid; /* NID of curve */ /* libcrypto-backed keys */ @@ -353,7 +345,6 @@ int check_rsa_length(const RSA *rsa); /* XXX remove */ #if !defined(WITH_OPENSSL) # undef RSA -# undef DSA # undef EC_KEY # undef EC_GROUP # undef EC_POINT From 55b38ff4d7286c8fac2a472da664462e0f2d75e0 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Tue, 6 May 2025 15:15:05 +0000 Subject: [PATCH 027/687] upstream: test ssh-agent with the -T flag to force the old /tmp location rather than inside the homedir. During relink operation, /.ssh/agent was created which is surprising. This test sequence could use some improvement so this is a temporary fix. observed by florian, change ok semarie OpenBSD-Commit-ID: c7246a6b519ac390ca550719f91acfdaef1fa0f0 --- .skipped-commit-ids | 1 + 1 file changed, 1 insertion(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 7988e25006f4..319beea0dee6 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -39,6 +39,7 @@ fb39324748824cb0387e9d67c41d1bef945c54ea Makefile change 112aacedd3b61cc5c34b1fa6d9fb759214179172 Makefile change a959fc45ea3431b36f52eda04faefc58bcde00db groupaccess.c changes 6d07e4606997e36b860621a14dd41975f2902f8f Makefile.inc +c7246a6b519ac390ca550719f91acfdaef1fa0f0 Makefile relink change Old upstream tree: From 93e904a673a632604525fdc98b940b7996f1ce54 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 7 May 2025 04:10:21 +0000 Subject: [PATCH 028/687] upstream: memory leak on error path; bz3821 OpenBSD-Commit-ID: 65577596a15ad6dd9a1ab3fc24c1c31303ee6e2b --- misc-agent.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/misc-agent.c b/misc-agent.c index f13ccdf26b5d..9d96880e9090 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -266,10 +266,10 @@ socket_is_stale(const char *path) void agent_cleanup_stale(const char *homedir, int ignore_hosthash) { - DIR *d; + DIR *d = NULL; struct dirent *dp; struct stat sb; - char *prefix = NULL, *dirpath, *path; + char *prefix = NULL, *dirpath = NULL, *path; struct timespec now, sub, *mtimp = NULL; /* Only consider sockets last modified > 1 hour ago */ @@ -295,8 +295,7 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) if ((d = opendir(dirpath)) == NULL) { if (errno != ENOENT) error_f("opendir \"%s\": %s", dirpath, strerror(errno)); - free(dirpath); - return; + goto out; } while ((dp = readdir(d)) != NULL) { if (dp->d_type != DT_SOCK && dp->d_type != DT_UNKNOWN) @@ -334,8 +333,9 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) } free(path); } - closedir(d); + out: + if (d != NULL) + closedir(d); free(dirpath); free(prefix); } - From c5dbbe8805caaee132545ab4cffd3b2221e80975 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 15 Apr 2025 05:00:13 +0000 Subject: [PATCH 029/687] upstream: missing ifdef OpenBSD-Regress-ID: 7260fb672de5738c17dec06c71a5be0186bb2b09 --- regress/unittests/sshkey/test_sshkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index fc744eb7430f..aca1f2406d50 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.26 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.27 2025/04/15 05:00:13 djm Exp $ */ /* * Regress test for sshkey.h key management API * From 0404fa799746c283325a463c363436eb152daefc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 15 Apr 2025 05:31:24 +0000 Subject: [PATCH 030/687] upstream: another missing ifdef OpenBSD-Regress-ID: 4f71f8f122eac4cbf7f1d2088a9be45317dd3e4a --- regress/unittests/sshkey/test_sshkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index aca1f2406d50..53bdc0ca62d8 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.27 2025/04/15 05:00:13 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.28 2025/04/15 05:31:24 djm Exp $ */ /* * Regress test for sshkey.h key management API * From 7cc8e150d51a4545b86d996692b541419b35d1a3 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 6 May 2025 06:05:48 +0000 Subject: [PATCH 031/687] upstream: remove DSA from the regression/unit test suite too. OpenBSD-Regress-ID: 4424d2eaf0bce3887318ef6d18de6c06f3617d6e --- INSTALL | 2 +- Makefile.in | 2 - contrib/redhat/openssh.spec | 14 -- contrib/redhat/sshd.init | 2 +- openbsd-compat/openssl-compat.h | 1 - regress/Makefile | 30 +-- regress/agent.sh | 8 +- regress/cert-hostkey.sh | 4 +- regress/cert-userkey.sh | 6 +- regress/dsa_ssh2.prv | 14 -- regress/dsa_ssh2.pub | 13 -- regress/hostbased.sh | 3 +- regress/keytype.sh | 4 +- regress/knownhosts-command.sh | 3 +- regress/krl.sh | 3 +- regress/limit-keytype.sh | 6 +- regress/misc/fuzz-harness/fixed-keys.h | 35 --- .../testdata/create-agent-corpus.sh | 2 +- .../fuzz-harness/testdata/id_dsa-cert.pub | 1 - regress/misc/ssh-verify-attestation/Makefile | 4 +- regress/ssh-com-client.sh | 14 +- regress/ssh-com.sh | 26 +-- regress/ssh2putty.sh | 3 +- regress/sshcfgparse.sh | 27 +-- regress/unittests/Makefile.inc | 6 +- regress/unittests/authopt/Makefile | 4 +- regress/unittests/hostkeys/Makefile | 4 +- regress/unittests/hostkeys/mktestdata.sh | 13 +- regress/unittests/hostkeys/test_iterate.c | 212 ++++-------------- regress/unittests/hostkeys/testdata/dsa_1.pub | 1 - regress/unittests/hostkeys/testdata/dsa_2.pub | 1 - regress/unittests/hostkeys/testdata/dsa_3.pub | 1 - regress/unittests/hostkeys/testdata/dsa_4.pub | 1 - regress/unittests/hostkeys/testdata/dsa_5.pub | 1 - regress/unittests/hostkeys/testdata/dsa_6.pub | 1 - .../unittests/hostkeys/testdata/known_hosts | 12 +- regress/unittests/kex/Makefile | 4 +- regress/unittests/kex/test_kex.c | 5 +- regress/unittests/sshkey/Makefile | 4 +- regress/unittests/sshkey/common.c | 37 +-- regress/unittests/sshkey/common.h | 5 +- regress/unittests/sshkey/mktestdata.sh | 53 +---- regress/unittests/sshkey/test_file.c | 96 +------- regress/unittests/sshkey/test_fuzz.c | 75 +------ regress/unittests/sshkey/test_sshkey.c | 69 +----- regress/unittests/sshkey/testdata/dsa_1 | 12 - .../unittests/sshkey/testdata/dsa_1-cert.fp | 1 - .../unittests/sshkey/testdata/dsa_1-cert.pub | 1 - regress/unittests/sshkey/testdata/dsa_1.fp | 1 - regress/unittests/sshkey/testdata/dsa_1.fp.bb | 1 - .../unittests/sshkey/testdata/dsa_1.param.g | 1 - .../sshkey/testdata/dsa_1.param.priv | 1 - .../unittests/sshkey/testdata/dsa_1.param.pub | 1 - regress/unittests/sshkey/testdata/dsa_1.pub | 1 - regress/unittests/sshkey/testdata/dsa_1_pw | 15 -- regress/unittests/sshkey/testdata/dsa_2 | 12 - regress/unittests/sshkey/testdata/dsa_2.fp | 1 - regress/unittests/sshkey/testdata/dsa_2.fp.bb | 1 - regress/unittests/sshkey/testdata/dsa_2.pub | 1 - regress/unittests/sshkey/testdata/dsa_n | 21 -- regress/unittests/sshkey/testdata/dsa_n_pw | 21 -- regress/unittests/sshsig/Makefile | 4 +- regress/unittests/sshsig/mktestdata.sh | 8 +- regress/unittests/sshsig/testdata/dsa | 12 - regress/unittests/sshsig/testdata/dsa.pub | 1 - regress/unittests/sshsig/testdata/dsa.sig | 13 -- regress/unittests/sshsig/tests.c | 7 +- 67 files changed, 126 insertions(+), 843 deletions(-) delete mode 100644 regress/dsa_ssh2.prv delete mode 100644 regress/dsa_ssh2.pub delete mode 100644 regress/misc/fuzz-harness/testdata/id_dsa-cert.pub delete mode 100644 regress/unittests/hostkeys/testdata/dsa_1.pub delete mode 100644 regress/unittests/hostkeys/testdata/dsa_2.pub delete mode 100644 regress/unittests/hostkeys/testdata/dsa_3.pub delete mode 100644 regress/unittests/hostkeys/testdata/dsa_4.pub delete mode 100644 regress/unittests/hostkeys/testdata/dsa_5.pub delete mode 100644 regress/unittests/hostkeys/testdata/dsa_6.pub delete mode 100644 regress/unittests/sshkey/testdata/dsa_1 delete mode 100644 regress/unittests/sshkey/testdata/dsa_1-cert.fp delete mode 100644 regress/unittests/sshkey/testdata/dsa_1-cert.pub delete mode 100644 regress/unittests/sshkey/testdata/dsa_1.fp delete mode 100644 regress/unittests/sshkey/testdata/dsa_1.fp.bb delete mode 100644 regress/unittests/sshkey/testdata/dsa_1.param.g delete mode 100644 regress/unittests/sshkey/testdata/dsa_1.param.priv delete mode 100644 regress/unittests/sshkey/testdata/dsa_1.param.pub delete mode 100644 regress/unittests/sshkey/testdata/dsa_1.pub delete mode 100644 regress/unittests/sshkey/testdata/dsa_1_pw delete mode 100644 regress/unittests/sshkey/testdata/dsa_2 delete mode 100644 regress/unittests/sshkey/testdata/dsa_2.fp delete mode 100644 regress/unittests/sshkey/testdata/dsa_2.fp.bb delete mode 100644 regress/unittests/sshkey/testdata/dsa_2.pub delete mode 100644 regress/unittests/sshkey/testdata/dsa_n delete mode 100644 regress/unittests/sshkey/testdata/dsa_n_pw delete mode 100644 regress/unittests/sshsig/testdata/dsa delete mode 100644 regress/unittests/sshsig/testdata/dsa.pub delete mode 100644 regress/unittests/sshsig/testdata/dsa.sig diff --git a/INSTALL b/INSTALL index 3ad1659f36f6..56e351af60e1 100644 --- a/INSTALL +++ b/INSTALL @@ -245,7 +245,7 @@ manually using the following commands: ssh-keygen -t [type] -f /etc/ssh/ssh_host_key -N "" -for each of the types you wish to generate (rsa, dsa or ecdsa) or +for each of the types you wish to generate (rsa, ed25519 or ecdsa) or ssh-keygen -A diff --git a/Makefile.in b/Makefile.in index ae86a712b17b..672bf4493cf8 100644 --- a/Makefile.in +++ b/Makefile.in @@ -194,7 +194,6 @@ PATHSUBS = \ -e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \ -e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \ -e 's|/etc/ssh/ssh_host_ecdsa_key|$(sysconfdir)/ssh_host_ecdsa_key|g' \ - -e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \ -e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \ -e 's|/etc/ssh/ssh_host_ed25519_key|$(sysconfdir)/ssh_host_ed25519_key|g' \ -e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \ @@ -494,7 +493,6 @@ host-key: ssh-keygen$(EXEEXT) fi host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT) - ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N "" if ./ssh -Q key | grep ecdsa >/dev/null ; then \ diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 74116b485135..b60695f09f95 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -281,20 +281,6 @@ if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then touch /var/run/sshd.restart fi -%triggerun server -- openssh-server < 2.5.0p1 -# Count the number of HostKey and HostDsaKey statements we have. -gawk 'BEGIN {IGNORECASE=1} - /^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1} - END {exit sawhostkey}' /etc/ssh/sshd_config -# And if we only found one, we know the client was relying on the old default -# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't -# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying -# one nullifies the default, which would have loaded both. -if [ $? -eq 1 ] ; then - echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config - echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config -fi - %triggerpostun server -- ssh-server if [ "$1" != 0 ] ; then /sbin/chkconfig --add sshd diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init index 8ee5fcd3bb4f..b82545956ac8 100755 --- a/contrib/redhat/sshd.init +++ b/contrib/redhat/sshd.init @@ -41,7 +41,7 @@ start() /usr/bin/ssh-keygen -A if [ -x /sbin/restorecon ]; then /sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub - /sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub + /sbin/restorecon /etc/ssh/ssh_host_ed25519_key.pub /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub fi diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index a7c41c235b5c..936f4068d843 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -24,7 +24,6 @@ #include #include #include -#include #ifdef OPENSSL_HAS_ECC #include #endif diff --git a/regress/Makefile b/regress/Makefile index 8b69e14e998f..d97ea34a2050 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -2,7 +2,7 @@ tests: prep file-tests t-exec unit -REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 +REGRESS_TARGETS= t1 t2 t3 t4 t5 t7 t9 t10 t11 t12 # File based tests file-tests: $(REGRESS_TARGETS) @@ -130,9 +130,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ ed25519-agent.pub ed25519 ed25519.pub empty.in \ expect failed-regress.log failed-ssh.log failed-sshd.log \ hkr.* host.ecdsa-sha2-nistp256 host.ecdsa-sha2-nistp384 \ - host.ecdsa-sha2-nistp521 host.ssh-dss host.ssh-ed25519 \ + host.ecdsa-sha2-nistp521 host.ssh-ed25519 \ host.ssh-rsa host_ca_key* host_krl_* host_revoked_* key.* \ - key.dsa-* key.ecdsa-* key.ed25519-512 \ + key.ecdsa-* key.ed25519-512 \ key.ed25519-512.pub key.rsa-* keys-command-args kh.* askpass \ known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \ modpipe netcat no_identity_config \ @@ -191,36 +191,18 @@ t5: ${TEST_SSH_SSHKEYGEN} -Bf ${.CURDIR}/rsa_openssh.pub |\ awk '{print $$2}' | diff - ${.CURDIR}/t5.ok ; \ fi -t6: - set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ - ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1 ; \ - ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2 ; \ - chmod 600 $(OBJ)/t6.out1 ; \ - ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2 ; \ - fi $(OBJ)/t7.out: - set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ + set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ ${TEST_SSH_SSHKEYGEN} -q -t rsa -N '' -f $@ ; \ fi t7: $(OBJ)/t7.out - set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ + set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t7.out > /dev/null ; \ ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t7.out > /dev/null ; \ fi -$(OBJ)/t8.out: - set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \ - ${TEST_SSH_SSHKEYGEN} -q -t dsa -N '' -f $@ ; \ - fi - -t8: $(OBJ)/t8.out - set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \ - ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t8.out > /dev/null ; \ - ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null ; \ - fi - $(OBJ)/t9.out: ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ ${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@ @@ -240,7 +222,7 @@ t10: $(OBJ)/t10.out ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t10.out > /dev/null t11: - set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ + set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ ${TEST_SSH_SSHKEYGEN} -E sha256 -lf ${.CURDIR}/rsa_openssh.pub |\ awk '{print $$2}' | diff - ${.CURDIR}/t11.ok ; \ fi diff --git a/regress/agent.sh b/regress/agent.sh index f0022aca5528..26d4c9ed44b2 100644 --- a/regress/agent.sh +++ b/regress/agent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent.sh,v 1.22 2024/10/24 03:28:34 djm Exp $ +# $OpenBSD: agent.sh,v 1.23 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="simple agent test" @@ -86,10 +86,6 @@ fi for t in ${SSH_KEYTYPES}; do trace "connect via agent using $t key" - if [ "$t" = "ssh-dss" ]; then - echo "PubkeyAcceptedAlgorithms +ssh-dss" >> $OBJ/ssh_proxy - echo "PubkeyAcceptedAlgorithms +ssh-dss" >> $OBJ/sshd_proxy - fi ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub -oIdentitiesOnly=yes \ somehost exit 52 r=$? @@ -143,7 +139,6 @@ fi (printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \ > $OBJ/authorized_keys_$USER for t in ${SSH_KEYTYPES}; do - if [ "$t" != "ssh-dss" ]; then trace "connect via agent using $t key" ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub \ -oCertificateFile=$OBJ/$t-agent-cert.pub \ @@ -152,7 +147,6 @@ for t in ${SSH_KEYTYPES}; do if [ $r -ne 52 ]; then fail "ssh connect with failed (exit code $r)" fi - fi done ## Deletion tests. diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index a3414e1a5c50..bfdd3588d98f 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-hostkey.sh,v 1.27 2021/09/30 05:26:26 dtucker Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.28 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="certified host keys" @@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain touch $OBJ/host_revoked_cert cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca -PLAIN_TYPES=`echo "$SSH_KEYTYPES" | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` +PLAIN_TYPES=`echo "$SSH_KEYTYPES" | sed 's/^ssh-//'` if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 2ab0a1e9e65c..fde2caefbd4f 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-userkey.sh,v 1.29 2024/12/06 16:25:58 djm Exp $ +# $OpenBSD: cert-userkey.sh,v 1.30 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="certified user keys" @@ -10,7 +10,7 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak grep -v AuthorizedKeysFile $OBJ/sshd_proxy > $OBJ/sshd_proxy_bak echo "AuthorizedKeysFile $OBJ/authorized_keys_%u_*" >> $OBJ/sshd_proxy_bak -PLAIN_TYPES=`$SSH -Q key-plain | maybe_filter_sk | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` +PLAIN_TYPES=`$SSH -Q key-plain | maybe_filter_sk | sed 's/^ssh-//'` EXTRA_TYPES="" rsa="" @@ -25,7 +25,7 @@ kname() { sk-ecdsa-*) n="sk-ecdsa" ;; sk-ssh-ed25519*) n="sk-ssh-ed25519" ;; # subshell because some seds will add a newline - *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; + *) n=$(echo $1 | sed 's/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; esac if [ -z "$rsa" ]; then echo "$n*,ssh-ed25519*" diff --git a/regress/dsa_ssh2.prv b/regress/dsa_ssh2.prv deleted file mode 100644 index c93b4037194c..000000000000 --- a/regress/dsa_ssh2.prv +++ /dev/null @@ -1,14 +0,0 @@ ----- BEGIN SSH2 ENCRYPTED PRIVATE KEY ---- -Subject: ssh-keygen test -Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100" -P2/56wAAAgIAAAAmZGwtbW9kcHtzaWdue2RzYS1uaXN0LXNoYTF9LGRoe3BsYWlufX0AAA -AEbm9uZQAAAcQAAAHAAAAAAAAABACwUfm3AxZTut3icBmwCcD48nY64HzuELlQ+vEqjIcR -Lo49es/DQTeLNQ+kdKRCfouosGNv0WqxRtF0tUsWdXxS37oHGa4QPugBdHRd7YlZGZv8kg -x7FsoepY7v7E683/97dv2zxL3AGagTEzWr7fl0yPexAaZoDvtQrrjX44BLmwAABACWQkvv -MxnD8eFkS1konFfMJ1CkuRfTN34CBZ6dY7VTSGemy4QwtFdMKmoufD0eKgy3p5WOeWCYKt -F4FhjHKZk/aaxFjjIbtkrnlvXg64QI11dSZyBN6/ViQkHPSkUDF+A6AAEhrNbQbAFSvao1 -kTvNtPCtL0AkUIduEMzGQfLCTAAAAKDeC043YVo9Zo0zAEeIA4uZh4LBCQAAA/9aj7Y5ik -ehygJ4qTDSlVypsPuV+n59tMS0e2pfrSG87yf5r94AKBmJeho5OO6wYaXCxsVB7AFbSUD6 -75AK8mHF4v1/+7SWKk5f8xlMCMSPZ9K0+j/W1d/q2qkhnnDZolOHDomLA+U00i5ya/jnTV -zyDPWLFpWK8u3xGBPAYX324gAAAKDHFvooRnaXdZbeWGTTqmgHB1GU9A== ----- END SSH2 ENCRYPTED PRIVATE KEY ---- diff --git a/regress/dsa_ssh2.pub b/regress/dsa_ssh2.pub deleted file mode 100644 index 215d73baef31..000000000000 --- a/regress/dsa_ssh2.pub +++ /dev/null @@ -1,13 +0,0 @@ ----- BEGIN SSH2 PUBLIC KEY ---- -Subject: ssh-keygen test -Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100" -AAAAB3NzaC1kc3MAAACBALBR+bcDFlO63eJwGbAJwPjydjrgfO4QuVD68SqMhxEujj16z8 -NBN4s1D6R0pEJ+i6iwY2/RarFG0XS1SxZ1fFLfugcZrhA+6AF0dF3tiVkZm/ySDHsWyh6l -ju/sTrzf/3t2/bPEvcAZqBMTNavt+XTI97EBpmgO+1CuuNfjgEubAAAAFQDeC043YVo9Zo -0zAEeIA4uZh4LBCQAAAIEAlkJL7zMZw/HhZEtZKJxXzCdQpLkX0zd+AgWenWO1U0hnpsuE -MLRXTCpqLnw9HioMt6eVjnlgmCrReBYYxymZP2msRY4yG7ZK55b14OuECNdXUmcgTev1Yk -JBz0pFAxfgOgABIazW0GwBUr2qNZE7zbTwrS9AJFCHbhDMxkHywkwAAACAWo+2OYpHocoC -eKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZiXoaOTjusGGlwsbFQewBW0lA+u+QCv -JhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1 -ixaVivLt8RgTwGF99uI= ----- END SSH2 PUBLIC KEY ---- diff --git a/regress/hostbased.sh b/regress/hostbased.sh index eb9cf2727d33..5de176b18bf7 100644 --- a/regress/hostbased.sh +++ b/regress/hostbased.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostbased.sh,v 1.4 2022/12/07 11:45:43 dtucker Exp $ +# $OpenBSD: hostbased.sh,v 1.5 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless @@ -43,7 +43,6 @@ for key in `${SUDO} ${SSHD} -T | awk '$1=="hostkey"{print $2}'`; do 521*ECDSA*) algos="$algos ecdsa-sha2-nistp521" ;; *RSA*) algos="$algos ssh-rsa rsa-sha2-256 rsa-sha2-512" ;; *ED25519*) algos="$algos ssh-ed25519" ;; - *DSA*) algos="$algos ssh-dss" ;; *) verbose "unknown host key type $key" ;; esac done diff --git a/regress/keytype.sh b/regress/keytype.sh index f1c045183bd3..11ef7d0cb270 100644 --- a/regress/keytype.sh +++ b/regress/keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keytype.sh,v 1.11 2021/02/25 03:27:34 djm Exp $ +# $OpenBSD: keytype.sh,v 1.12 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="login with different key types" @@ -10,7 +10,6 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak ktypes="" for i in ${SSH_KEYTYPES}; do case "$i" in - ssh-dss) ktypes="$ktypes dsa-1024" ;; ssh-rsa) ktypes="$ktypes rsa-2048 rsa-3072" ;; ssh-ed25519) ktypes="$ktypes ed25519-512" ;; ecdsa-sha2-nistp256) ktypes="$ktypes ecdsa-256" ;; @@ -36,7 +35,6 @@ done kname_to_ktype() { case $1 in - dsa-1024) echo ssh-dss;; ecdsa-256) echo ecdsa-sha2-nistp256;; ecdsa-384) echo ecdsa-sha2-nistp384;; ecdsa-521) echo ecdsa-sha2-nistp521;; diff --git a/regress/knownhosts-command.sh b/regress/knownhosts-command.sh index 8472ec8121c5..2ed6fa05e06a 100644 --- a/regress/knownhosts-command.sh +++ b/regress/knownhosts-command.sh @@ -1,4 +1,4 @@ -# $OpenBSD: knownhosts-command.sh,v 1.3 2021/08/30 01:15:45 djm Exp $ +# $OpenBSD: knownhosts-command.sh,v 1.4 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="known hosts command " @@ -40,7 +40,6 @@ ${SSH} -F $OBJ/ssh_proxy x true && fail "ssh connect succeeded with bad exit" for keytype in ${SSH_HOSTKEY_TYPES} ; do algs=$keytype - test "x$keytype" = "xssh-dss" && continue test "x$keytype" = "xssh-rsa" && algs=ssh-rsa,rsa-sha2-256,rsa-sha2-512 verbose "keytype $keytype" cat > $OBJ/knownhosts_command << _EOF diff --git a/regress/krl.sh b/regress/krl.sh index d560d61e8ce1..37d9f171a2c0 100644 --- a/regress/krl.sh +++ b/regress/krl.sh @@ -1,4 +1,4 @@ -# $OpenBSD: krl.sh,v 1.12 2023/01/16 04:11:29 djm Exp $ +# $OpenBSD: krl.sh,v 1.13 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="key revocation lists" @@ -11,7 +11,6 @@ for t in $SSH_KEYTYPES; do case "$t" in ecdsa*) ktype2=ecdsa ;; ssh-rsa) ktype3=rsa ;; - ssh-dss) ktype4=dsa ;; sk-ssh-ed25519@openssh.com) ktype5=ed25519-sk ;; sk-ecdsa-sha2-nistp256@openssh.com) ktype6=ecdsa-sk ;; esac diff --git a/regress/limit-keytype.sh b/regress/limit-keytype.sh index 7127de007cc6..2f5b63a4831c 100644 --- a/regress/limit-keytype.sh +++ b/regress/limit-keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: limit-keytype.sh,v 1.10 2021/02/25 03:27:34 djm Exp $ +# $OpenBSD: limit-keytype.sh,v 1.11 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="restrict pubkey type" @@ -17,7 +17,6 @@ for t in $SSH_KEYTYPES ; do case "$t" in ssh-rsa) ktype2=rsa ;; ecdsa*) ktype3=ecdsa ;; # unused - ssh-dss) ktype4=dsa ;; sk-ssh-ed25519@openssh.com) ktype5=ed25519-sk ;; sk-ecdsa-sha2-nistp256@openssh.com) ktype6=ecdsa-sk ;; esac @@ -75,7 +74,6 @@ keytype() { case "$1" in ecdsa) printf "ecdsa-sha2-*" ;; ed25519) printf "ssh-ed25519" ;; - dsa) printf "ssh-dss" ;; rsa) printf "rsa-sha2-256,rsa-sha2-512,ssh-rsa" ;; sk-ecdsa) printf "sk-ecdsa-*" ;; sk-ssh-ed25519) printf "sk-ssh-ed25519-*" ;; @@ -123,7 +121,7 @@ if [ "$ktype1" != "$ktype2" ]; then fi ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" -# Allow only DSA in main config, Ed25519 for user. +# Allow only Ed25519 in main config, Ed25519 for user. verbose "match w/ matching" prepare_config "PubkeyAcceptedAlgorithms `keytype $ktype4`" \ "Match user $USER" "PubkeyAcceptedAlgorithms +`keytype $ktype1`" diff --git a/regress/misc/fuzz-harness/fixed-keys.h b/regress/misc/fuzz-harness/fixed-keys.h index c6e7c6cc1828..7dae9ac0034d 100644 --- a/regress/misc/fuzz-harness/fixed-keys.h +++ b/regress/misc/fuzz-harness/fixed-keys.h @@ -34,41 +34,6 @@ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDf56l/5UYqgY9oBlet/pLRzK6ZCd12QYGdUVfQDl6HftG0u6DSpjm2HGwFRsYZWv2ZN3ZBfAu6MHBiDmXUw/8WaD7nfXZmDH2keZL6opQttqvSGU2Cm00Rv5o1R3ej2qDdpepebv5meMBXTl5/+bE1E3Zm+4STDtxGmlMlxsEj68XeVe4JedfaSUMj3kaXYBbdYdG1qeosdle4GSONEEMpzsxSr8Y/WGYuIB33l29Tt9mNGUgSw/zjMYQjUVvQv+SY8dw62JV8d+3wK2YL2/r73gms6I8EE1JxX53KuAAY+x0p2v/W8ilCYI2Ijyzc8KIPwntmIFpibQjx+rkb+qdT" #define CERT_RSA \ "ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg89JX6OBMYDSxER8fnU5y8xxeMCHR/hI0uVqdEhNyCpcAAAADAQABAAABAQDf56l/5UYqgY9oBlet/pLRzK6ZCd12QYGdUVfQDl6HftG0u6DSpjm2HGwFRsYZWv2ZN3ZBfAu6MHBiDmXUw/8WaD7nfXZmDH2keZL6opQttqvSGU2Cm00Rv5o1R3ej2qDdpepebv5meMBXTl5/+bE1E3Zm+4STDtxGmlMlxsEj68XeVe4JedfaSUMj3kaXYBbdYdG1qeosdle4GSONEEMpzsxSr8Y/WGYuIB33l29Tt9mNGUgSw/zjMYQjUVvQv+SY8dw62JV8d+3wK2YL2/r73gms6I8EE1JxX53KuAAY+x0p2v/W8ilCYI2Ijyzc8KIPwntmIFpibQjx+rkb+qdTAAAAAAAAA+0AAAABAAAAB3VseXNzZXMAAAAXAAAAB3VseXNzZXMAAAAIb2R5c3NldXMAAAAAAAAAAP//////////AAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgM9BeYRUxUuZ4VHJp8oxVaA8OS/z+5EFPCZwQNq1nMwMAAABTAAAAC3NzaC1lZDI1NTE5AAAAQGCDA6PWw4x9bHQl0w7NqifHepumqD3dmyMx+hZGuPRon+TsyCjfytu7hWmV7l9XUF0fPQNFQ7FGat5e+7YUNgE= id_rsa.pub" -#define PRIV_DSA \ -"-----BEGIN OPENSSH PRIVATE KEY-----\n"\ -"b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABsgAAAAdzc2gtZH\n"\ -"NzAAAAgQCsGTfjpQ465EOkfQXJM9BOvfRQE0fqlykAls+ncz+T7hrbeScRu8xpwzsznJNm\n"\ -"xlW8o6cUDiHmBJ5OHgamUC9N7YJeU/6fnOAZifgN8mqK6k8pKHuje8ANOiYgHLl0yiASQA\n"\ -"3//qMyzZ+W/hemoLSmLAbEqlfWVeyYx+wta1Vm+QAAABUAvWyehvUvdHvQxavYgS5p0t5Q\n"\ -"d7UAAACBAIRA9Yy+f4Kzqpv/qICPO3zk42UuP7WAhSW2nCbQdLlCiSTxcjKgcvXNRckwJP\n"\ -"44JjSHOtJy/AMtJrPIbLYG6KuWTdBlEHFiG6DafvLG+qPMSL2bPjXTOhuOMbCHIZ+5WBkW\n"\ -"THeG/Nv11iI01Of9V6tXkig23K370flkRkXFi9MdAAAAgCt6YUcQkNwG7B/e5M1FZsLP9O\n"\ -"kVB3BwLAOjmWdHpyhu3HpwSJa3XLEvhXN0i6IVI2KgPo/2GtYA6rHt14L+6u1pmhh8sAvQ\n"\ -"ksp3qZB+xh/NP+hBqf0sbHX0yYbzKOvI5SCc/kKK6yagcBZOsubM/KC8TxyVgmD5c6WzYs\n"\ -"h5TEpvAAAB2PHjRbbx40W2AAAAB3NzaC1kc3MAAACBAKwZN+OlDjrkQ6R9Bckz0E699FAT\n"\ -"R+qXKQCWz6dzP5PuGtt5JxG7zGnDOzOck2bGVbyjpxQOIeYEnk4eBqZQL03tgl5T/p+c4B\n"\ -"mJ+A3yaorqTykoe6N7wA06JiAcuXTKIBJADf/+ozLNn5b+F6agtKYsBsSqV9ZV7JjH7C1r\n"\ -"VWb5AAAAFQC9bJ6G9S90e9DFq9iBLmnS3lB3tQAAAIEAhED1jL5/grOqm/+ogI87fOTjZS\n"\ -"4/tYCFJbacJtB0uUKJJPFyMqBy9c1FyTAk/jgmNIc60nL8Ay0ms8hstgboq5ZN0GUQcWIb\n"\ -"oNp+8sb6o8xIvZs+NdM6G44xsIchn7lYGRZMd4b82/XWIjTU5/1Xq1eSKDbcrfvR+WRGRc\n"\ -"WL0x0AAACAK3phRxCQ3AbsH97kzUVmws/06RUHcHAsA6OZZ0enKG7cenBIlrdcsS+Fc3SL\n"\ -"ohUjYqA+j/Ya1gDqse3Xgv7q7WmaGHywC9CSynepkH7GH80/6EGp/SxsdfTJhvMo68jlIJ\n"\ -"z+QorrJqBwFk6y5sz8oLxPHJWCYPlzpbNiyHlMSm8AAAAUUA+OGldMi76ClO/sstpdbBUE\n"\ -"lq8AAAAAAQI=\n"\ -"-----END OPENSSH PRIVATE KEY-----\n" -#define PUB_DSA \ -"ssh-dss AAAAB3NzaC1kc3MAAACBAKwZN+OlDjrkQ6R9Bckz0E699FATR+qXKQCWz6dzP5PuGtt5JxG7zGnDOzOck2bGVbyjpxQOIeYEnk4eBqZQL03tgl5T/p+c4BmJ+A3yaorqTykoe6N7wA06JiAcuXTKIBJADf/+ozLNn5b+F6agtKYsBsSqV9ZV7JjH7C1rVWb5AAAAFQC9bJ6G9S90e9DFq9iBLmnS3lB3tQAAAIEAhED1jL5/grOqm/+ogI87fOTjZS4/tYCFJbacJtB0uUKJJPFyMqBy9c1FyTAk/jgmNIc60nL8Ay0ms8hstgboq5ZN0GUQcWIboNp+8sb6o8xIvZs+NdM6G44xsIchn7lYGRZMd4b82/XWIjTU5/1Xq1eSKDbcrfvR+WRGRcWL0x0AAACAK3phRxCQ3AbsH97kzUVmws/06RUHcHAsA6OZZ0enKG7cenBIlrdcsS+Fc3SLohUjYqA+j/Ya1gDqse3Xgv7q7WmaGHywC9CSynepkH7GH80/6EGp/SxsdfTJhvMo68jlIJz+QorrJqBwFk6y5sz8oLxPHJWCYPlzpbNiyHlMSm8=" -#define CERT_DSA \ -"ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAguF716Yub+vVKNlONKLsfxGYWkRe/PyjfYdGRTsFaDvAAAACBAKwZN+OlDjrkQ6R9Bckz0E699FATR+qXKQCWz6dzP5PuGtt5JxG7zGnDOzOck2bGVbyjpxQOIeYEnk4eBqZQL03tgl5T/p+c4BmJ+A3yaorqTykoe6N7wA06JiAcuXTKIBJADf/+ozLNn5b+F6agtKYsBsSqV9ZV7JjH7C1rVWb5AAAAFQC9bJ6G9S90e9DFq9iBLmnS3lB3tQAAAIEAhED1jL5/grOqm/+ogI87fOTjZS4/tYCFJbacJtB0uUKJJPFyMqBy9c1FyTAk/jgmNIc60nL8Ay0ms8hstgboq5ZN0GUQcWIboNp+8sb6o8xIvZs+NdM6G44xsIchn7lYGRZMd4b82/XWIjTU5/1Xq1eSKDbcrfvR+WRGRcWL0x0AAACAK3phRxCQ3AbsH97kzUVmws/06RUHcHAsA6OZZ0enKG7cenBIlrdcsS+Fc3SLohUjYqA+j/Ya1gDqse3Xgv7q7WmaGHywC9CSynepkH7GH80/6EGp/SxsdfTJhvMo68jlIJz+QorrJqBwFk6y5sz8oLxPHJWCYPlzpbNiyHlMSm8AAAAAAAAD6AAAAAEAAAAHdWx5c3NlcwAAABcAAAAHdWx5c3NlcwAAAAhvZHlzc2V1cwAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAz0F5hFTFS5nhUcmnyjFVoDw5L/P7kQU8JnBA2rWczAwAAAFMAAAALc3NoLWVkMjU1MTkAAABAjMQEZcbdUYJBjIC4GxByFDOb8tv71vDZdx7irHwaqIjx5rzpJUuOV1r8ZO4kY+Yaiun1yrWj2QYkfJrHBvD1DA== id_dsa.pub" -#define PRIV_ECDSA \ -"-----BEGIN OPENSSH PRIVATE KEY-----\n"\ -"b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS\n"\ -"1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQTDJ0VlMv+0rguNzaJ1DF2KueHaxRSQ\n"\ -"6LpIxGbulrg1a8RPbnMXwag5GcDiDllD2lDUJUuBEWyjXA0rZoZX35ELAAAAoE/Bbr5PwW\n"\ -"6+AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMMnRWUy/7SuC43N\n"\ -"onUMXYq54drFFJDoukjEZu6WuDVrxE9ucxfBqDkZwOIOWUPaUNQlS4ERbKNcDStmhlffkQ\n"\ -"sAAAAhAIhE6hCID5oOm1TDktc++KFKyScjLifcZ6Cgv5xSSyLOAAAAAAECAwQFBgc=\n"\ -"-----END OPENSSH PRIVATE KEY-----\n" #define PUB_ECDSA \ "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMMnRWUy/7SuC43NonUMXYq54drFFJDoukjEZu6WuDVrxE9ucxfBqDkZwOIOWUPaUNQlS4ERbKNcDStmhlffkQs=" #define CERT_ECDSA \ diff --git a/regress/misc/fuzz-harness/testdata/create-agent-corpus.sh b/regress/misc/fuzz-harness/testdata/create-agent-corpus.sh index 1043b9ff47d7..842b8c48d9dd 100755 --- a/regress/misc/fuzz-harness/testdata/create-agent-corpus.sh +++ b/regress/misc/fuzz-harness/testdata/create-agent-corpus.sh @@ -14,7 +14,7 @@ sleep 1 AGENT_PID=$! trap "kill $AGENT_PID" EXIT -PRIV="id_dsa id_ecdsa id_ecdsa_sk id_ed25519 id_ed25519_sk id_rsa" +PRIV="id_ecdsa id_ecdsa_sk id_ed25519 id_ed25519_sk id_rsa" # add keys ssh-add $PRIV diff --git a/regress/misc/fuzz-harness/testdata/id_dsa-cert.pub b/regress/misc/fuzz-harness/testdata/id_dsa-cert.pub deleted file mode 100644 index 3afb87fe62f7..000000000000 --- a/regress/misc/fuzz-harness/testdata/id_dsa-cert.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAguF716Yub+vVKNlONKLsfxGYWkRe/PyjfYdGRTsFaDvAAAACBAKwZN+OlDjrkQ6R9Bckz0E699FATR+qXKQCWz6dzP5PuGtt5JxG7zGnDOzOck2bGVbyjpxQOIeYEnk4eBqZQL03tgl5T/p+c4BmJ+A3yaorqTykoe6N7wA06JiAcuXTKIBJADf/+ozLNn5b+F6agtKYsBsSqV9ZV7JjH7C1rVWb5AAAAFQC9bJ6G9S90e9DFq9iBLmnS3lB3tQAAAIEAhED1jL5/grOqm/+ogI87fOTjZS4/tYCFJbacJtB0uUKJJPFyMqBy9c1FyTAk/jgmNIc60nL8Ay0ms8hstgboq5ZN0GUQcWIboNp+8sb6o8xIvZs+NdM6G44xsIchn7lYGRZMd4b82/XWIjTU5/1Xq1eSKDbcrfvR+WRGRcWL0x0AAACAK3phRxCQ3AbsH97kzUVmws/06RUHcHAsA6OZZ0enKG7cenBIlrdcsS+Fc3SLohUjYqA+j/Ya1gDqse3Xgv7q7WmaGHywC9CSynepkH7GH80/6EGp/SxsdfTJhvMo68jlIJz+QorrJqBwFk6y5sz8oLxPHJWCYPlzpbNiyHlMSm8AAAAAAAAD6AAAAAEAAAAHdWx5c3NlcwAAABcAAAAHdWx5c3NlcwAAAAhvZHlzc2V1cwAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAz0F5hFTFS5nhUcmnyjFVoDw5L/P7kQU8JnBA2rWczAwAAAFMAAAALc3NoLWVkMjU1MTkAAABAjMQEZcbdUYJBjIC4GxByFDOb8tv71vDZdx7irHwaqIjx5rzpJUuOV1r8ZO4kY+Yaiun1yrWj2QYkfJrHBvD1DA== id_dsa.pub diff --git a/regress/misc/ssh-verify-attestation/Makefile b/regress/misc/ssh-verify-attestation/Makefile index 2a797aecae46..06fb8aac4e98 100644 --- a/regress/misc/ssh-verify-attestation/Makefile +++ b/regress/misc/ssh-verify-attestation/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.1 2024/12/04 16:42:49 djm Exp $ +# $OpenBSD: Makefile,v 1.2 2025/05/06 06:05:48 djm Exp $ .include .include @@ -13,7 +13,7 @@ SRCS=ssh-verify-attestation.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c -SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=ed25519.c hash.c diff --git a/regress/ssh-com-client.sh b/regress/ssh-com-client.sh index e4f80cf0aadf..97b36b564f4a 100644 --- a/regress/ssh-com-client.sh +++ b/regress/ssh-com-client.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-com-client.sh,v 1.7 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: ssh-com-client.sh,v 1.8 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="connect with ssh.com client" @@ -28,7 +28,7 @@ VERSIONS=" # setup authorized keys SRC=`dirname ${SCRIPT}` -cp ${SRC}/dsa_ssh2.prv ${OBJ}/id.com +cp ${SRC}/rsa_ssh2.prv ${OBJ}/id.com chmod 600 ${OBJ}/id.com ${SSHKEYGEN} -i -f ${OBJ}/id.com > $OBJ/id.openssh chmod 600 ${OBJ}/id.openssh @@ -36,8 +36,8 @@ ${SSHKEYGEN} -y -f ${OBJ}/id.openssh > $OBJ/authorized_keys_$USER ${SSHKEYGEN} -e -f ${OBJ}/id.openssh > $OBJ/id.com.pub echo IdKey ${OBJ}/id.com > ${OBJ}/id.list -# we need a DSA host key -t=dsa +# we need a RSA host key +t=rsa rm -f ${OBJ}/$t ${OBJ}/$t.pub ${SSHKEYGEN} -q -N '' -t $t -f ${OBJ}/$t $SUDO cp $OBJ/$t $OBJ/host.$t @@ -47,7 +47,6 @@ echo HostKey $OBJ/host.$t >> $OBJ/sshd_config mkdir -p ${OBJ}/${USER}/hostkeys HK=${OBJ}/${USER}/hostkeys/key_${PORT}_127.0.0.1 ${SSHKEYGEN} -e -f ${OBJ}/rsa.pub > ${HK}.ssh-rsa.pub -${SSHKEYGEN} -e -f ${OBJ}/dsa.pub > ${HK}.ssh-dss.pub cat > ${OBJ}/ssh2_config << EOF *: @@ -74,7 +73,7 @@ for v in ${VERSIONS}; do continue fi verbose "ssh2 ${v}" - key=ssh-dss + key=ssh-rsa skipcat=0 case $v in 2.1.*|2.3.0) @@ -124,7 +123,6 @@ for v in ${VERSIONS}; do done rm -rf ${OBJ}/${USER} -for i in ssh2_config random_seed dsa.pub dsa host.dsa \ - id.list id.com id.com.pub id.openssh; do +for i in ssh2_config random_seed id.list id.com id.com.pub id.openssh; do rm -f ${OBJ}/$i done diff --git a/regress/ssh-com.sh b/regress/ssh-com.sh index b1a2505d1135..bb833380eb57 100644 --- a/regress/ssh-com.sh +++ b/regress/ssh-com.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-com.sh,v 1.10 2017/05/08 01:52:49 djm Exp $ +# $OpenBSD: ssh-com.sh,v 1.11 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="connect to ssh.com server" @@ -41,8 +41,8 @@ cat << EOF > $OBJ/sshd2_config PubKeyAuthentication yes #AllowedAuthentications publickey AuthorizationFile authorization - HostKeyFile ${SRC}/dsa_ssh2.prv - PublicHostKeyFile ${SRC}/dsa_ssh2.pub + HostKeyFile ${SRC}/rsa_ssh2.prv + PublicHostKeyFile ${SRC}/rsa_ssh2.pub RandomSeedFile ${OBJ}/random_seed MaxConnections 0 PermitRootLogin yes @@ -55,23 +55,21 @@ EOF sed "s/HostKeyAlias.*/HostKeyAlias ssh2-localhost-with-alias/" \ < $OBJ/ssh_config > $OBJ/ssh_config_com -# we need a DSA key for -rm -f ${OBJ}/dsa ${OBJ}/dsa.pub -${SSHKEYGEN} -q -N '' -t dsa -f ${OBJ}/dsa +# we need a RSA key for +rm -f ${OBJ}/rsa ${OBJ}/rsa.pub +${SSHKEYGEN} -q -N '' -t rsa -f ${OBJ}/rsa # setup userdir, try rsa first mkdir -p ${OBJ}/${USER} cp /dev/null ${OBJ}/${USER}/authorization -for t in rsa dsa; do - ${SSHKEYGEN} -e -f ${OBJ}/$t.pub > ${OBJ}/${USER}/$t.com - echo Key $t.com >> ${OBJ}/${USER}/authorization - echo IdentityFile ${OBJ}/$t >> ${OBJ}/ssh_config_com -done +${SSHKEYGEN} -e -f ${OBJ}/rsa.pub > ${OBJ}/${USER}/rsa.com +echo Key rsa.com >> ${OBJ}/${USER}/authorization +echo IdentityFile ${OBJ}/rsa >> ${OBJ}/ssh_config_com -# convert and append DSA hostkey +# convert and append RSA hostkey ( printf 'ssh2-localhost-with-alias,127.0.0.1,::1 ' - ${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub + ${SSHKEYGEN} -if ${SRC}/rsa_ssh2.pub ) >> $OBJ/known_hosts # go for it @@ -114,6 +112,6 @@ done rm -rf ${OBJ}/${USER} for i in sshd_config_proxy ssh_config_proxy random_seed \ - sshd2_config dsa.pub dsa ssh_config_com; do + sshd2_config rsa.pub rsa ssh_config_com; do rm -f ${OBJ}/$i done diff --git a/regress/ssh2putty.sh b/regress/ssh2putty.sh index 9b08310391ca..bd291313f6c3 100755 --- a/regress/ssh2putty.sh +++ b/regress/ssh2putty.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: ssh2putty.sh,v 1.9 2021/07/25 12:13:03 dtucker Exp $ +# $OpenBSD: ssh2putty.sh,v 1.10 2025/05/06 06:05:48 djm Exp $ if test "x$1" = "x" -o "x$2" = "x" -o "x$3" = "x" ; then echo "Usage: ssh2putty hostname port ssh-private-key" @@ -12,7 +12,6 @@ KEYFILE=$3 OPENSSL_BIN="${OPENSSL_BIN:-openssl}" -# XXX - support DSA keys too if grep "BEGIN RSA PRIVATE KEY" $KEYFILE >/dev/null 2>&1 ; then : else diff --git a/regress/sshcfgparse.sh b/regress/sshcfgparse.sh index 504853d32db5..29fa1d839be2 100644 --- a/regress/sshcfgparse.sh +++ b/regress/sshcfgparse.sh @@ -1,15 +1,8 @@ -# $OpenBSD: sshcfgparse.sh,v 1.9 2021/06/08 07:05:27 dtucker Exp $ +# $OpenBSD: sshcfgparse.sh,v 1.10 2025/05/06 06:05:48 djm Exp $ # Placed in the Public Domain. tid="ssh config parse" -dsa=0 -for t in $SSH_KEYTYPES; do - case "$t" in - ssh-dss) dsa=1 ;; - esac -done - expect_result_present() { _str="$1" ; shift for _expect in "$@" ; do @@ -66,33 +59,23 @@ verbose "pubkeyacceptedalgorithms" # Default set f=`${SSH} -GF none host | awk '/^pubkeyacceptedalgorithms /{print $2}'` expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" -expect_result_absent "$f" "ssh-dss" # Explicit override f=`${SSH} -GF none -opubkeyacceptedalgorithms=ssh-ed25519 host | \ awk '/^pubkeyacceptedalgorithms /{print $2}'` expect_result_present "$f" "ssh-ed25519" -expect_result_absent "$f" "ssh-ed25519-cert-v01.*" "ssh-dss" +expect_result_absent "$f" "ssh-ed25519-cert-v01.*" # Removal from default set f=`${SSH} -GF none -opubkeyacceptedalgorithms=-ssh-ed25519-cert* host | \ awk '/^pubkeyacceptedalgorithms /{print $2}'` expect_result_present "$f" "ssh-ed25519" -expect_result_absent "$f" "ssh-ed25519-cert-v01.*" "ssh-dss" +expect_result_absent "$f" "ssh-ed25519-cert-v01.*" f=`${SSH} -GF none -opubkeyacceptedalgorithms=-ssh-ed25519 host | \ awk '/^pubkeyacceptedalgorithms /{print $2}'` expect_result_present "$f" "ssh-ed25519-cert-v01.*" -expect_result_absent "$f" "ssh-ed25519" "ssh-dss" +expect_result_absent "$f" "ssh-ed25519" # Append to default set. # This is not tested when built !WITH_OPENSSL -if [ "$dsa" = "1" ]; then - f=`${SSH} -GF none -opubkeyacceptedalgorithms=+ssh-dss-cert* host | \ - awk '/^pubkeyacceptedalgorithms /{print $2}'` - expect_result_present "$f" "ssh-ed25519" "ssh-dss-cert-v01.*" - expect_result_absent "$f" "ssh-dss" - f=`${SSH} -GF none -opubkeyacceptedalgorithms=+ssh-dss host | \ - awk '/^pubkeyacceptedalgorithms /{print $2}'` - expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" "ssh-dss" - expect_result_absent "$f" "ssh-dss-cert-v01.*" -fi +# XXX need a test for this verbose "agentforwarding" f=`${SSH} -GF none host | awk '/^forwardagent /{print$2}'` diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index ad7fdad84a53..5fcf7a950a39 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.17 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile.inc,v 1.18 2025/05/06 06:05:48 djm Exp $ .include .include @@ -18,10 +18,6 @@ TEST_ENV?= MALLOC_OPTIONS=${MALLOC_OPTIONS} OPENSSL?= yes DSAKEY?= yes -.if (${DSAKEY:L} == "yes") -CFLAGS+= -DWITH_DSA -.endif - .if (${OPENSSL:L} == "yes") CFLAGS+= -DWITH_OPENSSL .endif diff --git a/regress/unittests/authopt/Makefile b/regress/unittests/authopt/Makefile index 8bed7a915dfa..d5ea2c796be1 100644 --- a/regress/unittests/authopt/Makefile +++ b/regress/unittests/authopt/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.8 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.9 2025/05/06 06:05:48 djm Exp $ PROG=test_authopt SRCS=tests.c @@ -8,7 +8,7 @@ SRCS+=auth-options.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c -SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=ed25519.c hash.c diff --git a/regress/unittests/hostkeys/Makefile b/regress/unittests/hostkeys/Makefile index 79a9d5745419..142ffa632aad 100644 --- a/regress/unittests/hostkeys/Makefile +++ b/regress/unittests/hostkeys/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.11 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.12 2025/05/06 06:05:48 djm Exp $ PROG=test_hostkeys SRCS=tests.c test_iterate.c @@ -6,7 +6,7 @@ SRCS=tests.c test_iterate.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c -SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c hostfile.c SRCS+=ed25519.c hash.c diff --git a/regress/unittests/hostkeys/mktestdata.sh b/regress/unittests/hostkeys/mktestdata.sh index 5a46de990dca..5fec5829853a 100644 --- a/regress/unittests/hostkeys/mktestdata.sh +++ b/regress/unittests/hostkeys/mktestdata.sh @@ -1,11 +1,11 @@ #!/bin/sh -# $OpenBSD: mktestdata.sh,v 1.2 2017/04/30 23:33:48 djm Exp $ +# $OpenBSD: mktestdata.sh,v 1.3 2025/05/06 06:05:48 djm Exp $ set -ex cd testdata -rm -f rsa* dsa* ecdsa* ed25519* +rm -f rsa* ecdsa* ed25519* rm -f known_hosts* gen_all() { @@ -14,11 +14,10 @@ gen_all() { test "x$_n" = "x1" && _ecdsa_bits=384 test "x$_n" = "x2" && _ecdsa_bits=521 ssh-keygen -qt rsa -b 1024 -C "RSA #$_n" -N "" -f rsa_$_n - ssh-keygen -qt dsa -b 1024 -C "DSA #$_n" -N "" -f dsa_$_n ssh-keygen -qt ecdsa -b $_ecdsa_bits -C "ECDSA #$_n" -N "" -f ecdsa_$_n ssh-keygen -qt ed25519 -C "ED25519 #$_n" -N "" -f ed25519_$_n # Don't need private keys - rm -f rsa_$_n dsa_$_n ecdsa_$_n ed25519_$_n + rm -f rsa_$_n ecdsa_$_n ed25519_$_n } hentries() { @@ -65,18 +64,18 @@ rm -f known_hosts_hash_frag.old echo "# Revoked and CA keys" printf "@revoked sisyphus.example.com " ; cat ed25519_4.pub printf "@cert-authority prometheus.example.com " ; cat ecdsa_4.pub - printf "@cert-authority *.example.com " ; cat dsa_4.pub + printf "@cert-authority *.example.com " ; cat rsa_4.pub printf "\n" echo "# Some invalid lines" # Invalid marker - printf "@what sisyphus.example.com " ; cat dsa_1.pub + printf "@what sisyphus.example.com " ; cat rsa_1.pub # Key missing echo "sisyphus.example.com " # Key blob missing echo "prometheus.example.com ssh-ed25519 " # Key blob truncated - echo "sisyphus.example.com ssh-dsa AAAATgAAAAdz" + echo "sisyphus.example.com ssh-rsa AAAATgAAAAdz" # Invalid type echo "sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg==" # Type mismatch with blob diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 7efb8e1b9cc6..0139376f4a78 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_iterate.c,v 1.9 2024/01/11 01:45:58 djm Exp $ */ +/* $OpenBSD: test_iterate.c,v 1.10 2025/05/06 06:05:48 djm Exp $ */ /* * Regress test for hostfile.h hostkeys_foreach() * @@ -94,15 +94,8 @@ check(struct hostkey_foreach_line *l, void *_ctx) expected->no_parse_keytype == KEY_ECDSA) skip = 1; #endif /* OPENSSL_HAS_ECC */ -#ifndef WITH_DSA - if (expected->l.keytype == KEY_DSA || - expected->no_parse_keytype == KEY_DSA) - skip = 1; -#endif #ifndef WITH_OPENSSL - if (expected->l.keytype == KEY_DSA || - expected->no_parse_keytype == KEY_DSA || - expected->l.keytype == KEY_RSA || + if (expected->l.keytype == KEY_RSA || expected->no_parse_keytype == KEY_RSA || expected->l.keytype == KEY_ECDSA || expected->no_parse_keytype == KEY_ECDSA) @@ -160,14 +153,9 @@ prepare_expected(struct expected *expected, size_t n) if (expected[i].l.keytype == KEY_ECDSA) continue; #endif /* OPENSSL_HAS_ECC */ -#ifndef WITH_DSA - if (expected[i].l.keytype == KEY_DSA) - continue; -#endif #ifndef WITH_OPENSSL switch (expected[i].l.keytype) { case KEY_RSA: - case KEY_DSA: case KEY_ECDSA: continue; } @@ -204,23 +192,9 @@ struct expected expected_full[] = { NULL, /* comment */ 0, /* note */ } }, - { "dsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { - NULL, - 2, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - "sisyphus.example.com", - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #1", - 0, - } }, { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 3, + 2, HKF_STATUS_OK, 0, NULL, @@ -234,7 +208,7 @@ struct expected expected_full[] = { } }, { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 4, + 3, HKF_STATUS_OK, 0, NULL, @@ -248,7 +222,7 @@ struct expected expected_full[] = { } }, { "rsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 5, + 4, HKF_STATUS_OK, 0, NULL, @@ -262,7 +236,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 6, + 5, HKF_STATUS_COMMENT, 0, "", @@ -276,7 +250,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 7, + 6, HKF_STATUS_COMMENT, 0, "# Plain host keys, hostnames + addresses", @@ -288,23 +262,9 @@ struct expected expected_full[] = { NULL, 0, } }, - { "dsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { - NULL, - 8, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - "prometheus.example.com,192.0.2.1,2001:db8::1", - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #2", - 0, - } }, { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, - 9, + 7, HKF_STATUS_OK, 0, NULL, @@ -318,7 +278,7 @@ struct expected expected_full[] = { } }, { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, - 10, + 8, HKF_STATUS_OK, 0, NULL, @@ -332,7 +292,7 @@ struct expected expected_full[] = { } }, { "rsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, - 11, + 9, HKF_STATUS_OK, 0, NULL, @@ -346,7 +306,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 12, + 10, HKF_STATUS_COMMENT, 0, "", @@ -360,7 +320,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 13, + 11, HKF_STATUS_COMMENT, 0, "# Some hosts with wildcard names / IPs", @@ -372,23 +332,9 @@ struct expected expected_full[] = { NULL, 0, } }, - { "dsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { - NULL, - 14, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - "*.example.com,192.0.2.*,2001:*", - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #3", - 0, - } }, { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, - 15, + 12, HKF_STATUS_OK, 0, NULL, @@ -402,7 +348,7 @@ struct expected expected_full[] = { } }, { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, - 16, + 13, HKF_STATUS_OK, 0, NULL, @@ -416,7 +362,7 @@ struct expected expected_full[] = { } }, { "rsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, - 17, + 14, HKF_STATUS_OK, 0, NULL, @@ -430,7 +376,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 18, + 15, HKF_STATUS_COMMENT, 0, "", @@ -444,7 +390,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 19, + 16, HKF_STATUS_COMMENT, 0, "# Hashed hostname and address entries", @@ -456,23 +402,9 @@ struct expected expected_full[] = { NULL, 0, } }, - { "dsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { - NULL, - 20, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - NULL, - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #5", - 0, - } }, { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { NULL, - 21, + 17, HKF_STATUS_OK, 0, NULL, @@ -486,7 +418,7 @@ struct expected expected_full[] = { } }, { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { NULL, - 22, + 18, HKF_STATUS_OK, 0, NULL, @@ -500,7 +432,7 @@ struct expected expected_full[] = { } }, { "rsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { NULL, - 23, + 19, HKF_STATUS_OK, 0, NULL, @@ -514,7 +446,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 24, + 20, HKF_STATUS_COMMENT, 0, "", @@ -531,51 +463,9 @@ struct expected expected_full[] = { * hostname and addresses in the pre-hashed known_hosts are split * to separate lines. */ - { "dsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { - NULL, - 25, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - NULL, - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #6", - 0, - } }, - { "dsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { - NULL, - 26, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - NULL, - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #6", - 0, - } }, - { "dsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { - NULL, - 27, - HKF_STATUS_OK, - 0, - NULL, - MRK_NONE, - NULL, - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #6", - 0, - } }, { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { NULL, - 28, + 21, HKF_STATUS_OK, 0, NULL, @@ -589,7 +479,7 @@ struct expected expected_full[] = { } }, { "ecdsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { NULL, - 29, + 22, HKF_STATUS_OK, 0, NULL, @@ -603,7 +493,7 @@ struct expected expected_full[] = { } }, { "ecdsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { NULL, - 30, + 23, HKF_STATUS_OK, 0, NULL, @@ -617,7 +507,7 @@ struct expected expected_full[] = { } }, { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { NULL, - 31, + 24, HKF_STATUS_OK, 0, NULL, @@ -631,7 +521,7 @@ struct expected expected_full[] = { } }, { "ed25519_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { NULL, - 32, + 25, HKF_STATUS_OK, 0, NULL, @@ -645,7 +535,7 @@ struct expected expected_full[] = { } }, { "ed25519_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { NULL, - 33, + 26, HKF_STATUS_OK, 0, NULL, @@ -659,7 +549,7 @@ struct expected expected_full[] = { } }, { "rsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { NULL, - 34, + 27, HKF_STATUS_OK, 0, NULL, @@ -673,7 +563,7 @@ struct expected expected_full[] = { } }, { "rsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { NULL, - 35, + 28, HKF_STATUS_OK, 0, NULL, @@ -687,7 +577,7 @@ struct expected expected_full[] = { } }, { "rsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { NULL, - 36, + 29, HKF_STATUS_OK, 0, NULL, @@ -701,7 +591,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 37, + 30, HKF_STATUS_COMMENT, 0, "", @@ -715,7 +605,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 38, + 31, HKF_STATUS_COMMENT, 0, "", @@ -729,7 +619,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 39, + 32, HKF_STATUS_COMMENT, 0, "# Revoked and CA keys", @@ -743,7 +633,7 @@ struct expected expected_full[] = { } }, { "ed25519_4.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 40, + 33, HKF_STATUS_OK, 0, NULL, @@ -757,7 +647,7 @@ struct expected expected_full[] = { } }, { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { NULL, - 41, + 34, HKF_STATUS_OK, 0, NULL, @@ -769,23 +659,9 @@ struct expected expected_full[] = { "ECDSA #4", 0, } }, - { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { - NULL, - 42, - HKF_STATUS_OK, - 0, - NULL, - MRK_CA, - "*.example.com", - NULL, - KEY_DSA, - NULL, /* filled at runtime */ - "DSA #4", - 0, - } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 43, + 35, HKF_STATUS_COMMENT, 0, "", @@ -799,7 +675,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 44, + 36, HKF_STATUS_COMMENT, 0, "# Some invalid lines", @@ -813,7 +689,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, 0, 0, 0, -1, { NULL, - 45, + 37, HKF_STATUS_INVALID, 0, NULL, @@ -827,7 +703,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 46, + 38, HKF_STATUS_INVALID, 0, NULL, @@ -841,7 +717,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { NULL, - 47, + 39, HKF_STATUS_INVALID, 0, NULL, @@ -853,9 +729,9 @@ struct expected expected_full[] = { NULL, 0, } }, - { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { + { NULL, HKF_STATUS_OK, KEY_ED25519, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 48, + 40, HKF_STATUS_INVALID, /* Would be ok if key not parsed */ 0, NULL, @@ -869,7 +745,7 @@ struct expected expected_full[] = { } }, { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, - 49, + 41, HKF_STATUS_INVALID, 0, NULL, @@ -883,7 +759,7 @@ struct expected expected_full[] = { } }, { NULL, HKF_STATUS_OK, KEY_RSA, HKF_MATCH_HOST, 0, 0, 0, -1, { NULL, - 50, + 42, HKF_STATUS_INVALID, /* Would be ok if key not parsed */ 0, NULL, diff --git a/regress/unittests/hostkeys/testdata/dsa_1.pub b/regress/unittests/hostkeys/testdata/dsa_1.pub deleted file mode 100644 index 56e1e3714625..000000000000 --- a/regress/unittests/hostkeys/testdata/dsa_1.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAOqffHxEW4c+Z9q/r3l4sYK8F7qrBsU8XF9upGsW62T9InROFFq9IO0x3pQ6mDA0Wtw0sqcDmkPCHPyP4Ok/fU3/drLaZusHoVYu8pBBrWsIDrKgkeX9TEodBsSrYdl4Sqtqq9EZv9+DttV6LStZrgYyUTOKwOF95wGantpLynX5AAAAFQDdt+zjRNlETDsgmxcSYFgREirJrQAAAIBQlrPaiPhR24FhnMLcHH4016vL7AqDDID6Qw7PhbXGa4/XlxWMIigjBKrIPKvnZ6p712LSnCKtcbfdx0MtmJlNa01CYqPaRhgRaf+uGdvTkTUcdaq8R5lLJL+JMNwUhcC8ijm3NqEjXjffuebGe1EzIeiITbA7Nndcd+GytwRDegAAAIEAkRYPjSVcUxfUHhHdpP6V8CuY1+CYSs9EPJ7iiWTDuXWVIBTU32oJLAnrmAcOwtIzEfPvm+rff5FI/Yhon2pB3VTXhPPEBjYzE5qANanAT4e6tzAVc5f3DUhHaDknwRYfDz86GFvuLtDjeE/UZ9t6OofYoEsCBpYozLAprBvNIQY= DSA #1 diff --git a/regress/unittests/hostkeys/testdata/dsa_2.pub b/regress/unittests/hostkeys/testdata/dsa_2.pub deleted file mode 100644 index 394e0bf00255..000000000000 --- a/regress/unittests/hostkeys/testdata/dsa_2.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAI38Hy/61/O5Bp6yUG8J5XQCeNjRS0xvjlCdzKLyXCueMa+L+X2L/u9PWUsy5SVbTjGgpB8sF6UkCNsV+va7S8zCCHas2MZ7GPlxP6GZBkRPTIFR0N/Pu7wfBzDQz0t0iL4VmxBfTBQv/SxkGWZg+yHihIQP9fwdSAwD/7aVh6ItAAAAFQDSyihIUlINlswM0PJ8wXSti3yIMwAAAIB+oqzaB6ozqs8YxpN5oQOBa/9HEBQEsp8RSIlQmVubXRNgktp42n+Ii1waU9UUk8DX5ahhIeR6B7ojWkqmDAji4SKpoHf4kmr6HvYo85ZSTSx0W4YK/gJHSpDJwhlT52tAfb1JCbWSObjl09B4STv7KedCHcR5oXQvvrV+XoKOSAAAAIAue/EXrs2INw1RfaKNHC0oqOMxmRitv0BFMuNVPo1VDj39CE5kA7AHjwvS1TNeaHtK5Hhgeb6vsmLmNPTOc8xCob0ilyQbt9O0GbONeF2Ge7D2UJyULA/hxql+tCYFIC6yUrmo35fF9XiNisXLoaflk9fjp7ROWWVwnki/jstaQw== DSA #2 diff --git a/regress/unittests/hostkeys/testdata/dsa_3.pub b/regress/unittests/hostkeys/testdata/dsa_3.pub deleted file mode 100644 index e506ea42253a..000000000000 --- a/regress/unittests/hostkeys/testdata/dsa_3.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAI6lz2Ip9bzE7TGuDD4SjO9S4Ac90gq0h6ai1O06eI8t/Ot2uJ5Jk2QyVr2jvIZHDl/5bwBx7+5oyjlwRoUrAPPD814wf5tU2tSnmdu1Wbf0cBswif5q0r4tevzmopp/AtgH11QHo3u0/pfyJd10qBDLV2FaYSKMmZvyPfZJ0s9pAAAAFQD5Eqjl6Rx2qVePodD9OwAPT0bU6wAAAIAfnDm6csZF0sFaJR3NIJvaYgSGr8s7cqlsk2gLltB/1wOOO2yX+NeEC+B0H93hlMfaUsPa08bwgmYxnavSMqEBpmtPceefJiEd68zwYqXd38f88wyWZ9Z5iwaI/6OVZPHzCbDxOa4ewVTevRNYUKP1xUTZNT8/gSMfZLYPk4T2AQAAAIAUKroozRMyV+3V/rxt0gFnNxRXBKk+9cl3vgsQ7ktkI9cYg7V1T2K0XF21AVMK9gODszy6PBJjV6ruXBV6TRiqIbQauivp3bHHKYsG6wiJNqwdbVwIjfvv8nn1qFoZQLXG3sdONr9NwN8KzrX89OV0BlR2dVM5qqp+YxOXymP9yg== DSA #3 diff --git a/regress/unittests/hostkeys/testdata/dsa_4.pub b/regress/unittests/hostkeys/testdata/dsa_4.pub deleted file mode 100644 index 8552c3819287..000000000000 --- a/regress/unittests/hostkeys/testdata/dsa_4.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAKvjnFHm0VvMr5h2Zu3nURsxQKGoxm+DCzYDxRYcilK07Cm5c4XTrFbA2X86+9sGs++W7QRMcTJUYIg0a+UtIMtAjwORd6ZPXM2K5dBW+gh1oHyvKi767tWX7I2c+1ZPJDY95mUUfZQUEfdy9eGDSBmw/pSsveQ1ur6XNUh/MtP/AAAAFQDHnXk/9jBJAdce1pHtLWnbdPSGdQAAAIEAm2OLy8tZBfiEO3c3X1yyB/GTcDwrQCqRMDkhnsmrliec3dWkOfNTzu+MrdvF8ymTWLEqPpbMheYtvNyZ3TF0HO5W7aVBpdGZbOdOAIfB+6skqGbI8A5Up1d7dak/bSsqL2r5NjwbDOdq+1hBzzvbl/qjh+sQarV2zHrpKoQaV28AAACANtkBVedBbqIAdphCrN/LbUi9WlyuF9UZz+tlpVLYrj8GJVwnplV2tvOmUw6yP5/pzCimTsao8dpL5PWxm7fKxLWVxA+lEsA4WeC885CiZn8xhdaJOCN+NyJ2bqkz+4VPI7oDGBm0aFwUqJn+M1PiSgvI50XdF2dBsFRTRNY0wzA= DSA #4 diff --git a/regress/unittests/hostkeys/testdata/dsa_5.pub b/regress/unittests/hostkeys/testdata/dsa_5.pub deleted file mode 100644 index 149e1efd166b..000000000000 --- a/regress/unittests/hostkeys/testdata/dsa_5.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBALrFy7w5ihlaOG+qR+6fj+vm5EQaO3qwxgACLcgH+VfShuOG4mkx8qFJmf+OZ3fh5iKngjNZfKtfcqI7zHWdk6378TQfQC52/kbZukjNXOLCpyNkogahcjA00onIoTK1RUDuMW28edAHwPFbpttXDTaqis+8JPMY8hZwsZGENCzTAAAAFQD6+It5vozwGgaN9ROYPMlByhi6jwAAAIBz2mcAC694vNzz9b6614gkX9d9E99PzJYfU1MPkXDziKg7MrjBw7Opd5y1jL09S3iL6lSTlHkKwVKvQ3pOwWRwXXRrKVus4I0STveoApm526jmp6mY0YEtqR98vMJ0v97h1ydt8FikKlihefCsnXVicb8887PXs2Y8C6GuFT3tfQAAAIBbmHtV5tPcrMRDkULhaQ/Whap2VKvT2DUhIHA7lx6oy/KpkltOpxDZOIGUHKqffGbiR7Jh01/y090AY5L2eCf0S2Ytx93+eADwVVpJbFJo6zSwfeey2Gm6L2oA+rCz9zTdmtZoekpD3/RAOQjnJIAPwbs7mXwabZTw4xRtiYIRrw== DSA #5 diff --git a/regress/unittests/hostkeys/testdata/dsa_6.pub b/regress/unittests/hostkeys/testdata/dsa_6.pub deleted file mode 100644 index edbb97643d26..000000000000 --- a/regress/unittests/hostkeys/testdata/dsa_6.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 diff --git a/regress/unittests/hostkeys/testdata/known_hosts b/regress/unittests/hostkeys/testdata/known_hosts index 4446f45dffe8..5298e3eebb3d 100644 --- a/regress/unittests/hostkeys/testdata/known_hosts +++ b/regress/unittests/hostkeys/testdata/known_hosts @@ -1,30 +1,23 @@ # Plain host keys, plain host names -sisyphus.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAOqffHxEW4c+Z9q/r3l4sYK8F7qrBsU8XF9upGsW62T9InROFFq9IO0x3pQ6mDA0Wtw0sqcDmkPCHPyP4Ok/fU3/drLaZusHoVYu8pBBrWsIDrKgkeX9TEodBsSrYdl4Sqtqq9EZv9+DttV6LStZrgYyUTOKwOF95wGantpLynX5AAAAFQDdt+zjRNlETDsgmxcSYFgREirJrQAAAIBQlrPaiPhR24FhnMLcHH4016vL7AqDDID6Qw7PhbXGa4/XlxWMIigjBKrIPKvnZ6p712LSnCKtcbfdx0MtmJlNa01CYqPaRhgRaf+uGdvTkTUcdaq8R5lLJL+JMNwUhcC8ijm3NqEjXjffuebGe1EzIeiITbA7Nndcd+GytwRDegAAAIEAkRYPjSVcUxfUHhHdpP6V8CuY1+CYSs9EPJ7iiWTDuXWVIBTU32oJLAnrmAcOwtIzEfPvm+rff5FI/Yhon2pB3VTXhPPEBjYzE5qANanAT4e6tzAVc5f3DUhHaDknwRYfDz86GFvuLtDjeE/UZ9t6OofYoEsCBpYozLAprBvNIQY= DSA #1 sisyphus.example.com ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBF6yQEtD9yBw9gmDRf477WBBzvWhAa0ioBI3nbA4emKykj0RbuQd5C4XdQAEOZGzE7v//FcCjwB2wi+JH5eKkxCtN6CjohDASZ1huoIV2UVyYIicZJEEOg1IWjjphvaxtw== ECDSA #1 sisyphus.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9ks7jkua5YWIwByRnnnc6UPJQWI75O0e/UJdPYU1JI ED25519 #1 sisyphus.example.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDg4hB4vAZHJ0PVRiJajOv/GlytFWNpv5/9xgB9+5BIbvp8LOrFZ5D9K0Gsmwpd4G4rfaAz8j896DhMArg0vtkilIPPGt/6VzWMERgvaIQPJ/IE99X3+fjcAG56oAWwy29JX10lQMzBPU6XJIaN/zqpkb6qUBiAHBdLpxrFBBU0/w== RSA #1 # Plain host keys, hostnames + addresses -prometheus.example.com,192.0.2.1,2001:db8::1 ssh-dss AAAAB3NzaC1kc3MAAACBAI38Hy/61/O5Bp6yUG8J5XQCeNjRS0xvjlCdzKLyXCueMa+L+X2L/u9PWUsy5SVbTjGgpB8sF6UkCNsV+va7S8zCCHas2MZ7GPlxP6GZBkRPTIFR0N/Pu7wfBzDQz0t0iL4VmxBfTBQv/SxkGWZg+yHihIQP9fwdSAwD/7aVh6ItAAAAFQDSyihIUlINlswM0PJ8wXSti3yIMwAAAIB+oqzaB6ozqs8YxpN5oQOBa/9HEBQEsp8RSIlQmVubXRNgktp42n+Ii1waU9UUk8DX5ahhIeR6B7ojWkqmDAji4SKpoHf4kmr6HvYo85ZSTSx0W4YK/gJHSpDJwhlT52tAfb1JCbWSObjl09B4STv7KedCHcR5oXQvvrV+XoKOSAAAAIAue/EXrs2INw1RfaKNHC0oqOMxmRitv0BFMuNVPo1VDj39CE5kA7AHjwvS1TNeaHtK5Hhgeb6vsmLmNPTOc8xCob0ilyQbt9O0GbONeF2Ge7D2UJyULA/hxql+tCYFIC6yUrmo35fF9XiNisXLoaflk9fjp7ROWWVwnki/jstaQw== DSA #2 prometheus.example.com,192.0.2.1,2001:db8::1 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAB8qVcXwgBM92NCmReQlPrZAoui4Bz/mW0VUBFOpHXXW1n+15b/Y7Pc6UBd/ITTZmaBciXY+PWaSBGdwc5GdqGdLgFyJ/QAGrFMPNpVutm/82gNQzlxpNwjbMcKyiZEXzSgnjS6DzMQ0WuSMdzIBXq8OW/Kafxg4ZkU6YqALUXxlQMZuQ== ECDSA #2 prometheus.example.com,192.0.2.1,2001:db8::1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBp6PVW0z2o9C4Ukv/JOgmK7QMFe1pD1s3ADFF7IQob ED25519 #2 prometheus.example.com,192.0.2.1,2001:db8::1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDmbUhNabB5AmBDX6GNHZ3lbn7pRxqfpW+f53QqNGlK0sLV+0gkMIrOfUp1kdE2ZLE6tfzdicatj/RlH6/wuo4yyYb+Pyx3G0vxdmAIiA4aANq38XweDucBC0TZkRWVHK+Gs5V/uV0z7N0axJvkkJujMLvST3CRiiWwlficBc6yVQ== RSA #2 # Some hosts with wildcard names / IPs -*.example.com,192.0.2.*,2001:* ssh-dss AAAAB3NzaC1kc3MAAACBAI6lz2Ip9bzE7TGuDD4SjO9S4Ac90gq0h6ai1O06eI8t/Ot2uJ5Jk2QyVr2jvIZHDl/5bwBx7+5oyjlwRoUrAPPD814wf5tU2tSnmdu1Wbf0cBswif5q0r4tevzmopp/AtgH11QHo3u0/pfyJd10qBDLV2FaYSKMmZvyPfZJ0s9pAAAAFQD5Eqjl6Rx2qVePodD9OwAPT0bU6wAAAIAfnDm6csZF0sFaJR3NIJvaYgSGr8s7cqlsk2gLltB/1wOOO2yX+NeEC+B0H93hlMfaUsPa08bwgmYxnavSMqEBpmtPceefJiEd68zwYqXd38f88wyWZ9Z5iwaI/6OVZPHzCbDxOa4ewVTevRNYUKP1xUTZNT8/gSMfZLYPk4T2AQAAAIAUKroozRMyV+3V/rxt0gFnNxRXBKk+9cl3vgsQ7ktkI9cYg7V1T2K0XF21AVMK9gODszy6PBJjV6ruXBV6TRiqIbQauivp3bHHKYsG6wiJNqwdbVwIjfvv8nn1qFoZQLXG3sdONr9NwN8KzrX89OV0BlR2dVM5qqp+YxOXymP9yg== DSA #3 *.example.com,192.0.2.*,2001:* ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIb3BhJZk+vUQPg5TQc1koIzuGqloCq7wjr9LjlhG24IBeiFHLsdWw74HDlH4DrOmlxToVYk2lTdnjARleRByjk= ECDSA #3 *.example.com,192.0.2.*,2001:* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlYfExtYZAPqYvYdrlpGlSWhh/XNHcH3v3c2JzsVNbB ED25519 #3 *.example.com,192.0.2.*,2001:* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDX8F93W3SH4ZSus4XUQ2cw9dqcuyUETTlKEeGv3zlknV3YCoe2Mp04naDhiuwj8sOsytrZSESzLY1ZEyzrjxE6ZFVv8NKgck/AbRjcwlRFOcx9oKUxOrXRa0IoXlTq0kyjKCJfaHBKnGitZThknCPTbVmpATkm5xx6J0WEDozfoQ== RSA #3 # Hashed hostname and address entries -|1|z3xOIdT5ue3Vuf3MzT67kaioqjw=|GZhhe5uwDOBQrC9N4cCjpbLpSn4= ssh-dss AAAAB3NzaC1kc3MAAACBALrFy7w5ihlaOG+qR+6fj+vm5EQaO3qwxgACLcgH+VfShuOG4mkx8qFJmf+OZ3fh5iKngjNZfKtfcqI7zHWdk6378TQfQC52/kbZukjNXOLCpyNkogahcjA00onIoTK1RUDuMW28edAHwPFbpttXDTaqis+8JPMY8hZwsZGENCzTAAAAFQD6+It5vozwGgaN9ROYPMlByhi6jwAAAIBz2mcAC694vNzz9b6614gkX9d9E99PzJYfU1MPkXDziKg7MrjBw7Opd5y1jL09S3iL6lSTlHkKwVKvQ3pOwWRwXXRrKVus4I0STveoApm526jmp6mY0YEtqR98vMJ0v97h1ydt8FikKlihefCsnXVicb8887PXs2Y8C6GuFT3tfQAAAIBbmHtV5tPcrMRDkULhaQ/Whap2VKvT2DUhIHA7lx6oy/KpkltOpxDZOIGUHKqffGbiR7Jh01/y090AY5L2eCf0S2Ytx93+eADwVVpJbFJo6zSwfeey2Gm6L2oA+rCz9zTdmtZoekpD3/RAOQjnJIAPwbs7mXwabZTw4xRtiYIRrw== DSA #5 |1|B7t/AYabn8zgwU47Cb4A/Nqt3eI=|arQPZyRphkzisr7w6wwikvhaOyE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIudcagzq4QPtP1jkpje34+0POLB0jwT64hqrbCqhTH2T800KDZ0h2vwlJYa3OP3Oqru9AB5pnuHsKw7mAhUGY= ECDSA #5 |1|JR81WxEocTP5d7goIRkl8fHBbno=|l6sj6FOsoXxgEZMzn/BnOfPKN68= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINf63qSV8rD57N+digID8t28WVhd3Yf2K2UhaoG8TsWQ ED25519 #5 |1|W7x4zY6KtTZJgsopyOusJqvVPag=|QauLt7hKezBZFZi2i4Xopho7Nsk= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC/C15Q4sfnk7BZff1er8bscay+5s51oD4eWArlHWMK/ZfYeeTAccTy+7B7Jv+MS4nKCpflrvJI2RQz4kS8vF0ATdBbi4jeWefStlHNg0HLhnCY7NAfDIlRdaN9lm3Pqm2vmr+CkqwcJaSpycDg8nPN9yNAuD6pv7NDuUnECezojQ== RSA #5 -|1|mxnU8luzqWLvfVi5qBm5xVIyCRM=|9Epopft7LBd80Bf6RmWPIpwa8yU= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 -|1|klvLmvh2vCpkNMDEjVvrE8SJWTg=|e/dqEEBLnbgqmwEesl4cDRu/7TM= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 -|1|wsk3ddB3UjuxEsoeNCeZjZ6NvZs=|O3O/q2Z/u7DrxoTiIq6kzCevQT0= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 |1|B8epmkLSni+vGZDijr/EwxeR2k4=|7ct8yzNOVJhKm3ZD2w0XIT7df8E= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6 |1|JojD885UhYhbCu571rgyM/5PpYU=|BJaU2aE1FebQZy3B5tzTDRWFRG0= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6 |1|5t7UDHDybVrDZVQPCpwdnr6nk4k=|EqJ73W/veIL3H2x+YWHcJxI5ETA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6 @@ -39,12 +32,11 @@ prometheus.example.com,192.0.2.1,2001:db8::1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAA # Revoked and CA keys @revoked sisyphus.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFP8L9REfN/iYy1KIRtFqSCn3V2+vOCpoZYENFGLdOF ED25519 #4 @cert-authority prometheus.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZd0OXHIWwK3xnjAdMZ1tojxWycdu38pORO/UX5cqsKMgGCKQVBWWO3TFk1ePkGIE9VMWT1hCGqWRRwYlH+dSE= ECDSA #4 -@cert-authority *.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAKvjnFHm0VvMr5h2Zu3nURsxQKGoxm+DCzYDxRYcilK07Cm5c4XTrFbA2X86+9sGs++W7QRMcTJUYIg0a+UtIMtAjwORd6ZPXM2K5dBW+gh1oHyvKi767tWX7I2c+1ZPJDY95mUUfZQUEfdy9eGDSBmw/pSsveQ1ur6XNUh/MtP/AAAAFQDHnXk/9jBJAdce1pHtLWnbdPSGdQAAAIEAm2OLy8tZBfiEO3c3X1yyB/GTcDwrQCqRMDkhnsmrliec3dWkOfNTzu+MrdvF8ymTWLEqPpbMheYtvNyZ3TF0HO5W7aVBpdGZbOdOAIfB+6skqGbI8A5Up1d7dak/bSsqL2r5NjwbDOdq+1hBzzvbl/qjh+sQarV2zHrpKoQaV28AAACANtkBVedBbqIAdphCrN/LbUi9WlyuF9UZz+tlpVLYrj8GJVwnplV2tvOmUw6yP5/pzCimTsao8dpL5PWxm7fKxLWVxA+lEsA4WeC885CiZn8xhdaJOCN+NyJ2bqkz+4VPI7oDGBm0aFwUqJn+M1PiSgvI50XdF2dBsFRTRNY0wzA= DSA #4 # Some invalid lines -@what sisyphus.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAOqffHxEW4c+Z9q/r3l4sYK8F7qrBsU8XF9upGsW62T9InROFFq9IO0x3pQ6mDA0Wtw0sqcDmkPCHPyP4Ok/fU3/drLaZusHoVYu8pBBrWsIDrKgkeX9TEodBsSrYdl4Sqtqq9EZv9+DttV6LStZrgYyUTOKwOF95wGantpLynX5AAAAFQDdt+zjRNlETDsgmxcSYFgREirJrQAAAIBQlrPaiPhR24FhnMLcHH4016vL7AqDDID6Qw7PhbXGa4/XlxWMIigjBKrIPKvnZ6p712LSnCKtcbfdx0MtmJlNa01CYqPaRhgRaf+uGdvTkTUcdaq8R5lLJL+JMNwUhcC8ijm3NqEjXjffuebGe1EzIeiITbA7Nndcd+GytwRDegAAAIEAkRYPjSVcUxfUHhHdpP6V8CuY1+CYSs9EPJ7iiWTDuXWVIBTU32oJLAnrmAcOwtIzEfPvm+rff5FI/Yhon2pB3VTXhPPEBjYzE5qANanAT4e6tzAVc5f3DUhHaDknwRYfDz86GFvuLtDjeE/UZ9t6OofYoEsCBpYozLAprBvNIQY= DSA #1 +@what ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDg4hB4vAZHJ0PVRiJajOv/GlytFWNpv5/9xgB9+5BIbvp8LOrFZ5D9K0Gsmwpd4G4rfaAz8j896DhMArg0vtkilIPPGt/6VzWMERgvaIQPJ/IE99X3+fjcAG56oAWwy29JX10lQMzBPU6XJIaN/zqpkb6qUBiAHBdLpxrFBBU0/w== RSA #1 sisyphus.example.com prometheus.example.com ssh-ed25519 -sisyphus.example.com ssh-dsa AAAATgAAAAdz +sisyphus.example.com ssh-ed25519 AAAATgAAAAdz sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg== prometheus.example.com ssh-rsa AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg== diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index b76ee8edc813..645fb0609733 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.17 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.18 2025/05/06 06:05:48 djm Exp $ PROG=test_kex SRCS=tests.c test_kex.c test_proposal.c @@ -6,7 +6,7 @@ SRCS=tests.c test_kex.c test_proposal.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c -SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c SRCS+=compat.c ed25519.c hash.c diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index 84dada301b8f..54b826239ae8 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_kex.c,v 1.10 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: test_kex.c,v 1.11 2025/05/06 06:05:48 djm Exp $ */ /* * Regress test KEX * @@ -218,9 +218,6 @@ do_kex(char *kex) #ifdef WITH_OPENSSL do_kex_with_key(kex, NULL, NULL, NULL, KEY_RSA, 2048); -# ifdef WITH_DSA - do_kex_with_key(kex, NULL, NULL, NULL, KEY_DSA, 1024); -# endif /* WITH_DSA */ # ifdef OPENSSL_HAS_ECC do_kex_with_key(kex, NULL, NULL, NULL, KEY_ECDSA, 256); # endif /* OPENSSL_HAS_ECC */ diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile index cd0f44d13d24..b237ff55c8d3 100644 --- a/regress/unittests/sshkey/Makefile +++ b/regress/unittests/sshkey/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.12 2023/01/15 23:35:10 djm Exp $ +# $OpenBSD: Makefile,v 1.13 2025/05/06 06:05:48 djm Exp $ PROG=test_sshkey SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c @@ -6,7 +6,7 @@ SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c -SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=ed25519.c hash.c diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c index f325c2ac2025..a579eccb29d5 100644 --- a/regress/unittests/sshkey/common.c +++ b/regress/unittests/sshkey/common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: common.c,v 1.6 2024/08/15 00:52:23 djm Exp $ */ +/* $OpenBSD: common.c,v 1.7 2025/05/06 06:05:48 djm Exp $ */ /* * Helpers for key API tests * @@ -21,7 +21,6 @@ #ifdef WITH_OPENSSL #include #include -#include #include #ifdef OPENSSL_HAS_NISTP256 # include @@ -126,38 +125,4 @@ rsa_q(struct sshkey *k) RSA_get0_factors(EVP_PKEY_get0_RSA(k->pkey), NULL, &q); return q; } - -const BIGNUM * -dsa_g(struct sshkey *k) -{ - const BIGNUM *g = NULL; - - ASSERT_PTR_NE(k, NULL); - ASSERT_PTR_NE(k->dsa, NULL); - DSA_get0_pqg(k->dsa, NULL, NULL, &g); - return g; -} - -const BIGNUM * -dsa_pub_key(struct sshkey *k) -{ - const BIGNUM *pub_key = NULL; - - ASSERT_PTR_NE(k, NULL); - ASSERT_PTR_NE(k->dsa, NULL); - DSA_get0_key(k->dsa, &pub_key, NULL); - return pub_key; -} - -const BIGNUM * -dsa_priv_key(struct sshkey *k) -{ - const BIGNUM *priv_key = NULL; - - ASSERT_PTR_NE(k, NULL); - ASSERT_PTR_NE(k->dsa, NULL); - DSA_get0_key(k->dsa, NULL, &priv_key); - return priv_key; -} #endif /* WITH_OPENSSL */ - diff --git a/regress/unittests/sshkey/common.h b/regress/unittests/sshkey/common.h index 7a514fdc8fe6..6127116da3d4 100644 --- a/regress/unittests/sshkey/common.h +++ b/regress/unittests/sshkey/common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: common.h,v 1.2 2018/09/13 09:03:20 djm Exp $ */ +/* $OpenBSD: common.h,v 1.3 2025/05/06 06:05:48 djm Exp $ */ /* * Helpers for key API tests * @@ -19,7 +19,4 @@ const BIGNUM *rsa_n(struct sshkey *k); const BIGNUM *rsa_e(struct sshkey *k); const BIGNUM *rsa_p(struct sshkey *k); const BIGNUM *rsa_q(struct sshkey *k); -const BIGNUM *dsa_g(struct sshkey *k); -const BIGNUM *dsa_pub_key(struct sshkey *k); -const BIGNUM *dsa_priv_key(struct sshkey *k); diff --git a/regress/unittests/sshkey/mktestdata.sh b/regress/unittests/sshkey/mktestdata.sh index fcd78e990e8b..97e5d79fd734 100755 --- a/regress/unittests/sshkey/mktestdata.sh +++ b/regress/unittests/sshkey/mktestdata.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: mktestdata.sh,v 1.11 2020/06/19 03:48:49 djm Exp $ +# $OpenBSD: mktestdata.sh,v 1.12 2025/05/06 06:05:48 djm Exp $ PW=mekmitasdigoat @@ -24,27 +24,6 @@ rsa_params() { done } -dsa_params() { - _in="$1" - _outbase="$2" - set -e - openssl dsa -noout -text -in $_in | \ - awk '/^priv:$/,/^pub:/' | \ - grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.priv - openssl dsa -noout -text -in $_in | \ - awk '/^pub:/,/^P:/' | #\ - grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.pub - openssl dsa -noout -text -in $_in | \ - awk '/^G:/,0' | \ - grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.g - for x in priv pub g ; do - echo "" >> ${_outbase}.$x - echo ============ ${_outbase}.$x - cat ${_outbase}.$x - echo ============ - done -} - ecdsa_params() { _in="$1" _outbase="$2" @@ -79,15 +58,14 @@ else exit 1 fi -rm -f rsa_1 dsa_1 ecdsa_1 ed25519_1 -rm -f rsa_2 dsa_2 ecdsa_2 ed25519_2 -rm -f rsa_n dsa_n ecdsa_n # new-format keys -rm -f rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw -rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw +rm -f rsa_1 ecdsa_1 ed25519_1 +rm -f rsa_2 ecdsa_2 ed25519_2 +rm -f rsa_n ecdsa_n # new-format keys +rm -f rsa_1_pw ecdsa_1_pw ed25519_1_pw +rm -f rsa_n_pw ecdsa_n_pw rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1 -m PEM -ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1 -m PEM ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1 -m PEM ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1 ssh-keygen -w "$SK_DUMMY" -t ecdsa-sk -C "ECDSA-SK test key #1" \ @@ -97,7 +75,6 @@ ssh-keygen -w "$SK_DUMMY" -t ed25519-sk -C "ED25519-SK test key #1" \ ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2 -m PEM -ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2 -m PEM ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2 -m PEM ssh-keygen -t ed25519 -C "ED25519 test key #2" -N "" -f ed25519_2 ssh-keygen -w "$SK_DUMMY" -t ecdsa-sk -C "ECDSA-SK test key #2" \ @@ -106,37 +83,29 @@ ssh-keygen -w "$SK_DUMMY" -t ed25519-sk -C "ED25519-SK test key #2" \ -N "" -f ed25519_sk2 cp rsa_1 rsa_n -cp dsa_1 dsa_n cp ecdsa_1 ecdsa_n ssh-keygen -pf rsa_n -N "" -ssh-keygen -pf dsa_n -N "" ssh-keygen -pf ecdsa_n -N "" cp rsa_1 rsa_1_pw -cp dsa_1 dsa_1_pw cp ecdsa_1 ecdsa_1_pw cp ed25519_1 ed25519_1_pw cp ecdsa_sk1 ecdsa_sk1_pw cp ed25519_sk1 ed25519_sk1_pw cp rsa_1 rsa_n_pw -cp dsa_1 dsa_n_pw cp ecdsa_1 ecdsa_n_pw ssh-keygen -pf rsa_1_pw -m PEM -N "$PW" -ssh-keygen -pf dsa_1_pw -m PEM -N "$PW" ssh-keygen -pf ecdsa_1_pw -m PEM -N "$PW" ssh-keygen -pf ed25519_1_pw -N "$PW" ssh-keygen -pf ecdsa_sk1_pw -m PEM -N "$PW" ssh-keygen -pf ed25519_sk1_pw -N "$PW" ssh-keygen -pf rsa_n_pw -N "$PW" -ssh-keygen -pf dsa_n_pw -N "$PW" ssh-keygen -pf ecdsa_n_pw -N "$PW" rsa_params rsa_1 rsa_1.param rsa_params rsa_2 rsa_2.param -dsa_params dsa_1 dsa_1.param -dsa_params dsa_1 dsa_1.param ecdsa_params ecdsa_1 ecdsa_1.param ecdsa_params ecdsa_2 ecdsa_2.param # XXX ed25519, *sk params @@ -144,9 +113,6 @@ ecdsa_params ecdsa_2 ecdsa_2.param ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ -V 19990101:20110101 -z 1 rsa_1.pub -ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ - -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ - -V 19990101:20110101 -z 2 dsa_1.pub ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ -V 19990101:20110101 -z 3 ecdsa_1.pub @@ -175,8 +141,6 @@ ssh-keygen -s rsa_2 -I hugo -n user1,user2 -t rsa-sha2-512 \ ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ -V 19990101:20110101 -z 5 rsa_1.pub -ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ - -V 19990101:20110101 -z 6 dsa_1.pub ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \ -V 19990101:20110101 -z 7 ecdsa_1.pub ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ @@ -187,33 +151,28 @@ ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ -V 19990101:20110101 -z 8 ed25519_sk1.pub ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp -ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp ssh-keygen -lf ecdsa_sk1 | awk '{print $2}' > ecdsa_sk1.fp ssh-keygen -lf ed25519_sk1 | awk '{print $2}' > ed25519_sk1.fp ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp -ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp ssh-keygen -lf ed25519_2 | awk '{print $2}' > ed25519_2.fp ssh-keygen -lf ecdsa_sk2 | awk '{print $2}' > ecdsa_sk2.fp ssh-keygen -lf ed25519_sk2 | awk '{print $2}' > ed25519_sk2.fp ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp -ssh-keygen -lf dsa_1-cert.pub | awk '{print $2}' > dsa_1-cert.fp ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp ssh-keygen -lf ecdsa_sk1-cert.pub | awk '{print $2}' > ecdsa_sk1-cert.fp ssh-keygen -lf ed25519_sk1-cert.pub | awk '{print $2}' > ed25519_sk1-cert.fp ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb -ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb ssh-keygen -Bf ecdsa_sk1 | awk '{print $2}' > ecdsa_sk1.fp.bb ssh-keygen -Bf ed25519_sk1 | awk '{print $2}' > ed25519_sk1.fp.bb ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb -ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb ssh-keygen -Bf ed25519_2 | awk '{print $2}' > ed25519_2.fp.bb ssh-keygen -Bf ecdsa_sk2 | awk '{print $2}' > ecdsa_sk2.fp.bb diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c index 3babe604dcca..49148aca07b2 100644 --- a/regress/unittests/sshkey/test_file.c +++ b/regress/unittests/sshkey/test_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_file.c,v 1.12 2024/08/15 00:52:23 djm Exp $ */ +/* $OpenBSD: test_file.c,v 1.13 2025/05/06 06:05:48 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -21,7 +21,6 @@ #ifdef WITH_OPENSSL #include #include -#include #include #ifdef OPENSSL_HAS_NISTP256 # include @@ -165,99 +164,6 @@ sshkey_file_tests(void) sshkey_free(k1); -#ifdef WITH_DSA - TEST_START("parse DSA from private"); - buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshbuf_free(buf); - ASSERT_PTR_NE(k1, NULL); - a = load_bignum("dsa_1.param.g"); - b = load_bignum("dsa_1.param.priv"); - c = load_bignum("dsa_1.param.pub"); - ASSERT_BIGNUM_EQ(dsa_g(k1), a); - ASSERT_BIGNUM_EQ(dsa_priv_key(k1), b); - ASSERT_BIGNUM_EQ(dsa_pub_key(k1), c); - BN_free(a); - BN_free(b); - BN_free(c); - TEST_DONE(); - - TEST_START("parse DSA from private w/ passphrase"); - buf = load_file("dsa_1_pw"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), &k2, NULL), 0); - sshbuf_free(buf); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("parse DSA from new-format"); - buf = load_file("dsa_n"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); - sshbuf_free(buf); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("parse DSA from new-format w/ passphrase"); - buf = load_file("dsa_n_pw"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), &k2, NULL), 0); - sshbuf_free(buf); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("load DSA from public"); - ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2, - NULL), 0); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("load DSA cert"); - ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(k2->type, KEY_DSA_CERT); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); - ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); - TEST_DONE(); - - TEST_START("DSA key hex fingerprint"); - buf = load_text_file("dsa_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); - ASSERT_PTR_NE(cp, NULL); - ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); - sshbuf_free(buf); - free(cp); - TEST_DONE(); - - TEST_START("DSA cert hex fingerprint"); - buf = load_text_file("dsa_1-cert.fp"); - cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); - ASSERT_PTR_NE(cp, NULL); - ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); - sshbuf_free(buf); - free(cp); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("DSA key bubblebabble fingerprint"); - buf = load_text_file("dsa_1.fp.bb"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); - ASSERT_PTR_NE(cp, NULL); - ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); - sshbuf_free(buf); - free(cp); - TEST_DONE(); - - sshkey_free(k1); -#endif - #ifdef OPENSSL_HAS_ECC TEST_START("parse ECDSA from private"); buf = load_file("ecdsa_1"); diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c index 0aff7c9bf4e4..12d0e12eacef 100644 --- a/regress/unittests/sshkey/test_fuzz.c +++ b/regress/unittests/sshkey/test_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_fuzz.c,v 1.14 2024/01/11 01:45:58 djm Exp $ */ +/* $OpenBSD: test_fuzz.c,v 1.15 2025/05/06 06:05:48 djm Exp $ */ /* * Fuzz tests for key parsing * @@ -21,7 +21,6 @@ #ifdef WITH_OPENSSL #include #include -#include #include #ifdef OPENSSL_HAS_NISTP256 # include @@ -160,52 +159,6 @@ sshkey_fuzz_tests(void) fuzz_cleanup(fuzz); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("fuzz DSA private"); - buf = load_file("dsa_1"); - fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), - sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshkey_free(k1); - sshbuf_free(buf); - ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); - TEST_ONERROR(onerror, fuzz); - for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { - r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); - ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) - sshkey_free(k1); - sshbuf_reset(fuzzed); - if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) - break; - } - sshbuf_free(fuzzed); - fuzz_cleanup(fuzz); - TEST_DONE(); - - TEST_START("fuzz DSA new-format private"); - buf = load_file("dsa_n"); - fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), - sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshkey_free(k1); - sshbuf_free(buf); - ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); - TEST_ONERROR(onerror, fuzz); - for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { - r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); - ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) - sshkey_free(k1); - sshbuf_reset(fuzzed); - if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) - break; - } - sshbuf_free(fuzzed); - fuzz_cleanup(fuzz); - TEST_DONE(); -#endif - #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA private"); buf = load_file("ecdsa_1"); @@ -290,22 +243,6 @@ sshkey_fuzz_tests(void) sshkey_free(k1); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("fuzz DSA public"); - buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshbuf_free(buf); - public_fuzz(k1); - sshkey_free(k1); - TEST_DONE(); - - TEST_START("fuzz DSA cert"); - ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k1), 0); - public_fuzz(k1); - sshkey_free(k1); - TEST_DONE(); -#endif - #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA public"); buf = load_file("ecdsa_1"); @@ -362,16 +299,6 @@ sshkey_fuzz_tests(void) sshkey_free(k1); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("fuzz DSA sig"); - buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshbuf_free(buf); - sig_fuzz(k1, NULL); - sshkey_free(k1); - TEST_DONE(); -#endif - #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA sig"); buf = load_file("ecdsa_1"); diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 53bdc0ca62d8..832ef9b202cc 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.28 2025/04/15 05:31:24 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.29 2025/05/06 06:05:48 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -18,7 +18,6 @@ #ifdef WITH_OPENSSL #include #include -#include #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) # include #endif @@ -271,14 +270,6 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("new/free KEY_DSA"); - k1 = sshkey_new(KEY_DSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->dsa, NULL); - sshkey_free(k1); - TEST_DONE(); -#endif #ifdef OPENSSL_HAS_ECC TEST_START("new/free KEY_ECDSA"); @@ -310,14 +301,6 @@ sshkey_tests(void) ASSERT_PTR_EQ(k1, NULL); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("generate KEY_DSA wrong bits"); - ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 2048, &k1), - SSH_ERR_KEY_LENGTH); - ASSERT_PTR_EQ(k1, NULL); - sshkey_free(k1); - TEST_DONE(); -#endif #ifdef OPENSSL_HAS_ECC TEST_START("generate KEY_ECDSA wrong bits"); @@ -340,15 +323,6 @@ sshkey_tests(void) ASSERT_INT_EQ(BN_num_bits(rsa_n(kr)), 1024); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("generate KEY_DSA"); - ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0); - ASSERT_PTR_NE(kd, NULL); - ASSERT_PTR_NE(kd->dsa, NULL); - ASSERT_PTR_NE(dsa_g(kd), NULL); - ASSERT_PTR_NE(dsa_priv_key(kd), NULL); - TEST_DONE(); -#endif #ifdef OPENSSL_HAS_ECC TEST_START("generate KEY_ECDSA"); @@ -388,22 +362,6 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("demote KEY_DSA"); - ASSERT_INT_EQ(sshkey_from_private(kd, &k1), 0); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(kd, k1); - ASSERT_INT_EQ(k1->type, KEY_DSA); - ASSERT_PTR_NE(k1->dsa, NULL); - ASSERT_PTR_NE(dsa_g(k1), NULL); - ASSERT_PTR_EQ(dsa_priv_key(k1), NULL); - TEST_DONE(); - - TEST_START("equal KEY_DSA/demoted KEY_DSA"); - ASSERT_INT_EQ(sshkey_equal(kd, k1), 1); - sshkey_free(k1); - TEST_DONE(); -#endif #ifdef OPENSSL_HAS_ECC TEST_START("demote KEY_ECDSA"); @@ -551,16 +509,6 @@ sshkey_tests(void) sshkey_free(k2); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("sign and verify DSA"); - k1 = get_private("dsa_1"); - ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2, - NULL), 0); - signature_tests(k1, k2, NULL); - sshkey_free(k1); - sshkey_free(k2); - TEST_DONE(); -#endif #ifdef OPENSSL_HAS_ECC TEST_START("sign and verify ECDSA"); @@ -623,15 +571,6 @@ sshkey_benchmarks(void) TEST_DONE(); BENCH_FINISH("keys"); -#ifdef WITH_DSA - BENCH_START("generate DSA-1024"); - TEST_START("generate KEY_DSA"); - ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k), 0); - ASSERT_PTR_NE(k, NULL); - sshkey_free(k); - TEST_DONE(); - BENCH_FINISH("keys"); -#endif BENCH_START("generate ECDSA-256"); TEST_START("generate KEY_ECDSA"); @@ -674,9 +613,6 @@ sshkey_benchmarks(void) signature_benchmark("RSA-2048/SHA1", KEY_RSA, 2048, "ssh-rsa", 0); signature_benchmark("RSA-2048/SHA256", KEY_RSA, 2048, "rsa-sha2-256", 0); signature_benchmark("RSA-2048/SHA512", KEY_RSA, 2048, "rsa-sha2-512", 0); -#ifdef WITH_DSA - signature_benchmark("DSA-1024", KEY_DSA, 1024, NULL, 0); -#endif signature_benchmark("ECDSA-256", KEY_ECDSA, 256, NULL, 0); signature_benchmark("ECDSA-384", KEY_ECDSA, 384, NULL, 0); signature_benchmark("ECDSA-521", KEY_ECDSA, 521, NULL, 0); @@ -689,9 +625,6 @@ sshkey_benchmarks(void) signature_benchmark("RSA-2048/SHA1", KEY_RSA, 2048, "ssh-rsa", 1); signature_benchmark("RSA-2048/SHA256", KEY_RSA, 2048, "rsa-sha2-256", 1); signature_benchmark("RSA-2048/SHA512", KEY_RSA, 2048, "rsa-sha2-512", 1); -#ifdef WITH_DSA - signature_benchmark("DSA-1024", KEY_DSA, 1024, NULL, 1); -#endif signature_benchmark("ECDSA-256", KEY_ECDSA, 256, NULL, 1); signature_benchmark("ECDSA-384", KEY_ECDSA, 384, NULL, 1); signature_benchmark("ECDSA-521", KEY_ECDSA, 521, NULL, 1); diff --git a/regress/unittests/sshkey/testdata/dsa_1 b/regress/unittests/sshkey/testdata/dsa_1 deleted file mode 100644 index d3f24824f8d5..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvAIBAAKBgQD6kutNFRsHTwEAv6d39Lhsqy1apdHBZ9c2HfyRr7WmypyGIy2m -Ka43vzXI8CNwmRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+MiwfurwrR3CRe61QRYb8Py -mcHOxueHs95IcjrbIPNn86cjnPP5qvv/guUzCjuww4zBdJOXpligrGt2XwIVAKMD -/50qQy7j8JaMk+1+Xtg1pK01AoGBAO7l9QVVbSSoy5lq6cOtvpf8UlwOa6+zBwbl -o4gmFd1RwX1yWkA8kQ7RrhCSg8Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEWtN4P -h8fVUeS74iQbIwFQeKlYHIlNTRoGtAbdi3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgz -LND26HrdAoGBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb -OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joo -t+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAhRYIbQ5 -KfXsZuBPuWe5FJz3ldaEgw== ------END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_1-cert.fp b/regress/unittests/sshkey/testdata/dsa_1-cert.fp deleted file mode 100644 index 75ff0e9cd9f7..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1-cert.fp +++ /dev/null @@ -1 +0,0 @@ -SHA256:kOLgXSoAT8O5T6r36n5NJUYigbux1d7gdH/rmWiJm6s diff --git a/regress/unittests/sshkey/testdata/dsa_1-cert.pub b/regress/unittests/sshkey/testdata/dsa_1-cert.pub deleted file mode 100644 index e768db1e7bad..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1-cert.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgdTlbNU9Hn9Qng3FHxwH971bxCIoq1ern/QWFFDWXgmYAAACBAPqS600VGwdPAQC/p3f0uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw62+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxbOXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAAAAAAAAAAYAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANowB8AAAAABNHmBwAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAFMAAAALc3NoLWVkMjU1MTkAAABAh/z1LIdNL1b66tQ8t9DY9BTB3BQKpTKmc7ezyFKLwl96yaIniZwD9Ticdbe/8i/Li3uCFE3EAt8NAIv9zff8Bg== DSA test key #1 diff --git a/regress/unittests/sshkey/testdata/dsa_1.fp b/regress/unittests/sshkey/testdata/dsa_1.fp deleted file mode 100644 index 75ff0e9cd9f7..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1.fp +++ /dev/null @@ -1 +0,0 @@ -SHA256:kOLgXSoAT8O5T6r36n5NJUYigbux1d7gdH/rmWiJm6s diff --git a/regress/unittests/sshkey/testdata/dsa_1.fp.bb b/regress/unittests/sshkey/testdata/dsa_1.fp.bb deleted file mode 100644 index ba37776ee30a..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1.fp.bb +++ /dev/null @@ -1 +0,0 @@ -xetag-todiz-mifah-torec-mynyv-cyvit-gopon-pygag-rupic-cenav-bexax diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.g b/regress/unittests/sshkey/testdata/dsa_1.param.g deleted file mode 100644 index e51c3f9fd1b4..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1.param.g +++ /dev/null @@ -1 +0,0 @@ -00eee5f505556d24a8cb996ae9c3adbe97fc525c0e6bafb30706e5a3882615dd51c17d725a403c910ed1ae109283c1dcea62069ca460291962ff72e06d27d9d286c525e86446d116b4de0f87c7d551e4bbe2241b23015078a9581c894d4d1a06b406dd8b79c7755f81064110735577ae3a98aa18cea33ff236c8332cd0f6e87add diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.priv b/regress/unittests/sshkey/testdata/dsa_1.param.priv deleted file mode 100644 index 4f743314c76e..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1.param.priv +++ /dev/null @@ -1 +0,0 @@ -5821b43929f5ec66e04fb967b9149cf795d68483 diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.pub b/regress/unittests/sshkey/testdata/dsa_1.param.pub deleted file mode 100644 index ba0313beec48..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1.param.pub +++ /dev/null @@ -1 +0,0 @@ -00e757a727e6a1b10168ea9902ebe08f53f4ba18c6d8fdf551fbabbf6d8558f054dc0f6aae4c5b397c04d0bc2f8c2bebb1057f96b621273fed8b2b38d1579a86e956644e520073171887fde4b88b4a0697323928ee3a28b7e2caf3896d2f29b067840c9d88e765249c95fd54bb240c714b5bdf8f88d2ef58727ca1a7699216c42d diff --git a/regress/unittests/sshkey/testdata/dsa_1.pub b/regress/unittests/sshkey/testdata/dsa_1.pub deleted file mode 100644 index 41cae2f69f52..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAPqS600VGwdPAQC/p3f0uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw62+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxbOXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQt DSA test key #1 diff --git a/regress/unittests/sshkey/testdata/dsa_1_pw b/regress/unittests/sshkey/testdata/dsa_1_pw deleted file mode 100644 index 24c73039fe1a..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_1_pw +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,BC8386C373B22EB7F00ADC821D5D8BE9 - -+HDV2DQ09sxrIAeXTz9r3YFuPRa2hk1+NGcr3ETkXbC6KiZ14wpTnGTloKwaQjIW -eXTa9mpCOWAoohgvsVb+hOuOlP7AfeHu1IXV4EAS+GDpkiV5UxlCXXwqlD75Buu4 -wwDd/p4SWzILH3WGjDk5JIXoxWNY13LHwC7Q6gtGJx4AicUG7YBRTXMIBDa/Kh77 -6o2rFETKmp4VHBvHbakmiETfptdM8bbWxKWeY2vakThyESgeofsLoTOQCIwlEfJC -s2D/KYL65C8VbHYgIoSLTQnooO45DDyxIuhCqP+H23mhv9vB1Od3nc2atgHj/XFs -dcOPFkF/msDRYqxY3V0AS6+jpKwFodZ7g/hyGcyPxOkzlJVuKoKuH6P5PyQ69Gx0 -iqri0xEPyABr7kGlXNrjjctojX+B4WwSnjg/2euXXWFXCRalIdA7ErATTiQbGOx7 -Vd6Gn8PZbSy1MkqEDrZRip0pfAFJYI/8GXPC75BpnRsrVlfhtrngbW+kBP35LzaN -l2K+RQ3gSB3iFoqNb1Kuu6T5MZlyVl5H2dVlJSeb1euQ2OycXdDoFTyJ4AiyWS7w -Vlh8zeJnso5QRDjMwx99pZilbbuFGSLsahiGEveFc6o= ------END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_2 b/regress/unittests/sshkey/testdata/dsa_2 deleted file mode 100644 index 3cc9631afa0f..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_2 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvQIBAAKBgQCbyPXNdHeLsjpobPVCMkfagBkt15Zsltqf/PGNP1y1cuz7rsTX -ZekQwUkSTNm5coqXe+ZOw2O4tjobJDd60I1/VPgaB0NYlQR9Hn87M284WD4f6VY+ -aunHmP134a8ybG5G4NqVNF3ihvxAR2pVITqb7kE46r2uYZNcNlHI8voRCwIVAMcP -bwqFNsQbH5pJyZW30wj4KVZ3AoGBAIK98BVeKQVf8qDFqx9ovMuNgVSxpd+N0Yta -5ZEy1OI2ziu5RhjueIM2K7Gq2Mnp38ob1AM53BUxqlcBJaHEDa6rj6yvuMgW9oCJ -dImBM8sIFxfBbXNbpJiMaDwa6WyT84OkpDE6uuAepTMnWOUWkUVkAiyokHDUGXkG -GyoQblbXAoGBAIsf7TaZ804sUWwRV0wI8DYx+hxD5QdrfYPYMtL2fHn3lICimGt0 -FTtUZ25jKg0E0DMBPdET6ZEHB3ZZkR8hFoUzZhdnyJMu3UjVtgaV88Ue3PrXxchk -0W2jHPaAgQU3JIWzo8HFIFqvC/HEL+EyW3rBTY2uXM3XGI+YcWSA4ZrZAhUAsY2f -bDFNzgZ4DaZ9wLRzTgOswPU= ------END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_2.fp b/regress/unittests/sshkey/testdata/dsa_2.fp deleted file mode 100644 index 51fbeb4d8ce1..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_2.fp +++ /dev/null @@ -1 +0,0 @@ -SHA256:ecwhWcXgpdBxZ2e+OjpRRY7dqXHHCD62BGtoVQQBwCk diff --git a/regress/unittests/sshkey/testdata/dsa_2.fp.bb b/regress/unittests/sshkey/testdata/dsa_2.fp.bb deleted file mode 100644 index 4d908ee30977..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_2.fp.bb +++ /dev/null @@ -1 +0,0 @@ -xeser-megad-pocan-rozit-belup-tapoh-fapif-kyvit-vonav-cehab-naxax diff --git a/regress/unittests/sshkey/testdata/dsa_2.pub b/regress/unittests/sshkey/testdata/dsa_2.pub deleted file mode 100644 index 77bb555d595f..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_2.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAJvI9c10d4uyOmhs9UIyR9qAGS3XlmyW2p/88Y0/XLVy7PuuxNdl6RDBSRJM2blyipd75k7DY7i2OhskN3rQjX9U+BoHQ1iVBH0efzszbzhYPh/pVj5q6ceY/XfhrzJsbkbg2pU0XeKG/EBHalUhOpvuQTjqva5hk1w2Ucjy+hELAAAAFQDHD28KhTbEGx+aScmVt9MI+ClWdwAAAIEAgr3wFV4pBV/yoMWrH2i8y42BVLGl343Ri1rlkTLU4jbOK7lGGO54gzYrsarYyenfyhvUAzncFTGqVwElocQNrquPrK+4yBb2gIl0iYEzywgXF8Ftc1ukmIxoPBrpbJPzg6SkMTq64B6lMydY5RaRRWQCLKiQcNQZeQYbKhBuVtcAAACBAIsf7TaZ804sUWwRV0wI8DYx+hxD5QdrfYPYMtL2fHn3lICimGt0FTtUZ25jKg0E0DMBPdET6ZEHB3ZZkR8hFoUzZhdnyJMu3UjVtgaV88Ue3PrXxchk0W2jHPaAgQU3JIWzo8HFIFqvC/HEL+EyW3rBTY2uXM3XGI+YcWSA4ZrZ DSA test key #2 diff --git a/regress/unittests/sshkey/testdata/dsa_n b/regress/unittests/sshkey/testdata/dsa_n deleted file mode 100644 index 657624e0e72f..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_n +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABswAAAAdzc2gtZH -NzAAAAgQD6kutNFRsHTwEAv6d39Lhsqy1apdHBZ9c2HfyRr7WmypyGIy2mKa43vzXI8CNw -mRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+MiwfurwrR3CRe61QRYb8PymcHOxueHs95IcjrbIP -Nn86cjnPP5qvv/guUzCjuww4zBdJOXpligrGt2XwAAABUAowP/nSpDLuPwloyT7X5e2DWk -rTUAAACBAO7l9QVVbSSoy5lq6cOtvpf8UlwOa6+zBwblo4gmFd1RwX1yWkA8kQ7RrhCSg8 -Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEWtN4Ph8fVUeS74iQbIwFQeKlYHIlNTRoGtAbd -i3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgzLND26HrdAAAAgQDnV6cn5qGxAWjqmQLr4I9T9L -oYxtj99VH7q79thVjwVNwPaq5MWzl8BNC8L4wr67EFf5a2ISc/7YsrONFXmobpVmROUgBz -FxiH/eS4i0oGlzI5KO46KLfiyvOJbS8psGeEDJ2I52UknJX9VLskDHFLW9+PiNLvWHJ8oa -dpkhbELQAAAdhWTOFbVkzhWwAAAAdzc2gtZHNzAAAAgQD6kutNFRsHTwEAv6d39Lhsqy1a -pdHBZ9c2HfyRr7WmypyGIy2mKa43vzXI8CNwmRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+Miwf -urwrR3CRe61QRYb8PymcHOxueHs95IcjrbIPNn86cjnPP5qvv/guUzCjuww4zBdJOXplig -rGt2XwAAABUAowP/nSpDLuPwloyT7X5e2DWkrTUAAACBAO7l9QVVbSSoy5lq6cOtvpf8Ul -wOa6+zBwblo4gmFd1RwX1yWkA8kQ7RrhCSg8Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEW -tN4Ph8fVUeS74iQbIwFQeKlYHIlNTRoGtAbdi3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgzLN -D26HrdAAAAgQDnV6cn5qGxAWjqmQLr4I9T9LoYxtj99VH7q79thVjwVNwPaq5MWzl8BNC8 -L4wr67EFf5a2ISc/7YsrONFXmobpVmROUgBzFxiH/eS4i0oGlzI5KO46KLfiyvOJbS8psG -eEDJ2I52UknJX9VLskDHFLW9+PiNLvWHJ8oadpkhbELQAAABRYIbQ5KfXsZuBPuWe5FJz3 -ldaEgwAAAAAB ------END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_n_pw b/regress/unittests/sshkey/testdata/dsa_n_pw deleted file mode 100644 index 24ac299a482d..000000000000 --- a/regress/unittests/sshkey/testdata/dsa_n_pw +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCVs+LsMJ -wnB5zM9U9pTXrGAAAAEAAAAAEAAAGzAAAAB3NzaC1kc3MAAACBAPqS600VGwdPAQC/p3f0 -uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y -4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0 -k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw6 -2+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl -6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/ -I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb -OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84 -ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAAAB4HiOcRW4w+sIqBL0 -TPVbf0glN1hUi0rcE63Pqxmvxb8LkldC4IxAUagPrjhNAEW2AY42+CvPrtGB1z7gDADAIW -xZX6wKwIcXP0Qh+xHE12F4u6mwfasssnAp4t1Ki8uCjMjnimgb3KdWpp0kiUV0oR062TXV -PAdfrWjaq4fw0KOqbHIAG/v36AqzuqjSTfDbqvLZM3y0gp2Q1RxaQVJA5ZIKKyqRyFX7sr -BaEIyCgeE3hM0EB7BycY1oIcS/eNxrACBWVJCENl5N7LtEYXNX7TANFniztfXzwaqGTT6A -fCfbW4gz1UKldLUBzbIrPwMWlirAstbHvOf/2Iay2pNAs/SHhI0aF2jsGfvv5/D6N+r9dG -B2SgDKBg7pywMH1DTvg6YT3P4GjCx0GUHqRCFLvD1rDdk4KSjvaRMpVq1PJ0/Wv6UGtsMS -TR0PaEHDRNZqAX4YxqujnWrGKuRJhuz0eUvp7fZvbWHtiAMKV7368kkeUmkOHanb+TS+zs -KINX8ev8zJZ6WVr8Vl+IQavpv0i2bXwS6QqbEuifpv/+uBb7pqRiU4u8en0eMdX1bZoTPM -R6xHCnGD/Jpb3zS91Ya57T6CiXZ12KCaL6nWGnCkZVpzkfJ2HjFklWSWBQ6uyaosDQ== ------END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshsig/Makefile b/regress/unittests/sshsig/Makefile index bc3c6c739d48..f8b6560eba18 100644 --- a/regress/unittests/sshsig/Makefile +++ b/regress/unittests/sshsig/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 2023/01/15 23:35:10 djm Exp $ +# $OpenBSD: Makefile,v 1.4 2025/05/06 06:05:48 djm Exp $ PROG=test_sshsig SRCS=tests.c @@ -6,7 +6,7 @@ SRCS=tests.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c -SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c sshsig.c SRCS+=ed25519.c hash.c diff --git a/regress/unittests/sshsig/mktestdata.sh b/regress/unittests/sshsig/mktestdata.sh index d2300f9c6ee1..b7c60cc27767 100755 --- a/regress/unittests/sshsig/mktestdata.sh +++ b/regress/unittests/sshsig/mktestdata.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: mktestdata.sh,v 1.1 2020/06/19 04:32:09 djm Exp $ +# $OpenBSD: mktestdata.sh,v 1.2 2025/05/06 06:05:48 djm Exp $ NAMESPACE=unittest @@ -17,14 +17,13 @@ else fi rm -f signed-data namespace -rm -f rsa dsa ecdsa ed25519 ecdsa_sk ed25519_sk -rm -f rsa.sig dsa.sig ecdsa.sig ed25519.sig ecdsa_sk.sig ed25519_sk.sig +rm -f rsa ecdsa ed25519 ecdsa_sk ed25519_sk +rm -f rsa.sig ecdsa.sig ed25519.sig ecdsa_sk.sig ed25519_sk.sig printf "This is a test, this is only a test" > signed-data printf "$NAMESPACE" > namespace ssh-keygen -t rsa -C "RSA test" -N "" -f rsa -m PEM -ssh-keygen -t dsa -C "DSA test" -N "" -f dsa -m PEM ssh-keygen -t ecdsa -C "ECDSA test" -N "" -f ecdsa -m PEM ssh-keygen -t ed25519 -C "ED25519 test key" -N "" -f ed25519 ssh-keygen -w "$SK_DUMMY" -t ecdsa-sk -C "ECDSA-SK test key" \ @@ -33,7 +32,6 @@ ssh-keygen -w "$SK_DUMMY" -t ed25519-sk -C "ED25519-SK test key" \ -N "" -f ed25519_sk ssh-keygen -Y sign -f rsa -n $NAMESPACE - < signed-data > rsa.sig -ssh-keygen -Y sign -f dsa -n $NAMESPACE - < signed-data > dsa.sig ssh-keygen -Y sign -f ecdsa -n $NAMESPACE - < signed-data > ecdsa.sig ssh-keygen -Y sign -f ed25519 -n $NAMESPACE - < signed-data > ed25519.sig ssh-keygen -w "$SK_DUMMY" \ diff --git a/regress/unittests/sshsig/testdata/dsa b/regress/unittests/sshsig/testdata/dsa deleted file mode 100644 index 7c0063efcdf5..000000000000 --- a/regress/unittests/sshsig/testdata/dsa +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBuwIBAAKBgQCXpndQdz2mQVnk+lYOF3nxDT+h6SiJmUvBFhnFWBv8tG4pTOkb -EwGufLEzGpzjTj+3bjVau7LFt37AFrqs4Num272BWNsYNIjOlGPgq7Xjv32FN00x -JYh1DoRs1cGGnvohlsWEamGGhTHD1a9ipctPEBV+NrxtZMrl+pO/ZZg8vQIVAKJB -P3iNYSpSuW74+q4WxLCuK8O3AoGAQldE+BIuxlvoG1IFiWesx0CU+H2KO0SEZc9A -SX/qjOabh0Fb78ofTlEf9gWHFfat8SvSJQIOPMVlb76Lio8AAMT8Eaa/qQKKYmQL -dNq4MLhhjxx5KLGt6J2JyFPExCv+qnHYHD59ngtLwKyqGjpSC8LPLktdXn8W/Aad -Ly1K7+MCgYBsMHBczhSeUh8w7i20CVg4OlNTmfJRVU2tO6OpMxZ/quitRm3hLKSN -u4xRkvHJwi4LhQtv1SXvLI5gs5P3gCG8tsIAiyCqLinHha63iBdJpqhnV/x/j7dB -yJr3xJbnmLdWLkkCtNk1Ir1/CuEz+ufAyLGdKWksEAu1UUlb501BkwIVAILIa3Rg -0h7J9lQpHJphvF3K0M1T ------END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshsig/testdata/dsa.pub b/regress/unittests/sshsig/testdata/dsa.pub deleted file mode 100644 index e77aa7ef41a0..000000000000 --- a/regress/unittests/sshsig/testdata/dsa.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAJemd1B3PaZBWeT6Vg4XefENP6HpKImZS8EWGcVYG/y0bilM6RsTAa58sTManONOP7duNVq7ssW3fsAWuqzg26bbvYFY2xg0iM6UY+CrteO/fYU3TTEliHUOhGzVwYae+iGWxYRqYYaFMcPVr2Kly08QFX42vG1kyuX6k79lmDy9AAAAFQCiQT94jWEqUrlu+PquFsSwrivDtwAAAIBCV0T4Ei7GW+gbUgWJZ6zHQJT4fYo7RIRlz0BJf+qM5puHQVvvyh9OUR/2BYcV9q3xK9IlAg48xWVvvouKjwAAxPwRpr+pAopiZAt02rgwuGGPHHkosa3onYnIU8TEK/6qcdgcPn2eC0vArKoaOlILws8uS11efxb8Bp0vLUrv4wAAAIBsMHBczhSeUh8w7i20CVg4OlNTmfJRVU2tO6OpMxZ/quitRm3hLKSNu4xRkvHJwi4LhQtv1SXvLI5gs5P3gCG8tsIAiyCqLinHha63iBdJpqhnV/x/j7dByJr3xJbnmLdWLkkCtNk1Ir1/CuEz+ufAyLGdKWksEAu1UUlb501Bkw== DSA test diff --git a/regress/unittests/sshsig/testdata/dsa.sig b/regress/unittests/sshsig/testdata/dsa.sig deleted file mode 100644 index 0b14ad6b8a7b..000000000000 --- a/regress/unittests/sshsig/testdata/dsa.sig +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN SSH SIGNATURE----- -U1NIU0lHAAAAAQAAAbEAAAAHc3NoLWRzcwAAAIEAl6Z3UHc9pkFZ5PpWDhd58Q0/oekoiZ -lLwRYZxVgb/LRuKUzpGxMBrnyxMxqc404/t241Wruyxbd+wBa6rODbptu9gVjbGDSIzpRj -4Ku14799hTdNMSWIdQ6EbNXBhp76IZbFhGphhoUxw9WvYqXLTxAVfja8bWTK5fqTv2WYPL -0AAAAVAKJBP3iNYSpSuW74+q4WxLCuK8O3AAAAgEJXRPgSLsZb6BtSBYlnrMdAlPh9ijtE -hGXPQEl/6ozmm4dBW+/KH05RH/YFhxX2rfEr0iUCDjzFZW++i4qPAADE/BGmv6kCimJkC3 -TauDC4YY8ceSixreidichTxMQr/qpx2Bw+fZ4LS8Csqho6UgvCzy5LXV5/FvwGnS8tSu/j -AAAAgGwwcFzOFJ5SHzDuLbQJWDg6U1OZ8lFVTa07o6kzFn+q6K1GbeEspI27jFGS8cnCLg -uFC2/VJe8sjmCzk/eAIby2wgCLIKouKceFrreIF0mmqGdX/H+Pt0HImvfElueYt1YuSQK0 -2TUivX8K4TP658DIsZ0paSwQC7VRSVvnTUGTAAAACHVuaXR0ZXN0AAAAAAAAAAZzaGE1MT -IAAAA3AAAAB3NzaC1kc3MAAAAodi5lr0pqBpO76OY4N1CtfR85BCgZ95qfVjP/e9lToj0q -lwjSJJXUjw== ------END SSH SIGNATURE----- diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c index 7fcf9488d270..ef1a46edcbb2 100644 --- a/regress/unittests/sshsig/tests.c +++ b/regress/unittests/sshsig/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.5 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.6 2025/05/06 06:05:48 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -103,11 +103,6 @@ tests(void) check_sig("rsa.pub", "rsa.sig", msg, namespace); TEST_DONE(); -#ifdef WITH_DSA - TEST_START("check DSA signature"); - check_sig("dsa.pub", "dsa.sig", msg, namespace); - TEST_DONE(); -#endif #ifdef OPENSSL_HAS_ECC TEST_START("check ECDSA signature"); From 207289a5663bdf49903e1aeb938dcc0924e2ac63 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 7 May 2025 10:44:26 +0000 Subject: [PATCH 032/687] upstream: Rename sockaddr_un sun -> sunaddr. This makes things easier in -portable, where on Solaris an derivatives "sun" is defined to "1", causing compilation errors. ok deraadt@. OpenBSD-Commit-ID: 0669043afb49856b57b382f0489221bd98305d3b --- misc-agent.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/misc-agent.c b/misc-agent.c index 9d96880e9090..34ce2a5244ef 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -226,14 +226,14 @@ static int socket_is_stale(const char *path) { int fd, r; - struct sockaddr_un sun; + struct sockaddr_un sunaddr; socklen_t l = sizeof(r); /* attempt non-blocking connect on socket */ - memset(&sun, '\0', sizeof(sun)); - sun.sun_family = AF_UNIX; - if (strlcpy(sun.sun_path, path, - sizeof(sun.sun_path)) >= sizeof(sun.sun_path)) { + memset(&sunaddr, '\0', sizeof(sunaddr)); + sunaddr.sun_family = AF_UNIX; + if (strlcpy(sunaddr.sun_path, path, + sizeof(sunaddr.sun_path)) >= sizeof(sunaddr.sun_path)) { debug_f("path for \"%s\" too long for sockaddr_un", path); return 0; } @@ -243,7 +243,7 @@ socket_is_stale(const char *path) } set_nonblock(fd); /* a socket without a listener should yield an error immediately */ - if (connect(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) { + if (connect(fd, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) { debug_f("connect \"%s\": %s", path, strerror(errno)); close(fd); return 1; From 755c3d082e59e6884f28d30e6333a1444e9173d1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 7 May 2025 21:05:06 +1000 Subject: [PATCH 033/687] Skip d_type check on platforms that don't have it. On those, the subsequent stat() should catch the sockets. --- configure.ac | 6 ++++++ misc-agent.c | 2 ++ 2 files changed, 8 insertions(+) diff --git a/configure.ac b/configure.ac index 221d5f5618bf..98d98594b5c8 100644 --- a/configure.ac +++ b/configure.ac @@ -1700,6 +1700,12 @@ AC_RUN_IFELSE( ] ) +AC_CHECK_MEMBERS([struct dirent.d_type], [], [], [[ +#ifdef HAVE_DIRENT_H +#include +#endif +]]) + AC_MSG_CHECKING([for /proc/pid/fd directory]) if test -d "/proc/$$/fd" ; then AC_DEFINE([HAVE_PROC_PID], [1], [Define if you have /proc/$pid/fd]) diff --git a/misc-agent.c b/misc-agent.c index 34ce2a5244ef..db8f93bc873b 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -298,8 +298,10 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) goto out; } while ((dp = readdir(d)) != NULL) { +#ifdef HAVE_DIRENT_D_TYPE if (dp->d_type != DT_SOCK && dp->d_type != DT_UNKNOWN) continue; +#endif if (fstatat(dirfd(d), dp->d_name, &sb, AT_SYMLINK_NOFOLLOW) != 0 && errno != ENOENT) { error_f("stat \"%s/%s\": %s", From 086369736a9496b39af0d9f09443fa81b59b7f05 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 16 Apr 2025 10:18:34 +1000 Subject: [PATCH 034/687] ssh-agent: exit 0 from SIGTERM under systemd socket-activation When the ssh-agent service is configured to be launched under systemd socket-activation, the user can inspect the status of the agent with something like: systemctl --user status ssh-agent.service If the user does: systemctl --user stop ssh-agent.service it causes the `systemd --user` supervisor to send a SIGTERM to the agent, which terminates while leaving the systemd-managed socket in place. That's good, and as expected. (If the user wants to close the socket, they can do "systemctl --user stop ssh-agent.socket" instead) But because ssh-agent exits with code 2 in response to a SIGTERM, the supervisor marks the service as "failed", even though the state of the supervised service is exactly the same as during session startup (not running, ready to launch when a client connects to the socket). This change makes ssh-agent exit cleanly (code 0) in response to a SIGTERM when launched under socket activation. This aligns the systemd supervisor's understanding of the state of supervised ssh-agent with reality. Signed-off-by: Daniel Kahn Gillmor --- ssh-agent.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ssh-agent.c b/ssh-agent.c index 8a88ef3fd1c0..d82b351d04b6 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -2241,6 +2241,7 @@ main(int ac, char **av) size_t npfd = 0; u_int maxfds; sigset_t nsigset, osigset; + int socket_activated = 0; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -2414,6 +2415,7 @@ main(int ac, char **av) fatal("bad LISTEN_PID: %d vs pid %d", pid, getpid()); debug("using socket activation on fd=3"); sock = 3; + socket_activated = 1; } if (sock == -1 && agentsocket == NULL && !T_flag) { @@ -2577,7 +2579,8 @@ main(int ac, char **av) sigprocmask(SIG_BLOCK, &nsigset, &osigset); if (signalled_exit != 0) { logit("exiting on signal %d", (int)signalled_exit); - cleanup_exit(2); + cleanup_exit((signalled_exit == SIGTERM && + socket_activated) ? 0 : 2); } if (signalled_keydrop) { logit("signal %d received; removing all keys", From 1511f113a27d8aafe080aa6493cb3c0cf2b5abe0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 8 May 2025 11:38:24 +1000 Subject: [PATCH 035/687] Add no-op implmentation of dirfd(). Fixes build on pre-POSIX.1 2008 systems. --- openbsd-compat/bsd-misc.c | 9 +++++++++ openbsd-compat/bsd-misc.h | 6 ++++++ 2 files changed, 15 insertions(+) diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index b26b4ba4670e..09bbb6049cac 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -158,6 +158,15 @@ utimensat(int fd, const char *path, const struct timespec times[2], } #endif +#ifndef HAVE_DIRFD +int +dirfd(DIR *dir) +{ + errno = ENOSYS; + return -1; +} +#endif + #ifndef HAVE_FCHOWNAT /* * A limited implementation of fchownat() that only implements the diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index edb0fcc8ca2b..4ac73c73ee27 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -65,6 +65,12 @@ struct timeval { int utimes(const char *, struct timeval *); #endif /* HAVE_UTIMES */ +#ifndef HAVE_DIRFD +#include +#include +int dirfd(DIR *); +#endif + #ifndef AT_FDCWD # define AT_FDCWD (-2) #endif From f5726215957bb34e18bb872d527845c2f64e2389 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 8 May 2025 18:56:39 +1000 Subject: [PATCH 036/687] Since it's unused, make dirfd() take void *. Some platforms (eg Old BSDs) in some configurations define DIR to "void *", which causes compile errors in the no-op implementation. --- openbsd-compat/bsd-misc.c | 2 +- openbsd-compat/bsd-misc.h | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 09bbb6049cac..669d2bb7e273 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -160,7 +160,7 @@ utimensat(int fd, const char *path, const struct timespec times[2], #ifndef HAVE_DIRFD int -dirfd(DIR *dir) +dirfd(void *dir) { errno = ENOSYS; return -1; diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 4ac73c73ee27..d237256d45fc 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -66,9 +66,7 @@ int utimes(const char *, struct timeval *); #endif /* HAVE_UTIMES */ #ifndef HAVE_DIRFD -#include -#include -int dirfd(DIR *); +int dirfd(void *); #endif #ifndef AT_FDCWD From 3357bf2fe2d11b6ed4465c1ed2871bd1099cbbc5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 9 May 2025 19:08:36 +1000 Subject: [PATCH 037/687] Put PRIV_ECDSA back, it's still used. Should fix oss-fuzz test. --- cipher.c | 2 +- regress/misc/fuzz-harness/fixed-keys.h | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/cipher.c b/cipher.c index 8a18da2df8d1..692aafe96cff 100644 --- a/cipher.c +++ b/cipher.c @@ -75,7 +75,7 @@ struct sshcipher { #define CFLAG_CHACHAPOLY (1<<1) #define CFLAG_AESCTR (1<<2) #define CFLAG_NONE (1<<3) -#define CFLAG_INTERNAL CFLAG_NONE /* Don't use "none" for packets */ +#define CFLAG_INTERNAL 0 #ifdef WITH_OPENSSL const EVP_CIPHER *(*evptype)(void); #else diff --git a/regress/misc/fuzz-harness/fixed-keys.h b/regress/misc/fuzz-harness/fixed-keys.h index 7dae9ac0034d..61afa876a0fa 100644 --- a/regress/misc/fuzz-harness/fixed-keys.h +++ b/regress/misc/fuzz-harness/fixed-keys.h @@ -34,6 +34,15 @@ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDf56l/5UYqgY9oBlet/pLRzK6ZCd12QYGdUVfQDl6HftG0u6DSpjm2HGwFRsYZWv2ZN3ZBfAu6MHBiDmXUw/8WaD7nfXZmDH2keZL6opQttqvSGU2Cm00Rv5o1R3ej2qDdpepebv5meMBXTl5/+bE1E3Zm+4STDtxGmlMlxsEj68XeVe4JedfaSUMj3kaXYBbdYdG1qeosdle4GSONEEMpzsxSr8Y/WGYuIB33l29Tt9mNGUgSw/zjMYQjUVvQv+SY8dw62JV8d+3wK2YL2/r73gms6I8EE1JxX53KuAAY+x0p2v/W8ilCYI2Ijyzc8KIPwntmIFpibQjx+rkb+qdT" #define CERT_RSA \ "ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg89JX6OBMYDSxER8fnU5y8xxeMCHR/hI0uVqdEhNyCpcAAAADAQABAAABAQDf56l/5UYqgY9oBlet/pLRzK6ZCd12QYGdUVfQDl6HftG0u6DSpjm2HGwFRsYZWv2ZN3ZBfAu6MHBiDmXUw/8WaD7nfXZmDH2keZL6opQttqvSGU2Cm00Rv5o1R3ej2qDdpepebv5meMBXTl5/+bE1E3Zm+4STDtxGmlMlxsEj68XeVe4JedfaSUMj3kaXYBbdYdG1qeosdle4GSONEEMpzsxSr8Y/WGYuIB33l29Tt9mNGUgSw/zjMYQjUVvQv+SY8dw62JV8d+3wK2YL2/r73gms6I8EE1JxX53KuAAY+x0p2v/W8ilCYI2Ijyzc8KIPwntmIFpibQjx+rkb+qdTAAAAAAAAA+0AAAABAAAAB3VseXNzZXMAAAAXAAAAB3VseXNzZXMAAAAIb2R5c3NldXMAAAAAAAAAAP//////////AAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgM9BeYRUxUuZ4VHJp8oxVaA8OS/z+5EFPCZwQNq1nMwMAAABTAAAAC3NzaC1lZDI1NTE5AAAAQGCDA6PWw4x9bHQl0w7NqifHepumqD3dmyMx+hZGuPRon+TsyCjfytu7hWmV7l9XUF0fPQNFQ7FGat5e+7YUNgE= id_rsa.pub" +#define PRIV_ECDSA \ +"-----BEGIN OPENSSH PRIVATE KEY-----\n"\ +"b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS\n"\ +"1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQTDJ0VlMv+0rguNzaJ1DF2KueHaxRSQ\n"\ +"6LpIxGbulrg1a8RPbnMXwag5GcDiDllD2lDUJUuBEWyjXA0rZoZX35ELAAAAoE/Bbr5PwW\n"\ +"6+AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMMnRWUy/7SuC43N\n"\ +"onUMXYq54drFFJDoukjEZu6WuDVrxE9ucxfBqDkZwOIOWUPaUNQlS4ERbKNcDStmhlffkQ\n"\ +"sAAAAhAIhE6hCID5oOm1TDktc++KFKyScjLifcZ6Cgv5xSSyLOAAAAAAECAwQFBgc=\n"\ +"-----END OPENSSH PRIVATE KEY-----\n" #define PUB_ECDSA \ "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMMnRWUy/7SuC43NonUMXYq54drFFJDoukjEZu6WuDVrxE9ucxfBqDkZwOIOWUPaUNQlS4ERbKNcDStmhlffkQs=" #define CERT_ECDSA \ From 140ba45895de8ebfb3e2517b0ddee58729979c29 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 9 May 2025 19:32:06 +1000 Subject: [PATCH 038/687] Move misc-agent.o to LIBSSH_OBJS. It's needed by the fuzzer. --- Makefile.in | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile.in b/Makefile.in index 672bf4493cf8..410a29a123ab 100644 --- a/Makefile.in +++ b/Makefile.in @@ -116,7 +116,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kexgexc.o kexgexs.o \ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o + sshbuf-io.o misc-agent.o SKOBJS= ssh-sk-client.o @@ -140,7 +140,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ - uidswap.o platform-listen.o misc-agent.o $(SKOBJS) + uidswap.o platform-listen.o $(SKOBJS) SSHD_AUTH_OBJS=sshd-auth.o \ auth2-methods.o \ @@ -155,7 +155,7 @@ SSHD_AUTH_OBJS=sshd-auth.o \ sandbox-null.o sandbox-rlimit.o sandbox-darwin.o \ sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-solaris.o \ sftp-server.o sftp-common.o \ - uidswap.o misc-agent.o $(SKOBJS) + uidswap.o $(SKOBJS) SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o @@ -163,7 +163,7 @@ SCP_OBJS= scp.o progressmeter.o $(SFTP_CLIENT_OBJS) SSHADD_OBJS= ssh-add.o $(SKOBJS) -SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o misc-agent.o $(SKOBJS) +SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o $(SKOBJS) SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(SKOBJS) From 82f1f52c5582f005761e4e200c279ddd9c6781e4 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 06:37:24 +1000 Subject: [PATCH 039/687] Add RUN_ONLY_TEST to limit which tests are run. For testing, you can set the repo variable RUN_ONLY_TEST in your repo (Repo -> Settings -> Security -> Actions -> Variables) to run only that test. --- .github/workflows/c-cpp.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 424c193fb207..b5b6de7fa3fb 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -111,6 +111,12 @@ jobs: - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} steps: + - name: check RUN_ONLY_TEST + # For testing, you can set the repo variable RUN_ONLY_TEST in your repo + # (Repo -> Settings -> Security -> Actions -> Variables) to run only + # that test config. + if: vars.RUN_ONLY_TEST != '' + run: sh -c 'if [ "${{ vars.RUN_ONLY_TEST }}" != "${{ matrix.target }} ${{matrix.config }}" ]; then exit 1; else exit 0; fi' - name: set cygwin git params if: ${{ startsWith(matrix.target, 'windows') }} run: git config --global core.autocrlf input From d5cbac2364b03e55b733a2422a07e78e16d2a118 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 07:59:44 +1000 Subject: [PATCH 040/687] Pass Cygwin setup location to CI setup. (instead of hard coding it, wrongly). --- .github/setup_ci.sh | 3 ++- .github/workflows/c-cpp.yml | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index e4c7b041aa50..81cdc1368fdd 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -192,7 +192,8 @@ while [ ! -z "$PACKAGES" ] && [ "$tries" -gt "0" ]; do fi ;; setup) - if /cygdrive/d/cygwin/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then + setup="/cygdrive/$(echo "${CYGWIN_SETUP}" | tr -d : | tr '\' '/')" + if "${setup}" -q -P `echo "$PACKAGES" | tr ' ' ,`; then PACKAGES="" fi ;; diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index b5b6de7fa3fb..0807ae8516fc 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -121,11 +121,14 @@ jobs: if: ${{ startsWith(matrix.target, 'windows') }} run: git config --global core.autocrlf input - name: install cygwin + id: cygwin_install if: ${{ startsWith(matrix.target, 'windows') }} uses: cygwin/cygwin-install-action@master - uses: actions/checkout@main - name: setup CI system run: sh ./.github/setup_ci.sh ${{ matrix.config }} + env: + CYGWIN_SETUP: ${{ steps.cygwin_install.outputs.setup }} - name: autoreconf run: sh -c autoreconf - name: configure From 56782dad7d7f96b4943951227515bd7904ac3cf7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 08:26:37 +1000 Subject: [PATCH 041/687] Skip keygen-knownhost test on Cygwin. It fails but at this time it's not clear why. --- .github/configs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/configs b/.github/configs index 2526e3ef4812..50a661dc2cec 100755 --- a/.github/configs +++ b/.github/configs @@ -345,6 +345,8 @@ case "$host" in SUDO="" # Don't run compat tests on cygwin as they don't currently compile. TEST_TARGET="tests" + # Not sure why this tests fails. + SKIP_LTESTS="keygen-knownhosts" ;; *-darwin*) # Unless specified otherwise, build without OpenSSL on Mac OS since From d1b28639c1cb382943bd92c68992ea74af9b5773 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 08:52:11 +1000 Subject: [PATCH 042/687] Tell Cygwin to use native symlinks. --- .github/setup_ci.sh | 2 +- .github/workflows/c-cpp.yml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 81cdc1368fdd..356823bc6669 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -10,7 +10,7 @@ case "$host" in *cygwin) PACKAGER=setup echo Setting CYGWIN system environment variable. - setx CYGWIN "binmode" + setx CYGWIN "binmode winsymlinks:native" echo Removing extended ACLs so umask works as expected. set -x setfacl -b . regress diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 0807ae8516fc..8c0e0a91b1ee 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -124,6 +124,8 @@ jobs: id: cygwin_install if: ${{ startsWith(matrix.target, 'windows') }} uses: cygwin/cygwin-install-action@master + env: + CYGWIN: "binmode winsymlinks:native" - uses: actions/checkout@main - name: setup CI system run: sh ./.github/setup_ci.sh ${{ matrix.config }} From cf795d55437e6c1ffe85e90e0fae00e885e50036 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 09:25:18 +1000 Subject: [PATCH 043/687] Also skip sftp-cmds test on Cygwin. Fails at the hardlink step. --- .github/configs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/configs b/.github/configs index 50a661dc2cec..8e11af25c134 100755 --- a/.github/configs +++ b/.github/configs @@ -144,6 +144,8 @@ case "$config" in TCMALLOC_STACKTRACE_METHOD=generic_fp TEST_SSH_SSHD_ENV="TCMALLOC_STACKTRACE_METHOD=generic_fp" export TCMALLOC_STACKTRACE_METHOD TEST_SSH_SSHD_ENV + + SKIP_LTESTS="agent-restrict" ;; krb5|heimdal) CONFIGFLAGS="--with-kerberos5" @@ -345,8 +347,8 @@ case "$host" in SUDO="" # Don't run compat tests on cygwin as they don't currently compile. TEST_TARGET="tests" - # Not sure why this tests fails. - SKIP_LTESTS="keygen-knownhosts" + # Not sure why these tests fail on github. + SKIP_LTESTS="keygen-knownhosts sftp-cmds" ;; *-darwin*) # Unless specified otherwise, build without OpenSSL on Mac OS since From 8846caccb86b3f5a4f1c10bfffcc9cf1adc17925 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 10:23:30 +1000 Subject: [PATCH 044/687] Remove CYGWIN binmode as it's now obsolete. --- .github/setup_ci.sh | 2 +- .github/workflows/c-cpp.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 356823bc6669..d7ec2ed11f41 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -10,7 +10,7 @@ case "$host" in *cygwin) PACKAGER=setup echo Setting CYGWIN system environment variable. - setx CYGWIN "binmode winsymlinks:native" + setx CYGWIN "winsymlinks:native" echo Removing extended ACLs so umask works as expected. set -x setfacl -b . regress diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 8c0e0a91b1ee..d83ecd9c331a 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -125,7 +125,7 @@ jobs: if: ${{ startsWith(matrix.target, 'windows') }} uses: cygwin/cygwin-install-action@master env: - CYGWIN: "binmode winsymlinks:native" + CYGWIN: "winsymlinks:native" - uses: actions/checkout@main - name: setup CI system run: sh ./.github/setup_ci.sh ${{ matrix.config }} From ddfb78a15f57a33427d462b9c401de5c8e6799da Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 10 May 2025 21:48:06 +1000 Subject: [PATCH 045/687] Skip sftp-perm on Cygwin too. --- .github/configs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/configs b/.github/configs index 8e11af25c134..f3235c5a7cad 100755 --- a/.github/configs +++ b/.github/configs @@ -348,7 +348,7 @@ case "$host" in # Don't run compat tests on cygwin as they don't currently compile. TEST_TARGET="tests" # Not sure why these tests fail on github. - SKIP_LTESTS="keygen-knownhosts sftp-cmds" + SKIP_LTESTS="keygen-knownhosts sftp-cmds sftp-perm" ;; *-darwin*) # Unless specified otherwise, build without OpenSSL on Mac OS since From ee1d31781cf0d292a50b4df4cb8cb6ffcbfbe9af Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 11 May 2025 16:35:31 +1000 Subject: [PATCH 046/687] Move debug log output into separate workflow step. Should reduce the need to scroll back to find out which test actually failed. --- .github/run_test.sh | 12 ------------ .github/workflows/c-cpp.yml | 3 +++ .github/workflows/selfhosted.yml | 3 +++ 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/.github/run_test.sh b/.github/run_test.sh index 74ab2423c0d8..bd6fb7b7b3e1 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -21,18 +21,6 @@ if [ ! -z "$SUDO" ] && [ ! -z "$TEST_SSH_HOSTBASED_AUTH" ]; then done fi -output_failed_logs() { - for i in regress/failed*.log; do - if [ -f "$i" ]; then - echo ------------------------------------------------------------------------- - echo LOGFILE $i - cat $i - echo ------------------------------------------------------------------------- - fi - done -} -trap output_failed_logs 0 - env="" if [ ! -z "${SUDO}" ]; then env="${env} SUDO=${SUDO}" diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index d83ecd9c331a..91b07ed97614 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -149,6 +149,9 @@ jobs: env: TEST_SSH_UNSAFE_PERMISSIONS: 1 TEST_SSH_HOSTBASED_AUTH: yes + - name: show logs + if: failure() + run: for i in regress/failed*.log; do echo ====; echo logfile $i; echo =====; cat $i; done - name: save logs if: failure() uses: actions/upload-artifact@main diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index d892a28c3eb6..9f2bd99eb131 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -129,6 +129,9 @@ jobs: - name: make tests run: vmrun ./.github/run_test.sh ${{ matrix.config }} timeout-minutes: 600 + - name: show logs + if: failure() + run: vmrun 'for i in regress/failed*.log; do echo ====; echo logfile $i; echo =====; cat $i; done' - name: save logs if: failure() uses: actions/upload-artifact@main From c404686c17daeda7e95ca6fc14c8a4a570cf975d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 11 May 2025 22:54:13 +1000 Subject: [PATCH 047/687] Debug log for why an account is considered locked. --- platform.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/platform.c b/platform.c index 4c4fe57ea09a..fd1a7a7c205c 100644 --- a/platform.c +++ b/platform.c @@ -183,17 +183,26 @@ platform_locked_account(struct passwd *pw) /* check for locked account */ if (passwd && *passwd) { #ifdef LOCKED_PASSWD_STRING - if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) + if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) { + debug3_f("password matches locked string '%s'", + LOCKED_PASSWD_STRING); locked = 1; + } #endif #ifdef LOCKED_PASSWD_PREFIX if (strncmp(passwd, LOCKED_PASSWD_PREFIX, - strlen(LOCKED_PASSWD_PREFIX)) == 0) + strlen(LOCKED_PASSWD_PREFIX)) == 0) { + debug3_f("password matches locked prefix '%s'", + LOCKED_PASSWD_PREFIX); locked = 1; + } #endif #ifdef LOCKED_PASSWD_SUBSTR - if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) + if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) { + debug3_f("password matches locked substring '%s'", + LOCKED_PASSWD_SUBSTR); locked = 1; + } #endif } #ifdef USE_LIBIAF From fc8c56ade809f66f7df4b5153a4d92593631c12a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 15:01:29 +1000 Subject: [PATCH 048/687] Set runner pasword to random string. The most recent version of the Github ubuntu-latest image sets the password field to "!" which sshd considers to be a locked account, breaking most of the tests. --- .github/setup_ci.sh | 17 +++++++++++++++-- .github/workflows/c-cpp.yml | 2 +- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index d7ec2ed11f41..e4b266a18c21 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -1,8 +1,11 @@ #!/bin/sh +config="$1" +target="$2" + PACKAGES="" - . .github/configs $@ + . .github/configs ${config} host=`./config.guess` echo "config.guess: $host" @@ -32,7 +35,7 @@ case "$host" in PACKAGER=apt esac -TARGETS=$@ +TARGETS=${config} INSTALL_FIDO_PPA="no" export DEBIAN_FRONTEND=noninteractive @@ -289,3 +292,13 @@ if [ ! -z "${INSTALL_PUTTY}" ]; then ) /usr/local/bin/plink -V fi + +# This is the github "target" as specificed in the yml file. +case "${target}" in +ubuntu-latest) + echo ubuntu-latest target: setting random password string. + pw=$(openssl rand -base64 9) + sudo usermod --password "${pw}" runner + sudo usermod --unlock runner + ;; +esac diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 91b07ed97614..7c37c9ce2cb1 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -128,7 +128,7 @@ jobs: CYGWIN: "winsymlinks:native" - uses: actions/checkout@main - name: setup CI system - run: sh ./.github/setup_ci.sh ${{ matrix.config }} + run: sh ./.github/setup_ci.sh ${{ matrix.config }} ${{ matrix.target }} env: CYGWIN_SETUP: ${{ steps.cygwin_install.outputs.setup }} - name: autoreconf From 2d023e7a95d673e93ccc1978bf8931f7335b2b53 Mon Sep 17 00:00:00 2001 From: "tedu@openbsd.org" Date: Thu, 8 May 2025 17:32:53 +0000 Subject: [PATCH 049/687] upstream: convert a last quad_t to int64_t. ok deraadt djm OpenBSD-Commit-ID: 1c9e01ba1a9ccf442a9cdf10f222077f66885f1f --- auth-passwd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth-passwd.c b/auth-passwd.c index 347d91e25192..a9d768891575 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-passwd.c,v 1.48 2020/10/18 11:32:01 djm Exp $ */ +/* $OpenBSD: auth-passwd.c,v 1.49 2025/05/08 17:32:53 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -133,7 +133,7 @@ static void warn_expiry(Authctxt *authctxt, auth_session_t *as) { int r; - quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime; + int64_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime; pwwarntime = acwarntime = TWO_WEEKS; From 17003b9f1cd7b7bf1f52493cc4a1ab95727c3ed7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 9 May 2025 02:42:03 +0000 Subject: [PATCH 050/687] upstream: make the progress-meter code safe against being called when not initialised; spotted by tb@ feedback/ok tb@ deraadt@ OpenBSD-Commit-ID: a9fda1ee08a24c62e0981ff6d15ca93b63467038 --- progressmeter.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/progressmeter.c b/progressmeter.c index f1712da30df4..0d1faba398c1 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.c,v 1.54 2024/09/22 12:56:21 jsg Exp $ */ +/* $OpenBSD: progressmeter.c,v 1.55 2025/05/09 02:42:03 djm Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -132,7 +132,8 @@ refresh_progress_meter(int force_update) int hours, minutes, seconds; int file_len, cols; - if ((!force_update && !alarm_fired && !win_resized) || !can_output()) + if (file == NULL || (!force_update && !alarm_fired && !win_resized) || + !can_output()) return; alarm_fired = 0; @@ -276,6 +277,7 @@ stop_progress_meter(void) refresh_progress_meter(1); atomicio(vwrite, STDOUT_FILENO, "\n", 1); + file = NULL; } static void From 2d35e24739b515394017b74465a0996c384cf28f Mon Sep 17 00:00:00 2001 From: "tb@openbsd.org" Date: Mon, 12 May 2025 05:41:20 +0000 Subject: [PATCH 051/687] upstream: Use EC_POINT_[sg]et_affine_coordinates() It is available in all supported OpenSSL flavors/versions and the _GFp variants will be removed from LibreSSL. ok hshoexer jsing OpenBSD-Commit-ID: ecedca0e1ffa80e0c9ef7c787bc6a972882c596b --- sk-usbhid.c | 6 +++--- sshkey.c | 10 ++++------ 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/sk-usbhid.c b/sk-usbhid.c index 427431b9a457..e2fa0b499af6 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sk-usbhid.c,v 1.47 2024/12/03 08:31:49 djm Exp $ */ +/* $OpenBSD: sk-usbhid.c,v 1.48 2025/05/12 05:41:20 tb Exp $ */ /* * Copyright (c) 2019 Markus Friedl * Copyright (c) 2020 Pedro Martelletto @@ -636,8 +636,8 @@ pack_public_key_ecdsa(const fido_cred_t *cred, skdebug(__func__, "BN_bin2bn failed"); goto out; } - if (EC_POINT_set_affine_coordinates_GFp(g, q, x, y, NULL) != 1) { - skdebug(__func__, "EC_POINT_set_affine_coordinates_GFp failed"); + if (EC_POINT_set_affine_coordinates(g, q, x, y, NULL) != 1) { + skdebug(__func__, "EC_POINT_set_affine_coordinates failed"); goto out; } response->public_key_len = EC_POINT_point2oct(g, q, diff --git a/sshkey.c b/sshkey.c index 55a156818962..9e31411e21d6 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.149 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.150 2025/05/12 05:41:20 tb Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2707,8 +2707,7 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ if (EC_GROUP_get_order(group, order, NULL) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, public, - x, y, NULL) != 1) { + EC_POINT_get_affine_coordinates(group, public, x, y, NULL) != 1) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } @@ -2792,9 +2791,8 @@ sshkey_dump_ec_point(const EC_GROUP *group, const EC_POINT *point) fprintf(stderr, "%s: BN_new failed\n", __func__); goto out; } - if (EC_POINT_get_affine_coordinates_GFp(group, point, - x, y, NULL) != 1) { - fprintf(stderr, "%s: EC_POINT_get_affine_coordinates_GFp\n", + if (EC_POINT_get_affine_coordinates(group, point, x, y, NULL) != 1) { + fprintf(stderr, "%s: EC_POINT_get_affine_coordinates\n", __func__); goto out; } From cff2175200b412a9207a4fe5c1bdcc54e8a73d07 Mon Sep 17 00:00:00 2001 From: "tb@openbsd.org" Date: Mon, 12 May 2025 05:42:02 +0000 Subject: [PATCH 052/687] upstream: Use EC_POINT_[sg]et_affine_coordinates() It is available in all supported OpenSSL flavors/versions and the _GFp variants will be removed from LibreSSL. ok hshoexer jsing OpenBSD-Regress-ID: 66cf1561e7b6c49002978f2d6720956f33a882f0 --- .../misc/ssh-verify-attestation/ssh-verify-attestation.c | 6 +++--- regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c b/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c index 4d82a0390587..9316805e0cc5 100644 --- a/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c +++ b/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-verify-attestation.c,v 1.2 2024/12/06 10:37:42 djm Exp $ */ +/* $OpenBSD: ssh-verify-attestation.c,v 1.3 2025/05/12 05:42:02 tb Exp $ */ /* * Copyright (c) 2022-2024 Damien Miller * @@ -164,8 +164,8 @@ get_pubkey_from_cred_ecdsa(const fido_cred_t *cred, size_t *pubkey_len) error_f("BN_bin2bn failed"); goto out; } - if (EC_POINT_set_affine_coordinates_GFp(g, q, x, y, NULL) != 1) { - error_f("EC_POINT_set_affine_coordinates_GFp failed"); + if (EC_POINT_set_affine_coordinates(g, q, x, y, NULL) != 1) { + error_f("EC_POINT_set_affine_coordinates failed"); goto out; } *pubkey_len = EC_POINT_point2oct(g, q, diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index e3620e97fe99..48573ae82967 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.4 2025/05/12 05:42:02 tb Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -230,7 +230,7 @@ sshbuf_getput_crypto_tests(void) ASSERT_PTR_NE(ecp, NULL); MKBN(ec256_x, bn_x); MKBN(ec256_y, bn_y); - ASSERT_INT_EQ(EC_POINT_set_affine_coordinates_GFp( + ASSERT_INT_EQ(EC_POINT_set_affine_coordinates( EC_KEY_get0_group(eck), ecp, bn_x, bn_y, NULL), 1); ASSERT_INT_EQ(EC_KEY_set_public_key(eck, ecp), 1); BN_free(bn_x); @@ -259,7 +259,7 @@ sshbuf_getput_crypto_tests(void) bn_y = BN_new(); ASSERT_PTR_NE(bn_x, NULL); ASSERT_PTR_NE(bn_y, NULL); - ASSERT_INT_EQ(EC_POINT_get_affine_coordinates_GFp( + ASSERT_INT_EQ(EC_POINT_get_affine_coordinates( EC_KEY_get0_group(eck), EC_KEY_get0_public_key(eck), bn_x, bn_y, NULL), 1); MKBN(ec256_x, bn); From 1a9b1cfa4e8b807c7f82fdba8f730c2abdbba071 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 18:14:06 +1000 Subject: [PATCH 053/687] Add compat shims for EC_POINT affine_coordinates LibreSSL <3.4 does not have EC_POINT_[gs]et_affine_coordinates but does have the now-deprecated _GFp variantes. We still support LibreSSL back as far as 3.2.x so add a compat shim. --- configure.ac | 4 ++++ openbsd-compat/openssl-compat.h | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/configure.ac b/configure.ac index 98d98594b5c8..94e782e1563b 100644 --- a/configure.ac +++ b/configure.ac @@ -3107,6 +3107,10 @@ if test "x$openssl" = "xyes" ; then # LibreSSL/OpenSSL API differences AC_CHECK_FUNCS([ \ + EC_POINT_get_affine_coordinates \ + EC_POINT_get_affine_coordinates_GFp \ + EC_POINT_set_affine_coordinates \ + EC_POINT_set_affine_coordinates_GFp \ EVP_CIPHER_CTX_iv \ EVP_CIPHER_CTX_iv_noconst \ EVP_CIPHER_CTX_get_iv \ diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 936f4068d843..4539d8d50002 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -60,6 +60,20 @@ void ssh_libcrypto_init(void); # define BN_set_flags(a, b) #endif +/* LibreSSL <3.4 has the _GFp variants but not the equivalent modern ones. */ +#ifndef HAVE_EC_POINT_GET_AFFINE_COORDINATES +# ifdef HAVE_EC_POINT_GET_AFFINE_COORDINATES_GFP +# define EC_POINT_get_affine_coordinates(a, b, c, d, e) \ + (EC_POINT_get_affine_coordinates_GFp(a, b, c, d, e)) +# endif +#endif +#ifndef HAVE_EC_POINT_SET_AFFINE_COORDINATES +# ifdef HAVE_EC_POINT_SET_AFFINE_COORDINATES_GFP +# define EC_POINT_set_affine_coordinates(a, b, c, d, e) \ + (EC_POINT_set_affine_coordinates_GFp(a, b, c, d, e)) +# endif +#endif + #ifndef HAVE_EVP_CIPHER_CTX_GET_IV # ifdef HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV # define EVP_CIPHER_CTX_get_iv EVP_CIPHER_CTX_get_updated_iv From 9d9a2c0369419f3b4952e597db7b8696f54e7f3a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 19:16:38 +1000 Subject: [PATCH 054/687] Include openssl compat shims in test. Fixes tests on platforms using older LibreSSL releases prior to 3.4. --- regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index 48573ae82967..46a96fdadb38 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c @@ -22,6 +22,7 @@ #ifdef OPENSSL_HAS_NISTP256 # include #endif +#include "openbsd-compat/openssl-compat.h" #include "../test_helper/test_helper.h" #include "ssherr.h" From 0214e53124c09528b6ee29b9a551442b5611a454 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 18:28:52 +1000 Subject: [PATCH 055/687] Add debug output when setting up CI environment. --- .github/setup_ci.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index e4b266a18c21..c4473f2f71b4 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -5,6 +5,12 @@ target="$2" PACKAGES="" +echo Running as: +id + +echo Environment: +set + . .github/configs ${config} host=`./config.guess` From 648a3a008cf1cfa54631d2f0457b5313c455f484 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 18:48:23 +1000 Subject: [PATCH 056/687] Use USERNAME rather than LOGNAME on Cygwin. LOGNAME is specified by POSIX, but Windows (or at least, github's Windows images) don't set it. --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index c4473f2f71b4..5e778d377136 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -24,7 +24,7 @@ case "$host" in set -x setfacl -b . regress icacls regress /c /t /q /Inheritance:d - icacls regress /c /t /q /Grant ${LOGNAME}:F + icacls regress /c /t /q /Grant ${USERNAME}:F icacls regress /c /t /q /Remove:g "Authenticated Users" \ BUILTIN\\Administrators BUILTIN Everyone System Users takeown /F regress From 6fb728df50c1afd338cb0223a84ce24579577eff Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 19:28:55 +1000 Subject: [PATCH 057/687] Run all tests on Cygwin again. ... now that we've fixed ci-setup on Cygwin. --- .github/configs | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/configs b/.github/configs index f3235c5a7cad..a1059f935943 100755 --- a/.github/configs +++ b/.github/configs @@ -347,8 +347,6 @@ case "$host" in SUDO="" # Don't run compat tests on cygwin as they don't currently compile. TEST_TARGET="tests" - # Not sure why these tests fail on github. - SKIP_LTESTS="keygen-knownhosts sftp-cmds sftp-perm" ;; *-darwin*) # Unless specified otherwise, build without OpenSSL on Mac OS since From 750f1867476bda36879f69e25e8f52cb45c58807 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 20 May 2025 22:17:02 +1000 Subject: [PATCH 058/687] Include OpenSSL compat shim where needed. --- regress/misc/ssh-verify-attestation/ssh-verify-attestation.c | 1 + sk-usbhid.c | 1 + 2 files changed, 2 insertions(+) diff --git a/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c b/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c index 9316805e0cc5..da7f5a23366c 100644 --- a/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c +++ b/regress/misc/ssh-verify-attestation/ssh-verify-attestation.c @@ -70,6 +70,7 @@ #include #include #include +#include "openbsd-compat/openssl-compat.h" extern char *__progname; diff --git a/sk-usbhid.c b/sk-usbhid.c index e2fa0b499af6..c18c40df2db6 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -49,6 +49,7 @@ #include #include #include +#include "openbsd-compat/openssl-compat.h" #endif /* WITH_OPENSSL */ #include From 83729cf503289104d7e64a69be14579523988cb6 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 21 May 2025 18:47:46 +1000 Subject: [PATCH 059/687] merge netcat SOCKS4A support from OpenBSD Not a full sync of this file as we have diverged substantially from upstream (it has libtls support, etc.) --- regress/netcat.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/regress/netcat.c b/regress/netcat.c index 20ec3f5954fa..51e999df6d68 100644 --- a/regress/netcat.c +++ b/regress/netcat.c @@ -185,6 +185,8 @@ main(int argc, char *argv[]) socksv = -1; /* HTTP proxy CONNECT */ else if (strcmp(optarg, "4") == 0) socksv = 4; /* SOCKS v.4 */ + else if (strcasecmp(optarg, "4A") == 0) + socksv = 44; /* SOCKS v.4A */ else if (strcmp(optarg, "5") == 0) socksv = 5; /* SOCKS v.5 */ else @@ -1586,7 +1588,7 @@ socks_connect(const char *host, const char *port, default: errx(1, "connection failed, unsupported address type"); } - } else if (socksv == 4) { + } else if (socksv == 4 || socksv == 44) { /* This will exit on lookup failure */ decode_addrport(host, port, (struct sockaddr *)&addr, sizeof(addr), 1, 0); @@ -1595,10 +1597,22 @@ socks_connect(const char *host, const char *port, buf[0] = SOCKS_V4; buf[1] = SOCKS_CONNECT; /* connect */ memcpy(buf + 2, &in4->sin_port, sizeof in4->sin_port); - memcpy(buf + 4, &in4->sin_addr, sizeof in4->sin_addr); + if (socksv == 4) { + memcpy(buf + 4, &in4->sin_addr, sizeof in4->sin_addr); + } else { + /* SOCKS4A uses addr of 0.0.0.x, and hostname later */ + buf[4] = buf[5] = buf[6] = 0; + buf[7] = 1; + } buf[8] = 0; /* empty username */ wlen = 9; - + if (socksv == 44) { + /* SOCKS4A has nul-terminated hostname after user */ + if (strlcpy(buf + 9, host, + sizeof(buf) - 9) >= sizeof(buf) - 9) + errx(1, "hostname too big"); + wlen = 9 + strlen(host) + 1; + } cnt = atomicio(vwrite, proxyfd, buf, wlen); if (cnt != wlen) err(1, "write failed (%zu/%zu)", cnt, wlen); From 1743589d038476f28dc4dfb1f69317649ae22ac5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 21 May 2025 06:43:48 +0000 Subject: [PATCH 060/687] upstream: function to make a sshbuf from a hex string; useful in tests also constify some arguments OpenBSD-Commit-ID: 00f9c25b256be0efd73f2d8268ff041bc45ffb2c --- sshbuf-misc.c | 40 ++++++++++++++++++++++++++++++++++++++-- sshbuf.h | 6 ++++-- 2 files changed, 42 insertions(+), 4 deletions(-) diff --git a/sshbuf-misc.c b/sshbuf-misc.c index 9c5c42bba70a..adbf9903b4d8 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.18 2022/01/22 00:43:43 djm Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.19 2025/05/21 06:43:48 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -71,7 +71,7 @@ sshbuf_dump(const struct sshbuf *buf, FILE *f) } char * -sshbuf_dtob16(struct sshbuf *buf) +sshbuf_dtob16(const struct sshbuf *buf) { size_t i, j, len = sshbuf_len(buf); const u_char *p = sshbuf_ptr(buf); @@ -90,6 +90,42 @@ sshbuf_dtob16(struct sshbuf *buf) return ret; } +static int +b16tod(const char v) +{ + if (v >= '0' && v <= '9') + return v - '0'; + if (v >= 'a' && v <= 'f') + return 10 + v - 'a'; + if (v >= 'A' && v <= 'A') + return 10 + v - 'A'; + return -1; +} + +struct sshbuf * +sshbuf_b16tod(const char *b16) +{ + struct sshbuf *ret; + size_t o; + int r, v1, v2; + + if ((ret = sshbuf_new()) == NULL) + return NULL; + for (o = 0; b16[o] != '\0'; o += 2) { + if ((v1 = b16tod(b16[o])) == -1 || + (v2 = b16tod(b16[o + 1])) == -1) { + sshbuf_free(ret); + return NULL; + } + if ((r = sshbuf_put_u8(ret, (u_char)((v1 << 4) | v2))) != 0) { + sshbuf_free(ret); + return NULL; + } + } + /* success */ + return ret; +} + int sshbuf_dtob64(const struct sshbuf *d, struct sshbuf *b64, int wrap) { diff --git a/sshbuf.h b/sshbuf.h index 49c32af8fbb7..681abb9eec03 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.29 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.30 2025/05/21 06:43:48 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -235,7 +235,9 @@ void sshbuf_dump(const struct sshbuf *buf, FILE *f); void sshbuf_dump_data(const void *s, size_t len, FILE *f); /* Return the hexadecimal representation of the contents of the buffer */ -char *sshbuf_dtob16(struct sshbuf *buf); +char *sshbuf_dtob16(const struct sshbuf *buf); +/* Make a sshbuf from a hex string */ +struct sshbuf *sshbuf_b16tod(const char *b16); /* Encode the contents of the buffer as base64 */ char *sshbuf_dtob64_string(const struct sshbuf *buf, int wrap); From 0c14e6b69a20f20d602e0e72559ca3f4dbc797fb Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 21 May 2025 06:44:24 +0000 Subject: [PATCH 061/687] upstream: use logit_f("...") instead of logit("func: ...") OpenBSD-Commit-ID: c8d49eb39a9abff3cbcaeaf7df9d48468a5a0695 --- dispatch.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dispatch.c b/dispatch.c index 6118147bf140..430b6afda1d3 100644 --- a/dispatch.c +++ b/dispatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.c,v 1.33 2023/03/05 05:34:09 dtucker Exp $ */ +/* $OpenBSD: dispatch.c,v 1.34 2025/05/21 06:44:24 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -41,7 +41,7 @@ dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh) { int r; - logit("dispatch_protocol_error: type %d seq %u", type, seq); + logit_f("type %d seq %u", type, seq); if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 || (r = sshpkt_put_u32(ssh, seq)) != 0 || (r = sshpkt_send(ssh)) != 0 || @@ -53,7 +53,7 @@ dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh) int dispatch_protocol_ignore(int type, u_int32_t seq, struct ssh *ssh) { - logit("dispatch_protocol_ignore: type %d seq %u", type, seq); + logit_f("type %d seq %u", type, seq); return 0; } From 5699f4e9553c6a228fd9dc578d99e3aa6451c014 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 21 May 2025 08:36:39 +0000 Subject: [PATCH 062/687] upstream: remove log tarballing "it seemed like a good idea at the time" - dtucker@ ensure that log files have correct perms when running under sudo/doas ok dtucker@ OpenBSD-Regress-ID: 20588c14b05de9519f85d638b374b66ae0678c89 --- regress/test-exec.sh | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 8a00c729cf67..714636f6ebfc 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.127 2025/03/28 05:41:15 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.128 2025/05/21 08:36:39 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -535,6 +535,7 @@ save_debug_log () $SUDO chown -R $USER $logfile fi done + test -z "$SUDO" || $SUDO chmod ug+rw $TEST_SSHD_LOGFILE echo $@ >>$TEST_REGRESS_LOGFILE echo $@ >>$TEST_SSH_LOGFILE echo $@ >>$TEST_SSHD_LOGFILE @@ -542,19 +543,6 @@ save_debug_log () (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log - - # Save all logfiles in a tarball. - (cd $OBJ && - logfiles="" - for i in $TEST_REGRESS_LOGFILE $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE \ - $TEST_SSH_LOGDIR; do - if [ -e "`basename $i`" ]; then - logfiles="$logfiles `basename $i`" - else - logfiles="$logfiles $i" - fi - done - tar cf "$tarname" $logfiles) } trace () From 0adb2db25eff3fe1c90c55654387ae1e4e18a396 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 21 May 2025 08:41:52 +0000 Subject: [PATCH 063/687] upstream: test SOCKS4A; ok tb OpenBSD-Regress-ID: d880b75280295cd581a86e39bb0996d347f122d2 --- regress/dynamic-forward.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/dynamic-forward.sh b/regress/dynamic-forward.sh index 85901eaa6340..6cc47e7605e1 100644 --- a/regress/dynamic-forward.sh +++ b/regress/dynamic-forward.sh @@ -1,4 +1,4 @@ -# $OpenBSD: dynamic-forward.sh,v 1.17 2024/03/08 11:34:10 dtucker Exp $ +# $OpenBSD: dynamic-forward.sh,v 1.18 2025/05/21 08:41:52 djm Exp $ # Placed in the Public Domain. tid="dynamic forwarding" @@ -54,7 +54,7 @@ stop_ssh() { check_socks() { direction=$1 expect_success=$2 - for s in 4 5; do + for s in 4A 4 5; do for h in 127.0.0.1 localhost; do trace "testing ssh socks version $s host $h (-$direction)" ${REAL_SSH} -q -F $OBJ/ssh_config -o \ From b71773c20d566fa5dcaf9edf3139bdcb3f2c4bc2 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 21 May 2025 19:14:47 +1000 Subject: [PATCH 064/687] pull a small netcat SOCKS4A fix from upstream --- regress/netcat.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/regress/netcat.c b/regress/netcat.c index 51e999df6d68..1eac0218aaf1 100644 --- a/regress/netcat.c +++ b/regress/netcat.c @@ -1589,9 +1589,11 @@ socks_connect(const char *host, const char *port, errx(1, "connection failed, unsupported address type"); } } else if (socksv == 4 || socksv == 44) { - /* This will exit on lookup failure */ - decode_addrport(host, port, (struct sockaddr *)&addr, - sizeof(addr), 1, 0); + if (socksv == 4) { + /* This will exit on lookup failure */ + decode_addrport(host, port, (struct sockaddr *)&addr, + sizeof(addr), 1, 0); + } /* Version 4 */ buf[0] = SOCKS_V4; From e391c5289c2b687ff886cf780dc8fcb426e4d5d2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 22 May 2025 10:52:31 +1000 Subject: [PATCH 065/687] Remove 9.7 branch from CI status page. It's been obsolete long enough that github no longer reports its status. --- .github/ci-status.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/ci-status.md b/.github/ci-status.md index d47e59e1e5ea..971011db96fa 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -17,7 +17,3 @@ master : 9.8 : [![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_8)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_8) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_8)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_8) - -9.7 : -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_7)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_7) -[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_7)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_7) From df22801b3f0ae245f825cf9c9dbb4543e41a7c5c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 22 May 2025 11:34:04 +1000 Subject: [PATCH 066/687] Install nc during upstream test. This ensures that the installed nc matches the expectations of the regress tests. --- .github/workflows/upstream.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 615a7763fb9b..b603d410b025 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -43,7 +43,9 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && cvs up -dPA usr.bin/ssh regress/usr.bin/ssh" + run: vmrun "cd /usr/src && cvs up -dPA {regress/,}usr.bin/{ssh,nc}" + - name: install netcat + run: vmrun "cd /usr/src/usr.bin/nc && make obj clean nc && sudo make install" - name: make clean run: vmrun "cd /usr/src/usr.bin/ssh && make obj && make clean && cd /usr/src/regress/usr.bin/ssh && make obj && make clean && sudo chmod -R g-w /usr/src /usr/obj" - name: make From 49a2412ad23162e44be9e0b2cb12f6daf6b666d7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 22 May 2025 12:21:11 +1000 Subject: [PATCH 067/687] Fix cvs up of nc. --- .github/workflows/upstream.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index b603d410b025..9bf66ceb4aa3 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -43,8 +43,8 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && cvs up -dPA {regress/,}usr.bin/{ssh,nc}" - - name: install netcat + run: vmrun "cd /usr/src && cvs up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc" + - name: update netcat run: vmrun "cd /usr/src/usr.bin/nc && make obj clean nc && sudo make install" - name: make clean run: vmrun "cd /usr/src/usr.bin/ssh && make obj && make clean && cd /usr/src/regress/usr.bin/ssh && make obj && make clean && sudo chmod -R g-w /usr/src /usr/obj" From d1d5c8b9b8de8283618c18d0dafdec6a209911cc Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 22 May 2025 12:25:35 +1000 Subject: [PATCH 068/687] Fix nc install some more. --- .github/workflows/upstream.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 9bf66ceb4aa3..9e74f94a74d1 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -43,9 +43,9 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && cvs up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc" + run: vmrun "cd /usr/src && cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc" - name: update netcat - run: vmrun "cd /usr/src/usr.bin/nc && make obj clean nc && sudo make install" + run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install" - name: make clean run: vmrun "cd /usr/src/usr.bin/ssh && make obj && make clean && cd /usr/src/regress/usr.bin/ssh && make obj && make clean && sudo chmod -R g-w /usr/src /usr/obj" - name: make From 58d094c7cb974d7bd3ba6eb1059b186a2ac3dd55 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 21 May 2025 12:12:20 +0000 Subject: [PATCH 069/687] upstream: Correct FILES section to mention new default path to agent sockets. Spotted by / ok jmc@ OpenBSD-Commit-ID: 91d736d78d71a4276c9cbb075b1462bbc3df55a6 --- ssh-agent.1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-agent.1 b/ssh-agent.1 index 9f56e3efdc08..58258be49b4e 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.84 2025/05/05 05:47:28 jmc Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.85 2025/05/21 12:12:20 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 5 2025 $ +.Dd $Mdocdate: May 21 2025 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -308,7 +308,7 @@ but is easily abused by root or another instance of the same user. .El .Sh FILES .Bl -tag -width Ds -.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent. +.It Pa $HOME/.ssh/agent/s.* .Ux Ns -domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. From b5877b7b3e597f47578ade9dbe7e4332f112dfc4 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 22 May 2025 03:41:10 +0000 Subject: [PATCH 070/687] upstream: Add $OpenBSD$ marker for easier syncing. OpenBSD-Commit-ID: 27ff3e1e2e6610d9981ebe43ae9b783236800035 --- misc-agent.c | 1 + 1 file changed, 1 insertion(+) diff --git a/misc-agent.c b/misc-agent.c index db8f93bc873b..312cff60db8d 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -1,3 +1,4 @@ +/* $OpenBSD: misc-agent.c,v 1.4 2025/05/22 03:41:10 dtucker Exp $ */ /* * Copyright (c) 2025 Damien Miller * From 1ccf42378df202472e7254f37f7dabb2f5723955 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 22 May 2025 03:53:46 +0000 Subject: [PATCH 071/687] upstream: Copy arg to be passed to dirname(). POSIX allows dirname() to modify its args and return a pointer into it, so this prevents an overlapping strlcpy. bz#3819, patch from cjwatson at debian.org OpenBSD-Commit-ID: c32e496e6a1618aba31c8b7a9d4e1376c5ea6aa1 --- misc.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/misc.c b/misc.c index 25465dcd2d4f..f4e02bd04a78 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.199 2025/05/05 02:48:06 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.200 2025/05/22 03:53:46 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -2254,7 +2254,7 @@ int safe_path(const char *name, struct stat *stp, const char *pw_dir, uid_t uid, char *err, size_t errlen) { - char buf[PATH_MAX], homedir[PATH_MAX]; + char buf[PATH_MAX], buf2[PATH_MAX], homedir[PATH_MAX]; char *cp; int comparehome = 0; struct stat st; @@ -2280,7 +2280,12 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, /* for each component of the canonical path, walking upwards */ for (;;) { - if ((cp = dirname(buf)) == NULL) { + /* + * POSIX allows dirname to modify its argument and return a + * pointer into it, so make a copy to avoid overlapping strlcpy. + */ + strlcpy(buf2, buf, sizeof(buf2)); + if ((cp = dirname(buf2)) == NULL) { snprintf(err, errlen, "dirname() failed"); return -1; } From 6d192645a613aa814d51050b0458f37265b90d6c Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 22 May 2025 04:22:03 +0000 Subject: [PATCH 072/687] upstream: Output the current name for PermitRootLogin's "prohibit-password" in sshd -T instead of its deprecated alias "without-password". bz#3788, patch from cjwatson at debian.org. OpenBSD-Commit-ID: 2d5df18d5ad33a9b6c7547ec78a8e6ea13813df9 --- servconf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/servconf.c b/servconf.c index f7bc92377db3..f2a540dad54e 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.425 2025/02/25 06:25:30 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.426 2025/05/22 04:22:03 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1282,8 +1282,8 @@ static const struct multistate multistate_addressfamily[] = { { NULL, -1 } }; static const struct multistate multistate_permitrootlogin[] = { - { "without-password", PERMIT_NO_PASSWD }, { "prohibit-password", PERMIT_NO_PASSWD }, + { "without-password", PERMIT_NO_PASSWD }, { "forced-commands-only", PERMIT_FORCED_ONLY }, { "yes", PERMIT_YES }, { "no", PERMIT_NO }, From de25e739781c4c09d20abd410f50f0a6f192dc72 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 22 May 2025 18:42:44 +1000 Subject: [PATCH 073/687] minimal shims for fstatat(2)/unlinkat(2) in agent Add some very minimal and task-specific replacements for fstatat(2) and unlinkat(2) in the ssh-agent socket cleanup loop, for platforms that lack these functions. ok dtucker@ --- misc-agent.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/misc-agent.c b/misc-agent.c index 312cff60db8d..712c42b82876 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -264,13 +264,20 @@ socket_is_stale(const char *path) return 0; } +#ifndef HAVE_FSTATAT +# define fstatat(x, y, buf, z) lstat(path, buf) +#endif +#ifndef HAVE_UNLINKAT +# define unlinkat(x, y, z) unlink(path) +#endif + void agent_cleanup_stale(const char *homedir, int ignore_hosthash) { DIR *d = NULL; struct dirent *dp; struct stat sb; - char *prefix = NULL, *dirpath = NULL, *path; + char *prefix = NULL, *dirpath = NULL, *path = NULL; struct timespec now, sub, *mtimp = NULL; /* Only consider sockets last modified > 1 hour ago */ @@ -290,6 +297,7 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) } xasprintf(&prefix, "s.%s.", path); free(path); + path = NULL; } xasprintf(&dirpath, "%s/%s", homedir, _PATH_SSH_AGENT_SOCKET_DIR); @@ -298,7 +306,11 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) error_f("opendir \"%s\": %s", dirpath, strerror(errno)); goto out; } + + path = NULL; while ((dp = readdir(d)) != NULL) { + free(path); + xasprintf(&path, "%s/%s", dirpath, dp->d_name); #ifdef HAVE_DIRENT_D_TYPE if (dp->d_type != DT_SOCK && dp->d_type != DT_UNKNOWN) continue; @@ -329,16 +341,18 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) "from different host", dirpath, dp->d_name); continue; } - xasprintf(&path, "%s/%s", dirpath, dp->d_name); if (socket_is_stale(path)) { debug_f("cleanup stale socket %s", path); unlinkat(dirfd(d), dp->d_name, 0); } - free(path); } out: if (d != NULL) closedir(d); + free(path); free(dirpath); free(prefix); } + +#undef unlinkat +#undef fstatat From 450a8a1df1577ddbe68fe8da1fb8514d3781ef32 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 22 May 2025 21:16:37 +1000 Subject: [PATCH 074/687] Collect all of regress dir on failure. This may allow us to sort through its entrails and determine the cause of some types of failures. --- .github/workflows/c-cpp.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 7c37c9ce2cb1..8c3d64b8cc7f 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -160,8 +160,4 @@ jobs: path: | config.h config.log - regress/*.log - regress/valgrind-out/ - regress/asan.log.* - regress/msan.log.* - regress/log/* + regress/ From 2b2a7a2a0d70023b439080bb2770ff36522dbea8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 22 May 2025 22:09:48 +1000 Subject: [PATCH 075/687] Remove debug change accidentally commited. Fixes Coverity CID 481160. --- cipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cipher.c b/cipher.c index 692aafe96cff..8a18da2df8d1 100644 --- a/cipher.c +++ b/cipher.c @@ -75,7 +75,7 @@ struct sshcipher { #define CFLAG_CHACHAPOLY (1<<1) #define CFLAG_AESCTR (1<<2) #define CFLAG_NONE (1<<3) -#define CFLAG_INTERNAL 0 +#define CFLAG_INTERNAL CFLAG_NONE /* Don't use "none" for packets */ #ifdef WITH_OPENSSL const EVP_CIPHER *(*evptype)(void); #else From 7acb70e05e9977ceca7b33df84ceaea337b1efef Mon Sep 17 00:00:00 2001 From: "bluhm@openbsd.org" Date: Thu, 22 May 2025 04:34:18 +0000 Subject: [PATCH 076/687] upstream: Fix OpenBSD RCS ID typos. from Andrius V OpenBSD-Regress-ID: 5c03a2ef5323969fc4978f2eec4f1a25c48c572a --- regress/penalty-expire.sh | 2 +- regress/penalty.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/penalty-expire.sh b/regress/penalty-expire.sh index 4f0bbe638f63..27e36e3eefbf 100644 --- a/regress/penalty-expire.sh +++ b/regress/penalty-expire.sh @@ -1,4 +1,4 @@ -# $OpenBSD +# $OpenBSD: penalty-expire.sh,v 1.3 2025/05/22 04:34:18 bluhm Exp $ # Placed in the Public Domain. tid="penalties" diff --git a/regress/penalty.sh b/regress/penalty.sh index 8b8353238111..bf719dc0aab2 100644 --- a/regress/penalty.sh +++ b/regress/penalty.sh @@ -1,4 +1,4 @@ -# $OpenBSD +# $OpenBSD: penalty.sh,v 1.7 2025/05/22 04:34:18 bluhm Exp $ # Placed in the Public Domain. tid="penalties" From 6629eee21ca9d0a597a04dcac744a1ad882f912e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 22 May 2025 12:14:19 +0000 Subject: [PATCH 077/687] upstream: Adjust debug message to prevent (unsigned) integer overflow. Fixes Coverity CID 481110, ok djm@ OpenBSD-Commit-ID: 26178bf3b812707fb498ea85d076cadd1f2eb686 --- misc-agent.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misc-agent.c b/misc-agent.c index 712c42b82876..cf9b0fa0cb77 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc-agent.c,v 1.4 2025/05/22 03:41:10 dtucker Exp $ */ +/* $OpenBSD: misc-agent.c,v 1.5 2025/05/22 12:14:19 dtucker Exp $ */ /* * Copyright (c) 2025 Damien Miller * @@ -59,7 +59,7 @@ hostname_hash(size_t len) l = ssh_digest_bytes(SSH_DIGEST_SHA512); if (len > 64) { - error_f("bad length %zu > max %zd", len, l - 1); + error_f("bad length %zu >= max %zd", len, l); return NULL; } if (gethostname(hostname, sizeof(hostname)) == -1) { From 4b8bee62d72ffb3c419c9ead6c9fb1a586283868 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Fri, 23 May 2025 00:40:45 +0000 Subject: [PATCH 078/687] upstream: use "const char * const" for malloc_options here also OpenBSD-Commit-ID: 869715b9c7e1dd5b85efd07814e7e53f0286eea2 --- xmalloc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xmalloc.c b/xmalloc.c index 67191e3f214d..bf1da4b89456 100644 --- a/xmalloc.c +++ b/xmalloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.c,v 1.37 2022/03/13 23:27:54 cheloha Exp $ */ +/* $OpenBSD: xmalloc.c,v 1.38 2025/05/23 00:40:45 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -27,7 +27,7 @@ #include "log.h" #if defined(__OpenBSD__) -char *malloc_options = "S"; +const char * const malloc_options = "S"; #endif /* __OpenBSD__ */ void * From 24889a33071086b6f1f62568b0c2bd0a4955ac49 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 23 May 2025 01:14:35 +0000 Subject: [PATCH 079/687] upstream: Import regenerated moduli. OpenBSD-Commit-ID: 07e29dc891e29b31e03e2e5493658b4a9ac19431 --- moduli | 859 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 426 insertions(+), 433 deletions(-) diff --git a/moduli b/moduli index ab7fd2bb0c27..2fe04ab76032 100644 --- a/moduli +++ b/moduli @@ -1,434 +1,427 @@ -# $OpenBSD: moduli,v 1.39 2024/11/29 00:13:36 dtucker Exp $ +# $OpenBSD: moduli,v 1.40 2025/05/23 01:14:35 dtucker Exp $ # Time Type Tests Tries Size Generator Modulus -20240828044144 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63216235F7 -20240828044149 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63217EB4CB -20240828044153 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632197445F -20240828044203 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6321E28D7F -20240828044206 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6321F5D65F -20240828044207 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6321F5F783 -20240828044210 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63220959FB -20240828044217 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63223CB053 -20240828044224 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63226F7A83 -20240828044233 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6322B452E7 -20240828044240 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6322E58253 -20240828044251 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632334AB77 -20240828044259 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632379357B -20240828044311 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6323D336A7 -20240828044323 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63242A969B -20240828044326 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63243E12C3 -20240828044349 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6324EA98FF -20240828044351 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6324F33C17 -20240828044406 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632569D1BF -20240828044412 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632591055B -20240828044416 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6325A64983 -20240828044426 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6325F39C73 -20240828044435 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63263987CF -20240828044440 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63265B2A5F -20240828044445 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63267C888B -20240828044453 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6326B9D6C3 -20240828044505 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF63270DF46F -20240828044509 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632725FB3B -20240828044510 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF632728D6F3 -20240828044525 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6327A20713 -20240828044536 2 6 100 2047 5 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6327FA0007 -20240828044603 2 6 100 2047 2 C2CE9B70B9DD5860C0846274F1FF29B2E3D5EFFA5A8568C6B9829BD8C42422F0BEE2D6D74503BCD91A002B09EB75174B87734CFFAC12682D49D50AF5B9837E3B30675E93087C5279A431B40D8219B2292A0EBB23ED0856BACF21F7A8C801FC3B0A1D2C76C4372109A24587D8E09F91CA0018EB2FB7D75BDD8FE230D49CC593E2152A7EFB4B7FCAA9228D061120DED56DDF6019817221B4D9A0F5DECF928148EB22AC583AC3BF37541CC285C6BB4E0C028E7140C133B12EB80354C01C053F5B435EA2798404749664674966DFB7113F86BC74FD37333330A664FA86AE1B40006717AC6091961C45164F3714777CC776DB2C7C72FA6A89EF3DEB98EF6328C7601B -20240828044621 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602100B138DB -20240828044622 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602100BA7D33 -20240828044630 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602100F35A77 -20240828044634 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021010E6E03 -20240828044637 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021011F7EAB -20240828044646 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021016091AB -20240828044657 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602101B2C867 -20240828044658 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602101B60E87 -20240828044721 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602102652CD7 -20240828044731 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602102B160B7 -20240828044737 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602102DA0A57 -20240828044755 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD260210367434B -20240828044803 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602103A3B7DF -20240828044807 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602103C2D9CB -20240828044812 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602103DE1313 -20240828044821 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602104264E53 -20240828044835 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602104909817 -20240828044855 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602105309B8B -20240828044903 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021056A2A5F -20240828044903 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021056A52EB -20240828044921 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602105F6DDD3 -20240828044930 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021063AE353 -20240828044934 2 6 100 2047 5 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD260210651B5C7 -20240828044937 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602106651B4B -20240828044944 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021069D4573 -20240828045003 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021072D06EB -20240828045023 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD2602107C5C8DB -20240828045043 2 6 100 2047 2 E8198A1A9FF997DF62B131D5C187C3160A61128E5DC14FED2EC25E38EE627FC070B240AFA70179A5981739E7F1CC1EFD94BECAA338C8BEFCA1C036EF1F7804AD1BBE8B86C3BDDDA7868F9302E45F47BABB6A8D54E1871678AB37855761AAD6408EA4CEE8B4DE9A5972981B07EAC9CD496331C4E1104ED49ACB5F4F37DC9B98098C04053775DB2994B23CA4561C739DB5A19638C0D1D97C07EF26ADC912A5C6A3506B5E935E4C11E18769334B4D02CDB4802ACE68B55D2D3CD354B0DE2D4DB4727FAD43694110D90A4A18206A731466E83FCE2A6F8E042E1D244F7EA4DD2FF3B9E3910C2B7672E4605A2025BDAA0D67455F8FD50FD241B5074FD26021085D358B -20240828045540 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DB83F1177 -20240828045614 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DB8AA8ABF -20240828045644 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DB90E7B73 -20240828045720 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DB984B19F -20240828045813 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBA2CAEB7 -20240828045858 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBABFBAAB -20240828045903 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBACAA69F -20240828045912 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBAE15E2B -20240828045932 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBB1CB097 -20240828050005 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBB86CA4F -20240828050036 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBBEDB4C7 -20240828050043 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBBFC577F -20240828050107 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBC490C0B -20240828050136 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBCA8444F -20240828050201 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBCFC24F3 -20240828050209 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBD0E9213 -20240828050303 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBDBBE653 -20240828050329 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBE0AE17B -20240828050406 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBE8344F3 -20240828050430 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBEC9D58B -20240828050438 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBEDF58FB -20240828050528 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DBF858DCB -20240828050633 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC0619997 -20240828050638 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC06A2A8B -20240828050712 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC0D40C6F -20240828050715 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC0D78F7F -20240828050743 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC12FBEF7 -20240828050851 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC216E8EB -20240828050903 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC235154F -20240828050905 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC235B9E3 -20240828050941 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC2AA4F87 -20240828051038 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC36951FB -20240828051046 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC37DE073 -20240828051104 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC3B311A3 -20240828051215 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC4A3904B -20240828051246 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC502215B -20240828051312 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC5506613 -20240828051329 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC57E32D3 -20240828051336 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC58E630B -20240828051520 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC6DF9DDB -20240828051549 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC736A7B3 -20240828051622 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC7A11C13 -20240828051823 2 6 100 3071 2 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC933AB0B -20240828051906 2 6 100 3071 5 F0E30849E47025007BE82AED18F1B234816DC958D27A2133A1FEA5C9D5B00C107D4C3563B295FB10AA1BEFB5C160159F85A69C3990D6A5078FEE7D5462F14890168BF2AA6B06729778AF1CDA95F5EB5FD024D9A4B904FB6501213268D69167449CCEF555129648DA0C6C1500DB898ABAEBE716B468AFDADB8E499D0043B7D4070A957EF41EF2ED3D9DB4EB8607B620C714084F6909D0B980FC54E7BA3A4F7C6716BC8430C5D73475A95F64B8AA9BB6F9CD524EFEC35E322F10DA32826E005EBA1C81EA662FB1517EED4D778DB6658C7D6150F144BBA60DAE6B75499E70CD7D70842131C00E04319DB1B53867E6BF820B1D74692227A574F937B668F25017F6DB3D6FEB2A61F8E377FA73E8652089A0ECBE15AD1CB8C44D738AB114BBE7AB9985545DE182011208113A56C5D84D8E7640517C5EFA28670168906BA869583EFEE72F89C1B3CA019C4D544B711A9A0297911CBEEB124EA9D7076696F62AC9E8814CDA985B35800D4DB253497725F131169F56AF543DD51EED43501A249DC9BF25EF -20240828052009 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BBF34E3B -20240828052030 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BC38F533 -20240828052045 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BC632227 -20240828052153 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BD42ABFF -20240828052207 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BD6986DF -20240828052211 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BD7241F7 -20240828052259 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BE0ECA0B -20240828052336 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BE863B2B -20240828052339 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BE899267 -20240828052415 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BF03197B -20240828052431 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BF33F3BB -20240828052513 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BFBAA987 -20240828052522 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BFD18B5B -20240828052527 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79BFDA82D3 -20240828052609 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C0656637 -20240828052616 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C07626F3 -20240828052621 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C07E39AB -20240828052816 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C2033C13 -20240828052903 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C29B2063 -20240828052932 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C2FB438B -20240828052959 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C35070C3 -20240828053054 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C4050DE3 -20240828053223 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C52F78A7 -20240828053319 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C5E6180B -20240828053339 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C61E1503 -20240828053345 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C62B8123 -20240828053430 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C6B80C6B -20240828053549 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C7B7959F -20240828053758 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C95C0E23 -20240828053817 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C9938013 -20240828053837 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79C9D0494F -20240828053914 2 6 100 3071 5 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79CA42683F -20240828054013 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79CB06EC0B -20240828054258 2 6 100 3071 2 F92C6D0F2F9D19FE24813B351098A85FABD54907EA3F2B1DDC129631277DD947357AAEA3FBDAF717CF7FB244ED5EA7475AA7AB9F8CC8E92BFEBA6B9F4394EFEFDAB17F42338B58FEB6B09CD728221C9261C1FB59A2EEBDD7A974CD3D56031DA903E422D77061725705DC1366F17C530CFB45A704C00018D78004241F3CF6AD1C934F576F8D4C542FD83BBE0C8C3B122063A7457D3A47D1EC0A2266A36ABB664E96959D60C46344757771F7DBD79B25F033CA5E7674DDD2AC03F79C7C8E2B637CF3C9DD55D3FD5BDDB1CEE1B5F57B72B01F91BCD385AF7AD03C183EA95D95D07838BE129BDF7B724A27FC2ED5AF6AE17C995ACDB42C783845342A07BB2318A392B21912B8E4165B1A4688C35FFBB23B733DCD0136373E308F9320A5C2BAF95492F6E4F5964B18917846376B2ADB2E2892B1D51DDC63578DFA361EA5190E39B6E93772B2A3F66CD6B0B183F41A68A31AA7E9A23DDBE383AC2E262C368DC859989BA361A683A9B7F3B158A1BC9ECF4F8669F363DAF10ECE0EB29581CB79CD234BAB -20240828060009 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A70951B13 -20240828060511 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A726F0C37 -20240828060714 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7335AED3 -20240828061156 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7501901B -20240828061217 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A751A9A43 -20240828061522 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A763D53FF -20240828061600 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7675A20F -20240828061619 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A768B4D03 -20240828061636 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A769E17B3 -20240828062452 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A79B996BB -20240828062521 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A79E2492B -20240828062623 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7A419E13 -20240828062831 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7B0C50CB -20240828062854 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7B27FC2B -20240828063249 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7CA08843 -20240828063334 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7CE52E4F -20240828063443 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7D4D4863 -20240828063548 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7DAC7243 -20240828063629 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7DE88D73 -20240828064128 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A7FCA819B -20240828064626 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A819B3083 -20240828064816 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8247AB73 -20240828065323 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A84385B67 -20240828065513 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A84DF9C03 -20240828070128 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A872AEE03 -20240828070200 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A87566497 -20240828070537 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A88AEB07F -20240828070904 2 6 100 4095 5 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8A00154F -20240828071020 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8A740023 -20240828071247 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8B633D9B -20240828071353 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8BC1DD33 -20240828071426 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8BF0634B -20240828071455 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8C19F3D3 -20240828071541 2 6 100 4095 2 C1FD462836A96C337420C7007228E616EC573732284C62893AB8CC4E3F3E182E3A2FC77E35BC37FC6A207BB3B56EEAD789DFE450ECA8A88518B4EBACEF11D667EA651A91285ED252C792EB32026784FE21B43F3E4B61DBB0E26D3DC6EE8B9090CCDFA2876C4CABA186BA994026CF4AE3D17DC5A0D1B4D70F58EA021ACA38F9D1EC7CFF066D1F0C1DEEAED46C531E9719664DC3AD0E61FE171E558BD54FB13004B7E19B3AD908A5FDA716B1AFF98F48527F12F755CB53E0ACE01192CD0CFAA0B7623D1E035DED85CD39B69922E719FFD315DEADD6AEA9064B7DBB7F1079FB06C0442AB9E364E2E756D6EA8C07A92E9BB03EA11678BD0AE1ECC81748068B0658EC1E0C54886933C5BC69BED9334255F55748403F957CE5F314D8F154E213068BAC299C0D323623D4FECF1C17601E347500A00F8AFB1FD63C936842FE87831519613BD966C1653F623A42F236CCB0AEE2E81F702C8CC6E560999B686E3C5B4DE07ABD8DE477D0475F5CE1C61D3D8B1919C378D9AC041F21AC522530F7A4D62125D8DB8F8217BDB3E330A04758448AF7093A65591A0E7E82BA13F6F92CCC68AFD64A965D13A7C36ED85916B3EF9C3AB022E6F66A4317AA01B201BED766AFF938563E93784662AF2F72AE5BA52CF2B0C4ADAF6C20689296CF729D5A643A64A20E4380DE5E3C932CD162C12D55650AECDAAA74FEA3C85B534EF588D2693B7A8C5E63D3 -20240828071923 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9B3CF4313 -20240828072226 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9B4F5B7EF -20240828072458 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9B5EF31DB -20240828073047 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9B82262CF -20240828073253 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9B8EDB05B -20240828074035 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9BBE344BF -20240828074440 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9BD60A58B -20240828074721 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9BE6938F7 -20240828075138 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C00C2AD3 -20240828075304 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C0911F9B -20240828075632 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C1E1F5EB -20240828080239 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C432FEB3 -20240828080841 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C68352A3 -20240828081126 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C78B996B -20240828081614 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9C9536B03 -20240828082258 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CBE55E03 -20240828082637 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CD49EF1B -20240828082710 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CD7A6C07 -20240828082726 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CD8C1A83 -20240828082826 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CDEC8AA3 -20240828082907 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CE27CDDF -20240828083210 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9CF4E290B -20240828083415 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9D01153B3 -20240828083603 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9D0BAF663 -20240828083703 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9D11A10CB -20240828083816 2 6 100 4095 5 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9D18C60B7 -20240828084040 2 6 100 4095 2 E36F035A457FE7C42A6DFEA5F5F192B2FB147FA8B29FD9BE0FB4DB472F5668038712145FFD9C047435AAA518C55B975D814D566AA3233887D5C2C886B754D50B133FE132D81A0851637D6085F2289D8584BF5130452AD24DD87D7158CDAC16832D42476486F0EC2DBBCD38CEE963C5E367ADE50C9502735AD3583445AABEE10E63480E3791FFC7BCF4BD5C1F6E9768E1B1D9B6B75E177F95914B6D5F06CA7CB001B15CAD26B9C20565F8351E69B5E6CA74D30E770523BA7E05475050DCF81A3F9B7C38EF1C31447E35543AE5B00E0BB13C63F8F1DCE0397BF523882AB79E2DF4BDF7E18ED799142089E79CE6AC0E562A587B055D9F963260DAA84A1C520A0D46A01138F20B0EAF73300DD4196A403892EC30B2C84860C4EC4A1FE5778512F546F5B813380393D3BABC535668515BEEFA350207C3BFA1502B52A775146FA97E4CBF701C2DC7845FF604EC73052F217185E74813FD18D3EBA6489E0BD00852B156193735F5A34952DCFD4BD493ECD2C9948E9D4436A79B1F5B6BB7991F1253B8B68BA7511EF94B87D4D9843A5A510837C7AFCD7F42A9657C78BA516606F94BC27F1579BBC0776216AC8B96C2D6D485B6C6EE489C504E32A6B4979287D53E42D120D411F849C748B31FCB2CEB1663C813A0E327DCC18242B484CBF5F9191063933EFEC4C6A600C415B0F29365F6DBBD2DE794D7E14D62CFD7F1E570D1A9D26C42A3 -20240828090009 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F2258E4DB -20240828090718 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F233F2A7B -20240828091256 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F23ED9417 -20240828091549 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F243D1C03 -20240828092905 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F25E8D11F -20240828093653 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F26E25303 -20240828100014 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F29D9C7A3 -20240828100324 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F2A3C434F -20240828105814 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F3151094F -20240828111427 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F33641C63 -20240828113247 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F35BB7B0B -20240828113333 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F35CD9A97 -20240828113540 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F360A482B -20240828115349 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F3862A7B3 -20240828115426 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F386EC997 -20240828120438 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F39B5CC43 -20240828121629 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F3B334FB3 -20240828121657 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F3B3B734B -20240828122545 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F3C524DB3 -20240828123158 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F3D1B196F -20240828130157 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F40EB0D47 -20240828130238 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F40F7E253 -20240828134737 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F46C46D3B -20240828135646 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F47E7985B -20240828144149 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F4DB24103 -20240828145157 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F4EF2EE0B -20240828145816 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F4FB0AC7F -20240828151150 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F515FD9BF -20240828151822 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F5229B63F -20240828153933 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F54CF3923 -20240828154759 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F55E07A93 -20240828161625 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F598D643B -20240828162500 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F5A998FB7 -20240828162916 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F5B1CC43B -20240828163955 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F5C71914B -20240828164552 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F5D2E5D1F -20240828170129 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F5F34D397 -20240828172001 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F6192353F -20240828172046 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F61A3C147 -20240828172320 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F61EF7817 -20240828173414 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F6352E0CB -20240828173441 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F6359E007 -20240828180730 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F679AD6CB -20240828180915 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F67CD41EB -20240828180941 2 6 100 6143 2 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F67D23A63 -20240828181257 2 6 100 6143 5 FC9BE67A111C24C58B9D8DFF78C575F1AC8199BA90C7C86923636AEFB38B41C1282E5A8232B7B9AECD439830D372F7B8D22004BD6BD64F326ABA86F1FEA022C374CDDD3CA3F161873B1D51326B69BC26112479F45CDBBB0DF942D942333DEBECD3E705804408C841D2EA09535C2B5779315396B517A6C628C9E23DE15EEE013BB18D7B40EDEA8655765566F3923B6EEA21853E436480D25D1D7172F02B16814BE600FBE715963C7576E022AAA046EA7D25B4642F7626582BE4ADF0E251A6677DFC67C49260C444D7825A03685A5BD789A13E1AAF1970ED54C71B234682E3AAF67EEFC3875C8868086EE6068A48E6C4E7A7BBEE17505D4AB7E8ACA56E336490553B41E1ED5D023D2D2DBAFC3362D8CDEC1809F4A37845A1DB87AE4D7AE6F6D941B0AF97921C9E659331B524F47EF80EAF574D5961DB05724C17F45686389361D29A234BE063DA02D889905B8B1B5BA87355B60F5FB44CFF859415F439DAC677F1D5A1563B22236386D0CED95BE925C51D22F2173B579B1EBAE7E8B8EDB26A8532FD6DE7E1F33D6BF984BAF3AF00A2C382A7B354C77F029D041FB132BF27C430320DFAD34530246D6CB04D7A78F5364186A9A86B359A9F5FD28D4B9ABCF51BE2C955CF8102D64B322A50FEF96DD5C4D21268D7E044CC52AB57AD26BEFED1634C24BA947F1DBD024BA9A3CD94EEE0DA0CA9FD481BEB41BF6DB6ACF409E732C482643D5D5A5B720B26E618C7AA244B8F7506CB8FC8299195D03E30B03C6263A75AACBC3A32C9A7DD5D7653537125BC0FE7241A410DBF8E04ECCD1486DA3A321EAF36C5A5DC40A0FB262A64727CF7AE645BAF538E8784ECA49E1A277B29C56B8D1AFF2BE2E1665906C48A58230497091B47EF239C5D34FB19C25D89BB0B8573E8417AE90FEEB6FAC06F9F60A6C57F1D4E3325FB0AB1A3A088B4133A319158CBDDCF0CCC2938F64E0029F0389FAC55BFC1F0D0F15B2E70799562C53FC3D1D97CCFA25ED83FF115503D44A7A91FF295AD2F1BC598FE86B8AE7DA77773179A4A0EB0ED618102D880D9963798BF91EB6E16870A4AB9E8137E1D6503ADD39D8E8F683B05BF -20240828182555 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3180CE228BB -20240828184406 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3180F2F287B -20240828185315 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3181059FDFB -20240828191106 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31812A21FB3 -20240828191122 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31812A28277 -20240828195243 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE318180489DB -20240828195610 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31818728F67 -20240828201325 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3181AAF829B -20240828202233 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3181BD9FE33 -20240828202820 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3181C96132B -20240828204913 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3181F3FE8A3 -20240828205946 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE318209CB6D7 -20240828211537 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31822AC1387 -20240828220459 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE318290F4E1F -20240828224012 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3182D9E3A03 -20240828232844 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31833F1DD7B -20240828233400 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3183494A423 -20240828235802 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31837ADEA57 -20240829001115 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE318395E7B83 -20240829004718 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3183E0E5603 -20240829004844 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3183E34D98F -20240829005431 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3183EECD0DF -20240829010933 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31840CEA00B -20240829014049 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31844D61FFB -20240829014355 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3184533474F -20240829014829 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31845BEB5C7 -20240829015142 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31846235FD3 -20240829015517 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3184695C7FB -20240829020608 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31847F7E373 -20240829023600 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3184BC56B47 -20240829025737 2 6 100 6143 2 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE3184E74875B -20240829031846 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE318511B9B7F -20240829033452 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE318531C0F27 -20240829034004 2 6 100 6143 5 C272750D88E88AEF9E0F2188FF6C61DE6B22B20E1C1D5A5E5B13A9C97ACB497B050868137519E1EC9CAEC9ABE3D69DC4C96ADA353B3809627C938691FCC17E260254A0ABF1FB7629416CF61DE72AC7B91EAC39F9A9CC38B729272D78976679C9F93E0E67BAC79B88598FA5B160A9403FB851D2046A6A319C55E028AF6AEDCE7588403635FDFEABCF52C2EB9D7CB86F1CEB17DF39D951744D332D51302626F56AF310A3E20B3BED391B713FF8589D35E44DE1DA41D70EE06762C2789444107C50101D55738975C05B61243016DBEFAF2521C724FCFF279D34EE418052A2AE927474EC5C055ECAB0B2E1F5E6EF378EEB15A7ECAB59638A0A7163577121789E3301236F63178910C6AEDEC6664DED0F0762D6F6854B44BC811A03E8627DB90D7A2E9FC85D32B498E8E5A92BC771A6D9C8E9A967F3EC3C0927926021B97FA8A201C22422BD61E330920F35AE966B43CDD8B6EC853AA8F1CE0C1061C152826F9769746EA7E06325B50A9C3D9B7A88C5D22B68556E24ADD0664F0230DF4896F53319223F39D68B6507E213ACD50EEDE83AAB51E3C4B020B6F0B0AB06CB071460D139DC597ADB530E51FEC7EEF6D5111BA3A7EE874B4708ADC8186D2D5326DBDF692E60C6170AE64590151BB6ECA0AA51E6233148C7D78034812FA93C6A7F7864182D576BB83714C3A4E17228B0D4569F70C451632477265A2A40B9419A13408BD7C3B33979589A112D6156484AD84560272D7717F763507AF92C86F4475669962B63A2BAB2EE0CAA835B90A7DB43CF8A2879674B60B1B1EC25933019968455AC054BCA392EF57C3C76D79AE684894BD009B97AAC3754537E85C93C9F96D59B8359C055B1B7109086E4DC7F55CEB628BFAB792B931B955AADA57FA6A8CB019B1ACE092199C0E5F94855DFBB08E3DCA886337842F363B8117751C5DD48DD431E903C2B1C7677FE2AD42A0CCCD2677B9A4774E9168A2C4C1B8EA5267971D0DD6BB91320A677928D2087069C7D460BB4E72698AED4F7127975D49F87D52724DE830C66F422547D0B934F32F4E9FC0617A6D2BB022987EE13330BDBA970A8FAE31853C097B7 -20240829043625 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187E5F08523 -20240829053823 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187EA33BB33 -20240829061611 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187ECC3E213 -20240829064111 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187EE73FD37 -20240829065111 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187EF1CB167 -20240829082003 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187F52294C3 -20240829091934 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187F92CC467 -20240829093659 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187FA58CCB3 -20240829103319 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD187FE2DC683 -20240829123824 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18806C1B393 -20240829130958 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18808EFDAAB -20240829135456 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1880C119733 -20240829150211 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18810B3AE03 -20240829152452 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18812362547 -20240829171859 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1881A26609B -20240829181704 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1881E2C3E3B -20240829182818 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1881EED38A3 -20240829184006 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1881FB9391B -20240829190814 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18821A70EA7 -20240829195154 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18824BB04C7 -20240829200011 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1882546EC8F -20240829203003 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD188274D620B -20240829220907 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1882E2608EB -20240829221444 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1882E810C9B -20240829222440 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1882F2EBA7B -20240829230449 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18831F68C1B -20240829231044 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18832552757 -20240829233827 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD188343C3EAB -20240829235120 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD188351A81B3 -20240830003221 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18837F06443 -20240830011832 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1883B1C9E73 -20240830013013 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1883BE3681B -20240830014610 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1883CF597DB -20240830032931 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD188443580AB -20240830042102 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18847CB52C7 -20240830042255 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18847E4A687 -20240830052035 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1884BDB09B7 -20240830053449 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1884CD217AB -20240830054036 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1884D30808F -20240830060721 2 6 100 7679 2 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD1884F02040B -20240830071657 2 6 100 7679 5 EF541828E23A6BB90EFE9D9BEEDD3F9DE2E08069B8FD3ED88F27CD7E4F00AA272010368A26104FDBE69743D020951E909C76D9EF11E8050208720244763E9D59526B99F462FAC17E3A1ABD3B328C80753B1777D032397E4E3BDC90FB275DE027A21362A8FF88456ED3A9F397C045745B0C4D090D10304B86631AE9561AE9FD3C9FEB4490FD074E78702F4187A8E5CE8E7AE1E66593C34B9F08153994E70FE56B9CA823FCF1C176E875F6654CCECDF52463CDA61BE848C5B0E9CFF4E908CD0AA9BD4F4A58DF5996AAC3D411270CAD4BAC154467F91184713B4EFCFEE7922C8F58F9259937935A94A7791E99F4838EE1981A3EC9E6A2C44CBC10ACE390882CA40592D13E91AF49C78C4D518D9EFA98142A9102970E721D6ED83981164C488AD25BBC424C235C7AF62C4B4170EFFC11FA6EBEA4661D320013FFA6A4DA1EAE2F0545B95FD4E13B182BFEC226A01C3B46229FCE86A9E11B3E026326C1BA745510DDE4FCEB777BE42D1057DAD45ACEAB111C907760669A0C1F15DA4F5B8180E844DD5D602F7FAE7D16A5E8A2929E804A1BD17D38866A5EE3B1F50C3054C5E397969BCA2008DC96503513217BE8D2F15FB9DA26A8A5FE981111EC64CBEE1420D2DF7853B17E40766873E712977C1043237B39E2DE3868D079D96D76ACB24123AFDB5C6A6A9BCD40ED4C696EDAC4FE015CA982535A2A84B1A42767E1FBFB936B9FBD72CF98993C6B1EBDA16BF03FE325FA62511128CB669EE148067ED9A10338F87E4D3D39FE695A2F99B5D645A7653C3EBEA517FAFDD9CFF12B54E947A64BE8564A3851EA0F7A09C8C2E3D78FE0D3739ECA465A81194B8760F4F7213737C3FBE0E2F13704E7FDE2EDC91E22F1B76327CAA49BEBCDB1A33F178DA6F38666D09942532843CD95E61891A54EE7745D731FC2AD6B434D42F300D19176DBDD94594E3EB018EDC8666E89FB4C205A3D70F07F96AFA887F6D4A2FE573E77FDDD28D76F5C15C34CADDA8B9652FBEBEAA4CF56260833B160E8122141D17DE72CAF4859EB84CCACC341B7790A2D9B297538549451FBA5C47A37C7A99E31AED087BDF7F9E79D99CB6FADDBA30ACD5CF06FAC18DE33A94A8FC08ED8D93A24CDD7DAE09CD8CFF1C918173B32C10CE0F5EE9ED40D2BB3173370E941158C448617E4251E522CCE793B1A4399E8A39B923BC594AB453CE0145ADD622DCDF98D7D9A1E3C3C4BF128194857AC3959468BA2C2540EB5438D165F04D0A0D15BD19A5EBA1F7D6F82848877E480A20859C002F448716156AAD2008E4A7694E4F4C346C4EF359B21BB984C2073FE3E95DF3B183EFAC45BC426E3A569703F6C48DB20F7A32CB7E7C2ADD18853C7A8E7 -20240830084720 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FEF75703DB -20240830094656 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FEFB626A2F -20240830095006 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FEFB909467 -20240830110930 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF0108EC1F -20240830112637 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF02315BCB -20240830113545 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF02D19C77 -20240830134211 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF0BA3E697 -20240830134427 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF0BC3CC37 -20240830134817 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF0C009ED3 -20240830145923 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF10E44067 -20240830161320 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF15FCEA4B -20240830170319 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF197243AF -20240830171339 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF1A211BAF -20240830173745 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF1BC7E24F -20240830181908 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF1E96C5DF -20240830181940 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF1E9711DB -20240830183135 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF1F5C367B -20240830190740 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF21D6FFCB -20240830192133 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF22C8073B -20240830213430 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF2BE900AB -20240830213722 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF2C10C36F -20240830221923 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF2EF2814B -20240830225347 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF314EE303 -20240830231356 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF32AF8B0B -20240830234723 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF34FE61CB -20240831004647 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF3918C417 -20240831020149 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF3E4B559F -20240831022637 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF4002F243 -20240831030552 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF42BB548F -20240831033741 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF44F1D9D7 -20240831034841 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF45ACBE37 -20240831035452 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF460E12C3 -20240831053706 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF4D2CFB27 -20240831055400 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF4E512613 -20240831073419 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF5532694B -20240831074414 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF55DB1637 -20240831081807 2 6 100 7679 5 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF583421DF -20240831090302 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF5B405DA3 -20240831093205 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF5D338B6B -20240831103110 2 6 100 7679 2 D5949FC6991BCA2FAE324A3249CCAE8A99AEB0E6E81054670B5BCEA51FAB2D6C0A271648412828FAE2E356A85355BD9DF43DDD71F82F93494A6E4F0F78E998A4B13481478A814CE13A471D3BC48EF5A2BFDF48E920696BA74DFE2672ED7FC456B46C6CE48C129701E0D0DE344FED8581E2F1D010735EBDC6E9683D892CB2C2A164B500A5D2A9A41D8FCE24CDFD4A8DBAB66671B3FD8B6275C3482A10A73D2C1FD50627B4AAB5F81C67FDAA3D3AD28E916D9DF4F6E9035BACC614A3FC352650DCB94BBB4C3E40CDF33B242FC97C9D5BF655DF4672F496FA8B619B515DCB37932CDF25313659B982542675BA0300768C7BEB3EEC64BA9E0EB247B0B9D000E0BB07C3E054B5DAA9CE521C54EF0A1DC00203A4F723FC2361DAD5AC276C723044DD3B56A3B4C38C46CD3E9510AD9264BCB2AE52EA59F4B3CD500B7134135784D994C42CF8DCA5E90937C53A19D8DD356BB868CCE05A982F7204F1D3C19CCD16873CBC7CA44BA2D34B57E63F092B93C075530ED66177BE42F1677E4EB1A18EA0ED62C654F04B68DE9DD4A9C1AC509CE5DF1CF266C6A16696F858C024C16A95AF16105D9E778BD3A9FFE09CCBE4454EFFE6A309F629434FCB894B42BA2FAD7C4BA7091301422C347ACCB39FF801F97F36B3464A7B84C4C4A85503DD7BCFD97462AFCFDE1CF4C8FDA6FC5019B262C3E58C77E28BED5A2583B28DBA0E59D5665E7A5339A02C976FD31B4797DB945851DE5164A9AA3359F1A35E31357314DB6C82B5DB62D70BB7C22B3C110A0495E2B7200104FBD230C9C11824601EF4FA78ABDA0D5BF866B2CA6087E20AB2C8FBE1FFCEA5D19F11EB801002A801D9A72678009269FEFE57A4B8D389047D05F03C5472F5FB731C5BB3C5E2A9BA907D496E10FB953D953F650602639F37EED2F65424056F92CDCAA33DD65E714EF3D5419E7B4C1CE77A40D441962F2D42135ADD4951E90CC0FC85C2946C82F74C9B1398D6A086BC7EAA1763173AEF572969FA738EE079BF5C5EFAF8E4D99DB8618E646876342CC8BF3B1A62F969265FB633700F4CC598AB407F84BD2B1AD496AF8E785063078688A86AD6B4E4ED2CA31AF2F7899D0AD613A57BFA5746F743A62F66105DEEEBF637D9ADCBF941E4728DDD5D03AFE58EAD827B154BD22C00A94822A240DFE575479E9C00E38064BBBD1A5B511957045BFE40951312B2F5F5CC45CD94823AFC0CD2BE902C2E9DF92D87C8E24308E788EC48187B2EB69516AC9D7CA97C0E1C610320AFDC5767FFAFBBE16EA80B8E2CF1AA030FD86E803A19CC2BEF8CDCF8A7A1BCF82A1ADE289ED2733AEFAFA82296C331088447B110D8AC831708F631EB967936B2FF61456293 -20240831121754 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB1349E143 -20240831124443 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB14CB7AFF -20240831135558 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB18CC80A3 -20240831145738 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB1C36864B -20240831165313 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB22B0FAD7 -20240831185249 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB29880B2B -20240831185952 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB29E5889B -20240831194619 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB2C7FC84F -20240831230544 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB37F47B7F -20240901001522 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB3BE4A76B -20240901013228 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB404463B7 -20240901015829 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB41B1142F -20240901025646 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB44FDAE87 -20240901031615 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB461000EB -20240901042008 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB49A1BE47 -20240901044227 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB4AE1A82B -20240901064528 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB51D37F37 -20240901073955 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB54DB30B7 -20240901080825 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB56740653 -20240901083546 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB57EF4EAF -20240901093005 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB5AF60F7B -20240901122015 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB64814643 -20240901124800 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB661018A7 -20240901134700 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB695D723F -20240901135853 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB6A06CAEB -20240901140005 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB6A0E0D2F -20240901141551 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB6AEB6337 -20240901141841 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB6B0A7C53 -20240901144342 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB6C6CC963 -20240901151624 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB6E3F7CCF -20240901173158 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB75F13437 -20240901180438 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB77CD90AB -20240901182042 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB78AD2B63 -20240901193908 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB7D18983B -20240901195652 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB7E1244DF -20240901202100 2 6 100 8191 5 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB7F6CD3C7 -20240901210156 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB81BA121B -20240901220732 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB8571A7D3 -20240901233244 2 6 100 8191 2 FE0FE5928DE815B6A6B360EA50D7859C014FC47CB277FE8AA545E89E2D34791ADC80654D6B276978CAD4E12481459D6E40E32CD8500BBE14ABFBD4E72A14280C66F25A30CB81F885761B07BABB863C9DA0ABEA9EAC4ABB8BB272AD3ABA2B808CB6B12A4A5D68AF9B47FBF91C1AA08C7738B911583E29F339BFB9C46B193071A3BD7297521767A34B002F0EB1470246325AD1D48E7C7EBCFEED0866747ACC8FB2C731FC1D73C52F3868C1071D92BDF96037BBAE974A789968F22ECB1CBA7129FD2D524F0D4109DCA2E056483DDBC90FA159982AEB86F929E0D05188B4434C0AC1F071B6F431D08201E683F95CE6D2B4FA354E74F346144E52DB92A0F468ACCC0F8AE53C8BD1818CC577F65DE4188A6E2E10EB84FF9A31B04506E2E8ABD48FCA067B44348667922B7479EBFB9E6E5B8583C4AED84CEC8CCF3A3C3082A3519D2EE53917A09BBE4A52D1F8EA458F493D9D272B49529E6FD509A4EBC7E0927ADACF86C5C8BE31DE98EE65F3FA6CCDB9C308971118C68AF076C64A42745E9485C79AD78880C9DDD03D9529A71C4AE4D8A976C6461119E8CB44536420EDF4AC2499748F3078A1749E6FB4F8F8DCBE64962610695F1DB0BE4FE879A34D7A9BC94DAF492A9259C521F690EC1B00966F855C4B42C2D189B8AFDC34CFE3D49D974820287EE978495D640D80766C4CCA16D92117610A7DF97F444FC5B9B72C10BB8D632255C465F4128092C57B99426E4B0FD336BFC2455538E48FFCDC8CFFFC2064FFBC5FC0FA3CFC6A37140EBADEBF6C1F60C32F650C42988212D00CFFE0DB9D975F991A950D2D8C6B47676672EDB553FD8AA505E69BCCB9C89096FF1F5F5369F285EB8CE629FA7B56923824C3FFD7A2050471A4D90EC9DF24C22D9427267ACC6A13AABA1710B9469EE96E106468410866076B98D19B3E36F4CD052B89A35786D318FFE6EC0805E73A23E41C79B5287E0FC7618C2B4AA89CA27C8DEB5D016109ABEF7651589F4CBC413D3219945E35D243E8A6D3908735B01333F527C9CD10E5F0B2467C9F3623BCBC0008106B6732BD0CCABEBC331A463726BA783A8C036339D60B6B9AF8671D2AD57E07B6C445F23DD6B6FCF82F7B856FFCCC57A5C0B1D53F2E7930107B24009AB14883B20371E427A4FDBB0EFABB9B182071FF7BD4675D7CF47CFE9C17D9B9EFF98210EAF8D87638848AF6A6E1A5DE6AB975C96DE99352B534F639697EB6463F5F66A8613E24E462C92518A663725C023F18975A943FE89E9EF2C075F0FCA2AED88C2D61D0BCBE05629A88CA424A70B7EBEF17ADFC9005531FC01E2132C6AC685B36CCAF52DA039D0139E7E52E435374F4FF898005B84E75CACF730D262E66977FA18D5653538E9D7DF66B5684D7E3107E9F4A7A5EA5949A292D2CE9EB0B2AA76D737623614130364318DF1EBDE95676B507EF5CC76F08A8FB8A40CE93 -20240902012852 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D46ED77CB9B -20240902013705 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D46EDE42B6B -20240902022309 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D46F07C42B3 -20240902023700 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D46F13D6B9B -20240902033157 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D46F444A467 -20240902074115 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D470264825B -20240902081217 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D47041D069B -20240902085634 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4706993BE7 -20240902095212 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4709C080DB -20240902103310 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D470C00A7DB -20240902113925 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D470FB7C81B -20240902145636 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D471ADD1BC7 -20240902162039 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D471F910B07 -20240902162513 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D471FCD9837 -20240902170958 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D47224EBF47 -20240902195925 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D472BED92A7 -20240902201041 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D472C8835C3 -20240902212334 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4730A0A15F -20240903001824 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D473A91EE3B -20240903003705 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D473B9B08CB -20240903010010 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D473CDEB7B3 -20240903010348 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D473D0B3A67 -20240903034119 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D474614297B -20240903040728 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4747910563 -20240903051146 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D474B45E3DB -20240903064823 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4750BE2633 -20240903064907 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4750C0835B -20240903101831 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D475C6B64DB -20240903113322 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D4760A047BF -20240903122505 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D47638D75FB -20240903124220 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D476482E71B -20240903133142 2 6 100 8191 5 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D476752BA3F -20240903143834 2 6 100 8191 2 E90C219E279F374756F460D972C0503655CE6346FD0F611E8808CD4ADDDCE308981860661516592055313E99D7CC26BBCEE76FDE697801AA2827379287137910127F9107DEA68C3FAD7DBC9DADC15102DA2C4D890186E4279C8590E5D3F90E1B93EAFA540386086C4B55AE83AE5C7EB5FD9478B16F1143BB97202E24CE3FEE6E314B308A8CBC1F2938D7013654B6A5D141D4422375EDDEA2C2011231C5C83F318FCBE6A8FBEA20D8E9C2618D45DEBE36611557447900B4B8248A25E4D523C3D9DCAB1F1C1A7CE5EFD7FA4B1BF34486F5737F61A94C20D9268CCC52785FBF8CE06D605997A8DE54E76D7F566582C8C064E244151FD43E7B97368891F274FF1D1EBB9627BEBE9B9B202E656445873198D32286D9D8F9F0387D3ABC6C0C74C9FEC8FA935C5F43287AA191591A6ADF80EBD6EB5B58C2524BE2E2E3000A25345A7D082B7AD136133E87B4BFED4C20EE58055EDA6E9D2E2F15E299D14E11919F2C3029CE1C818D5D30EA68D0458F3B1AB30923F55F84A3BCF14137B547D56CA353F3BB7EC6F22705CC0B14FBD8D7E869325B688AA759C30FAFC74A01567BD785F4ED1F0ED1B7B82F00467A687EC3BB12A246B620B2FE0B9783C222F999CCB7CEF6FA2E3FE4DE652FC0C4B21FC4DF2CEF7981F644FB2158B208C71C68C6974D4D1090C830379707BC30C7748487EB922A4B40CB0FE33B5B4A8E22354ADB2020315D043706D608B1213A2974ED5CC6EA8A520E3147667DD81F4294313AF935C528C82B659B7A169F4B11CD03A3D35546A4E4E2FF79DB6173F3A762B22EBE4BE5B49DD4951A6BC27D5EDD8486E2105561B9BE23F1826BC0579A482AFFD99508E09F17A20419F56A31AEFADCBF816706BC1B47420A7C66A19AF1A725D691CED949F9135404B35237E6B07A037F87F4515B7F1FD5B2A7B3B562ED121A12C1B4BF9E408A0221922B10B78B9D75B81381853BBF734BBE33E12602D4191BCD47B57FA20803F1D75FD4D5A077D50DD537A6B38AB09A1A3C1B30845A0D92AA38BD1B7D1F1AA1AC9FE9CD0A0DE23BD1943A99793D18FC08BD9D7744B62D460263F879087A996FC2868675FE43F7026C6C3C93187C629AF58038F61E3072D8A4B42ABFD1639C5F2289E0A974FFBBC67FD2BAC657BC3C582664A6AD8B940E8F8596FDB8B6429C1A1F06AB1249C9A03F271F66550503E9613277D38DC63031F21AA7C8C9B2D91D6F6B7C036BAB18B5FC8900E4679992DE4BAA2CF202787D521D1545AF4A090E8E17F7E8012C104791D2F6025A41C543F9D85C1DD3EE5757CA2445697075C87D0334FD0F5C9AA8EAFF4A8A4AAEDBE7F2C80151066C7A0F05B3A6B6E5EFD1DE7FE9C53421A00BA9917C732D4735ECEE42CDE994FA6DE2C171207B2A4ADE76EC4411C2171F7C7A0E05C37E3BE842F224A3F8FF6A55DC806FC3F7904147910B6D476B1AC6BB +20241129001801 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E329A8EFF +20241129001804 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E32AA678F +20241129001808 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E32C4EBAB +20241129001813 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E32EB8EAB +20241129001817 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3308D17B +20241129001819 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E330EB1EF +20241129001825 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E333E0923 +20241129001832 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3370EFD3 +20241129001904 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3471A693 +20241129001908 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E348736C3 +20241129001923 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E35021F83 +20241129001930 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E352FB613 +20241129001942 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3591257B +20241129001946 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E35AB042B +20241129001947 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E35B082CB +20241129002012 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E36777D7B +20241129002017 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3697886B +20241129002030 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E36F5B2EB +20241129002036 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37249BD3 +20241129002045 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3769C1B3 +20241129002059 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37D6FDAF +20241129002102 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37EDB2E3 +20241129002105 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37FA449F +20241129002109 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E381694E7 +20241129002127 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E38A56437 +20241129002141 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E391852F3 +20241129002144 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3927ECD7 +20241129002150 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3952495F +20241129002154 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3971FEDB +20241129002226 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C8F34FC6B +20241129002249 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C8FE809EF +20241129002253 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9008BDF3 +20241129002312 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9099D883 +20241129002320 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C90D2E5BB +20241129002328 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9111A1E7 +20241129002329 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9113E88F +20241129002336 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9148164B +20241129002339 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C915E0DCB +20241129002340 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C915EB103 +20241129002420 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C92A19C97 +20241129002428 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C92E090AF +20241129002433 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C93040BCB +20241129002434 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C930B22CB +20241129002436 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C931188B3 +20241129002446 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C935DB5F7 +20241129002507 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9408C96B +20241129002510 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C941D429B +20241129002527 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94A15E73 +20241129002528 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94AA3DAF +20241129002531 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94BA0ED7 +20241129002538 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94ECC017 +20241129002543 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9511A1BF +20241129002558 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C95871257 +20241129002602 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C95A7B2AB +20241129002617 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C961AFC4B +20241129002644 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C96F5DDA3 +20241129002646 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9701A557 +20241129003212 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD31A6F92F +20241129003232 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD31E1E02B +20241129003238 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD31F02307 +20241129003247 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD32089003 +20241129003331 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD328EF3EB +20241129003450 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3388738F +20241129003549 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD344433C7 +20241129003558 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD345EB43B +20241129003708 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD353F77AB +20241129003723 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD356DF4FF +20241129003747 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD35B352CB +20241129003812 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD36020023 +20241129003842 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3660A2C7 +20241129003859 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD368F747B +20241129003902 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3695A29B +20241129003921 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD36C9F673 +20241129004005 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3753CA0F +20241129004008 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3758F683 +20241129004208 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD38E3CD3B +20241129004221 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD390C377B +20241129004322 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD39CE5ACB +20241129004335 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD39EC486B +20241129004341 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD39F7B37F +20241129004348 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3A089907 +20241129004413 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3A5136DB +20241129004447 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3ABE89AB +20241129004614 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3BD9A0DB +20241129004627 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3BFC1AC3 +20241129004630 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3BFE5DDB +20241129004648 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3C3863FB +20241129004754 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3D09984F +20241129004835 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3D875973 +20241129004842 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3D958953 +20241129004906 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3DDF57FB +20241129005005 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3E9E3063 +20241129005036 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3EFEEAC3 +20241129005052 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3F2A5E03 +20241129005537 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD42DD9C2F +20241129005637 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB14E5B5E8F +20241129005819 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB14FA714FB +20241129010001 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB150F56483 +20241129010010 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1510A25CB +20241129010049 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15189B8EB +20241129010057 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1519DABAB +20241129010104 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB151AE01C3 +20241129010114 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB151C91AA7 +20241129010216 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1528CD42F +20241129010239 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB152D65F33 +20241129010312 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1533E97D7 +20241129010433 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1544811A7 +20241129010523 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB154E65E7F +20241129010605 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1556C058B +20241129010625 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB155A73F37 +20241129010718 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB156533A8F +20241129010827 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15733560B +20241129010830 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15735A50B +20241129011308 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15AD92877 +20241129011325 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15B0BC97F +20241129011417 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15BB2F9E3 +20241129011431 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15BDC12E3 +20241129011445 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C01B8F3 +20241129011511 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C508C4F +20241129011527 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C8110EB +20241129011531 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C85C703 +20241129011741 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15E32BC9B +20241129011800 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15E6A8F93 +20241129011821 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15EACC9EF +20241129011823 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15EAE50DF +20241129011852 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F060CCB +20241129011901 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F1D181B +20241129011909 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F313CBB +20241129011934 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F7E3BAB +20241129011958 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15FCAB1D3 +20241129012819 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61ABEADA7 +20241129013011 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61B67DAEB +20241129013110 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61BBE4D2B +20241129013508 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61D3A05EF +20241129013753 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61E425677 +20241129014404 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6208D8717 +20241129014416 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6209BD93B +20241129014459 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE620D787FF +20241129015136 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6235DF3D7 +20241129015320 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6240443EF +20241129015547 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE624F1AF5F +20241129015908 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE626346E0B +20241129020133 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6271DA71B +20241129020353 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE627F5147B +20241129020617 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE628DC3E63 +20241129021223 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62B25B8A3 +20241129021913 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62DC6E86F +20241129021949 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62DFA5673 +20241129022203 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62ED03D1F +20241129022443 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62FC9341F +20241129022708 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE630ACA413 +20241129023102 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6322B2317 +20241129023226 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE632AFA783 +20241129023234 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE632B59A57 +20241129023429 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE633681547 +20241129023526 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE633BFD83B +20241129023744 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE634998373 +20241129023820 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE634CA05CF +20241129023919 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE635285DD3 +20241129024116 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE635E04407 +20241129024436 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE637222687 +20241129024611 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE637B833A7 +20241129024935 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE63905717B +20241129025344 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD87AD5A3B +20241129025405 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD87C61B07 +20241129025445 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD88010893 +20241129025701 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD88DA8ABB +20241129025807 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD893E4473 +20241129025930 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD89BD17B7 +20241129025947 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD89D220C3 +20241129030824 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD8D22E89B +20241129031329 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD8F0BC07B +20241129031515 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD8FB3CF27 +20241129031807 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD90C1CCE7 +20241129032416 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9313280B +20241129032613 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD93CCA2C7 +20241129032705 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD941819BF +20241129033035 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9564B557 +20241129033357 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD96B187EB +20241129033421 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD96CEF60B +20241129033539 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD974904EB +20241129033708 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD97D1728B +20241129033818 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD983ADCCF +20241129033844 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD985DB957 +20241129033919 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9890287F +20241129034126 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9958DADF +20241129034406 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9A557F5B +20241129034820 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9BEF30FF +20241129035154 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9D4E229B +20241129035209 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9D5EE0CF +20241129035316 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9DC2D03F +20241129035349 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9DF64ABB +20241129035856 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9FE86E1F +20241129040054 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA0A085D3 +20241129040234 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA13D2323 +20241129040334 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA19957FB +20241129040452 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA2168307 +20241129040614 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA29615EB +20241129040924 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA3C1BBEB +20241129041726 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA6CBD37B +20241129044525 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DDF12A47 +20241129045351 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DEF75143 +20241129045821 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DF7D9E33 +20241129045943 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DFA1A9DF +20241129050501 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E044C313 +20241129051930 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E20AE0AF +20241129052029 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E221299B +20241129052420 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E294985B +20241129053040 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E35A621F +20241129053505 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E3E2DAAB +20241129054958 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E5C2C407 +20241129060731 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E7EF06DB +20241129060801 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E7F7359B +20241129063045 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33EAD325DB +20241129065049 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33ED529283 +20241129065931 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33EE615997 +20241129070906 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33EF8D1D07 +20241129072522 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F19250B7 +20241129080348 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F6682AF3 +20241129082342 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F8DD796F +20241129082407 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F8E28AB3 +20241129082555 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F917C303 +20241129082910 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F97B2DB3 +20241129083433 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FA1DB177 +20241129090902 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FE76C9B3 +20241129090942 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FE840CCF +20241129091044 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FE9F0AB3 +20241129091214 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FEC8962B +20241129100858 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3405C51773 +20241129101114 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3405F7D2BB +20241129101614 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F34068F4943 +20241129103634 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F340916E6EB +20241129103953 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F34097696F3 +20241129104959 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F340AAE5B3B +20241129112051 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F340E9853AF +20241129124108 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3418BD011B +20241129125049 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3419E8F797 +20241129125233 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341A1B7937 +20241129130334 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341B7BA49B +20241129130855 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341C2258EB +20241129130953 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341C3B9397 +20241129131555 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341CF54C93 +20241129131844 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341D474B9F +20241129132228 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341DB5BA4F +20241129134604 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3420A2EA6B +20241129135907 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F34223A233F +20241129143314 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C7A9949CB +20241129150941 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C7F2EAC9B +20241129152304 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C80D59DCB +20241129153351 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C82259357 +20241129153442 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8239CBD7 +20241129154346 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C835408BB +20241129154536 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8387126F +20241129161648 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C87770FCF +20241129162459 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C887B826F +20241129162918 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C89023DAB +20241129165526 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8C3FAA43 +20241129170725 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8DB7E57F +20241129171144 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8E389D1F +20241129172847 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C90533393 +20241129173154 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C90AFE143 +20241129174539 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C92621483 +20241129180732 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C951D8D97 +20241129181538 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C961A0AFB +20241129182310 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C97054E47 +20241129183550 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C989CFDEF +20241129184809 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C9A2A2BAB +20241129185633 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C9B335EE3 +20241129190213 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C9BDDE8CF +20241129203945 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CA834CF13 +20241129204138 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CA86A90F7 +20241129205210 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CA9BFC2E7 +20241129210035 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CAAC70D2B +20241129210423 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CAB389E37 +20241129213344 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CAEE209F7 +20241129215808 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CB1F2A1D3 +20241129221635 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CB440830B +20241129222503 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CB545F1FF +20241129233015 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CBD76AB7F +20241129234110 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CBED26FD3 +20241130004028 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6132BC003 +20241130023838 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61B09AE47 +20241130030155 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61C91151B +20241130032532 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61E1854B3 +20241130035131 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61FD56C8B +20241130035951 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6205D0C3F +20241130040156 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6207AF313 +20241130042927 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6224FB4F3 +20241130043039 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6225C64C7 +20241130054524 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62750439B +20241130063335 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62A7BB5C7 +20241130074248 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62F113613 +20241130074437 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62F28387B +20241130083311 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6325DE613 +20241130093434 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C636728027 +20241130105425 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C63BCFA3E3 +20241130105534 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C63BDA41EF +20241130105809 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C63BFFF55B +20241130123724 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C642A90F43 +20241130131041 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C644DFE51F +20241130150424 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C64C717C8B +20241130162824 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C65210D3FB +20241130172212 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C655A47F4F +20241130174557 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C657367ECB +20241130215425 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C66800A377 +20241130230337 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C66C9D27F7 +20241201025521 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C67C131CEF +20241201034250 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C67F375247 +20241201035354 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C67FEC05DB +20241201043654 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0D77EFCE3 +20241201045113 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0D867EE3B +20241201061048 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0DDAE0C8F +20241201072458 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E29A61DF +20241201073945 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E39422AB +20241201081137 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E5B1C16B +20241201084445 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E7E0CB7B +20241201085943 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E8D1F5CB +20241201092406 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EA661BD3 +20241201094424 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EBB93913 +20241201104106 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EF85D8F7 +20241201104452 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EFBC6D8F +20241201115450 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F464B243 +20241201120212 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F4DBBAFF +20241201123240 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F6DA27E3 +20241201130824 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F939BADF +20241201171234 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED109A1419B +20241201182756 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED10EB1D8A3 +20241201190812 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED11163FE8F +20241201191642 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED111F0947B +20241201195706 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED11498BEA3 +20241201200433 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED115134B17 +20241201200527 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1151A85B7 +20241201205110 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1181F734F +20241201205604 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1186965DF +20241201232404 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1224C1B97 +20241202014307 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED12B98711F +20241202022245 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED12E394097 +20241202032328 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1324BD55B +20241202042741 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1368D4BB7 +20241202043950 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1375589FB +20241202051314 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1398AB80B +20241202054231 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED13B77C653 +20241202054750 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED13BCC7297 +20241202061721 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED13DC0C9B3 +20241202074137 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1435661B3 +20241202074315 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED14369BF1B +20241202081741 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED145AABB1B +20241202082834 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1465C7B4B +20241202090408 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474B4AD895B +20241202092818 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474B5FD49CB +20241202101356 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474B8749EB7 +20241202105709 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BACEBBE3 +20241202110503 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BB359FFB +20241202111809 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BBDFE367 +20241202113338 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BCAC42D7 +20241202114109 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BD0F195B +20241202140045 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474C4C2C8C3 +20241202145509 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474C7B5B2B3 +20241202180737 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D23791E7 +20241202190603 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D562B49F +20241202192303 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D64A0887 +20241202194604 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D788F30B +20241202202723 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D9CE5387 +20241202210310 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474DBCBA17F +20241202232141 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474E3833667 +20241202234441 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474E4C55853 +20241202234813 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474E4ED7847 +20241203020245 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474EC649497 +20241203022338 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474ED8847BF +20241203022652 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474EDAC6223 +20241203031204 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F0205823 +20241203043100 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F484158B +20241203044332 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F537BA23 +20241203051425 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F6E6415B +20241203055801 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F953468F +20241203062624 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474FAD661D7 +20241203075312 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474FFA46B5B +20241203095857 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4750696836B +20241203111915 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4750B055A7B +20241203151709 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4751817A103 +20241203162310 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4751BBFB51F +20241203173052 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4751F72906F +20241203182303 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F475224CDDDB +20241203194121 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F47526993A97 +20241203203340 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F475298312DB +20241203203518 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F475299334C7 +20241203220054 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4752E4DBDDF +20241203220341 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4752E6D1DC3 +20241203221452 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4752F062A3B +20241203224318 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4753098A4FF +20241204023709 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4569DF3BDB +20241204025228 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C456AB453E7 +20241204030908 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C456B95242F +20241204033647 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C456D1E7FC7 +20241204055147 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45749787B7 +20241204060833 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45757D2FFB +20241204064719 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45779594EB +20241204075858 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C457B89C8B3 +20241204095845 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4582223CAF +20241204102632 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4583A5E7A3 +20241204133310 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C458E07A8DF +20241204134006 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C458E603BF3 +20241204153923 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C459507D47F +20241204154043 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45951265E3 +20241204161206 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4596CC6423 +20241204161425 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4596E4BA93 +20241204172055 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C459A8DA68B +20241204192705 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45A16C53A7 +20241204212358 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45A7E3BB4F +20241204213330 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45A86569BB +20241204221629 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45AAC0BC23 +20241205021404 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45B80CC4F7 +20241205023328 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45B9166F1B +20241205040105 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45BE03F83F +20241205055343 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45C44A5013 +20241205065151 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45C77D34CB +20241205065416 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45C79803AB +20241205074544 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45CA71FBC7 +20241205081641 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45CC1BDF6B +20241205092757 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45CFFBAE8B +20241205110223 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45D53D4193 +20241205112040 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45D6362177 +20241205112359 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45D65CAD37 +20241205134041 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45DDF2FF47 +20241205135041 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45DE752163 From a79a2c1190bd3124da21d9e1582dd94877c7f972 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 23 May 2025 16:11:48 +1000 Subject: [PATCH 080/687] chown regress logs before uploading. --- .github/workflows/c-cpp.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 8c3d64b8cc7f..887d54af2102 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -152,6 +152,9 @@ jobs: - name: show logs if: failure() run: for i in regress/failed*.log; do echo ====; echo logfile $i; echo =====; cat $i; done + - name: chown logs + if: failure() + run: test -x "$(which sudo 2>&1)" && sudo chown -R "${LOGNAME}" regress - name: save logs if: failure() uses: actions/upload-artifact@main From d8b5bd36078e5b6d78da4633f0cc9b90ffda8b50 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 23 May 2025 16:26:20 +1000 Subject: [PATCH 081/687] Rename debugging variable RUN_ONLY_TEST. to RUN_ONLY_TARGET_CONFIG to make it more obvious what it matches. --- .github/workflows/c-cpp.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 887d54af2102..43380df42088 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -111,12 +111,12 @@ jobs: - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} steps: - - name: check RUN_ONLY_TEST - # For testing, you can set the repo variable RUN_ONLY_TEST in your repo - # (Repo -> Settings -> Security -> Actions -> Variables) to run only - # that test config. - if: vars.RUN_ONLY_TEST != '' - run: sh -c 'if [ "${{ vars.RUN_ONLY_TEST }}" != "${{ matrix.target }} ${{matrix.config }}" ]; then exit 1; else exit 0; fi' + - name: check RUN_ONLY_TARGET_CONFIG + # For testing, you can set the repo variable RUN_ONLY_TARGET_CONFIG in + # your repo (Repo -> Settings -> Security -> Actions -> Variables) to + # run only that test config, eg "ubuntu-latest default". + if: vars.RUN_ONLY_TARGET_CONFIG != '' + run: sh -c 'if [ "${{ vars.RUN_ONLY_TARGET_CONFIG }}" != "${{ matrix.target }} ${{matrix.config }}" ]; then exit 1; else exit 0; fi' - name: set cygwin git params if: ${{ startsWith(matrix.target, 'windows') }} run: git config --global core.autocrlf input From 7674c03caed80cb3565d14690c92068a14051967 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 23 May 2025 16:39:18 +1000 Subject: [PATCH 082/687] Allow setting LTESTS in repo variables. --- .github/configs | 9 +++++++++ .github/workflows/c-cpp.yml | 14 +++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/.github/configs b/.github/configs index a1059f935943..aa363be7d3ff 100755 --- a/.github/configs +++ b/.github/configs @@ -13,6 +13,10 @@ if [ "$config" = "" ]; then config="default" fi +if [ ! -z "${LTESTS}" ]; then + OVERRIDE_LTESTS="${LTESTS}" +fi + unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO TEST_TARGET="tests compat-tests" @@ -394,5 +398,10 @@ if [ -x "$(which plink 2>/dev/null)" ]; then export REGRESS_INTEROP_PUTTY fi +if [ ! -z "${OVERRIDE_LTESTS}" ]; then + echo >&2 "Overriding LTESTS, was '${LTESTS}', now '${OVERRIDE_LTESTS}'" + LTESTS="${OVERRIDE_LTESTS}" +fi + export CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO export TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS TEST_SSH_FAIL_FATAL diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 43380df42088..4acb1f5f2478 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -1,5 +1,15 @@ name: C/C++ CI +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. + on: push: paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/c-cpp.yml' ] @@ -112,9 +122,6 @@ jobs: runs-on: ${{ matrix.target }} steps: - name: check RUN_ONLY_TARGET_CONFIG - # For testing, you can set the repo variable RUN_ONLY_TARGET_CONFIG in - # your repo (Repo -> Settings -> Security -> Actions -> Variables) to - # run only that test config, eg "ubuntu-latest default". if: vars.RUN_ONLY_TARGET_CONFIG != '' run: sh -c 'if [ "${{ vars.RUN_ONLY_TARGET_CONFIG }}" != "${{ matrix.target }} ${{matrix.config }}" ]; then exit 1; else exit 0; fi' - name: set cygwin git params @@ -149,6 +156,7 @@ jobs: env: TEST_SSH_UNSAFE_PERMISSIONS: 1 TEST_SSH_HOSTBASED_AUTH: yes + LTESTS: ${{ vars.LTESTS }} - name: show logs if: failure() run: for i in regress/failed*.log; do echo ====; echo logfile $i; echo =====; cat $i; done From a4ea7f6042f25b41061a83445016a1ea4f470f7b Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 23 May 2025 08:40:13 +0000 Subject: [PATCH 083/687] upstream: Explictly set LC_ALL=C on each sort invocation. Remove it from sshd_config (where it could be overridden by shell startup scripts, eg on macos-15) causing random test failures. with & ok djm@ OpenBSD-Regress-ID: ad0a6678964784096e9a9e6d15ead36beed92f18 --- regress/agent-restrict.sh | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/regress/agent-restrict.sh b/regress/agent-restrict.sh index 057856f1bbdf..7fc30fa5467c 100644 --- a/regress/agent-restrict.sh +++ b/regress/agent-restrict.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-restrict.sh,v 1.7 2025/03/28 21:45:55 dtucker Exp $ +# $OpenBSD: agent-restrict.sh,v 1.8 2025/05/23 08:40:13 dtucker Exp $ # Placed in the Public Domain. tid="agent restrictions" @@ -52,10 +52,6 @@ done cat $OBJ/ssh_proxy.bak >> $OBJ/ssh_proxy cat $OBJ/ssh_proxy.bak >> $OBJ/ssh_proxy_noid -LC_ALL=C -export LC_ALL -echo "SetEnv LC_ALL=${LC_ALL}" >> sshd_proxy - verbose "prepare known_hosts" rm -f $OBJ/known_hosts for h in a b c x ; do @@ -84,7 +80,8 @@ reset_keys() { _command="" case "$_whichcmd" in authinfo) _command="cat \$SSH_USER_AUTH" ;; - keylist) _command="$SSHADD -L | cut -d' ' -f-2 | sort" ;; + keylist) _command="$SSHADD -L | cut -d' ' -f-2 | \ + env LC_ALL=C sort" ;; *) fatal "unsupported command $_whichcmd" ;; esac trace "reset keys" @@ -227,7 +224,7 @@ rm -f $OBJ/expect_list.pre for u in a b c d e x; do cut -d " " -f-2 $OBJ/user_${u}.pub >> $OBJ/expect_list.pre done -sort $OBJ/expect_list.pre > $OBJ/expect_list +env LC_ALL=C sort $OBJ/expect_list.pre > $OBJ/expect_list for h in a b c d e; do cp $OBJ/expect_list $OBJ/expect_$h expect_succeed $h "unrestricted keylist" @@ -332,7 +329,7 @@ if test ! -z "\$me" ; then cat \$SSH_USER_AUTH fi echo AGENT -$SSHADD -L | egrep "^ssh" | cut -d" " -f-2 | sort +$SSHADD -L | egrep "^ssh" | cut -d" " -f-2 | env LC_ALL=C sort if test -z "\$next" ; then touch $OBJ/done echo "FINISH" @@ -369,7 +366,7 @@ prepare_multihop_expected() { done rm -f $OBJ/expect_a echo "AGENT" >> $OBJ/expect_a - test "x$_keys" = "xnone" || sort $OBJ/expect_keys >> $OBJ/expect_a + test "x$_keys" = "xnone" || env LC_ALL=C sort $OBJ/expect_keys >> $OBJ/expect_a echo "NEXT" >> $OBJ/expect_a for h in $_hops ; do echo "HOSTNAME host_$h" >> $OBJ/expect_a @@ -377,7 +374,7 @@ prepare_multihop_expected() { (printf "publickey " ; cut -d" " -f-2 $OBJ/user_a.pub) >> $OBJ/expect_a echo "AGENT" >> $OBJ/expect_a if test "x$_keys" = "xall" ; then - sort $OBJ/expect_keys >> $OBJ/expect_a + env LC_ALL=C sort $OBJ/expect_keys >> $OBJ/expect_a fi if test "x$h" != "x$_lasthop" ; then if test "x$_keys" = "xfiltered" ; then From f097d7bd07da4634c1a723d1dc4fcf56e7d0e147 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 23 May 2025 09:26:25 +0000 Subject: [PATCH 084/687] upstream: Don't leak the args list. Coverity CIDs 481569 & 481570, ok job@ tb@. OpenBSD-Commit-ID: becabcd00513d13d1435b68b7ccffa7151b72393 --- scp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scp.c b/scp.c index 57c242ffc755..ab8ab22950ca 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.263 2025/03/28 06:04:07 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.264 2025/05/23 09:26:25 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -1224,6 +1224,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) out: if (mode == MODE_SFTP) free(conn); + freeargs(&alist); free(tuser); free(thost); free(targ); @@ -1306,6 +1307,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) (void) close(remin); remin = remout = -1; } + freeargs(&alist); free(suser); free(host); free(src); From 3e11478f585408888defa56fa47e8dc6567378d0 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 23 May 2025 11:25:35 +0000 Subject: [PATCH 085/687] upstream: Ensure args to nh_update() fit within uint32, which it should always anyway. Placates Coverity CID 470520. While there, fix the upstream URL. ok djm@ OpenBSD-Commit-ID: 2478e89fde089a49fa02f9faf6287d35959c9f92 --- umac.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/umac.c b/umac.c index d5958babfd34..df90352604be 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.23 2023/03/07 01:30:52 djm Exp $ */ +/* $OpenBSD: umac.c,v 1.24 2025/05/23 11:25:35 dtucker Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -6,7 +6,7 @@ * Version 0.93b of rfc4418.txt -- 2006 July 18 * * For a full description of UMAC message authentication see the UMAC - * world-wide-web page at http://www.cs.ucdavis.edu/~rogaway/umac + * world-wide-web page at https://fastcrypto.org/umac/ * Please report bugs and suggestions to the UMAC webpage. * * Copyright (c) 1999-2006 Ted Krovetz @@ -1089,7 +1089,7 @@ static int uhash_update(uhash_ctx_t ctx, const u_char *input, long len) } /* pass remaining < L1_KEY_LEN bytes of input data to NH */ - if (len) { + if (len > 0 && len <= UINT32_MAX) { nh_update(&ctx->hash, (const UINT8 *)input, len); ctx->msg_len += len; } From 0c64d69e4e24a3ab06f7922ef389e7399c4dfb88 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 23 May 2025 11:54:50 +0000 Subject: [PATCH 086/687] upstream: Include stdint.h for UINT32_MAX. OpenBSD-Commit-ID: edc29ed67e8bd03bac729d9b4849066d1d3a8cb9 --- umac.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/umac.c b/umac.c index df90352604be..5bf2e43a66fa 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.24 2025/05/23 11:25:35 dtucker Exp $ */ +/* $OpenBSD: umac.c,v 1.25 2025/05/23 11:54:50 dtucker Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -76,6 +76,9 @@ #include #include #include +#ifdef HAVE_STDINT_H +#include +#endif #include #include From 91903511d0597c3bea218167f9ca5a176fa0dc20 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 23 May 2025 12:52:45 +0000 Subject: [PATCH 087/687] upstream: Replace strncmp and strncasecmp with hand-counting bytes with strprefix. nits lucas@, ok lucas@ djm@ OpenBSD-Commit-ID: f0888807f151ea2bdaf6fed36303ae81f259d1d4 --- ssh-keygen.c | 132 +++++++++++++++++++++++++-------------------------- 1 file changed, 65 insertions(+), 67 deletions(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index 3217f084d384..e0cc35a77a83 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.478 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.479 2025/05/23 12:52:45 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -1454,13 +1454,14 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname, { struct sshkey *public; char *comment = NULL; + const char *p; struct stat st; int r, hash = -1; size_t i; for (i = 0; i < nopts; i++) { - if (strncasecmp(opts[i], "hashalg=", 8) == 0) { - if ((hash = ssh_digest_alg_by_name(opts[i] + 8)) == -1) + if ((p = strprefix(opts[i], "hashalg=", 1)) != NULL) { + if ((hash = ssh_digest_alg_by_name(p)) == -1) fatal("Unsupported hash algorithm"); } else { error("Invalid option \"%s\"", opts[i]); @@ -1970,6 +1971,7 @@ static void add_cert_option(char *opt) { char *val, *cp; + const char *p; int iscrit = 0; if (strcasecmp(opt, "clear") == 0) @@ -2002,24 +2004,22 @@ add_cert_option(char *opt) certflags_flags &= ~CERTOPT_REQUIRE_VERIFY; else if (strcasecmp(opt, "verify-required") == 0) certflags_flags |= CERTOPT_REQUIRE_VERIFY; - else if (strncasecmp(opt, "force-command=", 14) == 0) { - val = opt + 14; - if (*val == '\0') + else if ((p = strprefix(opt, "force-command=", 1)) != NULL) { + if (*p == '\0') fatal("Empty force-command option"); if (certflags_command != NULL) fatal("force-command already specified"); - certflags_command = xstrdup(val); - } else if (strncasecmp(opt, "source-address=", 15) == 0) { - val = opt + 15; - if (*val == '\0') + certflags_command = xstrdup(p); + } else if ((p = strprefix(opt, "source-address=", 1)) != NULL) { + if (*p == '\0') fatal("Empty source-address option"); if (certflags_src_addr != NULL) fatal("source-address already specified"); - if (addr_match_cidr_list(NULL, val) != 0) + if (addr_match_cidr_list(NULL, p) != 0) fatal("Invalid source-address list"); - certflags_src_addr = xstrdup(val); - } else if (strncasecmp(opt, "extension:", 10) == 0 || - (iscrit = (strncasecmp(opt, "critical:", 9) == 0))) { + certflags_src_addr = xstrdup(p); + } else if (strprefix(opt, "extension:", 1) != NULL || + (iscrit = (strprefix(opt, "critical:", 1) != NULL))) { val = xstrdup(strchr(opt, ':') + 1); if ((cp = strchr(val, '=')) != NULL) *cp++ = '\0'; @@ -2206,9 +2206,8 @@ hash_to_blob(const char *cp, u_char **blobp, size_t *lenp, struct sshbuf *b; int r; - if (strncmp(cp, "SHA256:", 7) != 0) + if ((cp = strprefix(cp, "SHA256:", 0)) == NULL) fatal("%s:%lu: unsupported hash algorithm", file, lnum); - cp += 7; /* * OpenSSH base64 hashes omit trailing '=' @@ -2633,6 +2632,7 @@ sig_process_opts(char * const *opts, size_t nopts, char **hashalgp, { size_t i; time_t now; + const char *p; if (verify_timep != NULL) *verify_timep = 0; @@ -2642,12 +2642,12 @@ sig_process_opts(char * const *opts, size_t nopts, char **hashalgp, *hashalgp = NULL; for (i = 0; i < nopts; i++) { if (hashalgp != NULL && - strncasecmp(opts[i], "hashalg=", 8) == 0) { - *hashalgp = xstrdup(opts[i] + 8); + (p = strprefix(opts[i], "hashalg=", 1)) != NULL) { + *hashalgp = xstrdup(p); } else if (verify_timep && - strncasecmp(opts[i], "verify-time=", 12) == 0) { - if (parse_absolute_time(opts[i] + 12, - verify_timep) != 0 || *verify_timep == 0) { + (p = strprefix(opts[i], "verify-time=", 1)) != NULL) { + if (parse_absolute_time(p, verify_timep) != 0 || + *verify_timep == 0) { error("Invalid \"verify-time\" option"); return SSH_ERR_INVALID_ARGUMENT; } @@ -2928,24 +2928,22 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) int moduli_bits = 0; FILE *out; size_t i; - const char *errstr; + const char *errstr, *p; /* Parse options */ for (i = 0; i < nopts; i++) { - if (strncmp(opts[i], "memory=", 7) == 0) { - memory = (u_int32_t)strtonum(opts[i]+7, 1, - UINT_MAX, &errstr); + if ((p = strprefix(opts[i], "memory=", 0)) != NULL) { + memory = (u_int32_t)strtonum(p, 1, UINT_MAX, &errstr); if (errstr) { fatal("Memory limit is %s: %s", errstr, opts[i]+7); } - } else if (strncmp(opts[i], "start=", 6) == 0) { + } else if ((p = strprefix(opts[i], "start=", 0)) != NULL) { /* XXX - also compare length against bits */ - if (BN_hex2bn(&start, opts[i]+6) == 0) + if (BN_hex2bn(&start, p) == 0) fatal("Invalid start point."); - } else if (strncmp(opts[i], "bits=", 5) == 0) { - moduli_bits = (int)strtonum(opts[i]+5, 1, - INT_MAX, &errstr); + } else if ((p = strprefix(opts[i], "bits=", 0)) != NULL) { + moduli_bits = (int)strtonum(p, 1, INT_MAX, &errstr); if (errstr) { fatal("Invalid number: %s (%s)", opts[i]+12, errstr); @@ -2984,30 +2982,27 @@ do_moduli_screen(const char *out_file, char **opts, size_t nopts) int prime_tests = 0; FILE *out, *in = stdin; size_t i; - const char *errstr; + const char *errstr, *p; /* Parse options */ for (i = 0; i < nopts; i++) { - if (strncmp(opts[i], "lines=", 6) == 0) { - lines_to_process = strtoul(opts[i]+6, NULL, 10); - } else if (strncmp(opts[i], "start-line=", 11) == 0) { - start_lineno = strtoul(opts[i]+11, NULL, 10); - } else if (strncmp(opts[i], "checkpoint=", 11) == 0) { + if ((p = strprefix(opts[i], "lines=", 0)) != NULL) { + lines_to_process = strtoul(p, NULL, 10); + } else if ((p = strprefix(opts[i], "start-line=", 0)) != NULL) { + start_lineno = strtoul(p, NULL, 10); + } else if ((p = strprefix(opts[i], "checkpoint=", 0)) != NULL) { free(checkpoint); - checkpoint = xstrdup(opts[i]+11); - } else if (strncmp(opts[i], "generator=", 10) == 0) { - generator_wanted = (u_int32_t)strtonum( - opts[i]+10, 1, UINT_MAX, &errstr); + checkpoint = xstrdup(p); + } else if ((p = strprefix(opts[i], "generator=", 0)) != NULL) { + generator_wanted = (u_int32_t)strtonum(p, 1, UINT_MAX, + &errstr); if (errstr != NULL) { - fatal("Generator invalid: %s (%s)", - opts[i]+10, errstr); + fatal("Generator invalid: %s (%s)", p, errstr); } - } else if (strncmp(opts[i], "prime-tests=", 12) == 0) { - prime_tests = (int)strtonum(opts[i]+12, 1, - INT_MAX, &errstr); + } else if ((p = strprefix(opts[i], "prime-tests=", 0)) != NULL) { + prime_tests = (int)strtonum(p, 1, INT_MAX, &errstr); if (errstr) { - fatal("Invalid number: %s (%s)", - opts[i]+12, errstr); + fatal("Invalid number: %s (%s)", p, errstr); } } else { fatal("Option \"%s\" is unsupported for moduli " @@ -3090,13 +3085,14 @@ static char * sk_suffix(const char *application, const uint8_t *user, size_t userlen) { char *ret, *cp; + const char *p; size_t slen, i; /* Trim off URL-like preamble */ - if (strncmp(application, "ssh://", 6) == 0) - ret = xstrdup(application + 6); - else if (strncmp(application, "ssh:", 4) == 0) - ret = xstrdup(application + 4); + if ((p = strprefix(application, "ssh://", 0)) != NULL) + ret = xstrdup(p); + else if ((p = strprefix(application, "ssh:", 0)) != NULL) + ret = xstrdup(p); else ret = xstrdup(application); @@ -3325,7 +3321,7 @@ main(int argc, char **argv) size_t i, nopts = 0; u_int32_t bits = 0; uint8_t sk_flags = SSH_SK_USER_PRESENCE_REQD; - const char *errstr; + const char *errstr, *p; int log_level = SYSLOG_LEVEL_INFO; char *sign_op = NULL; @@ -3560,7 +3556,7 @@ main(int argc, char **argv) argc -= optind; if (sign_op != NULL) { - if (strncmp(sign_op, "find-principals", 15) == 0) { + if (strprefix(sign_op, "find-principals", 0) != NULL) { if (ca_key_path == NULL) { error("Too few arguments for find-principals:" "missing signature file"); @@ -3573,7 +3569,7 @@ main(int argc, char **argv) } return sig_find_principals(ca_key_path, identity_file, opts, nopts); - } else if (strncmp(sign_op, "match-principals", 16) == 0) { + } else if (strprefix(sign_op, "match-principals", 0) != NULL) { if (!have_identity) { error("Too few arguments for match-principals:" "missing allowed keys file"); @@ -3586,7 +3582,7 @@ main(int argc, char **argv) } return sig_match_principals(identity_file, cert_key_id, opts, nopts); - } else if (strncmp(sign_op, "sign", 4) == 0) { + } else if (strprefix(sign_op, "sign", 0) != NULL) { /* NB. cert_principals is actually namespace, via -n */ if (cert_principals == NULL || *cert_principals == '\0') { @@ -3601,7 +3597,7 @@ main(int argc, char **argv) } return sig_sign(identity_file, cert_principals, prefer_agent, argc, argv, opts, nopts); - } else if (strncmp(sign_op, "check-novalidate", 16) == 0) { + } else if (strprefix(sign_op, "check-novalidate", 0) != NULL) { /* NB. cert_principals is actually namespace, via -n */ if (cert_principals == NULL || *cert_principals == '\0') { @@ -3616,7 +3612,7 @@ main(int argc, char **argv) } return sig_verify(ca_key_path, cert_principals, NULL, NULL, NULL, opts, nopts); - } else if (strncmp(sign_op, "verify", 6) == 0) { + } else if (strprefix(sign_op, "verify", 0) != NULL) { /* NB. cert_principals is actually namespace, via -n */ if (cert_principals == NULL || *cert_principals == '\0') { @@ -3693,8 +3689,8 @@ main(int argc, char **argv) do_download(pw); if (download_sk) { for (i = 0; i < nopts; i++) { - if (strncasecmp(opts[i], "device=", 7) == 0) { - sk_device = xstrdup(opts[i] + 7); + if ((p = strprefix(opts[i], "device=", 1)) != NULL) { + sk_device = xstrdup(p); } else { fatal("Option \"%s\" is unsupported for " "FIDO authenticator download", opts[i]); @@ -3787,16 +3783,18 @@ main(int argc, char **argv) sk_flags |= SSH_SK_USER_VERIFICATION_REQD; } else if (strcasecmp(opts[i], "resident") == 0) { sk_flags |= SSH_SK_RESIDENT_KEY; - } else if (strncasecmp(opts[i], "device=", 7) == 0) { - sk_device = xstrdup(opts[i] + 7); - } else if (strncasecmp(opts[i], "user=", 5) == 0) { - sk_user = xstrdup(opts[i] + 5); - } else if (strncasecmp(opts[i], "challenge=", 10) == 0) { - if ((r = sshbuf_load_file(opts[i] + 10, + } else if ((p = strprefix(opts[i], "device=", 1)) + != NULL ) { + sk_device = xstrdup(p); + } else if ((p = strprefix(opts[i], "user=", 1)) + != NULL) { + sk_user = xstrdup(p); + } else if ((p = strprefix(opts[i], "challenge=", 1)) + != NULL) { + if ((r = sshbuf_load_file(p, &challenge)) != 0) { fatal_r(r, "Unable to load FIDO " - "enrollment challenge \"%s\"", - opts[i] + 10); + "enrollment challenge \"%s\"", p); } } else if (strncasecmp(opts[i], "write-attestation=", 18) == 0) { From eccc15014fe146e8590568e6737a3097bfac3415 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 02:01:28 +0000 Subject: [PATCH 088/687] upstream: Use pointer from strprefix in error message, missed in previous. OpenBSD-Commit-ID: d2cdec6cf0fcd4b0ee25e4e3fad8bc8cf0ee657d --- ssh-keygen.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index e0cc35a77a83..ac0170de4938 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.479 2025/05/23 12:52:45 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.480 2025/05/24 02:01:28 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2935,8 +2935,7 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) if ((p = strprefix(opts[i], "memory=", 0)) != NULL) { memory = (u_int32_t)strtonum(p, 1, UINT_MAX, &errstr); if (errstr) { - fatal("Memory limit is %s: %s", - errstr, opts[i]+7); + fatal("Memory limit is %s: %s", errstr, p); } } else if ((p = strprefix(opts[i], "start=", 0)) != NULL) { /* XXX - also compare length against bits */ @@ -2945,8 +2944,7 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) } else if ((p = strprefix(opts[i], "bits=", 0)) != NULL) { moduli_bits = (int)strtonum(p, 1, INT_MAX, &errstr); if (errstr) { - fatal("Invalid number: %s (%s)", - opts[i]+12, errstr); + fatal("Invalid number: %s (%s)", p, errstr); } } else { fatal("Option \"%s\" is unsupported for moduli " From f5cd14e81fa29b4924959cb2e1f9c206aae2d502 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 02:33:33 +0000 Subject: [PATCH 089/687] upstream: Fix compile error on 32bit platforms. Spotted by & ok tb@ OpenBSD-Commit-ID: cbcf518247886f3c7518fc54cb3bd911ffc69db7 --- umac.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/umac.c b/umac.c index 5bf2e43a66fa..94c5e817c76d 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.25 2025/05/23 11:54:50 dtucker Exp $ */ +/* $OpenBSD: umac.c,v 1.26 2025/05/24 02:33:33 dtucker Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -1092,7 +1092,7 @@ static int uhash_update(uhash_ctx_t ctx, const u_char *input, long len) } /* pass remaining < L1_KEY_LEN bytes of input data to NH */ - if (len > 0 && len <= UINT32_MAX) { + if (len > 0 && (unsigned long)len <= UINT32_MAX) { nh_update(&ctx->hash, (const UINT8 *)input, len); ctx->msg_len += len; } From 216824172724a50a4a75439fb2b4b8edccf5b733 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 03:37:40 +0000 Subject: [PATCH 090/687] upstream: Remove ssh-keygen's moduli screen -Omemory option. This vaguely made sense 20 years ago, but these days you'd be hard pressed to *find* a machine small enough to not support the maximum (127MB), and no one is screening moduli on such machines anyway, so just use the max. This also fixes Coverity CID 470522 by deleting code in question. "kill it with fire" djm@. OpenBSD-Commit-ID: 39036aa406a99f0a91923aa3a96afff1205558e6 --- moduli.c | 59 +++++++--------------------------------------------- ssh-keygen.1 | 7 ++----- ssh-keygen.c | 14 ++++--------- 3 files changed, 13 insertions(+), 67 deletions(-) diff --git a/moduli.c b/moduli.c index 481ca2aa8ffc..999a90984e18 100644 --- a/moduli.c +++ b/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.39 2023/03/02 06:41:56 dtucker Exp $ */ +/* $OpenBSD: moduli.c,v 1.40 2025/05/24 03:39:48 dtucker Exp $ */ /* * Copyright 1994 Phil Karn * Copyright 1996-1998, 2003 William Allen Simpson @@ -87,13 +87,6 @@ #define SHIFT_MEGABYTE (20) #define SHIFT_MEGAWORD (SHIFT_MEGABYTE-SHIFT_BYTE) -/* - * Using virtual memory can cause thrashing. This should be the largest - * number that is supported without a large amount of disk activity -- - * that would increase the run time from hours to days or weeks! - */ -#define LARGE_MINIMUM (8UL) /* megabytes */ - /* * Do not increase this number beyond the unsigned integer bit size. * Due to a multiple of 4, it must be LESS than 128 (yielding 2**30 bits). @@ -142,7 +135,7 @@ static u_int32_t *LargeSieve, largewords, largetries, largenumbers; static u_int32_t largebits, largememory; /* megabytes */ static BIGNUM *largebase; -int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); +int gen_candidates(FILE *, u_int32_t, BIGNUM *); int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, unsigned long); @@ -242,7 +235,7 @@ sieve_large(u_int32_t s32) * The list is checked against small known primes (less than 2**30). */ int -gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) +gen_candidates(FILE *out, u_int32_t power, BIGNUM *start) { BIGNUM *q; u_int32_t j, r, s, t; @@ -252,15 +245,6 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) u_int32_t i; int ret = 0; - largememory = memory; - - if (memory != 0 && - (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { - error("Invalid memory amount (min %ld, max %ld)", - LARGE_MINIMUM, LARGE_MAXIMUM); - return (-1); - } - /* * Set power to the length in bits of the prime to be generated. * This is changed to 1 less than the desired safe prime moduli p. @@ -274,33 +258,9 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) } power--; /* decrement before squaring */ - /* - * The density of ordinary primes is on the order of 1/bits, so the - * density of safe primes should be about (1/bits)**2. Set test range - * to something well above bits**2 to be reasonably sure (but not - * guaranteed) of catching at least one safe prime. - */ - largewords = ((power * power) >> (SHIFT_WORD - TEST_POWER)); - - /* - * Need idea of how much memory is available. We don't have to use all - * of it. - */ - if (largememory > LARGE_MAXIMUM) { - logit("Limited memory: %u MB; limit %lu MB", - largememory, LARGE_MAXIMUM); - largememory = LARGE_MAXIMUM; - } - - if (largewords <= (largememory << SHIFT_MEGAWORD)) { - logit("Increased memory: %u MB; need %u bytes", - largememory, (largewords << SHIFT_BYTE)); - largewords = (largememory << SHIFT_MEGAWORD); - } else if (largememory > 0) { - logit("Decreased memory: %u MB; want %u bytes", - largememory, (largewords << SHIFT_BYTE)); - largewords = (largememory << SHIFT_MEGAWORD); - } + /* Always use the maximum amount of memory supported by the algorithm. */ + largememory = LARGE_MAXIMUM; + largewords = (largememory << SHIFT_MEGAWORD); TinySieve = xcalloc(tinywords, sizeof(u_int32_t)); tinybits = tinywords << SHIFT_WORD; @@ -308,12 +268,7 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) SmallSieve = xcalloc(smallwords, sizeof(u_int32_t)); smallbits = smallwords << SHIFT_WORD; - /* - * dynamically determine available memory - */ - while ((LargeSieve = calloc(largewords, sizeof(u_int32_t))) == NULL) - largewords -= (1L << (SHIFT_MEGAWORD - 2)); /* 1/4 MB chunks */ - + LargeSieve = xcalloc(largewords, sizeof(u_int32_t)); largebits = largewords << SHIFT_WORD; largenumbers = largebits * 2; /* even numbers excluded */ diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 00246a861ac9..3caf097129c3 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.234 2024/11/27 13:00:23 djm Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.235 2025/05/24 03:40:54 dtucker Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 27 2024 $ +.Dd $Mdocdate: May 24 2025 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -878,9 +878,6 @@ Write the last line processed to the specified file while performing DH candidate screening. This will be used to skip lines in the input file that have already been processed if the job is restarted. -.It Ic memory Ns = Ns Ar mbytes -Specify the amount of memory to use (in megabytes) when generating -candidate moduli for DH-GEX. .It Ic start Ns = Ns Ar hex-value Specify start point (in hex) when generating candidate moduli for DH-GEX. .It Ic generator Ns = Ns Ar value diff --git a/ssh-keygen.c b/ssh-keygen.c index ac0170de4938..867fbd1ca014 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.480 2025/05/24 02:01:28 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.481 2025/05/24 03:37:40 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -166,7 +166,7 @@ static char hostname[NI_MAXHOST]; #ifdef WITH_OPENSSL /* moduli.c */ -int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); +int gen_candidates(FILE *, u_int32_t, BIGNUM *); int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, unsigned long); #endif @@ -2923,7 +2923,6 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) { #ifdef WITH_OPENSSL /* Moduli generation/screening */ - u_int32_t memory = 0; BIGNUM *start = NULL; int moduli_bits = 0; FILE *out; @@ -2932,12 +2931,7 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) /* Parse options */ for (i = 0; i < nopts; i++) { - if ((p = strprefix(opts[i], "memory=", 0)) != NULL) { - memory = (u_int32_t)strtonum(p, 1, UINT_MAX, &errstr); - if (errstr) { - fatal("Memory limit is %s: %s", errstr, p); - } - } else if ((p = strprefix(opts[i], "start=", 0)) != NULL) { + if ((p = strprefix(opts[i], "start=", 0)) != NULL) { /* XXX - also compare length against bits */ if (BN_hex2bn(&start, p) == 0) fatal("Invalid start point."); @@ -2962,7 +2956,7 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) if (moduli_bits == 0) moduli_bits = DEFAULT_BITS; - if (gen_candidates(out, memory, moduli_bits, start) != 0) + if (gen_candidates(out, moduli_bits, start) != 0) fatal("modulus candidate generation failed"); #else /* WITH_OPENSSL */ fatal("Moduli generation is not supported"); From 140bae1df2b7246bb43439d039bf994159973585 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Mon, 30 Sep 2024 13:14:11 +0200 Subject: [PATCH 091/687] auth-pam: Check the user didn't change during PAM transaction PAM modules can change the user during their execution, in such case ssh would still use the user that has been provided giving potentially access to another user with the credentials of another one. So prevent this to happen, by ensuring that the final PAM user is matching the one that initiated the transaction. --- auth-pam.c | 41 +++++++++++++++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 13c0a792e99e..2481db45fd89 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -467,6 +467,32 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, return (PAM_CONV_ERR); } +static int +check_pam_user(Authctxt *authctxt) +{ + const char *pam_user; + + if (authctxt == NULL || authctxt->pw == NULL || + authctxt->pw->pw_name == NULL) + fatal("%s: PAM authctxt user not initialized", __func__); + + if ((sshpam_err = pam_get_item(sshpam_handle, PAM_USER, + (sshpam_const void **) &pam_user)) != PAM_SUCCESS) + return sshpam_err; + + if (pam_user == NULL) { + debug("PAM error: PAM_USER is NULL"); + return PAM_USER_UNKNOWN; + } + + if (strcmp(authctxt->pw->pw_name, pam_user) != 0) { + debug("PAM user \"%s\" does not match expected \"%s\"", + pam_user, authctxt->pw->pw_name); + return PAM_USER_UNKNOWN; + } + return PAM_SUCCESS; +} + /* * Authentication thread. */ @@ -521,6 +547,8 @@ sshpam_thread(void *ctxtp) sshpam_set_maxtries_reached(1); if (sshpam_err != PAM_SUCCESS) goto auth_fail; + if ((sshpam_err = check_pam_user(sshpam_authctxt)) != PAM_SUCCESS) + goto auth_fail; if (!do_pam_account()) { sshpam_err = PAM_ACCT_EXPIRED; @@ -686,8 +714,7 @@ sshpam_cleanup(void) static int sshpam_init(struct ssh *ssh, Authctxt *authctxt) { - const char *pam_user, *user = authctxt->user; - const char **ptr_pam_user = &pam_user; + const char *user = authctxt->user; int r; if (options.pam_service_name == NULL) @@ -706,12 +733,8 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) } if (sshpam_handle != NULL) { /* We already have a PAM context; check if the user matches */ - sshpam_err = pam_get_item(sshpam_handle, - PAM_USER, (sshpam_const void **)ptr_pam_user); - if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) - return (0); - pam_end(sshpam_handle, sshpam_err); - sshpam_handle = NULL; + if ((sshpam_err = check_pam_user(authctxt)) != PAM_SUCCESS) + fatal("PAM user mismatch"); } debug("PAM: initializing for \"%s\" with service \"%s\"", user, options.pam_service_name); @@ -1378,6 +1401,8 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) sshpam_err = pam_authenticate(sshpam_handle, flags); sshpam_password = NULL; free(fake); + if (sshpam_err == PAM_SUCCESS) + sshpam_err = check_pam_user(authctxt); if (sshpam_err == PAM_MAXTRIES) sshpam_set_maxtries_reached(1); if (sshpam_err == PAM_SUCCESS && authctxt->valid) { From d0245389bc55f16082cadd0a39dda5af1c415dfa Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 24 May 2025 17:11:38 +1000 Subject: [PATCH 092/687] ssh-keygen changes were fixup'ed into single commit. --- .skipped-commit-ids | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 319beea0dee6..382dde52ba4e 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -40,6 +40,8 @@ fb39324748824cb0387e9d67c41d1bef945c54ea Makefile change a959fc45ea3431b36f52eda04faefc58bcde00db groupaccess.c changes 6d07e4606997e36b860621a14dd41975f2902f8f Makefile.inc c7246a6b519ac390ca550719f91acfdaef1fa0f0 Makefile relink change +ef7ecdb6dd2542f42fa7236d17ac0b144851f0b5 ssh-keygen, fixup'ed into 21682417 +da414a364c25b187fc686da7aacec2c35d29238a ssh-keygen, fixup'ed into 21682417 Old upstream tree: From 3de011ef7a761751afe28ac7ef97fe330d784595 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 06:43:37 +0000 Subject: [PATCH 093/687] upstream: Plug leak of startup_pollfd in debug and child paths. Coverity CID 405024, ok djm@ OpenBSD-Commit-ID: db46047229253e9c4470c8bbf5f82706ac021377 --- sshd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sshd.c b/sshd.c index 03732bb09c50..91608eff760c 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.618 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.619 2025/05/24 06:43:37 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -1169,6 +1169,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, send_rexec_state(config_s[0]); close(config_s[0]); free(pfd); + free(startup_pollfd); return; } @@ -1201,6 +1202,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, log_stderr); close(config_s[0]); free(pfd); + free(startup_pollfd); return; } From e3c58113ebb3397b252ff26e0e94f726b7db7a8a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 24 May 2025 04:40:37 +0000 Subject: [PATCH 094/687] upstream: add a start_ssh_agent() function that sets up an agent with logging OpenBSD-Regress-ID: 7f9f30f9c64acbd4b418a5e1a19140cc988071a8 --- regress/test-exec.sh | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 714636f6ebfc..d4d40c2ae893 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.128 2025/05/21 08:36:39 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.129 2025/05/24 04:40:37 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -927,7 +927,7 @@ p11_setup() { /usr/lib64/pkcs11/libsofthsm2.so \ /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so test -z "$TEST_SSH_PKCS11" && return 1 - verbose "using token library $TEST_SSH_PKCS11" + trace "using token library $TEST_SSH_PKCS11" TEST_SSH_PIN=1234 TEST_SSH_SOPIN=12345678 if [ "x$TEST_SSH_SSHPKCS11HELPER" != "x" ]; then @@ -995,6 +995,28 @@ p11_ssh_add() { env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force ${SSHADD} "$@" } +start_ssh_agent() { + EXTRA_AGENT_ARGS="$1" + SSH_AUTH_SOCK="$OBJ/agent.sock" + export SSH_AUTH_SOCK + rm -f $SSH_AUTH_SOCK $OBJ/agent.log + trace "start agent" + ${SSHAGENT} ${EXTRA_AGENT_ARGS} -d -a $SSH_AUTH_SOCK \ + > $OBJ/agent.log 2>&1 & + AGENT_PID=$! + trap "kill $AGENT_PID" EXIT + for x in 0 1 2 3 4 ; do + # Give it a chance to start + ${SSHADD} -l > /dev/null 2>&1 + r=$? + test $r -eq 1 && break + sleep 1 + done + if [ $r -ne 1 ]; then + fatal "ssh-add -l did not fail with exit code 1 (got $r)" + fi +} + # source test body . $SCRIPT From 484563ec70e30472ab4484d49bca9a83771d785c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 24 May 2025 04:41:03 +0000 Subject: [PATCH 095/687] upstream: use start_ssh_agent() to ensure we get logging add some verbosity OpenBSD-Regress-ID: a89bf64696b9fb1b91be318e6b8940c9ab21c616 --- regress/agent-pkcs11.sh | 72 ++++++++++++++++++----------------------- 1 file changed, 32 insertions(+), 40 deletions(-) diff --git a/regress/agent-pkcs11.sh b/regress/agent-pkcs11.sh index 304734f4b484..731c1f9ddc96 100644 --- a/regress/agent-pkcs11.sh +++ b/regress/agent-pkcs11.sh @@ -1,54 +1,46 @@ -# $OpenBSD: agent-pkcs11.sh,v 1.13 2023/10/30 23:00:25 djm Exp $ +# $OpenBSD: agent-pkcs11.sh,v 1.14 2025/05/24 04:41:03 djm Exp $ # Placed in the Public Domain. tid="pkcs11 agent test" p11_setup || skip "No PKCS#11 library found" -trace "start agent" -eval `${SSHAGENT} ${EXTRA_AGENT_ARGS} -s` > /dev/null +start_ssh_agent + +trace "add pkcs11 key to agent" +p11_ssh_add -s ${TEST_SSH_PKCS11} > /dev/null 2>&1 r=$? if [ $r -ne 0 ]; then - fail "could not start ssh-agent: exit code $r" -else - trace "add pkcs11 key to agent" - p11_ssh_add -s ${TEST_SSH_PKCS11} > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -s failed: exit code $r" - fi + fail "ssh-add -s failed: exit code $r" +fi - trace "pkcs11 list via agent" - ${SSHADD} -l > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -l failed: exit code $r" - fi +trace "pkcs11 list via agent" +${SSHADD} -l > /dev/null 2>&1 +r=$? +if [ $r -ne 0 ]; then + fail "ssh-add -l failed: exit code $r" +fi - for k in $RSA $EC; do - trace "testing $k" - pub=$(cat $k.pub) - ${SSHADD} -L | grep -q "$pub" || \ - fail "key $k missing in ssh-add -L" - ${SSHADD} -T $k.pub || fail "ssh-add -T with $k failed" - - # add to authorized keys - cat $k.pub > $OBJ/authorized_keys_$USER - trace "pkcs11 connect via agent ($k)" - ${SSH} -F $OBJ/ssh_proxy somehost exit 5 - r=$? - if [ $r -ne 5 ]; then - fail "ssh connect failed (exit code $r)" - fi - done - - trace "remove pkcs11 keys" - p11_ssh_add -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 +for k in $RSA $EC; do + trace "testing $k" + pub=$(cat $k.pub) + ${SSHADD} -L | grep -q "$pub" || \ + fail "key $k missing in ssh-add -L" + ${SSHADD} -T $k.pub || fail "ssh-add -T with $k failed" + + # add to authorized keys + cat $k.pub > $OBJ/authorized_keys_$USER + trace "pkcs11 connect via agent ($k)" + ${SSH} -F $OBJ/ssh_proxy somehost exit 5 r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -e failed: exit code $r" + if [ $r -ne 5 ]; then + fail "ssh connect failed (exit code $r)" fi +done - trace "kill agent" - ${SSHAGENT} -k > /dev/null +trace "remove pkcs11 keys" +p11_ssh_add -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 +r=$? +if [ $r -ne 0 ]; then + fail "ssh-add -e failed: exit code $r" fi From a26091ecdb2a3d72b77baf3c253e676a3c835a24 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 24 May 2025 04:41:12 +0000 Subject: [PATCH 096/687] upstream: add some verbosity OpenBSD-Regress-ID: 11c86cda4435b5f9ab6172c4742b95899666c977 --- regress/agent-pkcs11-cert.sh | 31 ++++++++++--------------------- regress/agent-pkcs11-restrict.sh | 30 +++++++----------------------- 2 files changed, 17 insertions(+), 44 deletions(-) diff --git a/regress/agent-pkcs11-cert.sh b/regress/agent-pkcs11-cert.sh index 4e8f748465a3..39e839f9c26a 100644 --- a/regress/agent-pkcs11-cert.sh +++ b/regress/agent-pkcs11-cert.sh @@ -1,15 +1,12 @@ -# $OpenBSD: agent-pkcs11-cert.sh,v 1.1 2023/12/18 14:50:08 djm Exp $ +# $OpenBSD: agent-pkcs11-cert.sh,v 1.2 2025/05/24 04:41:12 djm Exp $ # Placed in the Public Domain. tid="pkcs11 agent certificate test" -SSH_AUTH_SOCK="$OBJ/agent.sock" -export SSH_AUTH_SOCK LC_ALL=C export LC_ALL p11_setup || skip "No PKCS#11 library found" -rm -f $SSH_AUTH_SOCK $OBJ/agent.log rm -f $OBJ/output_* $OBJ/expect_* rm -f $OBJ/ca* @@ -22,23 +19,9 @@ $SSHKEYGEN -qs $OBJ/ca -I "rsa_key" -n $USER -z 2 ${SSH_SOFTHSM_DIR}/RSA.pub || $SSHKEYGEN -qs $OBJ/ca -I "ca_ca" -n $USER -z 3 $OBJ/ca.pub || fatal "certify CA key failed" -rm -f $SSH_AUTH_SOCK -trace "start agent" -${SSHAGENT} ${EXTRA_AGENT_ARGS} -d -a $SSH_AUTH_SOCK > $OBJ/agent.log 2>&1 & -AGENT_PID=$! -trap "kill $AGENT_PID" EXIT -for x in 0 1 2 3 4 ; do - # Give it a chance to start - ${SSHADD} -l > /dev/null 2>&1 - r=$? - test $r -eq 1 && break - sleep 1 -done -if [ $r -ne 1 ]; then - fatal "ssh-add -l did not fail with exit code 1 (got $r)" -fi +start_ssh_agent -trace "load pkcs11 keys and certs" +verbose "load pkcs11 keys and certs" # Note: deliberately contains non-cert keys and non-matching cert on commandline p11_ssh_add -qs ${TEST_SSH_PKCS11} \ $OBJ/ca.pub \ @@ -48,6 +31,7 @@ p11_ssh_add -qs ${TEST_SSH_PKCS11} \ ${SSH_SOFTHSM_DIR}/RSA-cert.pub || fatal "failed to add keys" # Verify their presence +verbose "verify presence" cut -d' ' -f1-2 \ ${SSH_SOFTHSM_DIR}/EC.pub \ ${SSH_SOFTHSM_DIR}/RSA.pub \ @@ -57,21 +41,24 @@ $SSHADD -L | cut -d' ' -f1-2 | sort > $OBJ/output_list diff $OBJ/expect_list $OBJ/output_list # Verify that all can perform signatures. +verbose "check signatures" for x in ${SSH_SOFTHSM_DIR}/EC.pub ${SSH_SOFTHSM_DIR}/RSA.pub \ ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do $SSHADD -T $x || fail "Signing failed for $x" done # Delete plain keys. +verbose "delete plain keys" $SSHADD -qd ${SSH_SOFTHSM_DIR}/EC.pub ${SSH_SOFTHSM_DIR}/RSA.pub # Verify that certs can still perform signatures. +verbose "reverify certificate signatures" for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do $SSHADD -T $x || fail "Signing failed for $x" done $SSHADD -qD >/dev/null || fatal "clear agent failed" -trace "load pkcs11 certs only" +verbose "load pkcs11 certs only" p11_ssh_add -qCs ${TEST_SSH_PKCS11} \ $OBJ/ca.pub \ ${SSH_SOFTHSM_DIR}/EC.pub \ @@ -80,6 +67,7 @@ p11_ssh_add -qCs ${TEST_SSH_PKCS11} \ ${SSH_SOFTHSM_DIR}/RSA-cert.pub || fatal "failed to add keys" # Verify their presence +verbose "verify presence" cut -d' ' -f1-2 \ ${SSH_SOFTHSM_DIR}/EC-cert.pub \ ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list @@ -87,6 +75,7 @@ $SSHADD -L | cut -d' ' -f1-2 | sort > $OBJ/output_list diff $OBJ/expect_list $OBJ/output_list # Verify that certs can perform signatures. +verbose "check signatures" for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do $SSHADD -T $x || fail "Signing failed for $x" done diff --git a/regress/agent-pkcs11-restrict.sh b/regress/agent-pkcs11-restrict.sh index 867253211714..e5763ea8f6d0 100644 --- a/regress/agent-pkcs11-restrict.sh +++ b/regress/agent-pkcs11-restrict.sh @@ -1,11 +1,11 @@ -# $OpenBSD: agent-pkcs11-restrict.sh,v 1.1 2023/12/18 14:49:39 djm Exp $ +# $OpenBSD: agent-pkcs11-restrict.sh,v 1.2 2025/05/24 04:41:12 djm Exp $ # Placed in the Public Domain. tid="pkcs11 agent constraint test" p11_setup || skip "No PKCS#11 library found" -rm -f $SSH_AUTH_SOCK $OBJ/agent.log $OBJ/host_[abcx]* $OBJ/user_[abcx]* +rm -f $OBJ/host_[abcx]* $OBJ/user_[abcx]* rm -f $OBJ/sshd_proxy_host* $OBJ/ssh_output* $OBJ/expect_* rm -f $OBJ/ssh_proxy[._]* $OBJ/command $OBJ/authorized_keys_* @@ -26,23 +26,7 @@ key_for() { export K } -SSH_AUTH_SOCK="$OBJ/agent.sock" -export SSH_AUTH_SOCK -rm -f $SSH_AUTH_SOCK -trace "start agent" -${SSHAGENT} ${EXTRA_AGENT_ARGS} -d -a $SSH_AUTH_SOCK > $OBJ/agent.log 2>&1 & -AGENT_PID=$! -trap "kill $AGENT_PID" EXIT -for x in 0 1 2 3 4 ; do - # Give it a chance to start - ${SSHADD} -l > /dev/null 2>&1 - r=$? - test $r -eq 1 && break - sleep 1 -done -if [ $r -ne 1 ]; then - fatal "ssh-add -l did not fail with exit code 1 (got $r)" -fi +start_ssh_agent # XXX a lot of this is a copy of agent-restrict.sh, but I couldn't see a nice # way to factor it out -djm @@ -118,7 +102,7 @@ for h in a b ; do cat $K) >> $OBJ/authorized_keys_$USER done -trace "unrestricted keys" +verbose "unrestricted keys" $SSHADD -qD >/dev/null || fatal "clear agent failed" p11_ssh_add -qs ${TEST_SSH_PKCS11} || fatal "failed to add keys" @@ -134,7 +118,7 @@ for h in a b ; do cmp $OBJ/expect_$h $OBJ/ssh_output || fatal "unexpected output" done -trace "restricted to different host" +verbose "restricted to different host" $SSHADD -qD >/dev/null || fatal "clear agent failed" p11_ssh_add -q -h host_x -s ${TEST_SSH_PKCS11} -H $OBJ/known_hosts || fatal "failed to add keys" @@ -144,7 +128,7 @@ for h in a b ; do host_$h true > $OBJ/ssh_output && fatal "test ssh $h succeeded" done -trace "restricted to destination host" +verbose "restricted to destination host" $SSHADD -qD >/dev/null || fatal "clear agent failed" p11_ssh_add -q -h host_a -h host_b -s ${TEST_SSH_PKCS11} -H $OBJ/known_hosts || fatal "failed to add keys" @@ -160,7 +144,7 @@ for h in a b ; do cmp $OBJ/expect_$h $OBJ/ssh_output || fatal "unexpected output" done -trace "restricted multihop" +verbose "restricted multihop" $SSHADD -qD >/dev/null || fatal "clear agent failed" p11_ssh_add -q -h host_a -h "host_a>host_b" \ -s ${TEST_SSH_PKCS11} -H $OBJ/known_hosts || fatal "failed to add keys" From f8967045ad9d588bc11426642070bf8549065e62 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 06:50:28 +0000 Subject: [PATCH 097/687] upstream: Null out keys between test runs. BENCH_START and BENCH_FINISH are actually a while() loop in disguise, so if sshkey_generate does not reset the key pointer on failure the test may incorrectly pass. It also confuses Coverity (CID 551234). OpenBSD-Regress-ID: bf4d32079fc6df6dce1f26c2025f4ed492f13936 --- regress/unittests/sshkey/test_sshkey.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 832ef9b202cc..9dbd913066a8 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.29 2025/05/06 06:05:48 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.30 2025/05/24 06:50:28 dtucker Exp $ */ /* * Regress test for sshkey.h key management API * @@ -560,6 +560,7 @@ sshkey_benchmarks(void) ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k), 0); ASSERT_PTR_NE(k, NULL); sshkey_free(k); + k = NULL; TEST_DONE(); BENCH_FINISH("keys"); @@ -568,15 +569,16 @@ sshkey_benchmarks(void) ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 2048, &k), 0); ASSERT_PTR_NE(k, NULL); sshkey_free(k); + k = NULL; TEST_DONE(); BENCH_FINISH("keys"); - BENCH_START("generate ECDSA-256"); TEST_START("generate KEY_ECDSA"); ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k), 0); ASSERT_PTR_NE(k, NULL); sshkey_free(k); + k = NULL; TEST_DONE(); BENCH_FINISH("keys"); @@ -585,6 +587,7 @@ sshkey_benchmarks(void) ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 384, &k), 0); ASSERT_PTR_NE(k, NULL); sshkey_free(k); + k = NULL; TEST_DONE(); BENCH_FINISH("keys"); @@ -593,6 +596,7 @@ sshkey_benchmarks(void) ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 521, &k), 0); ASSERT_PTR_NE(k, NULL); sshkey_free(k); + k = NULL; TEST_DONE(); BENCH_FINISH("keys"); #endif /* WITH_OPENSSL */ @@ -602,6 +606,7 @@ sshkey_benchmarks(void) ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k), 0); ASSERT_PTR_NE(k, NULL); sshkey_free(k); + k = NULL; TEST_DONE(); BENCH_FINISH("keys"); From e18983d03ab969e2f12485d5c0ee61e6d745a649 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 24 May 2025 17:20:57 +1000 Subject: [PATCH 098/687] Remove progressmeter.o from libssh.a. It's now explicitly included by the binaries that need it (scp & sftp). bz#3810, patch from jlduran at gmail.com --- Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 410a29a123ab..eb6f08e4df9b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -107,7 +107,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ atomicio.o dispatch.o mac.o misc.o utf8.o \ monitor_fdpass.o rijndael.o ssh-ecdsa.o ssh-ecdsa-sk.o \ ssh-ed25519-sk.o ssh-rsa.o dh.o \ - msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ + msg.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ From a356d978e30dd9870c0b3a7d8edca535b0cd2809 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 08:09:32 +0000 Subject: [PATCH 099/687] upstream: Make the display number check relative to X11DisplayOffset. This will allows people to use X11DisplayOffset to configure much higher port ranges if they really want, while not changing the default behaviour. Patch from Roman Gubarev via github PR#559, ok djm@ OpenBSD-Commit-ID: e0926af5dc0c11e364452b624c3ad0cda88550b5 --- channels.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/channels.c b/channels.c index bfe2e3b2d4f7..5d503025fec2 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.442 2024/12/05 06:49:26 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.443 2025/05/24 08:09:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -5010,7 +5010,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, return -1; for (display_number = x11_display_offset; - display_number < MAX_DISPLAYS; + display_number < x11_display_offset + MAX_DISPLAYS; display_number++) { port = X11_BASE_PORT + display_number; memset(&hints, 0, sizeof(hints)); @@ -5065,7 +5065,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, if (num_socks > 0) break; } - if (display_number >= MAX_DISPLAYS) { + if (display_number >= x11_display_offset + MAX_DISPLAYS) { error("Failed to allocate internet-domain X11 display socket."); return -1; } From b12d4ab1e16f57c6c348b483b1dbdd4530aaaddd Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 24 May 2025 08:13:29 +0000 Subject: [PATCH 100/687] upstream: Replace strncmp + byte count with strprefix in Penalty config parsing. ok kn@, djm@ OpenBSD-Commit-ID: 34a41bb1b9ba37fb6c7eb29a7ea909547bf02a5a --- servconf.c | 36 +++++++++++++++--------------------- 1 file changed, 15 insertions(+), 21 deletions(-) diff --git a/servconf.c b/servconf.c index f2a540dad54e..14165429f20f 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.426 2025/05/22 04:22:03 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.427 2025/05/24 08:13:29 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2084,10 +2084,11 @@ process_server_config_line_depth(ServerOptions *options, char *line, case sPerSourcePenalties: while ((arg = argv_next(&ac, &av)) != NULL) { + const char *q = NULL; + found = 1; value = -1; value2 = 0; - p = NULL; /* Allow no/yes only in first position */ if (strcasecmp(arg, "no") == 0 || (value2 = (strcasecmp(arg, "yes") == 0))) { @@ -2100,35 +2101,28 @@ process_server_config_line_depth(ServerOptions *options, char *line, options->per_source_penalty.enabled == -1) options->per_source_penalty.enabled = value2; continue; - } else if (strncmp(arg, "crash:", 6) == 0) { - p = arg + 6; + } else if ((q = strprefix(arg, "crash:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_crash; - } else if (strncmp(arg, "authfail:", 9) == 0) { - p = arg + 9; + } else if ((q = strprefix(arg, "authfail:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_authfail; - } else if (strncmp(arg, "noauth:", 7) == 0) { - p = arg + 7; + } else if ((q = strprefix(arg, "noauth:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_noauth; - } else if (strncmp(arg, "grace-exceeded:", 15) == 0) { - p = arg + 15; + } else if ((q = strprefix(arg, "grace-exceeded:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_grace; - } else if (strncmp(arg, "refuseconnection:", 17) == 0) { - p = arg + 17; + } else if ((q = strprefix(arg, "refuseconnection:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_refuseconnection; - } else if (strncmp(arg, "max:", 4) == 0) { - p = arg + 4; + } else if ((q = strprefix(arg, "max:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_max; - } else if (strncmp(arg, "min:", 4) == 0) { - p = arg + 4; + } else if ((q = strprefix(arg, "min:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_min; - } else if (strncmp(arg, "max-sources4:", 13) == 0) { + } else if ((q = strprefix(arg, "max-sources4:", 0)) != NULL) { intptr = &options->per_source_penalty.max_sources4; - if ((errstr = atoi_err(arg+13, &value)) != NULL) + if ((errstr = atoi_err(q, &value)) != NULL) fatal("%s line %d: %s value %s.", filename, linenum, keyword, errstr); - } else if (strncmp(arg, "max-sources6:", 13) == 0) { + } else if ((q = strprefix(arg, "max-sources6:", 0)) != NULL) { intptr = &options->per_source_penalty.max_sources6; - if ((errstr = atoi_err(arg+13, &value)) != NULL) + if ((errstr = atoi_err(q, &value)) != NULL) fatal("%s line %d: %s value %s.", filename, linenum, keyword, errstr); } else if (strcmp(arg, "overflow:deny-all") == 0) { @@ -2148,7 +2142,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, filename, linenum, keyword, arg); } /* If no value was parsed above, assume it's a time */ - if (value == -1 && (value = convtime(p)) == -1) { + if (value == -1 && (value = convtime(q)) == -1) { fatal("%s line %d: invalid %s time value.", filename, linenum, keyword); } From 3a61f5ed66231881bee432c7e7c6add066c086af Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 24 May 2025 09:46:16 +0000 Subject: [PATCH 101/687] upstream: fix punctuation around host key fingerprints to make them easier to copy and paste. Patch from Till Maas via GHPR556; ok dtucker@ OpenBSD-Commit-ID: c0100182a30b6925c8cdb2225b18140264594b7b --- sshconnect.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sshconnect.c b/sshconnect.c index b306fa3cc24f..a90167fd6dae 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.370 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.371 2025/05/24 09:46:16 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1145,7 +1145,7 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo, options.fingerprint_hash, SSH_FP_RANDOMART); if (fp == NULL || ra == NULL) fatal_f("sshkey_fingerprint failed"); - logit("Host key fingerprint is %s\n%s", fp, ra); + logit("Host key fingerprint is: %s\n%s", fp, ra); free(ra); free(fp); } @@ -1196,7 +1196,7 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo, options.fingerprint_hash, SSH_FP_RANDOMART); if (fp == NULL || ra == NULL) fatal_f("sshkey_fingerprint failed"); - xextendf(&msg1, "\n", "%s key fingerprint is %s.", + xextendf(&msg1, "\n", "%s key fingerprint is: %s", type, fp); if (options.visual_host_key) xextendf(&msg1, "\n", "%s", ra); From 73ef0563a59f90324f8426c017f38e20341b555f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 24 May 2025 11:41:51 +0000 Subject: [PATCH 102/687] upstream: replace xmalloc+memset(0) with xcalloc(); from AZero13 via GHPR417 OpenBSD-Commit-ID: 921079436a4900325d22bd3b6a90c8d0d54f62f8 --- channels.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/channels.c b/channels.c index 5d503025fec2..cd27faab2cf3 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.443 2025/05/24 08:09:32 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.444 2025/05/24 11:41:51 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -4677,8 +4677,7 @@ connect_to_helper(struct ssh *ssh, const char *name, int port, int socktype, * channel_connect_ctx_free() must check ai_family * and use free() not freeaddirinfo() for AF_UNIX. */ - ai = xmalloc(sizeof(*ai) + sizeof(*sunaddr)); - memset(ai, 0, sizeof(*ai) + sizeof(*sunaddr)); + ai = xcalloc(1, sizeof(*ai) + sizeof(*sunaddr)); ai->ai_addr = (struct sockaddr *)(ai + 1); ai->ai_addrlen = sizeof(*sunaddr); ai->ai_family = AF_UNIX; From dc6c134b48ba4bcfadedcea17b4eddac329601d9 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 29 May 2025 13:27:27 +0000 Subject: [PATCH 103/687] upstream: When there's more than one x11 channel in use, return lastused of most recently used x11 channel instead of the last one found. ok djm@ OpenBSD-Commit-ID: 94a72bf988d40a5bae2e38608f4e117f712569fe --- channels.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/channels.c b/channels.c index cd27faab2cf3..f71f82466f2f 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.444 2025/05/24 11:41:51 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.445 2025/05/29 13:27:27 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -5353,7 +5353,8 @@ x11_channel_used_recently(struct ssh *ssh) { if (c == NULL || c->ctype == NULL || c->lastused == 0 || strcmp(c->ctype, "x11-connection") != 0) continue; - lastused = c->lastused; + if (c->lastused > lastused) + lastused = c->lastused; } return lastused != 0 && monotime() > lastused + 1; } From 203bb886797677aa5d61b57be83cfdc1b634bc9c Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 2 Jun 2025 14:09:34 +0000 Subject: [PATCH 104/687] upstream: Fix x11_channel_used_recently() to return true when channel has been used within the last second, instead of more than a second ago. Should fix ~5s delay on X client startup when ObscureKeystrokeTiming is enabled. bz#3820, ok (& sigh) djm@ OpenBSD-Commit-ID: b741011e81fb3e3d42711d9bd3ed8a959924dee4 --- channels.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/channels.c b/channels.c index f71f82466f2f..0efbd8d174c7 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.445 2025/05/29 13:27:27 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.446 2025/06/02 14:09:34 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -5356,5 +5356,5 @@ x11_channel_used_recently(struct ssh *ssh) { if (c->lastused > lastused) lastused = c->lastused; } - return lastused != 0 && monotime() > lastused + 1; + return lastused != 0 && monotime() <= lastused + 1; } From a22ff3c6f11edd00c19981f9cb85d3b25d305a56 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 4 Jun 2025 18:33:52 +1000 Subject: [PATCH 105/687] Disable _FORTIFY_SOURCE during snprintf test. Prevents mistakenly detecting snprintf as broken on FreeBSD 15 with _FORTIFY_SOURCE enabled. bz#3809, patch from jlduran at gmail.com --- configure.ac | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configure.ac b/configure.ac index 94e782e1563b..9bc664172b0d 100644 --- a/configure.ac +++ b/configure.ac @@ -2503,6 +2503,9 @@ fi # This is only useful for when BROKEN_SNPRINTF AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#ifdef _FORTIFY_SOURCE +#undef _FORTIFY_SOURCE +#endif #include int snprintf(char *a, size_t b, const char *c, ...) { return 0; } ]], [[ From 5530e5f83b3cd3425ea3dbab02da15140befdd91 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 10 Jun 2025 18:40:56 +1000 Subject: [PATCH 106/687] Replace Windows 2019 runners with 2025 ones. The windows-2019 runners are being decomissioned. --- .github/workflows/c-cpp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 4acb1f5f2478..7ee1796463f0 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -32,14 +32,14 @@ jobs: - macos-13 - macos-14 - macos-15 - - windows-2019 - windows-2022 + - windows-2025 config: [default] # Then we include any extra configs we want to test for specific VMs. # Valgrind slows things down quite a bit, so start them first. include: - - { target: windows-2019, config: cygwin-release } - { target: windows-2022, config: cygwin-release } + - { target: windows-2025, config: cygwin-release } - { target: ubuntu-22.04, config: c89 } - { target: ubuntu-22.04, config: clang-11 } - { target: ubuntu-22.04, config: clang-12-Werror } From 4b3d27032ba88dd089b721f3bbe3e4a8d23b4ae1 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Jun 2025 13:24:05 +0000 Subject: [PATCH 107/687] upstream: Improve termination condition of while loop to compare size_t's. Assuming read() does what it's supposed to this shouldn't matter, but should be more robust. Flagged by Coverity CID 470514, ok djm@ OpenBSD-Commit-ID: d7b5ad60feb797b3464964b9ea67fd78fb9d6cc6 --- readpass.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/readpass.c b/readpass.c index d42b1185d017..5a88824b4f6c 100644 --- a/readpass.c +++ b/readpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.c,v 1.71 2024/03/30 04:27:44 djm Exp $ */ +/* $OpenBSD: readpass.c,v 1.72 2025/06/11 13:24:05 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -91,7 +91,7 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint) if (r <= 0) break; len += r; - } while (sizeof(buf) - 1 - len > 0); + } while (len < sizeof(buf) - 1); buf[len] = '\0'; close(p[0]); From 5d415897ac04e237f1fa73b9dcb9ba8fb3ac812b Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Jun 2025 13:27:11 +0000 Subject: [PATCH 108/687] upstream: Remove dead code ternary. We always report at least KB/s, so B/s is never used. Coverity CID 291809, ok djm@ OpenBSD-Commit-ID: a67c5bcc9e19c8965bfeace0e337b13660efa058 --- progressmeter.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/progressmeter.c b/progressmeter.c index 0d1faba398c1..2c169768f60f 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.c,v 1.55 2025/05/09 02:42:03 djm Exp $ */ +/* $OpenBSD: progressmeter.c,v 1.56 2025/06/11 13:27:11 dtucker Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -93,15 +93,15 @@ format_rate(off_t bytes) bytes *= 100; for (i = 0; bytes >= 100*1000 && unit[i] != 'T'; i++) bytes = (bytes + 512) / 1024; + /* Display at least KB, even when rate is low or zero. */ if (i == 0) { i++; bytes = (bytes + 512) / 1024; } - snprintf(buf, sizeof(buf), "%3lld.%1lld%c%s", + snprintf(buf, sizeof(buf), "%3lld.%1lld%cB", (long long) (bytes + 5) / 100, (long long) (bytes + 5) / 10 % 10, - unit[i], - i ? "B" : " "); + unit[i]); return buf; } From 567ef4e7ddc5c1e7a461560963a1dc759669821d Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 12 Jun 2025 09:19:43 +0000 Subject: [PATCH 109/687] upstream: Plug mem leak on error path. Coverity CID 307776. OpenBSD-Regress-ID: c44246690973e1b8643e51079a2faa7ace26490c --- regress/misc/sk-dummy/sk-dummy.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/misc/sk-dummy/sk-dummy.c b/regress/misc/sk-dummy/sk-dummy.c index 347b212271ec..b4cbc1324ecc 100644 --- a/regress/misc/sk-dummy/sk-dummy.c +++ b/regress/misc/sk-dummy/sk-dummy.c @@ -263,7 +263,7 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len, break; default: skdebug(__func__, "unsupported key type %d", alg); - return -1; + goto out; } /* Have to return something here */ if ((response->signature = calloc(1, 1)) == NULL) { From 2314d87f9b8b430532111fd6e5e8df0cf9068c9c Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 12 Jun 2025 09:26:57 +0000 Subject: [PATCH 110/687] upstream: Plug mem leak on error path here too. Coverity CID 307781. OpenBSD-Regress-ID: 18e053d9b661fbb4227d3db03172077c1216bb2e --- regress/misc/sk-dummy/sk-dummy.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/misc/sk-dummy/sk-dummy.c b/regress/misc/sk-dummy/sk-dummy.c index b4cbc1324ecc..8a33d18695ed 100644 --- a/regress/misc/sk-dummy/sk-dummy.c +++ b/regress/misc/sk-dummy/sk-dummy.c @@ -520,7 +520,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen, break; default: skdebug(__func__, "unsupported key type %d", alg); - return -1; + goto out; } *sign_response = response; response = NULL; From 930a45ee759728c8ba711c45a2a985b8191bd297 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 12 Jun 2025 10:09:39 +0000 Subject: [PATCH 111/687] upstream: Set user, host and path to NULL immediately before calling parse_user_host_path in tests. This ensures that we don't accidentally use the previous value if the function under test doesn't set them Also fixes Coverity CIDs 405056 405065 405066. OpenBSD-Regress-ID: 43678ff59001712f32214fe303b1c21c163c2960 --- regress/unittests/misc/test_parse.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/regress/unittests/misc/test_parse.c b/regress/unittests/misc/test_parse.c index 1f1ea31d149c..c66028aec5e6 100644 --- a/regress/unittests/misc/test_parse.c +++ b/regress/unittests/misc/test_parse.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_parse.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_parse.c,v 1.3 2025/06/12 10:09:39 dtucker Exp $ */ /* * Regress test for misc user/host/URI parsing functions. * @@ -29,6 +29,7 @@ test_parse(void) char *user, *host, *path; TEST_START("misc_parse_user_host_path"); + user = host = path = NULL; ASSERT_INT_EQ(parse_user_host_path("someuser@some.host:some/path", &user, &host, &path), 0); ASSERT_STRING_EQ(user, "someuser"); @@ -38,6 +39,7 @@ test_parse(void) TEST_DONE(); TEST_START("misc_parse_user_ipv4_path"); + user = host = path = NULL; ASSERT_INT_EQ(parse_user_host_path("someuser@1.22.33.144:some/path", &user, &host, &path), 0); ASSERT_STRING_EQ(user, "someuser"); @@ -47,6 +49,7 @@ test_parse(void) TEST_DONE(); TEST_START("misc_parse_user_[ipv4]_path"); + user = host = path = NULL; ASSERT_INT_EQ(parse_user_host_path("someuser@[1.22.33.144]:some/path", &user, &host, &path), 0); ASSERT_STRING_EQ(user, "someuser"); @@ -56,6 +59,7 @@ test_parse(void) TEST_DONE(); TEST_START("misc_parse_user_[ipv4]_nopath"); + user = host = path = NULL; ASSERT_INT_EQ(parse_user_host_path("someuser@[1.22.33.144]:", &user, &host, &path), 0); ASSERT_STRING_EQ(user, "someuser"); @@ -65,6 +69,7 @@ test_parse(void) TEST_DONE(); TEST_START("misc_parse_user_ipv6_path"); + user = host = path = NULL; ASSERT_INT_EQ(parse_user_host_path("someuser@[::1]:some/path", &user, &host, &path), 0); ASSERT_STRING_EQ(user, "someuser"); @@ -74,6 +79,7 @@ test_parse(void) TEST_DONE(); TEST_START("misc_parse_uri"); + user = host = path = NULL; ASSERT_INT_EQ(parse_uri("ssh", "ssh://someuser@some.host:22/some/path", &user, &host, &port, &path), 0); ASSERT_STRING_EQ(user, "someuser"); From 9cdc72b829e9f0e24dedc533cbe87291d8a88c9e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 13 Jun 2025 07:23:07 +0000 Subject: [PATCH 112/687] upstream: Remove dead code flagged by Coverity CID 307783. ok djm@ OpenBSD-Regress-ID: e579f5ec2fd2eb2fe2bad654d16f2ba655a3e035 --- regress/unittests/test_helper/fuzz.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/regress/unittests/test_helper/fuzz.c b/regress/unittests/test_helper/fuzz.c index 9995b26a630a..edad5e1f5197 100644 --- a/regress/unittests/test_helper/fuzz.c +++ b/regress/unittests/test_helper/fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fuzz.c,v 1.8 2015/03/03 20:42:49 djm Exp $ */ +/* $OpenBSD: fuzz.c,v 1.9 2025/06/13 07:23:07 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -150,7 +150,6 @@ fuzz_fmt(struct fuzz *fuzz, char *s, size_t n) return 0; default: return -1; - abort(); } } From 2827b6ac304ded8f99e8fbc12e7299133fadb2c2 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 13 Jun 2025 07:35:14 +0000 Subject: [PATCH 113/687] upstream: Plug leak. Coverity CID 405058. OpenBSD-Regress-ID: 7fb2fce68d2cb063cdb94d5d66f84fa3a2902792 --- regress/unittests/sshbuf/test_sshbuf_getput_basic.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c index 3da413edd35c..b5aca1fb1f9c 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.4 2025/06/13 07:35:14 dtucker Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -576,6 +576,7 @@ sshbuf_getput_basic_tests(void) ASSERT_PTR_NE(s2, NULL); ASSERT_STRING_EQ(s2, "00000000000000000000"); sshbuf_free(p1); + free(s2); TEST_DONE(); TEST_START("sshbuf_poke_u32"); From bd1bd7e8296aa51a4b3958cef2fbb17894ba94e9 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 16 Jun 2025 08:49:27 +0000 Subject: [PATCH 114/687] upstream: Save return value from sshbuf_len instead of calling it multiple times. Fixes Coverity CID 470521. OpenBSD-Regress-ID: 356b8b43c8a232deaf445c1ff7526577b177a8e9 --- regress/unittests/sshkey/common.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c index a579eccb29d5..edb1d95fa794 100644 --- a/regress/unittests/sshkey/common.c +++ b/regress/unittests/sshkey/common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: common.c,v 1.7 2025/05/06 06:05:48 djm Exp $ */ +/* $OpenBSD: common.c,v 1.8 2025/06/16 08:49:27 dtucker Exp $ */ /* * Helpers for key API tests * @@ -53,13 +53,13 @@ load_text_file(const char *name) { struct sshbuf *ret = load_file(name); const u_char *p; + size_t len; /* Trim whitespace at EOL */ - for (p = sshbuf_ptr(ret); sshbuf_len(ret) > 0;) { - if (p[sshbuf_len(ret) - 1] == '\r' || - p[sshbuf_len(ret) - 1] == '\t' || - p[sshbuf_len(ret) - 1] == ' ' || - p[sshbuf_len(ret) - 1] == '\n') + for (p = sshbuf_ptr(ret); (len = sshbuf_len(ret)) > 0;) { + len--; + if (p[len] == '\r' || p[len] == '\t' || + p[len] == ' ' || p[len] == '\n') ASSERT_INT_EQ(sshbuf_consume_end(ret, 1), 0); else break; From 80916d0d3794e2f92dd6998d7c45daba484e4f18 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 16 Jun 2025 08:53:04 +0000 Subject: [PATCH 115/687] upstream: Plug mem leak. Patch from afonot via github PR#574, ok djm@ OpenBSD-Commit-ID: 65619f14ef206028ce39bc31f704b832a0609688 --- clientloop.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/clientloop.c b/clientloop.c index 916fc077bdc9..b98413342e20 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.410 2024/12/03 22:30:03 jsg Exp $ */ +/* $OpenBSD: clientloop.c,v 1.411 2025/06/16 08:53:04 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2420,6 +2420,7 @@ client_global_hostkeys_prove_confirm(struct ssh *ssh, int type, /* Make the edits to known_hosts */ update_known_hosts(ctx); out: + sshbuf_free(signdata); hostkeys_update_ctx_free(ctx); hostkeys_update_complete = 1; client_repledge(); From df3f903d616763a105570610a616dacf0f83438e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 16 Jun 2025 09:02:19 +0000 Subject: [PATCH 116/687] upstream: Fix overflow check in sshbuf_dup_string. It's already constrained by SSHBUF_SIZE_MAX, but still worth fixing the check. Patch from afonot via github PR#573, with & ok djm@ OpenBSD-Commit-ID: 438888498e66472fc6a48133196d6538d27bff18 --- sshbuf-misc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshbuf-misc.c b/sshbuf-misc.c index adbf9903b4d8..201279faf0f2 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.19 2025/05/21 06:43:48 djm Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.20 2025/06/16 09:02:19 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -254,7 +254,7 @@ sshbuf_dup_string(struct sshbuf *buf) size_t l = sshbuf_len(buf); char *r; - if (s == NULL || l > SIZE_MAX) + if (s == NULL || l >= SIZE_MAX) return NULL; /* accept a nul only as the last character in the buffer */ if (l > 0 && (p = memchr(s, '\0', l)) != NULL) { From 05f7bf46d1e2c101e9cbdd3df2ccee484bed969f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 16 Jun 2025 09:07:08 +0000 Subject: [PATCH 117/687] upstream: Now that ssh-keygen defaults to the maximum memory for moduli generation we no longer need to run it twice to get enough. Use mkdir -p instead of a conditional, which allows "make -jN" to work without error. OpenBSD-Commit-ID: c2eb57285424f819f9520fa33e0d6d3c4a361a5e --- .skipped-commit-ids | 1 + 1 file changed, 1 insertion(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 382dde52ba4e..8ed0befb7590 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -1,3 +1,4 @@ +c2eb57285424f819f9520fa33e0d6d3c4a361a5e moduli-gen.sh tweak 509bb19bb9762a4b3b589af98bac2e730541b6d4 clean sshd random relinking kit 5317f294d63a876bfc861e19773b1575f96f027d remove libssh from makefiles a337e886a49f96701ccbc4832bed086a68abfa85 Makefile changes From dd800444943bd64913507f6005586136d49f63db Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 16 Jun 2025 09:09:42 +0000 Subject: [PATCH 118/687] upstream: Limit each moduli size to a max of 100 entries. OpenBSD-Commit-ID: 747219d54565030ff7c45298b9f5e971801f6cb2 --- .skipped-commit-ids | 1 + 1 file changed, 1 insertion(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 8ed0befb7590..2ccd3a6626fa 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -1,3 +1,4 @@ +747219d54565030ff7c45298b9f5e971801f6cb2 moduli-gen Makefile tweak c2eb57285424f819f9520fa33e0d6d3c4a361a5e moduli-gen.sh tweak 509bb19bb9762a4b3b589af98bac2e730541b6d4 clean sshd random relinking kit 5317f294d63a876bfc861e19773b1575f96f027d remove libssh from makefiles From 1e8347e3543a415067ccc556aefea97656ecafb7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 17 Jun 2025 09:48:47 +1000 Subject: [PATCH 119/687] add sshd-auth to RPM spec files --- contrib/redhat/openssh.spec | 1 + contrib/suse/openssh.spec | 1 + 2 files changed, 2 insertions(+) diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index b60695f09f95..0ba34ee8a152 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -353,6 +353,7 @@ fi %defattr(-,root,root) %dir %attr(0111,root,root) %{_var}/empty/sshd %attr(0755,root,root) %{_sbindir}/sshd +%attr(0755,root,root) %{_libexecdir}/openssh/sshd-auth %attr(0755,root,root) %{_libexecdir}/openssh/sshd-session %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server %attr(0644,root,root) %{_mandir}/man8/sshd.8* diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 849e9b61f3b8..6b95d73064b5 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -211,6 +211,7 @@ rm -rf $RPM_BUILD_ROOT %attr(0755,root,root) %{_sbindir}/sshd %attr(0755,root,root) %dir %{_libdir}/ssh %attr(0755,root,root) %{_libdir}/ssh/sftp-server +%attr(0755,root,root) %{_libdir}/ssh/sshd-auth %attr(0755,root,root) %{_libdir}/ssh/sshd-session %attr(4711,root,root) %{_libdir}/ssh/ssh-keysign %attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper From 5f761cdb2331a12318bde24db5ca84ee144a51d1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 17 Jun 2025 21:46:37 +1000 Subject: [PATCH 120/687] Update obsd tests to use current images. --- .github/workflows/selfhosted.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index 9f2bd99eb131..2f425fe2f39c 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -49,8 +49,9 @@ jobs: - obsd51 - obsd67 - obsd72 - - obsd73 - obsd74 + - obsd76 + - obsd77 - obsdsnap - obsdsnap-i386 - omnios From ad38ec5f1b6768944d64ed7709da8706538b5509 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 17 Jun 2025 01:19:27 +0000 Subject: [PATCH 121/687] upstream: fix leak on error path; Coverity CID 481976 OpenBSD-Commit-ID: 963dba2c804e2fd8efea2256092899874d0dbc7b --- misc-agent.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misc-agent.c b/misc-agent.c index cf9b0fa0cb77..5ea91ebe3fbc 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc-agent.c,v 1.5 2025/05/22 12:14:19 dtucker Exp $ */ +/* $OpenBSD: misc-agent.c,v 1.6 2025/06/17 01:19:27 djm Exp $ */ /* * Copyright (c) 2025 Damien Miller * @@ -169,6 +169,7 @@ ensure_mkdir(const char *homedir, const char *subdir) debug("created directory %s", path); else if (errno != EEXIST) { error_f("mkdir %s: %s", path, strerror(errno)); + free(path); return -1; } free(path); From b360f3a675e24b0dbb2ec30d985e3b6756996c0d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 17 Jun 2025 01:20:17 +0000 Subject: [PATCH 122/687] upstream: whitespace OpenBSD-Commit-ID: 6e96814bcf70d0edbb0749ec61cc4fd8707f286d --- clientloop.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clientloop.c b/clientloop.c index b98413342e20..5f6577f65632 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.411 2025/06/16 08:53:04 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.412 2025/06/17 01:20:17 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2420,7 +2420,7 @@ client_global_hostkeys_prove_confirm(struct ssh *ssh, int type, /* Make the edits to known_hosts */ update_known_hosts(ctx); out: - sshbuf_free(signdata); + sshbuf_free(signdata); hostkeys_update_ctx_free(ctx); hostkeys_update_complete = 1; client_repledge(); From 5ba8391d697740a838fd8811434f707f0e079baa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 19 Jun 2025 05:49:05 +0000 Subject: [PATCH 123/687] upstream: better debug diagnostics when loading keys. Will now list key fingerprint and algorithm (not just algorithm number) as well as making it explicit which keys didn't load. OpenBSD-Commit-ID: ee3e77a0271ab502e653922c6d161b1e091f8fee --- ssh.c | 38 +++++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/ssh.c b/ssh.c index b2172b810a61..b44a943134ee 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.613 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.614 2025/06/19 05:49:05 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -529,16 +529,28 @@ resolve_canonicalize(char **hostp, int port) static void check_load(int r, struct sshkey **k, const char *path, const char *message) { + char *fp; + switch (r) { case 0: + if (k == NULL || *k == NULL) + return; /* Check RSA keys size and discard if undersized */ - if (k != NULL && *k != NULL && - (r = sshkey_check_rsa_length(*k, + if ((r = sshkey_check_rsa_length(*k, options.required_rsa_size)) != 0) { error_r(r, "load %s \"%s\"", message, path); free(*k); *k = NULL; + break; + } + if ((fp = sshkey_fingerprint(*k, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) { + fatal_f("failed to fingerprint %s %s key from %s", + sshkey_type(*k), message, path); } + debug("loaded %s from %s: %s %s", message, path, + sshkey_type(*k), fp); + free(fp); break; case SSH_ERR_INTERNAL_ERROR: case SSH_ERR_ALLOC_FAIL: @@ -552,6 +564,8 @@ check_load(int r, struct sshkey **k, const char *path, const char *message) error_r(r, "load %s \"%s\"", message, path); break; } + if (k != NULL && *k == NULL) + debug("no %s loaded from %s", message, path); } /* @@ -1723,10 +1737,9 @@ main(int ac, char **av) if ((o) >= sensitive_data.nkeys) \ fatal_f("pubkey out of array bounds"); \ check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ - &(sensitive_data.keys[o]), p, "pubkey"); \ + &(sensitive_data.keys[o]), p, "hostbased pubkey"); \ if (sensitive_data.keys[o] != NULL) { \ - debug2("hostbased key %d: %s key from \"%s\"", o, \ - sshkey_ssh_name(sensitive_data.keys[o]), p); \ + debug2("hostbased pubkey \"%s\" in slot %d", p, o); \ loaded++; \ } \ } while (0) @@ -1734,10 +1747,9 @@ main(int ac, char **av) if ((o) >= sensitive_data.nkeys) \ fatal_f("cert out of array bounds"); \ check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), \ - &(sensitive_data.keys[o]), p, "cert"); \ + &(sensitive_data.keys[o]), p, "hostbased cert"); \ if (sensitive_data.keys[o] != NULL) { \ - debug2("hostbased key %d: %s cert from \"%s\"", o, \ - sshkey_ssh_name(sensitive_data.keys[o]), p); \ + debug2("hostbased cert \"%s\" in slot %d", p, o); \ loaded++; \ } \ } while (0) @@ -2442,9 +2454,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) continue; xasprintf(&cp, "%s-cert", filename); check_load(sshkey_load_public(cp, &public, NULL), - &public, filename, "pubkey"); - debug("identity file %s type %d", cp, - public ? public->type : -1); + &public, filename, "identity pubkey"); if (public == NULL) { free(cp); continue; @@ -2473,9 +2483,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) free(cp); check_load(sshkey_load_public(filename, &public, NULL), - &public, filename, "certificate"); - debug("certificate file %s type %d", filename, - public ? public->type : -1); + &public, filename, "identity cert"); free(options.certificate_files[i]); options.certificate_files[i] = NULL; if (public == NULL) { From 688fa02728f2efbf18388bc1a8e94e7ba7ee4f11 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 24 Jun 2025 09:22:03 +0000 Subject: [PATCH 124/687] upstream: make "Match !final" not trigger a 2nd pass ssh_config parsing pass (unless hostname canonicalisation or a separate "Match final" does). bz3843 ok dtucker@ OpenBSD-Commit-ID: ce82b6034828888f0f3f1c812e08f5e87400d802 --- readconf.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/readconf.c b/readconf.c index a56cbe0da7d0..97f34abff108 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.399 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.400 2025/06/24 09:22:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -768,12 +768,13 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, if (strcasecmp(attrib, "canonical") == 0 || strcasecmp(attrib, "final") == 0) { /* - * If the config requests "Match final" then remember - * this so we can perform a second pass later. + * If the config requests "Match final" without + * negation then remember this so we can perform a + * second pass later. */ if (strcasecmp(attrib, "final") == 0 && want_final_pass != NULL) - *want_final_pass = 1; + *want_final_pass |= !negate; r = !!final_pass; /* force bitmask member to boolean */ if (r == (negate ? 1 : 0)) this_result = result = 0; From 57fb460165ae3b2d591f2468d7fe13cc1abda26d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 17 Jun 2025 01:24:32 +0000 Subject: [PATCH 125/687] upstream: add RCS ID OpenBSD-Regress-ID: 6e30094e3bf0a1c65efb75c67a87093304a3e619 --- regress/misc/sk-dummy/sk-dummy.c | 1 + 1 file changed, 1 insertion(+) diff --git a/regress/misc/sk-dummy/sk-dummy.c b/regress/misc/sk-dummy/sk-dummy.c index 8a33d18695ed..afa0314da838 100644 --- a/regress/misc/sk-dummy/sk-dummy.c +++ b/regress/misc/sk-dummy/sk-dummy.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sk-dummy.c,v 1.16 2025/06/17 01:24:32 djm Exp $ */ /* * Copyright (c) 2019 Markus Friedl * From 838d5ec4b12fb519ed9db76e5beccf11b7ee212f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 24 Jun 2025 12:28:23 +0000 Subject: [PATCH 126/687] upstream: Add simple test for password auth. Requires some setup so does not run by default. OpenBSD-Regress-ID: d5ded47a266b031fc91f99882f07161ab6d1bb70 --- regress/Makefile | 3 ++- regress/password.sh | 59 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 regress/password.sh diff --git a/regress/Makefile b/regress/Makefile index d97ea34a2050..d0298d45e009 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.136 2025/03/11 07:50:20 dtucker Exp $ +# $OpenBSD: Makefile,v 1.138 2025/06/24 12:28:23 dtucker Exp $ tests: prep file-tests t-exec unit @@ -106,6 +106,7 @@ LTESTS= connect \ knownhosts-command \ agent-restrict \ hostbased \ + password \ channel-timeout \ connection-timeout \ match-subsystem \ diff --git a/regress/password.sh b/regress/password.sh new file mode 100644 index 000000000000..1c5218d6b1f4 --- /dev/null +++ b/regress/password.sh @@ -0,0 +1,59 @@ +# $OpenBSD: password.sh,v 1.1 2025/06/24 12:28:23 dtucker Exp $ +# Placed in the Public Domain. +# +# This tests standard "password" authentication. It does not run by default, +# and needs to be enabled by putting the password of the user running the tests +# into ${OBJ}/password. Since this obviously puts the password at risk it is +# recommended to do this on a throwaway VM by setting a random password +# (and randomizing it again after the test, if you can't immediately dispose +# of the VM). + +tid="password" + +if [ -z "$SUDO" -o ! -f ${OBJ}/password ]; then + skip "Password auth requires SUDO and password file." +fi + +# Enable password auth +echo "PasswordAuthentication yes" >>sshd_proxy + +# Create askpass script to replay a series of password responses. +# Keep a counter of the number of times it has been called and +# reply with the next line of the replypass file. +cat >${OBJ}/replypass.sh <${OBJ}/replypass.N +EOD +chmod 700 ${OBJ}/replypass.sh + +SSH_ASKPASS=${OBJ}/replypass.sh +SSH_ASKPASS_REQUIRE=force +export SSH_ASKPASS SSH_ASKPASS_REQUIRE + +opts="-oPasswordAuthentication=yes -oPreferredAuthentications=password" +opts="-oBatchMode=no $opts" + +trace plain password +cat ${OBJ}/password >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -ne 0 ]; then + fail "ssh password failed" +fi + +trace 2-round password +(echo; cat ${OBJ}/password) >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -ne 0 ]; then + fail "ssh 2-round password failed" +fi + +trace empty password +echo >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -eq 0 ]; then + fail "ssh password failed" +fi From bcfe7340d9b622ecd978c87dbf885c8b5a503ca2 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 28 Jun 2025 13:34:08 +0000 Subject: [PATCH 127/687] upstream: Add simple regression test for dropbear as a server. OpenBSD-Regress-ID: 7abe1f6607d0cd49839918aade8f135d2462d389 --- regress/Makefile | 4 +-- regress/dropbear-server.sh | 62 ++++++++++++++++++++++++++++++++++++++ regress/test-exec.sh | 4 +-- 3 files changed, 66 insertions(+), 4 deletions(-) create mode 100644 regress/dropbear-server.sh diff --git a/regress/Makefile b/regress/Makefile index d0298d45e009..b8787205a15f 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.138 2025/06/24 12:28:23 dtucker Exp $ +# $OpenBSD: Makefile,v 1.139 2025/06/28 13:34:08 dtucker Exp $ tests: prep file-tests t-exec unit @@ -116,7 +116,7 @@ LTESTS= connect \ penalty-expire INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers -INTEROP_TESTS+= dropbear-ciphers dropbear-kex +INTEROP_TESTS+= dropbear-ciphers dropbear-kex dropbear-server #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp EXTRA_TESTS= agent-pkcs11 diff --git a/regress/dropbear-server.sh b/regress/dropbear-server.sh new file mode 100644 index 000000000000..d3ea6dcc5c12 --- /dev/null +++ b/regress/dropbear-server.sh @@ -0,0 +1,62 @@ +# $OpenBSD: dropbear-server.sh,v 1.1 2025/06/28 13:34:08 dtucker Exp $ +# Placed in the Public Domain. + +tid="dropbear server" + +if test "x$REGRESS_INTEROP_DROPBEAR" != "xyes" ; then + skip "dropbear interop tests not enabled" +fi + +if [ -z "$SUDO" -a ! -w /var/run ]; then + skip "need SUDO to create dir in /var/run, test won't work without" +fi +authkeydir=/var/run/dropbear-regress + +ciphers=`$DBCLIENT -c help hst 2>&1 | awk '/ ciphers: /{print $4}' | tr ',' ' '` +macs=`$DBCLIENT -m help hst 2>&1 | awk '/ MACs: /{print $4}' | tr ',' ' '` +if [ -z "$macs" ] || [ -z "$ciphers" ]; then + skip "dbclient query ciphers '$ciphers' or macs '$macs' failed" +fi + +# Set up authorized_keys for dropbear. +umask 077 +$SUDO mkdir -p $authkeydir +$SUDO chown -R $USER $authkeydir +cp $OBJ/authorized_keys_$USER $authkeydir/authorized_keys + +for i in `$SUDO $SSHD -f $OBJ/sshd_config -T | grep -v sk- | \ + awk '$1=="hostkey" {print $2}'`; do + file=`basename "$i"` + file=`echo "$file" | sed s/^host\./db\./g` + if $SUDO $DROPBEARCONVERT openssh dropbear "$i" "$OBJ/$file" \ + >/dev/null 2>&1; then + $SUDO chown $USER $OBJ/$file + hkeys="-r $OBJ/$file" + fi +done + +rm -f $OBJ/dropbear.pid +$DROPBEAR -D $authkeydir -p $PORT -P $OBJ/dropbear.pid $hkeys -E \ + 2>$OBJ/sshd.log +if [ $? -ne 0 ]; then + fatal "starting dropbear server failed" +fi +while [ ! -f $OBJ/dropbear.pid ]; do + sleep 1 +done + +pid=`cat $OBJ/dropbear.pid` +trap "kill $pid; $SUDO rm -rf $authkeydir" 0 + +for c in $ciphers; do + for m in $macs; do + trace "$tid: cipher $c mac $m hk $hk" + rm -f ${COPY} + ${SSH} -F $OBJ/ssh_config -oCiphers=$c -oMacs=$m \ + somehost cat ${DATA} > ${COPY} + if [ $? -ne 0 ]; then + fail "connect dropbear server failed" + fi + cmp ${DATA} ${COPY} || fail "corrupted copy" + done +done diff --git a/regress/test-exec.sh b/regress/test-exec.sh index d4d40c2ae893..0ecf6c5a83c0 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.129 2025/05/24 04:40:37 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.130 2025/06/28 13:34:08 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -101,7 +101,7 @@ SSH_REGRESS_TMP= PLINK=/usr/local/bin/plink PUTTYGEN=/usr/local/bin/puttygen CONCH=/usr/local/bin/conch -DROPBEAR=/usr/local/bin/dropbear +DROPBEAR=/usr/local/sbin/dropbear DBCLIENT=/usr/local/bin/dbclient DROPBEARKEY=/usr/local/bin/dropbearkey DROPBEARCONVERT=/usr/local/bin/dropbearconvert From 8a9384de483b8fb69a800e0347273686a5715fc3 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 29 Jun 2025 11:14:18 +1000 Subject: [PATCH 128/687] Enable password tests on Github ephemeral VMs. --- .github/setup_ci.sh | 18 +++++++++++++----- .github/workflows/c-cpp.yml | 2 ++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 5e778d377136..598b0624a6d9 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -299,12 +299,20 @@ if [ ! -z "${INSTALL_PUTTY}" ]; then /usr/local/bin/plink -V fi -# This is the github "target" as specificed in the yml file. -case "${target}" in -ubuntu-latest) - echo ubuntu-latest target: setting random password string. +# If we're running on an ephemeral VM, set a random password and set +# up to run the password auth test. +if [ ! -z "${EPHEMERAL_VM}" ]; then + + # This is the github "target" as specified in the yml file. + # In particular, ubuntu-latest sets the password field to the locked + # value, so unless we reset it here most of the tests will fail. + case "${target}" in + ubuntu-*) + echo ${target} target: setting random password string. pw=$(openssl rand -base64 9) sudo usermod --password "${pw}" runner sudo usermod --unlock runner + echo "${pw}" > regress/password ;; -esac + esac +fi diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 7ee1796463f0..82087c057aef 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -121,6 +121,8 @@ jobs: - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} steps: + - env: + EPHEMERAL_VM: yes - name: check RUN_ONLY_TARGET_CONFIG if: vars.RUN_ONLY_TARGET_CONFIG != '' run: sh -c 'if [ "${{ vars.RUN_ONLY_TARGET_CONFIG }}" != "${{ matrix.target }} ${{matrix.config }}" ]; then exit 1; else exit 0; fi' From d32614b448528ac08a65caac323a34b4f559a204 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 29 Jun 2025 11:22:00 +1000 Subject: [PATCH 129/687] Move env to where it (hopefully) belongs. --- .github/workflows/c-cpp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 82087c057aef..385b2a94a123 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -120,9 +120,9 @@ jobs: - { target: macos-14, config: pam } - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} + - env: + EPHEMERAL_VM: yes steps: - - env: - EPHEMERAL_VM: yes - name: check RUN_ONLY_TARGET_CONFIG if: vars.RUN_ONLY_TARGET_CONFIG != '' run: sh -c 'if [ "${{ vars.RUN_ONLY_TARGET_CONFIG }}" != "${{ matrix.target }} ${{matrix.config }}" ]; then exit 1; else exit 0; fi' From 223a1beac7b7be9252f69055781c9c15f4d8a607 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 29 Jun 2025 11:24:42 +1000 Subject: [PATCH 130/687] Move env again. --- .github/workflows/c-cpp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 385b2a94a123..0ba00962b3c1 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -20,6 +20,8 @@ jobs: ci: name: "${{ matrix.target }} ${{ matrix.config }}" if: github.repository != 'openssh/openssh-portable-selfhosted' + env: + - EPHEMERAL_VM: yes strategy: fail-fast: false matrix: @@ -120,8 +122,6 @@ jobs: - { target: macos-14, config: pam } - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} - - env: - EPHEMERAL_VM: yes steps: - name: check RUN_ONLY_TARGET_CONFIG if: vars.RUN_ONLY_TARGET_CONFIG != '' From 700205bd861c25cc7564010cf63d984d8db5098a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 29 Jun 2025 11:27:17 +1000 Subject: [PATCH 131/687] Fix env again. --- .github/workflows/c-cpp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 0ba00962b3c1..ccf6a7822dd4 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -20,8 +20,6 @@ jobs: ci: name: "${{ matrix.target }} ${{ matrix.config }}" if: github.repository != 'openssh/openssh-portable-selfhosted' - env: - - EPHEMERAL_VM: yes strategy: fail-fast: false matrix: @@ -122,6 +120,8 @@ jobs: - { target: macos-14, config: pam } - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} + env: + EPHEMERAL_VM: yes steps: - name: check RUN_ONLY_TARGET_CONFIG if: vars.RUN_ONLY_TARGET_CONFIG != '' From 0b17d564cfae82f2a52e9b4d588657da47ea4e43 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 29 Jun 2025 14:34:48 +1000 Subject: [PATCH 132/687] Encrypt temporary password we're setting. Now that we want to actually use the random password for tests, we need to correctly encrypt it, instead of just setting it to a random string that's not the "locked" value. --- .github/setup_ci.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 598b0624a6d9..8ed1d178325f 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -308,11 +308,11 @@ if [ ! -z "${EPHEMERAL_VM}" ]; then # value, so unless we reset it here most of the tests will fail. case "${target}" in ubuntu-*) - echo ${target} target: setting random password string. - pw=$(openssl rand -base64 9) + echo ${target} target: setting random password. + openssl rand -base64 9 >regress/password + pw=$(tr -d '\n' regress/password ;; esac fi From 83d3ffc0fc0f5e4473ab43f0d42a1cf9497ce0b5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 29 Jun 2025 05:35:00 +0000 Subject: [PATCH 133/687] upstream: Check dropbear server version for required features. Dropbear added the '-D' flag in version 2025.87. We need that for the dropbear-server test, so skip on older versions. OpenBSD-Regress-ID: 9db0b84edd54d3c00ab17db1dc6d62af4644c550 --- regress/dropbear-server.sh | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/regress/dropbear-server.sh b/regress/dropbear-server.sh index d3ea6dcc5c12..c72c86bfd39e 100644 --- a/regress/dropbear-server.sh +++ b/regress/dropbear-server.sh @@ -1,4 +1,4 @@ -# $OpenBSD: dropbear-server.sh,v 1.1 2025/06/28 13:34:08 dtucker Exp $ +# $OpenBSD: dropbear-server.sh,v 1.2 2025/06/29 05:35:00 dtucker Exp $ # Placed in the Public Domain. tid="dropbear server" @@ -7,6 +7,20 @@ if test "x$REGRESS_INTEROP_DROPBEAR" != "xyes" ; then skip "dropbear interop tests not enabled" fi +ver="`$DROPBEAR -V 2>&1 | sed 's/Dropbear v//'`" +if [ -z "$ver" ]; then + skip "can't determine dropbear version" +fi + +major=`echo $ver | cut -f1 -d.` +minor=`echo $ver | cut -f2 -d.` + +if [ "$major" -lt "2025" ] || [ "$minor" -lt "87" ]; then + skip "dropbear version $ver (${major}.${minor}) does not support '-D'" +else + trace "dropbear version $ver (${major}.${minor}) ok" +fi + if [ -z "$SUDO" -a ! -w /var/run ]; then skip "need SUDO to create dir in /var/run, test won't work without" fi From b28e91aff80fd24341de8cb3c34dc454d6b75228 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 29 Jun 2025 08:20:21 +0000 Subject: [PATCH 134/687] upstream: Add shebang path to askpass script. Required for exec on some platforms (musl, probably others). OpenBSD-Regress-ID: 35cdeed12ae701afcb812f800c04d817325cd22a --- regress/password.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/regress/password.sh b/regress/password.sh index 1c5218d6b1f4..10f507e4472c 100644 --- a/regress/password.sh +++ b/regress/password.sh @@ -1,4 +1,4 @@ -# $OpenBSD: password.sh,v 1.1 2025/06/24 12:28:23 dtucker Exp $ +# $OpenBSD: password.sh,v 1.2 2025/06/29 08:20:21 dtucker Exp $ # Placed in the Public Domain. # # This tests standard "password" authentication. It does not run by default, @@ -21,6 +21,7 @@ echo "PasswordAuthentication yes" >>sshd_proxy # Keep a counter of the number of times it has been called and # reply with the next line of the replypass file. cat >${OBJ}/replypass.sh <${OBJ}/replypass.N From 29cf521486bf97ab9de5b9b356f812107e0671bc Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 2 Jul 2025 13:47:38 +1000 Subject: [PATCH 135/687] wrap some autoconf macros in AC_CACHE_CHECK This allows skipping/overriding the OSSH_CHECK_CFLAG_COMPILE and OSSH_CHECK_CFLAG_LINK macros used to discover supported compiler or linker flags. E.g. $ ./configure ossh_cv_cflag__fzero_call_used_regs_used=no [...] checking if cc supports compile flag -ftrapv and linking succeeds... yes checking if cc supports compile flag -fzero-call-used-regs=used and linking succeeds... (cached) no checking if cc supports compile flag -ftrivial-auto-var-init=zero... yes Patch from Colin Watson, ok dtucker@ --- m4/openssh.m4 | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/m4/openssh.m4 b/m4/openssh.m4 index 176a8d1c9282..f420146f1442 100644 --- a/m4/openssh.m4 +++ b/m4/openssh.m4 @@ -62,7 +62,8 @@ dnl Check that $CC accepts a flag 'check_flag'. If it is supported append dnl 'define_flag' to $CFLAGS. If 'define_flag' is not specified, then append dnl 'check_flag'. AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ - AC_MSG_CHECKING([if $CC supports compile flag $1]) + ossh_cache_var=AS_TR_SH([ossh_cv_cflag_$1]) + AC_CACHE_CHECK([if $CC supports compile flag $1], [$ossh_cache_var], [ saved_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $WERROR $1" _define_flag="$2" @@ -71,22 +72,23 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ [ if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null then - AC_MSG_RESULT([no]) + eval "$ossh_cache_var=no" CFLAGS="$saved_CFLAGS" else dnl If we are compiling natively, try running the program. AC_RUN_IFELSE([OSSH_COMPILER_FLAG_TEST_PROGRAM], - [ AC_MSG_RESULT([yes]) + [ eval "$ossh_cache_var=yes" CFLAGS="$saved_CFLAGS $_define_flag" ], - [ AC_MSG_RESULT([no, fails at run time]) + [ eval "$ossh_cache_var='no, fails at run time'" CFLAGS="$saved_CFLAGS" ], - [ AC_MSG_RESULT([yes]) + [ eval "$ossh_cache_var=yes" CFLAGS="$saved_CFLAGS $_define_flag" ], ) fi], - [ AC_MSG_RESULT([no]) + [ eval "$ossh_cache_var=no" CFLAGS="$saved_CFLAGS" ] ) + ]) }]) dnl OSSH_CHECK_CFLAG_LINK(check_flag[, define_flag]) @@ -94,7 +96,8 @@ dnl Check that $CC accepts a flag 'check_flag'. If it is supported append dnl 'define_flag' to $CFLAGS. If 'define_flag' is not specified, then append dnl 'check_flag'. AC_DEFUN([OSSH_CHECK_CFLAG_LINK], [{ - AC_MSG_CHECKING([if $CC supports compile flag $1 and linking succeeds]) + ossh_cache_var=AS_TR_SH([ossh_cv_cflag_$1]) + AC_CACHE_CHECK([if $CC supports compile flag $1 and linking succeeds], [$ossh_cache_var], [ saved_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $WERROR $1" _define_flag="$2" @@ -103,22 +106,23 @@ AC_DEFUN([OSSH_CHECK_CFLAG_LINK], [{ [ if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null then - AC_MSG_RESULT([no]) + eval "$ossh_cache_var=no" CFLAGS="$saved_CFLAGS" else dnl If we are compiling natively, try running the program. AC_RUN_IFELSE([OSSH_COMPILER_FLAG_TEST_PROGRAM], - [ AC_MSG_RESULT([yes]) + [ eval "$ossh_cache_var=yes" CFLAGS="$saved_CFLAGS $_define_flag" ], - [ AC_MSG_RESULT([no, fails at run time]) + [ eval "$ossh_cache_var='no, fails at run time'" CFLAGS="$saved_CFLAGS" ], - [ AC_MSG_RESULT([yes]) + [ eval "$ossh_cache_var=yes" CFLAGS="$saved_CFLAGS $_define_flag" ], ) fi], - [ AC_MSG_RESULT([no]) + [ eval "$ossh_cache_var=no" CFLAGS="$saved_CFLAGS" ] ) + ]) }]) dnl OSSH_CHECK_LDFLAG_LINK(check_flag[, define_flag]) @@ -126,7 +130,8 @@ dnl Check that $LD accepts a flag 'check_flag'. If it is supported append dnl 'define_flag' to $LDFLAGS. If 'define_flag' is not specified, then append dnl 'check_flag'. AC_DEFUN([OSSH_CHECK_LDFLAG_LINK], [{ - AC_MSG_CHECKING([if $LD supports link flag $1]) + ossh_cache_var=AS_TR_SH([ossh_cv_ldflag_$1]) + AC_CACHE_CHECK([if $LD supports link flag $1], [$ossh_cache_var], [ saved_LDFLAGS="$LDFLAGS" LDFLAGS="$LDFLAGS $WERROR $1" _define_flag="$2" @@ -135,22 +140,23 @@ AC_DEFUN([OSSH_CHECK_LDFLAG_LINK], [{ [ if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null then - AC_MSG_RESULT([no]) + eval "$ossh_cache_var=no" LDFLAGS="$saved_LDFLAGS" else dnl If we are compiling natively, try running the program. AC_RUN_IFELSE([OSSH_COMPILER_FLAG_TEST_PROGRAM], - [ AC_MSG_RESULT([yes]) + [ eval "$ossh_cache_var=yes" LDFLAGS="$saved_LDFLAGS $_define_flag" ], - [ AC_MSG_RESULT([no, fails at run time]) + [ eval "$ossh_cache_var='no, fails at run time'" LDFLAGS="$saved_LDFLAGS" ], - [ AC_MSG_RESULT([yes]) + [ eval "$ossh_cache_var=yes" LDFLAGS="$saved_LDFLAGS $_define_flag" ] ) fi ], - [ AC_MSG_RESULT([no]) + [ eval "$ossh_cache_var=no" LDFLAGS="$saved_LDFLAGS" ] ) + ]) }]) dnl OSSH_CHECK_HEADER_FOR_FIELD(field, header, symbol) From fd10cea0f16e928ae2b52fbeadccd475d0438eb4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 4 Jul 2025 00:17:55 +0000 Subject: [PATCH 136/687] upstream: mux: fix incorrect return value check in local forward cancellation channel_cancel_lport_listener() returns 1 on success and 0 on failure. The previous code incorrectly checked for `== -1`, a value the function never returns, so failure was not detected and the "port not found" error message was never shown when cancelling dynamic or local port forwards. From: Boris Tonofa OpenBSD-Commit-ID: 3e9d2252a4d0bd318d4f25e2b518afb44acea170 --- mux.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mux.c b/mux.c index 415024f74e8f..1a4f357d46f0 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.103 2024/10/12 10:50:37 jsg Exp $ */ +/* $OpenBSD: mux.c,v 1.104 2025/07/04 00:17:55 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -931,7 +931,7 @@ mux_master_process_close_fwd(struct ssh *ssh, u_int rid, } else { /* local and dynamic forwards */ /* Ditto */ if (channel_cancel_lport_listener(ssh, &fwd, fwd.connect_port, - &options.fwd_opts) == -1) + &options.fwd_opts) != 1) error_reason = "port not found"; } From 0cf38d74463bcf80510e7fd1b3d9328e7d91eb00 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 4 Jul 2025 07:47:35 +0000 Subject: [PATCH 137/687] upstream: the messaging layer between sshd-session and sshd-auth had a maximum message size of 256KB. Some people apparently have configurations larger than this and would hit this limit. Worse, there was no good logging that could help diagnose what was going wrong. So this bumps the maximum message size to 4MB and implements an early check (usable via the sshd -t test mode) that will report it to the user where it is hopefully more visible. bz3808, reported by Dmitry Belyavskiy, ok dtucker@ OpenBSD-Commit-ID: 69c303fb68cbd1a4735936835d67a71e7b57f63b --- monitor_wrap.c | 6 +++--- monitor_wrap.h | 6 +++++- sshd.c | 11 ++++++++--- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/monitor_wrap.c b/monitor_wrap.c index c30a7902d386..fea576213993 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.139 2025/05/05 02:40:30 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.140 2025/07/04 07:47:35 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -150,7 +150,7 @@ mm_request_send(int sock, enum monitor_reqtype type, struct sshbuf *m) debug3_f("entering, type %d", type); - if (mlen >= 0xffffffff) + if (mlen >= MONITOR_MAX_MSGLEN) fatal_f("bad length %zu", mlen); POKE_U32(buf, mlen + 1); buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ @@ -183,7 +183,7 @@ mm_request_receive(int sock, struct sshbuf *m) fatal_f("read: %s", strerror(errno)); } msg_len = PEEK_U32(buf); - if (msg_len > 256 * 1024) + if (msg_len > MONITOR_MAX_MSGLEN) fatal_f("read: bad msg_len %d", msg_len); sshbuf_reset(m); if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) diff --git a/monitor_wrap.h b/monitor_wrap.h index 7134afeecf4e..c87295388fd0 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.51 2024/05/17 06:42:04 jsg Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.53 2025/07/04 07:47:35 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -28,6 +28,10 @@ #ifndef _MM_WRAP_H_ #define _MM_WRAP_H_ +#define MONITOR_MAX_MSGLEN (4 * 1024 * 1024) +/* The configuration has to fit in a monitor message along with other state */ +#define MONITOR_MAX_CFGLEN (MONITOR_MAX_MSGLEN - (64 * 1024)) + enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY }; struct ssh; diff --git a/sshd.c b/sshd.c index 91608eff760c..5a4db309d23b 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.619 2025/05/24 06:43:37 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.620 2025/07/04 07:47:35 djm Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -94,6 +94,7 @@ #include "addr.h" #include "srclimit.h" #include "atomicio.h" +#include "monitor_wrap.h" /* Re-exec fds */ #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) @@ -1753,6 +1754,12 @@ main(int ac, char **av) if (test_flag > 1) print_config(&connection_info); + config = pack_config(cfg); + if (sshbuf_len(config) > MONITOR_MAX_CFGLEN) { + fatal("Configuration file is too large (have %zu, max %d)", + sshbuf_len(config), MONITOR_MAX_CFGLEN); + } + /* Configuration looks good, so exit if in test mode. */ if (test_flag) exit(0); @@ -1830,8 +1837,6 @@ main(int ac, char **av) /* ignore SIGPIPE */ ssh_signal(SIGPIPE, SIG_IGN); - config = pack_config(cfg); - /* Get a connection, either from inetd or a listening TCP socket */ if (inetd_flag) { /* Send configuration to ancestor sshd-session process */ From 007b69f21cf9e64125b241d4411a5e47f5028aa8 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 4 Jul 2025 07:52:17 +0000 Subject: [PATCH 138/687] upstream: add a regress test for configurations > 256KB mostly by Dmitry Belyavskiy OpenBSD-Regress-ID: fcedb249e4cf2447e078a839877f99730ee79024 --- regress/Makefile | 5 +++-- regress/connect-bigconf.sh | 17 +++++++++++++++++ 2 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 regress/connect-bigconf.sh diff --git a/regress/Makefile b/regress/Makefile index b8787205a15f..ece093a2ba87 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.139 2025/06/28 13:34:08 dtucker Exp $ +# $OpenBSD: Makefile,v 1.140 2025/07/04 07:52:17 djm Exp $ tests: prep file-tests t-exec unit @@ -113,7 +113,8 @@ LTESTS= connect \ agent-pkcs11-restrict \ agent-pkcs11-cert \ penalty \ - penalty-expire + penalty-expire \ + connect-bigconf INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers INTEROP_TESTS+= dropbear-ciphers dropbear-kex dropbear-server diff --git a/regress/connect-bigconf.sh b/regress/connect-bigconf.sh new file mode 100644 index 000000000000..56cf0ea649fc --- /dev/null +++ b/regress/connect-bigconf.sh @@ -0,0 +1,17 @@ +# $OpenBSD: connect-bigconf.sh,v 1.1 2025/07/04 07:52:17 djm Exp $ +# Placed in the Public Domain. + +tid="simple connect" + +for x in `jot 10000 1` ; do + echo "Match group NONEXIST" >> $OBJ/sshd_config + echo "ChrootDirectory /some/path/for/group/NONEXIST" >> $OBJ/sshd_config +done +#cat $OBJ/sshd_config +start_sshd + +trace "direct connect with large sshd_config" +${SSH} -F $OBJ/ssh_config somehost true +if [ $? -ne 0 ]; then + fail "ssh direct connect with large sshd_config failed" +fi From c971f3d93efe4c00d73b276cdbab66e7c66c9b5c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 5 Jul 2025 20:50:50 +1000 Subject: [PATCH 139/687] Add include for gssapi definitions. Patch from dbelyavs at redhat.com via bz#3846. --- sshd.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sshd.c b/sshd.c index 5a4db309d23b..b8345fca0fba 100644 --- a/sshd.c +++ b/sshd.c @@ -94,6 +94,9 @@ #include "addr.h" #include "srclimit.h" #include "atomicio.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" /* Re-exec fds */ From eddd1d2daa64a6ab1a915ca88436fa41aede44d4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 4 Jul 2025 09:51:01 +0000 Subject: [PATCH 140/687] upstream: Fix mistracking of MaxStartups process exits in some situations. At worst, this can cause all MaxStartups slots to fill and sshd to refuse new connections. Diagnosis by xnor; ok dtucker@ OpenBSD-Commit-ID: 10273033055552557196730f898ed6308b36a78d --- sshd.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/sshd.c b/sshd.c index b8345fca0fba..6960193816f5 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.620 2025/07/04 07:47:35 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.621 2025/07/04 09:51:01 djm Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -293,8 +293,10 @@ child_finish(struct early_child *child) { if (children_active == 0) fatal_f("internal error: children_active underflow"); - if (child->pipefd != -1) + if (child->pipefd != -1) { + srclimit_done(child->pipefd); close(child->pipefd); + } sshbuf_free(child->config); sshbuf_free(child->keys); free(child->id); @@ -315,6 +317,7 @@ child_close(struct early_child *child, int force_final, int quiet) if (!quiet) debug_f("enter%s", force_final ? " (forcing)" : ""); if (child->pipefd != -1) { + srclimit_done(child->pipefd); close(child->pipefd); child->pipefd = -1; } @@ -1043,7 +1046,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, if (ret <= 0) { if (children[i].early) listening--; - srclimit_done(children[i].pipefd); child_close(&(children[i]), 0, 0); continue; } @@ -1082,23 +1084,19 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, } /* FALLTHROUGH */ case 0: - /* child exited preauth */ + /* child closed pipe */ if (children[i].early) listening--; - srclimit_done(children[i].pipefd); + debug3_f("child %lu for %s closed pipe", + (long)children[i].pid, children[i].id); child_close(&(children[i]), 0, 0); break; case 1: if (children[i].config) { error_f("startup pipe %d (fd=%d)" - " early read", i, children[i].pipefd); - if (children[i].early) - listening--; - if (children[i].pid > 0) - kill(children[i].pid, SIGTERM); - srclimit_done(children[i].pipefd); - child_close(&(children[i]), 0, 0); - break; + " early read", + i, children[i].pipefd); + goto problem_child; } if (children[i].early && c == '\0') { /* child has finished preliminaries */ @@ -1118,6 +1116,12 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, "child %ld for %s in state %d", (int)c, (long)children[i].pid, children[i].id, children[i].early); + problem_child: + if (children[i].early) + listening--; + if (children[i].pid > 0) + kill(children[i].pid, SIGTERM); + child_close(&(children[i]), 0, 0); } break; } From 1052fa62b35e0bb25b0c1efb9fdd7870e4a68ab6 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 11 Jul 2025 15:36:49 -0700 Subject: [PATCH 141/687] more diagnostics when getgrouplist fails --- groupaccess.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/groupaccess.c b/groupaccess.c index 9d03ded0cd5d..b85782472b85 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -50,21 +50,24 @@ int ga_init(const char *user, gid_t base) { gid_t *groups_bygid; - int i, j, retry = 0; + int ongroups, i, j, retry = 0; struct group *gr; if (ngroups > 0) ga_free(); - ngroups = NGROUPS_MAX; + ongroups = ngroups = NGROUPS_MAX; #if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX) - ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX)); + ongroups = ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX)); #endif groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid)); while (getgrouplist(user, base, groups_bygid, &ngroups) == -1) { - if (retry++ > 0) - fatal("getgrouplist: groups list too small"); + if (retry++ > 0) { + fatal("getgrouplist(\"%s\", %ld): groups list too big " + "(have %ld, need %ld)", user, (long)base, + (long)ongroups, (long)ngroups); + } groups_bygid = xreallocarray(groups_bygid, ngroups, sizeof(*groups_bygid)); } From f01a899b92ab8c5e6ff71214658bd09636c47e87 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 11 Jul 2025 23:26:59 +0000 Subject: [PATCH 142/687] upstream: add a "Match Group NoSuchGroup" to exercise groupaccess.c OpenBSD-Regress-ID: 7ff58e6f0eb21eb9064dd0cfa78c3b6f34b5f713 --- regress/cfgmatch.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh index 2737a5f977ef..8b9d80f0a239 100644 --- a/regress/cfgmatch.sh +++ b/regress/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.14 2024/09/27 01:05:54 djm Exp $ +# $OpenBSD: cfgmatch.sh,v 1.15 2025/07/11 23:26:59 djm Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -106,6 +106,8 @@ cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy echo "PermitOpen 127.0.0.1:1 127.0.0.1:$PORT 127.0.0.2:2" >>$OBJ/sshd_proxy echo "Match User NoSuchUser" >>$OBJ/sshd_proxy echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy +echo "Match Group NoSuchGroup" >>$OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy # Test that a rule that doesn't match doesn't override, plus test a # PermitOpen entry that's not at the start of the list From f9dc519259804702cab0fa0ca8b193a360e3ec38 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 11 Jul 2025 17:20:27 -0700 Subject: [PATCH 143/687] let ga_init() fail gracefully if getgrouplist does Apparently getgrouplist() can fail on OSX for when passed a non-existent group name. Other platforms seem to return a group list consisting of the numeric gid passed to the function. This makes ga_init() handle this failure case gracefully, where it will return success but with an empty group list array. bz3848; ok dtucker@ --- groupaccess.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/groupaccess.c b/groupaccess.c index b85782472b85..046d0e6bcaf9 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -63,6 +63,14 @@ ga_init(const char *user, gid_t base) groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid)); while (getgrouplist(user, base, groups_bygid, &ngroups) == -1) { + if (ngroups <= ongroups) { + error("getgrouplist(\"%s\", %ld): failed", + user, (long)base); + free(groups_bygid); + groups_bygid = NULL; + ngroups = 0; + return 0; + } if (retry++ > 0) { fatal("getgrouplist(\"%s\", %ld): groups list too big " "(have %ld, need %ld)", user, (long)base, From e6805e2a6b33e001e1a7257b85ab779fd592a578 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Thu, 18 May 2023 16:30:35 +0200 Subject: [PATCH 144/687] Add gnome-ssh-askpass4 for GNOME 40+ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GTK 3 has been in maintenance mode for a while now, and it is on the road to being abandoned. As a result, the dialogue looks out of place on modern systems. We could port it to GTK 4 but without the program being registered as an application (i.e. having a .desktop file), GNOME Shell would ask for permission to grab input every time. Let’s instead use the GNOME Shell’s native prompt through the unstable Gcr API. --- contrib/Makefile | 7 +- contrib/README | 8 +- contrib/gnome-ssh-askpass4.c | 249 +++++++++++++++++++++++++++++++++++ 3 files changed, 260 insertions(+), 4 deletions(-) create mode 100644 contrib/gnome-ssh-askpass4.c diff --git a/contrib/Makefile b/contrib/Makefile index 45d878bdcf22..1482783a8097 100644 --- a/contrib/Makefile +++ b/contrib/Makefile @@ -1,7 +1,7 @@ PKG_CONFIG = pkg-config all: - @echo "Valid targets: gnome-ssh-askpass1 gnome-ssh-askpass2 gnome-ssk-askpass3" + @echo "Valid targets: gnome-ssh-askpass1 gnome-ssh-askpass2 gnome-ssk-askpass3 gnome-ssh-askpass4" gnome-ssh-askpass1: gnome-ssh-askpass1.c $(CC) $(CFLAGS) `gnome-config --cflags gnome gnomeui` \ @@ -18,5 +18,10 @@ gnome-ssh-askpass3: gnome-ssh-askpass3.c gnome-ssh-askpass3.c -o gnome-ssh-askpass3 \ `$(PKG_CONFIG) --libs gtk+-3.0 x11` +gnome-ssh-askpass4: gnome-ssh-askpass4.c + $(CC) $(CFLAGS) `$(PKG_CONFIG) --cflags gcr-4 gio-2.0` \ + gnome-ssh-askpass4.c -o gnome-ssh-askpass4 \ + `$(PKG_CONFIG) --libs gcr-4 gio-2.0` + clean: rm -f *.o gnome-ssh-askpass gnome-ssh-askpass[123] diff --git a/contrib/README b/contrib/README index 60e19ba9faa8..614152a123aa 100644 --- a/contrib/README +++ b/contrib/README @@ -30,10 +30,12 @@ ssh-copy-id: Phil Hands' shell script to automate the process of adding your public key to a remote machine's ~/.ssh/authorized_keys file. -gnome-ssh-askpass[12]: +gnome-ssh-askpass[1234]: -A GNOME and Gtk2 passphrase requesters. Use "make gnome-ssh-askpass1" or -"make gnome-ssh-askpass2" to build. +Graphical passhrase requesters. Use "make gnome-ssh-askpass1" to build +a variant for ancient GNOME desktop, "make gnome-ssh-askpass2" +for a GTK 2-based one, "make gnome-ssh-askpass3" for a GTK 3-based one, +or "make gnome-ssh-askpass4" for a version for modern GNOME. sshd.pam.generic: diff --git a/contrib/gnome-ssh-askpass4.c b/contrib/gnome-ssh-askpass4.c new file mode 100644 index 000000000000..182bce0cc63b --- /dev/null +++ b/contrib/gnome-ssh-askpass4.c @@ -0,0 +1,249 @@ +/* + * Copyright (c) 2000-2002 Damien Miller. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* GCR support by Jan Tojnar */ + +/* + * This is a simple SSH passphrase grabber for GNOME. To use it, set the + * environment variable SSH_ASKPASS to point to the location of + * gnome-ssh-askpass before calling "ssh-add < /dev/null". + */ + +/* + * Known problems: + * - This depends on unstable libgcr features + * - long key fingerprints may be truncted: + * https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6781 + */ + +/* + * Compile with: + * + * cc -Wall `pkg-config --cflags gcr-4 gio-2.0` \ + * gnome-ssh-askpass4.c -o gnome-ssh-askpass \ + * `pkg-config --libs gcr-4 gio-2.0` + * + */ + +#include +#include + +#include + +#define GCR_API_SUBJECT_TO_CHANGE 1 +#include + +typedef enum _PromptType { + PROMPT_ENTRY, + PROMPT_CONFIRM, + PROMPT_NONE, +} PromptType; + +typedef struct _PromptState { + GApplication *app; + char* message; + PromptType type; + int exit_status; +} PromptState; + +static PromptState * +prompt_state_new(GApplication *app, char* message, PromptType type) +{ + PromptState *state = g_malloc(sizeof(PromptState)); + state->app = g_object_ref(app); + state->message = g_strdup(message); + state->type = type; + state->exit_status = -1; + return state; +} + +static void +prompt_state_free(PromptState *state) +{ + g_clear_object(&state->app); + g_free(state->message); + g_free(state); +} + +G_DEFINE_AUTOPTR_CLEANUP_FUNC(PromptState, prompt_state_free) + +static void +prompt_password_done(GObject *source_object, GAsyncResult *res, + gpointer user_data) +{ + GcrPrompt *prompt = GCR_PROMPT(source_object); + PromptState *state = user_data; + g_autoptr(GError) error = NULL; + + /* + * “The returned password is valid until the next time a method + * is called to display another prompt.” + */ + const char *pw = gcr_prompt_password_finish(prompt, res, &error); + + if ((!pw && !error) || (error && error->code == G_IO_ERROR_CANCELLED)) { + /* Operation was cancelled or timed out. */ + state->exit_status = -1; + } else if (error) { + warnx("Failed to prompt for ssh-askpass: %s", error->message); + state->exit_status = 1; + } else { + /* Report passphrase if user selected Continue. */ + g_autofree char *local = g_locale_from_utf8(pw, strlen(pw), + NULL, NULL, NULL); + + if (local != NULL) { + puts(local); + memset(local, '\0', strlen(local)); + } else { + puts(pw); + } + state->exit_status = 0; + } + + g_application_release(state->app); +} + +static void +prompt_confirm_done(GObject *source_object, GAsyncResult *res, + gpointer user_data) +{ + GcrPrompt *prompt = GCR_PROMPT(source_object); + PromptState *state = user_data; + g_autoptr(GError) error = NULL; + + GcrPromptReply reply = gcr_prompt_confirm_finish(prompt, res, &error); + if (error) { + if (error->code == G_IO_ERROR_CANCELLED) { + /* Operation was cancelled or timed out. */ + state->exit_status = -1; + } else { + state->exit_status = 1; + warnx("Failed to prompt for ssh-askpass: %s", + error->message); + } + } else if (reply == GCR_PROMPT_REPLY_CONTINUE || + state->type == PROMPT_NONE) { + /* + * Since Gcr doesn’t yet support one button message + * boxes treat Cancel the same as Continue. + */ + state->exit_status = 0; + } else { + /* GCR_PROMPT_REPLY_CANCEL */ + state->exit_status = -1; + } + + g_application_release(state->app); +} + +static int +command_line(GApplication* app, G_GNUC_UNUSED GApplicationCommandLine *cmdline, + gpointer user_data) +{ + PromptState *state = user_data; + + /* Prevent app from exiting while waiting for the async callback. */ + g_application_hold(app); + + /* Wait indefinitely. */ + int timeout_seconds = -1; + g_autoptr(GError) error = NULL; + GcrPrompt* prompt = gcr_system_prompt_open(timeout_seconds, NULL, &error); + + if (!prompt) { + if (error->code == GCR_SYSTEM_PROMPT_IN_PROGRESS) { + /* + * This means the timeout elapsed, but no prompt + * was ever shown. + */ + warnx("Timeout: the Gcr system prompter was " + "already in use."); + } else { + warnx("Couldn’t create prompt for ssh-askpass: %s", + error->message); + } + + return 1; + } + + gcr_prompt_set_message(prompt, "OpenSSH"); + gcr_prompt_set_description(prompt, state->message); + + /* + * XXX: Remove the Cancel button for PROMPT_NONE when GCR + * supports that. + */ + if (state->type == PROMPT_ENTRY) { + gcr_prompt_password_async(prompt, NULL, prompt_password_done, state); + } else { + gcr_prompt_confirm_async(prompt, NULL, prompt_confirm_done, state); + } + + /* The exit status will be changed in the async callbacks. */ + return 1; +} + +int +main(int argc, char **argv) +{ + g_autoptr(GApplication) app = g_application_new( + "com.openssh.gnome-ssh-askpass4", + G_APPLICATION_HANDLES_COMMAND_LINE); + g_autofree char *message = NULL; + + if (argc > 1) { + message = g_strjoinv(" ", argv + 1); + } else { + message = g_strdup("Enter your OpenSSH passphrase:"); + } + + const char *prompt_mode = getenv("SSH_ASKPASS_PROMPT"); + PromptType type = PROMPT_ENTRY; + if (prompt_mode != NULL) { + if (strcasecmp(prompt_mode, "confirm") == 0) { + type = PROMPT_CONFIRM; + } else if (strcasecmp(prompt_mode, "none") == 0) { + type = PROMPT_NONE; + } + } + + g_autoptr(PromptState) state = prompt_state_new(app, message, type); + + g_signal_connect(app, "command-line", G_CALLBACK(command_line), state); + + /* + * Since we are calling g_application_hold, we cannot use + * g_application_command_line_set_exit_status. + * To change the exit status returned by g_application_run: + * “If the commandline invocation results in the mainloop running + * (ie: because the use-count of the application increased to a + * non-zero value) then the application is considered to have been + * ‘successful’ in a certain sense, and the exit status is always + * zero.” + */ + (void)(g_application_run(app, argc, argv)); + + return state->exit_status; +} From defc806574d2256036d69a291caf0f3484844de6 Mon Sep 17 00:00:00 2001 From: "miod@openbsd.org" Date: Sat, 12 Jul 2025 05:28:33 +0000 Subject: [PATCH 145/687] upstream: Add missing inter-library dependencies to LDADD and DPADD. ok tb@ deraadt@ OpenBSD-Commit-ID: a05e13a7e2c0b65bb4b47184fef731243431c6ff --- .skipped-commit-ids | 1 + 1 file changed, 1 insertion(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 2ccd3a6626fa..46271b34a830 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -44,6 +44,7 @@ a959fc45ea3431b36f52eda04faefc58bcde00db groupaccess.c changes c7246a6b519ac390ca550719f91acfdaef1fa0f0 Makefile relink change ef7ecdb6dd2542f42fa7236d17ac0b144851f0b5 ssh-keygen, fixup'ed into 21682417 da414a364c25b187fc686da7aacec2c35d29238a ssh-keygen, fixup'ed into 21682417 +a05e13a7e2c0b65bb4b47184fef731243431c6ff Makefile.inc Old upstream tree: From 40fb2dc4ece76c8f0c624d90a17bc1bbf47f3729 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 23 Jul 2025 05:07:19 +0000 Subject: [PATCH 146/687] upstream: add a ssh_config RefuseConnection option that, when encountered while processing an active section in a configuration file, terminates ssh(1) with an error message that contains the argument to the option. This may be useful for expressing reminders or warnings in config files, for example: Match host foo RefuseConnection "foo is deprecated, use splork instead" ok djg OpenBSD-Commit-ID: 5b0072fcd08ad3932ab21e27bbaa66b008d44237 --- readconf.c | 18 ++++++++++++++++-- ssh_config.5 | 13 +++++++++++-- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/readconf.c b/readconf.c index 97f34abff108..b5a9f925fc4a 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.400 2025/06/24 09:22:03 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.401 2025/07/23 05:07:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -180,7 +180,7 @@ typedef enum { oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, oEnableEscapeCommandline, oObscureKeystrokeTiming, oChannelTimeout, - oVersionAddendum, + oVersionAddendum, oRefuseConnection, oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -332,6 +332,7 @@ static struct { { "obscurekeystroketiming", oObscureKeystrokeTiming }, { "channeltimeout", oChannelTimeout }, { "versionaddendum", oVersionAddendum }, + { "refuseconnection", oRefuseConnection }, { NULL, oBadOption } }; @@ -2509,6 +2510,19 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, argv_consume(&ac); break; + case oRefuseConnection: + arg = argv_next(&ac, &av); + if (!arg || *arg == '\0') { + error("%.200s line %d: Missing argument.", + filename, linenum); + goto out; + } + if (*activep) { + fatal("%.200s line %d: RefuseConnection: %s", + filename, linenum, arg); + } + break; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); diff --git a/ssh_config.5 b/ssh_config.5 index 894d738310c8..14115fff1e1e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.413 2025/03/03 06:53:09 dtucker Exp $ -.Dd $Mdocdate: March 3 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.414 2025/07/23 05:07:19 djm Exp $ +.Dd $Mdocdate: July 23 2025 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1715,6 +1715,15 @@ disabling or enabling the OpenSSH host-bound authentication protocol extension required for restricted .Xr ssh-agent 1 forwarding. +.It Cm RefuseConnection +Allows a connection to be refused by the configuration file. +If this option is specified, then +.Xr ssh 1 +will terminate immediately before attempting to connect to the remote +host, display an error message that contains the argument to this keyword +and return a non-zero exit status. +This option may be useful to express reminders or warnings to the user via +.Nm . .It Cm RekeyLimit Specifies the maximum amount of data that may be transmitted or received before the session key is renegotiated, optionally followed by a maximum From 259c66aebe4e1f9d60e548f728ff74083bcccddf Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 24 Jul 2025 22:02:49 +1000 Subject: [PATCH 147/687] Remove DEBUG_ACTIONS variable. If needed it can be set in github if needed. --- .github/workflows/selfhosted.yml | 1 - .github/workflows/upstream.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index 2f425fe2f39c..281b2fc84dee 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -11,7 +11,6 @@ jobs: runs-on: ${{ matrix.host }} timeout-minutes: 600 env: - DEBUG_ACTIONS: false HOST: ${{ matrix.host }} TARGET_HOST: ${{ matrix.target }} TARGET_CONFIG: ${{ matrix.config }} diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 9e74f94a74d1..e9e431373a39 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -11,7 +11,6 @@ jobs: if: github.repository == 'openssh/openssh-portable-selfhosted' runs-on: ${{ matrix.host }} env: - DEBUG_ACTIONS: true EPHEMERAL: true HOST: ${{ matrix.host }} TARGET_HOST: ${{ matrix.target }} From a8c0e5c871c0c7ee5ae93e353b1499a53c09c71d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 24 Jul 2025 05:44:55 +0000 Subject: [PATCH 148/687] upstream: Help OpenSSH's PKCS#11 support kick its meth habit. The PKCS#11 code in OpenSSH used the libcrypto public key method API (e.g. the delightfully named RSA_meth_free()) to delegate signing operations to external keys. This had one advantage - that it was basically transparent to callers, but also had a big disadvantage - that we'd manually have to track the method implementations, their state and their relationships to the underlying PKCS#11 objects. This rips this out and replaces it with explicit delegation to PKCS#11 code for externally hosted keys via the ssh-pkcs11-helper subprocess. This is very similar to how we handle FIDO keys in OpenSSH (i.e. via ssh-sk-helper). All we need to track now is a much simpler mapping of public key -> helper subprocess. Kicking our libcrypto meth dependency also makes it much easier to support Ed25519 keys in PKCS#11, which will happen in a subsequent commit. feedback / ok tb@ OpenBSD-Commit-ID: a5a1eaf57971cf15e0cdc5a513e313541c8a35f0 --- .depend | 10 +- Makefile.in | 22 +- ssh-ecdsa.c | 35 ++- ssh-pkcs11-client.c | 510 +++++++++++------------------------- ssh-pkcs11-helper.c | 215 ++++------------ ssh-pkcs11.c | 615 ++++++++++++++++++++++++++++---------------- ssh-pkcs11.h | 12 +- ssh-rsa.c | 46 +++- ssh-sk-helper.c | 19 +- sshbuf-misc.c | 16 +- sshbuf.h | 11 +- sshkey.c | 29 ++- sshkey.h | 9 +- 13 files changed, 754 insertions(+), 795 deletions(-) diff --git a/.depend b/.depend index 3e64eb84a6a5..f569b603d450 100644 --- a/.depend +++ b/.depend @@ -138,12 +138,12 @@ ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-co ssh-keyscan.o: dispatch.h log.h ssherr.h atomicio.h misc.h hostfile.h ssh_api.h ssh2.h dns.h addr.h ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h -ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h ssh-pkcs11.h +ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h pathnames.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h atomicio.h ssh-pkcs11.h +ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h ssh-pkcs11.h ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshkey.h ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h digest.h pathnames.h ssh-sk.h misc.h -ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h +ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h ssh-pkcs11.h ssh-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h channels.h @@ -163,11 +163,11 @@ sshd-auth.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h ke sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h sshd-session.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h dh.h sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h -sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h +sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h monitor_wrap.h sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h ssherr.o: ssherr.h sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h match.h ssh-sk.h openbsd-compat/openssl-compat.h +sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h match.h ssh-sk.h ssh-pkcs11.h openbsd-compat/openssl-compat.h sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h ssherr.h misc.h sshsig.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfd.h authfile.h log.h ssherr.h misc.h sshbuf.h sshsig.h sshkey.h match.h digest.h diff --git a/Makefile.in b/Makefile.in index eb6f08e4df9b..399c8ae6ec56 100644 --- a/Makefile.in +++ b/Makefile.in @@ -108,7 +108,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ monitor_fdpass.o rijndael.o ssh-ecdsa.o ssh-ecdsa-sk.o \ ssh-ed25519-sk.o ssh-rsa.o dh.o \ msg.o dns.o entropy.o gss-genr.o umac.o umac128.o \ - ssh-pkcs11.o smult_curve25519_ref.o \ + smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ hmac.o ed25519.o hash.o \ @@ -118,16 +118,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ sshbuf-io.o misc-agent.o +P11OBJS= ssh-pkcs11-client.o + SKOBJS= ssh-sk-client.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect2.o mux.o $(SKOBJS) + sshconnect.o sshconnect2.o mux.o $(P11OBJS) $(SKOBJS) SSHDOBJS=sshd.o \ platform-listen.o \ servconf.o sshpty.o srclimit.o groupaccess.o auth2-methods.o \ dns.o fatal.o compat.o utf8.o authfd.o canohost.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \ audit.o audit-bsm.o audit-linux.o platform.o \ @@ -140,7 +142,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ - uidswap.o platform-listen.o $(SKOBJS) + uidswap.o platform-listen.o $(P11OBJS) $(SKOBJS) SSHD_AUTH_OBJS=sshd-auth.o \ auth2-methods.o \ @@ -155,25 +157,25 @@ SSHD_AUTH_OBJS=sshd-auth.o \ sandbox-null.o sandbox-rlimit.o sandbox-darwin.o \ sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-solaris.o \ sftp-server.o sftp-common.o \ - uidswap.o $(SKOBJS) + uidswap.o $(P11OBJS) $(SKOBJS) SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o SCP_OBJS= scp.o progressmeter.o $(SFTP_CLIENT_OBJS) -SSHADD_OBJS= ssh-add.o $(SKOBJS) +SSHADD_OBJS= ssh-add.o $(P11OBJS) $(SKOBJS) -SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o $(SKOBJS) +SSHAGENT_OBJS= ssh-agent.o $(P11OBJS) $(SKOBJS) -SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(SKOBJS) +SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(P11OBJS) $(SKOBJS) -SSHKEYSIGN_OBJS=ssh-keysign.o readconf.o uidswap.o $(SKOBJS) +SSHKEYSIGN_OBJS=ssh-keysign.o readconf.o uidswap.o $(P11OBJS) $(SKOBJS) P11HELPER_OBJS= ssh-pkcs11-helper.o ssh-pkcs11.o $(SKOBJS) SKHELPER_OBJS= ssh-sk-helper.o ssh-sk.o sk-usbhid.o -SSHKEYSCAN_OBJS=ssh-keyscan.o $(SKOBJS) +SSHKEYSCAN_OBJS=ssh-keyscan.o $(P11OBJS) $(SKOBJS) SFTPSERVER_OBJS=sftp-common.o sftp-server.o sftp-server-main.o diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c index 695ed451e63d..b423bfb65685 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa.c,v 1.27 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: ssh-ecdsa.c,v 1.28 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -328,8 +328,7 @@ ssh_ecdsa_sign(struct sshkey *key, const BIGNUM *sig_r, *sig_s; int hash_alg; size_t slen = 0; - struct sshbuf *b = NULL, *bb = NULL; - int len = 0, ret = SSH_ERR_INTERNAL_ERROR; + int ret = SSH_ERR_INTERNAL_ERROR; if (lenp != NULL) *lenp = 0; @@ -352,11 +351,37 @@ ssh_ecdsa_sign(struct sshkey *key, ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } + ECDSA_SIG_get0(esig, &sig_r, &sig_s); + + if ((ret = ssh_ecdsa_encode_store_sig(key, sig_r, sig_s, + sigp, lenp)) != 0) + goto out; + /* success */ + ret = 0; + out: + freezero(sigb, slen); + ECDSA_SIG_free(esig); + return ret; +} + +int +ssh_ecdsa_encode_store_sig(const struct sshkey *key, + const BIGNUM *sig_r, const BIGNUM *sig_s, + u_char **sigp, size_t *lenp) +{ + struct sshbuf *b = NULL, *bb = NULL; + int ret; + size_t len; + + if (lenp != NULL) + *lenp = 0; + if (sigp != NULL) + *sigp = NULL; + if ((bb = sshbuf_new()) == NULL || (b = sshbuf_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; } - ECDSA_SIG_get0(esig, &sig_r, &sig_s); if ((ret = sshbuf_put_bignum2(bb, sig_r)) != 0 || (ret = sshbuf_put_bignum2(bb, sig_s)) != 0) goto out; @@ -375,10 +400,8 @@ ssh_ecdsa_sign(struct sshkey *key, *lenp = len; ret = 0; out: - freezero(sigb, slen); sshbuf_free(b); sshbuf_free(bb); - ECDSA_SIG_free(esig); return ret; } diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index b8d1700f0296..8aaa4d2d684c 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.20 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.21 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -18,8 +18,6 @@ #include "includes.h" -#ifdef ENABLE_PKCS11 - #include #ifdef HAVE_SYS_TIME_H # include @@ -27,14 +25,12 @@ #include #include +#include #include #include #include #include -#include -#include - #include "pathnames.h" #include "xmalloc.h" #include "sshbuf.h" @@ -46,28 +42,18 @@ #include "ssh-pkcs11.h" #include "ssherr.h" -#include "openbsd-compat/openssl-compat.h" - -#if !defined(OPENSSL_HAS_ECC) || !defined(HAVE_EC_KEY_METHOD_NEW) -#define EC_KEY_METHOD void -#define EC_KEY void -#endif - /* borrows code from sftp-server and ssh-agent */ /* * Maintain a list of ssh-pkcs11-helper subprocesses. These may be looked up - * by provider path or their unique EC/RSA METHOD pointers. + * by provider path or their unique keyblobs. */ struct helper { char *path; pid_t pid; int fd; - RSA_METHOD *rsa_meth; - EC_KEY_METHOD *ec_meth; - int (*rsa_finish)(RSA *rsa); - void (*ec_finish)(EC_KEY *key); - size_t nrsa, nec; /* number of active keys of each type */ + size_t nkeyblobs; + struct sshbuf **keyblobs; /* XXX use a tree or something faster */ }; static struct helper **helpers; static size_t nhelpers; @@ -88,58 +74,75 @@ helper_by_provider(const char *path) } static struct helper * -helper_by_rsa(const RSA *rsa) +helper_by_key(const struct sshkey *key) { - size_t i; - const RSA_METHOD *meth; + size_t i, j; + struct sshbuf *keyblob = NULL; + int r; + + if ((keyblob = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshkey_putb(key, keyblob)) != 0) + fatal_fr(r, "serialise key"); - if ((meth = RSA_get_method(rsa)) == NULL) - return NULL; for (i = 0; i < nhelpers; i++) { - if (helpers[i] != NULL && helpers[i]->rsa_meth == meth) - return helpers[i]; + if (helpers[i] == NULL) + continue; + for (j = 0; j < helpers[i]->nkeyblobs; j++) { + if (sshbuf_equals(keyblob, + helpers[i]->keyblobs[j]) == 0) { + sshbuf_free(keyblob); + return helpers[i]; + } + } } + sshbuf_free(keyblob); return NULL; } -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) -static struct helper * -helper_by_ec(const EC_KEY *ec) +static void +helper_add_key(struct helper *helper, struct sshkey *key) { - size_t i; - const EC_KEY_METHOD *meth; - - if ((meth = EC_KEY_get_method(ec)) == NULL) - return NULL; - for (i = 0; i < nhelpers; i++) { - if (helpers[i] != NULL && helpers[i]->ec_meth == meth) - return helpers[i]; - } - return NULL; + int r; + helper->keyblobs = xrecallocarray(helper->keyblobs, helper->nkeyblobs, + helper->nkeyblobs + 1, sizeof(*helper->keyblobs)); + if ((helper->keyblobs[helper->nkeyblobs] = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshkey_putb(key, helper->keyblobs[helper->nkeyblobs])) != 0) + fatal_fr(r, "shkey_putb failed"); + helper->nkeyblobs++; + debug3_f("added %s key for provider %s, now has %zu keys", + sshkey_type(key), helper->path, helper->nkeyblobs); } -#endif /* defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) */ static void -helper_free(struct helper *helper) +helper_terminate(struct helper *helper) { size_t i; int found = 0; if (helper == NULL) return; - if (helper->path == NULL || helper->ec_meth == NULL || - helper->rsa_meth == NULL) + if (helper->path == NULL) fatal_f("inconsistent helper"); - debug3_f("free helper for provider %s", helper->path); + + debug3_f("terminating helper for %s; remaining %zu keys", + helper->path, helper->nkeyblobs); + + close(helper->fd); + /* XXX waitpid() */ + helper->fd = -1; + helper->pid = -1; + + /* repack helpers */ for (i = 0; i < nhelpers; i++) { if (helpers[i] == helper) { if (found) fatal_f("helper recorded more than once"); found = 1; - } - else if (found) + } else if (found) helpers[i - 1] = helpers[i]; } if (found) { @@ -147,39 +150,12 @@ helper_free(struct helper *helper) nhelpers - 1, sizeof(*helpers)); nhelpers--; } + for (i = 0; i < helper->nkeyblobs; i++) + sshbuf_free(helper->keyblobs[i]); free(helper->path); -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - EC_KEY_METHOD_free(helper->ec_meth); -#endif - RSA_meth_free(helper->rsa_meth); free(helper); } -static void -helper_terminate(struct helper *helper) -{ - if (helper == NULL) { - return; - } else if (helper->fd == -1) { - debug3_f("already terminated"); - } else { - debug3_f("terminating helper for %s; " - "remaining %zu RSA %zu ECDSA", - helper->path, helper->nrsa, helper->nec); - close(helper->fd); - /* XXX waitpid() */ - helper->fd = -1; - helper->pid = -1; - } - /* - * Don't delete the helper entry until there are no remaining keys - * that reference it. Otherwise, any signing operation would call - * a free'd METHOD pointer and that would be bad. - */ - if (helper->nrsa == 0 && helper->nec == 0) - helper_free(helper); -} - static void send_msg(int fd, struct sshbuf *m) { @@ -249,200 +225,61 @@ pkcs11_terminate(void) helper_terminate(helpers[i]); } -static int -rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) +int +pkcs11_sign(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) { - struct sshkey *key = NULL; struct sshbuf *msg = NULL; - u_char *blob = NULL, *signature = NULL; - size_t blen, slen = 0; - int r, ret = -1; struct helper *helper; + int status, r; + u_char *signature = NULL; + size_t signature_len = 0; + int ret = SSH_ERR_INTERNAL_ERROR; - if ((helper = helper_by_rsa(rsa)) == NULL || helper->fd == -1) - fatal_f("no helper for PKCS11 key"); - debug3_f("signing with PKCS11 provider %s", helper->path); - if (padding != RSA_PKCS1_PADDING) - goto fail; - if ((key = sshkey_new(KEY_UNSPEC)) == NULL) { - error_f("sshkey_new failed"); - goto fail; - } - if ((key->pkey = EVP_PKEY_new()) == NULL || - EVP_PKEY_set1_RSA(key->pkey, rsa) != 1) { - error_f("pkey setup failed"); - goto fail; - } + if (sigp != NULL) + *sigp = NULL; + if (lenp != NULL) + *lenp = 0; + + if ((helper = helper_by_key(key)) == NULL || helper->fd == -1) + fatal_f("no helper for %s key", sshkey_type(key)); - key->type = KEY_RSA; - if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { - error_fr(r, "encode key"); - goto fail; - } if ((msg = sshbuf_new()) == NULL) - fatal_f("sshbuf_new failed"); + return SSH_ERR_ALLOC_FAIL; if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || - (r = sshbuf_put_string(msg, blob, blen)) != 0 || - (r = sshbuf_put_string(msg, from, flen)) != 0 || - (r = sshbuf_put_u32(msg, 0)) != 0) + (r = sshkey_puts_plain(key, msg)) != 0 || + (r = sshbuf_put_string(msg, data, datalen)) != 0 || + (r = sshbuf_put_cstring(msg, alg == NULL ? "" : alg)) != 0 || + (r = sshbuf_put_u32(msg, compat)) != 0) fatal_fr(r, "compose"); send_msg(helper->fd, msg); sshbuf_reset(msg); - if (recv_msg(helper->fd, msg) == SSH2_AGENT_SIGN_RESPONSE) { - if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0) - fatal_fr(r, "parse"); - if (slen <= (size_t)RSA_size(rsa)) { - memcpy(to, signature, slen); - ret = slen; - } - free(signature); - } - fail: - free(blob); - sshkey_free(key); - sshbuf_free(msg); - return (ret); -} - -static int -rsa_finish(RSA *rsa) -{ - struct helper *helper; - - if ((helper = helper_by_rsa(rsa)) == NULL) - fatal_f("no helper for PKCS11 key"); - debug3_f("free PKCS11 RSA key for provider %s", helper->path); - if (helper->rsa_finish != NULL) - helper->rsa_finish(rsa); - if (helper->nrsa == 0) - fatal_f("RSA refcount error"); - helper->nrsa--; - debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA", - helper->path, helper->nrsa, helper->nec); - if (helper->nrsa == 0 && helper->nec == 0) - helper_terminate(helper); - return 1; -} - -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) -static ECDSA_SIG * -ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, - const BIGNUM *rp, EC_KEY *ec) -{ - struct sshkey *key = NULL; - struct sshbuf *msg = NULL; - ECDSA_SIG *ret = NULL; - const u_char *cp; - u_char *blob = NULL, *signature = NULL; - size_t blen, slen = 0; - int r, nid; - struct helper *helper; - - if ((helper = helper_by_ec(ec)) == NULL || helper->fd == -1) - fatal_f("no helper for PKCS11 key"); - debug3_f("signing with PKCS11 provider %s", helper->path); - - if ((key = sshkey_new(KEY_UNSPEC)) == NULL) { - error_f("sshkey_new failed"); - goto fail; - } - if ((key->pkey = EVP_PKEY_new()) == NULL || - EVP_PKEY_set1_EC_KEY(key->pkey, ec) != 1) { - error("pkey setup failed"); - goto fail; - } - if ((nid = sshkey_ecdsa_pkey_to_nid(key->pkey)) < 0) { - error("couldn't get curve nid"); + if ((status = recv_msg(helper->fd, msg)) != SSH2_AGENT_SIGN_RESPONSE) { + /* XXX translate status to something useful */ + debug_fr(r, "recv_msg"); + ret = SSH_ERR_AGENT_FAILURE; goto fail; } - key->ecdsa_nid = nid; - key->type = KEY_ECDSA; - if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { - error_fr(r, "encode key"); - goto fail; - } - if ((msg = sshbuf_new()) == NULL) - fatal_f("sshbuf_new failed"); - if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || - (r = sshbuf_put_string(msg, blob, blen)) != 0 || - (r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 || - (r = sshbuf_put_u32(msg, 0)) != 0) - fatal_fr(r, "compose"); - send_msg(helper->fd, msg); - sshbuf_reset(msg); + if ((r = sshbuf_get_string(msg, &signature, &signature_len)) != 0) + fatal_fr(r, "parse"); - if (recv_msg(helper->fd, msg) == SSH2_AGENT_SIGN_RESPONSE) { - if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0) - fatal_fr(r, "parse"); - cp = signature; - ret = d2i_ECDSA_SIG(NULL, &cp, slen); - free(signature); + /* success */ + if (sigp != NULL) { + *sigp = signature; + signature = NULL; } + if (lenp != NULL) + *lenp = signature_len; + ret = 0; fail: - free(blob); - sshkey_free(key); sshbuf_free(msg); - return (ret); -} - -static void -ecdsa_do_finish(EC_KEY *ec) -{ - struct helper *helper; - - if ((helper = helper_by_ec(ec)) == NULL) - fatal_f("no helper for PKCS11 key"); - debug3_f("free PKCS11 ECDSA key for provider %s", helper->path); - if (helper->ec_finish != NULL) - helper->ec_finish(ec); - if (helper->nec == 0) - fatal_f("ECDSA refcount error"); - helper->nec--; - debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA", - helper->path, helper->nrsa, helper->nec); - if (helper->nrsa == 0 && helper->nec == 0) - helper_terminate(helper); -} -#endif /* defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) */ - -/* redirect private key crypto operations to the ssh-pkcs11-helper */ -static void -wrap_key(struct helper *helper, struct sshkey *k) -{ - RSA *rsa = NULL; - EC_KEY *ecdsa = NULL; - - debug3_f("wrap %s for provider %s", sshkey_type(k), helper->path); - if (k->type == KEY_RSA) { - if ((rsa = EVP_PKEY_get1_RSA(k->pkey)) == NULL) - fatal_f("no RSA key"); - if (RSA_set_method(rsa, helper->rsa_meth) != 1) - fatal_f("RSA_set_method failed"); - if (helper->nrsa++ >= INT_MAX) - fatal_f("RSA refcount error"); - if (EVP_PKEY_set1_RSA(k->pkey, rsa) != 1) - fatal_f("EVP_PKEY_set1_RSA failed"); - RSA_free(rsa); -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - } else if (k->type == KEY_ECDSA) { - if ((ecdsa = EVP_PKEY_get1_EC_KEY(k->pkey)) == NULL) - fatal_f("no ECDSA key"); - if (EC_KEY_set_method(ecdsa, helper->ec_meth) != 1) - fatal_f("EC_KEY_set_method failed"); - if (helper->nec++ >= INT_MAX) - fatal_f("EC refcount error"); - if (EVP_PKEY_set1_EC_KEY(k->pkey, ecdsa) != 1) - fatal_f("EVP_PKEY_set1_EC_KEY failed"); - EC_KEY_free(ecdsa); -#endif - } else - fatal_f("unknown key type"); - k->flags |= SSHKEY_FLAG_EXT; - debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA", - helper->path, helper->nrsa, helper->nec); + return ret; } /* @@ -456,13 +293,13 @@ pkcs11_make_cert(const struct sshkey *priv, struct helper *helper = NULL; struct sshkey *ret; int r; - RSA *rsa_priv = NULL, *rsa_cert = NULL; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - EC_KEY *ec_priv = NULL, *ec_cert = NULL; -#endif - debug3_f("private key type %s cert type %s", sshkey_type(priv), - sshkey_type(certpub)); + if ((helper = helper_by_key(priv)) == NULL || helper->fd == -1) + fatal_f("no helper for %s key", sshkey_type(priv)); + + debug3_f("private key type %s cert type %s on provider %s", + sshkey_type(priv), sshkey_type(certpub), helper->path); + *certprivp = NULL; if (!sshkey_is_cert(certpub) || sshkey_is_cert(priv) || !sshkey_equal_public(priv, certpub)) { @@ -471,95 +308,24 @@ pkcs11_make_cert(const struct sshkey *priv, return SSH_ERR_INVALID_ARGUMENT; } *certprivp = NULL; - if (priv->type == KEY_RSA) { - if ((rsa_priv = EVP_PKEY_get1_RSA(priv->pkey)) == NULL) - fatal_f("no RSA pkey"); - if ((helper = helper_by_rsa(rsa_priv)) == NULL || - helper->fd == -1) - fatal_f("no helper for PKCS11 RSA key"); - if ((r = sshkey_from_private(priv, &ret)) != 0) - fatal_fr(r, "copy key"); - if ((rsa_cert = EVP_PKEY_get1_RSA(ret->pkey)) == NULL) - fatal_f("no RSA cert pkey"); - if (RSA_set_method(rsa_cert, helper->rsa_meth) != 1) - fatal_f("RSA_set_method failed"); - if (helper->nrsa++ >= INT_MAX) - fatal_f("RSA refcount error"); - if (EVP_PKEY_set1_RSA(ret->pkey, rsa_cert) != 1) - fatal_f("EVP_PKEY_set1_RSA failed"); - RSA_free(rsa_priv); - RSA_free(rsa_cert); -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - } else if (priv->type == KEY_ECDSA) { - if ((ec_priv = EVP_PKEY_get1_EC_KEY(priv->pkey)) == NULL) - fatal_f("no EC pkey"); - if ((helper = helper_by_ec(ec_priv)) == NULL || - helper->fd == -1) - fatal_f("no helper for PKCS11 EC key"); - if ((r = sshkey_from_private(priv, &ret)) != 0) - fatal_fr(r, "copy key"); - if ((ec_cert = EVP_PKEY_get1_EC_KEY(ret->pkey)) == NULL) - fatal_f("no EC cert pkey"); - if (EC_KEY_set_method(ec_cert, helper->ec_meth) != 1) - fatal_f("EC_KEY_set_method failed"); - if (helper->nec++ >= INT_MAX) - fatal_f("EC refcount error"); - if (EVP_PKEY_set1_EC_KEY(ret->pkey, ec_cert) != 1) - fatal_f("EVP_PKEY_set1_EC_KEY failed"); - EC_KEY_free(ec_priv); - EC_KEY_free(ec_cert); -#endif - } else - fatal_f("unknown key type %s", sshkey_type(priv)); + if ((r = sshkey_from_private(priv, &ret)) != 0) + fatal_fr(r, "copy key"); ret->flags |= SSHKEY_FLAG_EXT; if ((r = sshkey_to_certified(ret)) != 0 || (r = sshkey_cert_copy(certpub, ret)) != 0) fatal_fr(r, "graft certificate"); - debug3_f("provider %s remaining keys: %zu RSA %zu ECDSA", - helper->path, helper->nrsa, helper->nec); + + helper_add_key(helper, ret); + + debug3_f("provider %s: %zu remaining keys", + helper->path, helper->nkeyblobs); + /* success */ *certprivp = ret; return 0; } -static int -pkcs11_start_helper_methods(struct helper *helper) -{ - RSA_METHOD *rsa_meth = NULL; - EC_KEY_METHOD *ec_meth = NULL; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - int (*ec_init)(EC_KEY *key); - int (*ec_copy)(EC_KEY *dest, const EC_KEY *src); - int (*ec_set_group)(EC_KEY *key, const EC_GROUP *grp); - int (*ec_set_private)(EC_KEY *key, const BIGNUM *priv_key); - int (*ec_set_public)(EC_KEY *key, const EC_POINT *pub_key); - int (*ec_sign)(int, const unsigned char *, int, unsigned char *, - unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL; - - if ((ec_meth = EC_KEY_METHOD_new(EC_KEY_OpenSSL())) == NULL) - return -1; - EC_KEY_METHOD_get_sign(ec_meth, &ec_sign, NULL, NULL); - EC_KEY_METHOD_set_sign(ec_meth, ec_sign, NULL, ecdsa_do_sign); - EC_KEY_METHOD_get_init(ec_meth, &ec_init, &helper->ec_finish, - &ec_copy, &ec_set_group, &ec_set_private, &ec_set_public); - EC_KEY_METHOD_set_init(ec_meth, ec_init, ecdsa_do_finish, - ec_copy, ec_set_group, ec_set_private, ec_set_public); -#endif /* defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) */ - - if ((rsa_meth = RSA_meth_dup(RSA_get_default_method())) == NULL) - fatal_f("RSA_meth_dup failed"); - helper->rsa_finish = RSA_meth_get_finish(rsa_meth); - if (!RSA_meth_set1_name(rsa_meth, "ssh-pkcs11-helper") || - !RSA_meth_set_priv_enc(rsa_meth, rsa_encrypt) || - !RSA_meth_set_finish(rsa_meth, rsa_finish)) - fatal_f("failed to prepare method"); - - helper->ec_meth = ec_meth; - helper->rsa_meth = rsa_meth; - return 0; -} - static struct helper * pkcs11_start_helper(const char *path) { @@ -576,19 +342,10 @@ pkcs11_start_helper(const char *path) return NULL; } helper = xcalloc(1, sizeof(*helper)); - if (pkcs11_start_helper_methods(helper) == -1) { - error_f("pkcs11_start_helper_methods failed"); - goto fail; - } if ((pid = fork()) == -1) { error_f("fork: %s", strerror(errno)); - fail: close(pair[0]); close(pair[1]); - RSA_meth_free(helper->rsa_meth); -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - EC_KEY_METHOD_free(helper->ec_meth); -#endif free(helper); return NULL; } else if (pid == 0) { @@ -628,10 +385,8 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp, { struct sshkey *k; int r, type; - u_char *blob; char *label; - size_t blen; - u_int nkeys, i; + u_int ret = -1, nkeys, i; struct sshbuf *msg; struct helper *helper; @@ -639,6 +394,8 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp, (helper = pkcs11_start_helper(name)) == NULL) return -1; + debug3_f("add %s", helper->path); + if ((msg = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); if ((r = sshbuf_put_u8(msg, SSH_AGENTC_ADD_SMARTCARD_KEY)) != 0 || @@ -649,35 +406,39 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp, sshbuf_reset(msg); type = recv_msg(helper->fd, msg); + debug3_f("response %d", type); if (type == SSH2_AGENT_IDENTITIES_ANSWER) { if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) fatal_fr(r, "parse nkeys"); + debug3_f("helper return %u keys", nkeys); *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); if (labelsp) *labelsp = xcalloc(nkeys, sizeof(char *)); for (i = 0; i < nkeys; i++) { /* XXX clean up properly instead of fatal() */ - if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 || + if ((r = sshkey_froms(msg, &k)) != 0 || (r = sshbuf_get_cstring(msg, &label, NULL)) != 0) fatal_fr(r, "parse key"); - if ((r = sshkey_from_blob(blob, blen, &k)) != 0) - fatal_fr(r, "decode key"); - wrap_key(helper, k); + k->flags |= SSHKEY_FLAG_EXT; + helper_add_key(helper, k); (*keysp)[i] = k; if (labelsp) (*labelsp)[i] = label; else free(label); - free(blob); } + /* success */ + ret = 0; } else if (type == SSH2_AGENT_FAILURE) { if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) - nkeys = -1; - } else { - nkeys = -1; + error_fr(r, "failed to parse failure response"); + } + if (ret != 0) { + debug_f("no keys; terminate helper"); + helper_terminate(helper); } sshbuf_free(msg); - return (nkeys); + return ret == 0 ? (int)nkeys : -1; } int @@ -694,4 +455,39 @@ pkcs11_del_provider(char *name) helper_terminate(helper); return 0; } -#endif /* ENABLE_PKCS11 */ + +void +pkcs11_key_free(struct sshkey *key) +{ + struct helper *helper; + struct sshbuf *keyblob = NULL; + size_t i; + int r, found = 0; + + debug3_f("free %s key", sshkey_type(key)); + + if ((helper = helper_by_key(key)) == NULL || helper->fd == -1) + fatal_f("no helper for %s key", sshkey_type(key)); + if ((keyblob = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshkey_putb(key, keyblob)) != 0) + fatal_fr(r, "serialise key"); + + /* repack keys */ + for (i = 0; i < helper->nkeyblobs; i++) { + if (sshbuf_equals(keyblob, helper->keyblobs[i]) == 0) { + if (found) + fatal_f("key recorded more than once"); + found = 1; + } else if (found) + helper->keyblobs[i - 1] = helper->keyblobs[i]; + } + if (found) { + helper->keyblobs = xrecallocarray(helper->keyblobs, + helper->nkeyblobs, helper->nkeyblobs - 1, + sizeof(*helper->keyblobs)); + helper->nkeyblobs--; + } + if (helper->nkeyblobs == 0) + helper_terminate(helper); +} diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index a8154f21c058..2d818b8970a4 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.27 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.28 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -22,8 +22,6 @@ # include #endif -#include "openbsd-compat/sys-queue.h" - #include #include #ifdef HAVE_POLL_H @@ -44,20 +42,9 @@ #ifdef ENABLE_PKCS11 -#ifdef WITH_OPENSSL -#include -#include -#include - /* borrows code from sftp-server and ssh-agent */ -struct pkcs11_keyinfo { - struct sshkey *key; - char *providername, *label; - TAILQ_ENTRY(pkcs11_keyinfo) next; -}; - -TAILQ_HEAD(, pkcs11_keyinfo) pkcs11_keylist; +static char *providername; /* Provider for this helper */ #define MAX_MSG_LENGTH 10240 /*XXX*/ @@ -65,50 +52,6 @@ TAILQ_HEAD(, pkcs11_keyinfo) pkcs11_keylist; struct sshbuf *iqueue; struct sshbuf *oqueue; -static void -add_key(struct sshkey *k, char *name, char *label) -{ - struct pkcs11_keyinfo *ki; - - ki = xcalloc(1, sizeof(*ki)); - ki->providername = xstrdup(name); - ki->key = k; - ki->label = xstrdup(label); - TAILQ_INSERT_TAIL(&pkcs11_keylist, ki, next); -} - -static void -del_keys_by_name(char *name) -{ - struct pkcs11_keyinfo *ki, *nxt; - - for (ki = TAILQ_FIRST(&pkcs11_keylist); ki; ki = nxt) { - nxt = TAILQ_NEXT(ki, next); - if (!strcmp(ki->providername, name)) { - TAILQ_REMOVE(&pkcs11_keylist, ki, next); - free(ki->providername); - free(ki->label); - sshkey_free(ki->key); - free(ki); - } - } -} - -/* lookup matching 'private' key */ -static struct sshkey * -lookup_key(struct sshkey *k) -{ - struct pkcs11_keyinfo *ki; - - TAILQ_FOREACH(ki, &pkcs11_keylist, next) { - debug("check %s %s %s", sshkey_type(ki->key), - ki->providername, ki->label); - if (sshkey_equal(k, ki->key)) - return (ki->key); - } - return (NULL); -} - static void send_msg(struct sshbuf *m) { @@ -121,34 +64,32 @@ send_msg(struct sshbuf *m) static void process_add(void) { - char *name, *pin; + char *pin; struct sshkey **keys = NULL; int r, i, nkeys; - u_char *blob; - size_t blen; struct sshbuf *msg; char **labels = NULL; + if (providername != NULL) + fatal_f("provider already set"); if ((msg = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); - if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || + if ((r = sshbuf_get_cstring(iqueue, &providername, NULL)) != 0 || (r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0) fatal_fr(r, "parse"); - if ((nkeys = pkcs11_add_provider(name, pin, &keys, &labels)) > 0) { + debug3_f("add %s", providername); + if ((nkeys = pkcs11_add_provider(providername, pin, + &keys, &labels)) > 0) { if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 || (r = sshbuf_put_u32(msg, nkeys)) != 0) fatal_fr(r, "compose"); for (i = 0; i < nkeys; i++) { - if ((r = sshkey_to_blob(keys[i], &blob, &blen)) != 0) { - debug_fr(r, "encode key"); - continue; - } - if ((r = sshbuf_put_string(msg, blob, blen)) != 0 || + if ((r = sshkey_puts(keys[i], msg)) != 0 || (r = sshbuf_put_cstring(msg, labels[i])) != 0) fatal_fr(r, "compose key"); - free(blob); - add_key(keys[i], name, labels[i]); + debug3_f("%s: %s \"%s\"", providername, + sshkey_type(keys[i]), labels[i]); free(labels[i]); } } else if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0 || @@ -157,95 +98,39 @@ process_add(void) free(labels); free(keys); /* keys themselves are transferred to pkcs11_keylist */ free(pin); - free(name); send_msg(msg); sshbuf_free(msg); } static void -process_del(void) +process_sign(void) { - char *name, *pin; + const u_char *data; + u_char *signature = NULL; + size_t dlen, slen = 0; + u_int compat; + int r, ok = -1; + struct sshkey *key = NULL; struct sshbuf *msg; - int r; + char *alg = NULL; - if ((msg = sshbuf_new()) == NULL) - fatal_f("sshbuf_new failed"); - if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || - (r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0) + if ((r = sshkey_froms(iqueue, &key)) != 0 || + (r = sshbuf_get_string_direct(iqueue, &data, &dlen)) != 0 || + (r = sshbuf_get_cstring(iqueue, &alg, NULL)) != 0 || + (r = sshbuf_get_u32(iqueue, &compat)) != 0) fatal_fr(r, "parse"); - del_keys_by_name(name); - if ((r = sshbuf_put_u8(msg, pkcs11_del_provider(name) == 0 ? - SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0) - fatal_fr(r, "compose"); - free(pin); - free(name); - send_msg(msg); - sshbuf_free(msg); -} -static void -process_sign(void) -{ - u_char *blob, *data, *signature = NULL; - size_t blen, dlen; - u_int slen = 0; - int len, r, ok = -1; - struct sshkey *key = NULL, *found; - struct sshbuf *msg; -#ifdef WITH_OPENSSL - RSA *rsa = NULL; -#ifdef OPENSSL_HAS_ECC - EC_KEY *ecdsa = NULL; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - - /* XXX support SHA2 signature flags */ - if ((r = sshbuf_get_string(iqueue, &blob, &blen)) != 0 || - (r = sshbuf_get_string(iqueue, &data, &dlen)) != 0 || - (r = sshbuf_get_u32(iqueue, NULL)) != 0) - fatal_fr(r, "parse"); + if (*alg == '\0') { + free(alg); + alg = NULL; + } - if ((r = sshkey_from_blob(blob, blen, &key)) != 0) - fatal_fr(r, "decode key"); - if ((found = lookup_key(key)) == NULL) + if ((r = pkcs11_sign(key, &signature, &slen, data, dlen, + alg, NULL, NULL, compat)) != 0) { + error_fr(r, "sign %s", sshkey_type(key)); goto reply; - - /* XXX use pkey API properly for signing */ - switch (key->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - if ((rsa = EVP_PKEY_get1_RSA(found->pkey)) == NULL) - fatal_f("no RSA in pkey"); - if ((len = RSA_size(rsa)) < 0) - fatal_f("bad RSA length"); - signature = xmalloc(len); - if ((len = RSA_private_encrypt(dlen, data, signature, - rsa, RSA_PKCS1_PADDING)) < 0) { - error_f("RSA_private_encrypt failed"); - goto reply; - } - slen = (u_int)len; - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - if ((ecdsa = EVP_PKEY_get1_EC_KEY(found->pkey)) == NULL) - fatal_f("no ECDSA in pkey"); - if ((len = ECDSA_size(ecdsa)) < 0) - fatal_f("bad ECDSA length"); - slen = (u_int)len; - signature = xmalloc(slen); - /* "The parameter type is ignored." */ - if (!ECDSA_sign(-1, data, dlen, signature, &slen, ecdsa)) { - error_f("ECDSA_sign failed"); - goto reply; - } - break; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - default: - fatal_f("unsupported key type %d", key->type); } + /* success */ ok = 0; reply: @@ -260,12 +145,7 @@ process_sign(void) fatal_fr(r, "compose failure response"); } sshkey_free(key); - RSA_free(rsa); -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) - EC_KEY_free(ecdsa); -#endif - free(data); - free(blob); + free(alg); free(signature); send_msg(msg); sshbuf_free(msg); @@ -301,10 +181,6 @@ process(void) debug("process_add"); process_add(); break; - case SSH_AGENTC_REMOVE_SMARTCARD_KEY: - debug("process_del"); - process_del(); - break; case SSH2_AGENTC_SIGN_REQUEST: debug("process_sign"); process_sign(); @@ -336,7 +212,6 @@ cleanup_exit(int i) _exit(i); } - int main(int argc, char **argv) { @@ -350,7 +225,6 @@ main(int argc, char **argv) __progname = ssh_get_progname(argv[0]); seed_rng(); - TAILQ_INIT(&pkcs11_keylist); log_init(__progname, log_level, log_facility, log_stderr); @@ -439,22 +313,23 @@ main(int argc, char **argv) fatal_fr(r, "reserve"); } } - -#else /* WITH_OPENSSL */ -void -cleanup_exit(int i) +#else /* ENABLE_PKCS11 */ +/* stubs */ +int +pkcs11_sign(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) { - _exit(i); + return SSH_ERR_INTERNAL_ERROR; } -int -main(int argc, char **argv) +void +pkcs11_key_free(struct sshkey *key) { - fprintf(stderr, "PKCS#11 code is not enabled\n"); - return 1; } -#endif /* WITH_OPENSSL */ -#else /* ENABLE_PKCS11 */ + int main(int argc, char **argv) { diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 31b9360f0adb..147c52049500 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.64 2024/09/20 02:00:46 jsg Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.65 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -42,9 +42,12 @@ #define CRYPTOKI_COMPAT #include "pkcs11.h" +#define SSHKEY_INTERNAL +#include "sshkey.h" + #include "log.h" #include "misc.h" -#include "sshkey.h" +#include "sshbuf.h" #include "ssh-pkcs11.h" #include "digest.h" #include "xmalloc.h" @@ -71,15 +74,19 @@ struct pkcs11_provider { TAILQ_HEAD(, pkcs11_provider) pkcs11_providers; struct pkcs11_key { + struct sshbuf *keyblob; struct pkcs11_provider *provider; CK_ULONG slotidx; char *keyid; int keyid_len; + TAILQ_ENTRY(pkcs11_key) next; }; +TAILQ_HEAD(, pkcs11_key) pkcs11_keys; /* XXX a tree would be better */ + int pkcs11_interactive = 0; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) +#ifdef WITH_OPENSSL static void ossl_error(const char *msg) { @@ -89,15 +96,7 @@ ossl_error(const char *msg) while ((e = ERR_get_error()) != 0) error_f("libcrypto error: %s", ERR_error_string(e, NULL)); } -#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - -int -pkcs11_init(int interactive) -{ - pkcs11_interactive = interactive; - TAILQ_INIT(&pkcs11_providers); - return (0); -} +#endif /* * finalize a provider shared library, it's no longer usable. @@ -146,19 +145,6 @@ pkcs11_provider_unref(struct pkcs11_provider *p) } } -/* unregister all providers, keys might still point to the providers */ -void -pkcs11_terminate(void) -{ - struct pkcs11_provider *p; - - while ((p = TAILQ_FIRST(&pkcs11_providers)) != NULL) { - TAILQ_REMOVE(&pkcs11_providers, p, next); - pkcs11_provider_finalize(p); - pkcs11_provider_unref(p); - } -} - /* lookup provider by name */ static struct pkcs11_provider * pkcs11_provider_lookup(char *provider_id) @@ -188,26 +174,16 @@ pkcs11_del_provider(char *provider_id) return (-1); } -static RSA_METHOD *rsa_method; -static int rsa_idx = 0; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) -static EC_KEY_METHOD *ec_key_method; -static int ec_key_idx = 0; -#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - /* release a wrapped object */ static void -pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, - long argl, void *argp) +pkcs11_k11_free(struct pkcs11_key *k11) { - struct pkcs11_key *k11 = ptr; - - debug_f("parent %p ptr %p idx %d", parent, ptr, idx); if (k11 == NULL) return; if (k11->provider) pkcs11_provider_unref(k11->provider); free(k11->keyid); + sshbuf_free(k11->keyblob); free(k11); } @@ -417,214 +393,324 @@ pkcs11_get_key(struct pkcs11_key *k11, CK_MECHANISM_TYPE mech_type) return (0); } -/* openssl callback doing the actual signing operation */ +/* record the key information later use lookup by keyblob */ static int -pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, - int padding) +pkcs11_record_key(struct pkcs11_provider *provider, CK_ULONG slotidx, + CK_ATTRIBUTE *keyid_attrib, struct sshkey *key) { - struct pkcs11_key *k11; - struct pkcs11_slotinfo *si; - CK_FUNCTION_LIST *f; - CK_ULONG tlen = 0; - CK_RV rv; - int rval = -1; - - if ((k11 = RSA_get_ex_data(rsa, rsa_idx)) == NULL) { - error("RSA_get_ex_data failed"); - return (-1); + struct sshbuf *keyblob; + struct pkcs11_key *k11; + int r; + char *hex; + + hex = tohex(keyid_attrib->pValue, keyid_attrib->ulValueLen); + debug_f("%s key: provider %s slot %lu keyid %s", + sshkey_type(key), provider->name, (u_long)slotidx, hex); + free(hex); + + if ((keyblob = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshkey_putb(key, keyblob)) != 0) + fatal_fr(r, "sshkey_putb"); + + /* Check if we've already recorded this key in a different slot */ + TAILQ_FOREACH(k11, &pkcs11_keys, next) { + if (sshbuf_equals(k11->keyblob, keyblob) == 0) { + hex = tohex(k11->keyid, k11->keyid_len); + debug_f("Already seen this key at " + "provider %s slot %lu keyid %s", + k11->provider->name, k11->slotidx, hex); + free(hex); + sshbuf_free(keyblob); + return -1; + } } - if (pkcs11_get_key(k11, CKM_RSA_PKCS) == -1) { - error("pkcs11_get_key failed"); - return (-1); + k11 = xcalloc(1, sizeof(*k11)); + k11->provider = provider; + k11->keyblob = keyblob; + provider->refcount++; /* provider referenced by RSA key */ + k11->slotidx = slotidx; + /* identify key object on smartcard */ + k11->keyid_len = keyid_attrib->ulValueLen; + if (k11->keyid_len > 0) { + k11->keyid = xmalloc(k11->keyid_len); + memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); } + TAILQ_INSERT_TAIL(&pkcs11_keys, k11, next); - f = k11->provider->function_list; - si = &k11->provider->slotinfo[k11->slotidx]; - tlen = RSA_size(rsa); - - /* XXX handle CKR_BUFFER_TOO_SMALL */ - rv = f->C_Sign(si->session, (CK_BYTE *)from, flen, to, &tlen); - if (rv == CKR_OK) - rval = tlen; - else - error("C_Sign failed: %lu", rv); - - return (rval); + return 0; } -static int -pkcs11_rsa_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa, - int padding) +/* retrieve the key information by keyblob */ +static struct pkcs11_key * +pkcs11_lookup_key(struct sshkey *key) { - return (-1); + struct pkcs11_key *k11, *found = NULL; + struct sshbuf *keyblob; + int r; + + if ((keyblob = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshkey_putb(key, keyblob)) != 0) + fatal_fr(r, "sshkey_putb"); + TAILQ_FOREACH(k11, &pkcs11_keys, next) { + if (sshbuf_equals(k11->keyblob, keyblob) == 0) { + found = k11; + break; + } + } + sshbuf_free(keyblob); + return found; } +#ifdef WITH_OPENSSL +/* + * See: + * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ + * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn + */ + +/* + * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) + * oiw(14) secsig(3) algorithms(2) 26 } + */ +static const u_char id_sha1[] = { + 0x30, 0x21, /* type Sequence, length 0x21 (33) */ + 0x30, 0x09, /* type Sequence, length 0x09 */ + 0x06, 0x05, /* type OID, length 0x05 */ + 0x2b, 0x0e, 0x03, 0x02, 0x1a, /* id-sha1 OID */ + 0x05, 0x00, /* NULL */ + 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ +}; + +/* + * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html + * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) + * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) + * id-sha256(1) } + */ +static const u_char id_sha256[] = { + 0x30, 0x31, /* type Sequence, length 0x31 (49) */ + 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ + 0x06, 0x09, /* type OID, length 0x09 */ + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */ + 0x05, 0x00, /* NULL */ + 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */ +}; + +/* + * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html + * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) + * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) + * id-sha256(3) } + */ +static const u_char id_sha512[] = { + 0x30, 0x51, /* type Sequence, length 0x51 (81) */ + 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ + 0x06, 0x09, /* type OID, length 0x09 */ + 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */ + 0x05, 0x00, /* NULL */ + 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */ +}; + static int -pkcs11_rsa_start_wrapper(void) +rsa_hash_alg_oid(int hash_alg, const u_char **oidp, size_t *oidlenp) { - if (rsa_method != NULL) - return (0); - rsa_method = RSA_meth_dup(RSA_get_default_method()); - if (rsa_method == NULL) - return (-1); - rsa_idx = RSA_get_ex_new_index(0, "ssh-pkcs11-rsa", - NULL, NULL, pkcs11_k11_free); - if (rsa_idx == -1) - return (-1); - if (!RSA_meth_set1_name(rsa_method, "pkcs11") || - !RSA_meth_set_priv_enc(rsa_method, pkcs11_rsa_private_encrypt) || - !RSA_meth_set_priv_dec(rsa_method, pkcs11_rsa_private_decrypt)) { - error_f("setup pkcs11 method failed"); - return (-1); + switch (hash_alg) { + case SSH_DIGEST_SHA1: + *oidp = id_sha1; + *oidlenp = sizeof(id_sha1); + break; + case SSH_DIGEST_SHA256: + *oidp = id_sha256; + *oidlenp = sizeof(id_sha256); + break; + case SSH_DIGEST_SHA512: + *oidp = id_sha512; + *oidlenp = sizeof(id_sha512); + break; + default: + return SSH_ERR_INVALID_ARGUMENT; } - return (0); + return 0; } -/* redirect private key operations for rsa key to pkcs11 token */ static int -pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, - CK_ATTRIBUTE *keyid_attrib, RSA *rsa) +pkcs11_sign_rsa(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) { struct pkcs11_key *k11; + struct pkcs11_slotinfo *si; + CK_FUNCTION_LIST *f; + CK_ULONG slen = 0; + CK_RV rv; + int hashalg, r, diff, siglen, ret = -1; + u_char *oid_dgst = NULL, *sig = NULL; + size_t dgst_len, oid_len, oid_dgst_len = 0; + const u_char *oid; - if (pkcs11_rsa_start_wrapper() == -1) - return (-1); + if (sigp != NULL) + *sigp = 0; + if (lenp != NULL) + *lenp = 0; - k11 = xcalloc(1, sizeof(*k11)); - k11->provider = provider; - provider->refcount++; /* provider referenced by RSA key */ - k11->slotidx = slotidx; - /* identify key object on smartcard */ - k11->keyid_len = keyid_attrib->ulValueLen; - if (k11->keyid_len > 0) { - k11->keyid = xmalloc(k11->keyid_len); - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); + if ((k11 = pkcs11_lookup_key(key)) == NULL) { + error_f("no key found"); + return SSH_ERR_KEY_NOT_FOUND; } - if (RSA_set_method(rsa, rsa_method) != 1) - fatal_f("RSA_set_method failed"); - if (RSA_set_ex_data(rsa, rsa_idx, k11) != 1) - fatal_f("RSA_set_ex_data failed"); - return (0); + debug3_f("sign with alg \"%s\" using provider %s slotidx %lu", + alg == NULL ? "" : alg, k11->provider->name, (u_long)k11->slotidx); + + if (pkcs11_get_key(k11, CKM_RSA_PKCS) == -1) { + error("pkcs11_get_key failed"); + return SSH_ERR_AGENT_FAILURE; + } + + f = k11->provider->function_list; + si = &k11->provider->slotinfo[k11->slotidx]; + + if ((siglen = EVP_PKEY_size(key->pkey)) <= 0) + return SSH_ERR_INVALID_ARGUMENT; + sig = xmalloc(siglen); + slen = (CK_ULONG)siglen; + + /* Determine hash algorithm and OID for signature */ + if (alg == NULL || *alg == '\0') + hashalg = SSH_DIGEST_SHA1; + else if ((hashalg = ssh_rsa_hash_id_from_keyname(alg)) == -1) + fatal_f("couldn't determine RSA hash alg \"%s\"", alg); + if ((r = rsa_hash_alg_oid(hashalg, &oid, &oid_len)) != 0) + fatal_fr(r, "rsa_hash_alg_oid failed"); + if ((dgst_len = ssh_digest_bytes(hashalg)) == 0) + fatal_f("bad hash alg %d", hashalg); + + /* Prepare { oid || digest } */ + oid_dgst_len = oid_len + dgst_len; + oid_dgst = xcalloc(1, oid_dgst_len); + memcpy(oid_dgst, oid, oid_len); + if ((r = ssh_digest_memory(hashalg, data, datalen, + oid_dgst + oid_len, dgst_len)) == -1) + fatal_fr(r, "hash failed"); + + /* XXX handle CKR_BUFFER_TOO_SMALL */ + if ((rv = f->C_Sign(si->session, (CK_BYTE *)oid_dgst, + oid_dgst_len, sig, &slen)) != CKR_OK) { + error("C_Sign failed: %lu", rv); + goto done; + } + + if (slen < (CK_ULONG)siglen) { + diff = siglen - slen; + debug3_f("repack %lu < %d (diff %d)", + (u_long)slen, siglen, diff); + memmove(sig + diff, sig, slen); + explicit_bzero(sig, diff); + } else if (slen > (size_t)siglen) + fatal_f("bad C_Sign length"); + + if ((ret = ssh_rsa_encode_store_sig(hashalg, sig, siglen, + sigp, lenp)) != 0) + fatal_fr(ret, "couldn't store signature"); + + /* success */ + ret = 0; + done: + freezero(oid_dgst, oid_dgst_len); + free(sig); + return ret; } -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) -/* openssl callback doing the actual signing operation */ -static ECDSA_SIG * -ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, - const BIGNUM *rp, EC_KEY *ec) +#ifdef OPENSSL_HAS_ECC +static int +pkcs11_sign_ecdsa(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) { struct pkcs11_key *k11; struct pkcs11_slotinfo *si; CK_FUNCTION_LIST *f; - CK_ULONG siglen = 0, bnlen; + CK_ULONG slen = 0, bnlen; CK_RV rv; - ECDSA_SIG *ret = NULL; - u_char *sig; - BIGNUM *r = NULL, *s = NULL; + BIGNUM *sig_r = NULL, *sig_s = NULL; + u_char *sig = NULL, *dgst = NULL; + size_t dgst_len = 0; + int hashalg, ret = -1, r, siglen; - if ((k11 = EC_KEY_get_ex_data(ec, ec_key_idx)) == NULL) { - ossl_error("EC_KEY_get_ex_data failed for ec"); - return (NULL); + if (sigp != NULL) + *sigp = 0; + if (lenp != NULL) + *lenp = 0; + + if ((k11 = pkcs11_lookup_key(key)) == NULL) { + error_f("no key found"); + return SSH_ERR_KEY_NOT_FOUND; } if (pkcs11_get_key(k11, CKM_ECDSA) == -1) { error("pkcs11_get_key failed"); - return (NULL); + return SSH_ERR_AGENT_FAILURE; } + debug3_f("sign using provider %s slotidx %lu", + k11->provider->name, (u_long)k11->slotidx); + f = k11->provider->function_list; si = &k11->provider->slotinfo[k11->slotidx]; - siglen = ECDSA_size(ec); + /* Prepare digest to be signed */ + if ((hashalg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + fatal_f("couldn't determine ECDSA hash alg"); + if ((dgst_len = ssh_digest_bytes(hashalg)) == 0) + fatal_f("bad hash alg %d", hashalg); + dgst = xcalloc(1, dgst_len); + if ((r = ssh_digest_memory(hashalg, data, datalen, + dgst, dgst_len)) == -1) + fatal_fr(r, "hash failed"); + + if ((siglen = EVP_PKEY_size(key->pkey)) <= 0) + return SSH_ERR_INVALID_ARGUMENT; sig = xmalloc(siglen); + slen = (CK_ULONG)siglen; /* XXX handle CKR_BUFFER_TOO_SMALL */ - rv = f->C_Sign(si->session, (CK_BYTE *)dgst, dgst_len, sig, &siglen); + rv = f->C_Sign(si->session, (CK_BYTE *)dgst, dgst_len, sig, &slen); if (rv != CKR_OK) { error("C_Sign failed: %lu", rv); goto done; } - if (siglen < 64 || siglen > 132 || siglen % 2) { - error_f("bad signature length: %lu", (u_long)siglen); - goto done; - } - bnlen = siglen/2; - if ((ret = ECDSA_SIG_new()) == NULL) { - error("ECDSA_SIG_new failed"); + if (slen < 64 || slen > 132 || slen % 2) { + error_f("bad signature length: %lu", (u_long)slen); goto done; } - if ((r = BN_bin2bn(sig, bnlen, NULL)) == NULL || - (s = BN_bin2bn(sig+bnlen, bnlen, NULL)) == NULL) { + bnlen = slen/2; + if ((sig_r = BN_bin2bn(sig, bnlen, NULL)) == NULL || + (sig_s = BN_bin2bn(sig+bnlen, bnlen, NULL)) == NULL) { ossl_error("BN_bin2bn failed"); - ECDSA_SIG_free(ret); - ret = NULL; goto done; } - if (!ECDSA_SIG_set0(ret, r, s)) { - error_f("ECDSA_SIG_set0 failed"); - ECDSA_SIG_free(ret); - ret = NULL; - goto done; - } - r = s = NULL; /* now owned by ret */ + + if ((ret = ssh_ecdsa_encode_store_sig(key, sig_r, sig_s, + sigp, lenp)) != 0) + fatal_fr(ret, "couldn't store signature"); + /* success */ + ret = 0; done: - BN_free(r); - BN_free(s); + freezero(dgst, dgst_len); + BN_free(sig_r); + BN_free(sig_s); free(sig); - - return (ret); + return ret; } - -static int -pkcs11_ecdsa_start_wrapper(void) -{ - int (*orig_sign)(int, const unsigned char *, int, unsigned char *, - unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL; - - if (ec_key_method != NULL) - return (0); - ec_key_idx = EC_KEY_get_ex_new_index(0, "ssh-pkcs11-ecdsa", - NULL, NULL, pkcs11_k11_free); - if (ec_key_idx == -1) - return (-1); - ec_key_method = EC_KEY_METHOD_new(EC_KEY_OpenSSL()); - if (ec_key_method == NULL) - return (-1); - EC_KEY_METHOD_get_sign(ec_key_method, &orig_sign, NULL, NULL); - EC_KEY_METHOD_set_sign(ec_key_method, orig_sign, NULL, ecdsa_do_sign); - return (0); -} - -static int -pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, - CK_ATTRIBUTE *keyid_attrib, EC_KEY *ec) -{ - struct pkcs11_key *k11; - - if (pkcs11_ecdsa_start_wrapper() == -1) - return (-1); - - k11 = xcalloc(1, sizeof(*k11)); - k11->provider = provider; - provider->refcount++; /* provider referenced by ECDSA key */ - k11->slotidx = slotidx; - /* identify key object on smartcard */ - k11->keyid_len = keyid_attrib->ulValueLen; - if (k11->keyid_len > 0) { - k11->keyid = xmalloc(k11->keyid_len); - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - } - if (EC_KEY_set_method(ec, ec_key_method) != 1) - fatal_f("EC_KEY_set_method failed"); - if (EC_KEY_set_ex_data(ec, ec_key_idx, k11) != 1) - fatal_f("EC_KEY_set_ex_data failed"); - - return (0); -} -#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ +#endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ /* remove trailing spaces */ static char * @@ -702,7 +788,8 @@ pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key) return (0); } -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) +#ifdef WITH_OPENSSL +#ifdef OPENSSL_HAS_ECC static struct sshkey * pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_HANDLE *obj) @@ -716,8 +803,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, EC_GROUP *group = NULL; struct sshkey *key = NULL; const unsigned char *attrp = NULL; - int i; - int nid; + int success = -1, r, i, nid; memset(&key_attr, 0, sizeof(key_attr)); key_attr[0].type = CKA_ID; @@ -791,6 +877,11 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, ossl_error("o2i_ECPublicKey failed"); goto fail; } + if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(ec), + EC_KEY_get0_public_key(ec))) != 0) { + error_fr(r, "invalid EC key"); + goto fail; + } nid = sshkey_ecdsa_key_to_nid(ec); if (nid < 0) { @@ -798,9 +889,6 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, goto fail; } - if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], ec)) - goto fail; - key = sshkey_new(KEY_UNSPEC); if (key == NULL) { error("sshkey_new failed"); @@ -815,8 +903,15 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, key->ecdsa_nid = nid; key->type = KEY_ECDSA; key->flags |= SSHKEY_FLAG_EXT; - + if (pkcs11_record_key(p, slotidx, &key_attr[0], key)) + goto fail; + /* success */ + success = 0; fail: + if (success != 0) { + sshkey_free(key); + key = NULL; + } for (i = 0; i < 3; i++) free(key_attr[i].pValue); if (ec) @@ -828,7 +923,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, return (key); } -#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ +#endif /* OPENSSL_HAS_ECC */ static struct sshkey * pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, @@ -841,7 +936,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, RSA *rsa = NULL; BIGNUM *rsa_n, *rsa_e; struct sshkey *key = NULL; - int i; + int i, success = -1; memset(&key_attr, 0, sizeof(key_attr)); key_attr[0].type = CKA_ID; @@ -897,9 +992,6 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, fatal_f("set key"); rsa_n = rsa_e = NULL; /* transferred */ - if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], rsa)) - goto fail; - key = sshkey_new(KEY_UNSPEC); if (key == NULL) { error("sshkey_new failed"); @@ -913,13 +1005,24 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, fatal("EVP_PKEY_set1_RSA failed"); key->type = KEY_RSA; key->flags |= SSHKEY_FLAG_EXT; - + if (EVP_PKEY_bits(key->pkey) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + error_f("RSA key too small %d < minumum %d", + EVP_PKEY_bits(key->pkey), SSH_RSA_MINIMUM_MODULUS_SIZE); + goto fail; + } + if (pkcs11_record_key(p, slotidx, &key_attr[0], key)) + goto fail; + /* success */ + success = 0; fail: for (i = 0; i < 3; i++) free(key_attr[i].pValue); RSA_free(rsa); - - return (key); + if (success != 0) { + sshkey_free(key); + key = NULL; + } + return key; } static int @@ -934,14 +1037,9 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, X509_NAME *x509_name = NULL; EVP_PKEY *evp; RSA *rsa = NULL; -#ifdef OPENSSL_HAS_ECC EC_KEY *ec = NULL; -#endif struct sshkey *key = NULL; - int i; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - int nid; -#endif + int r, i, nid, success = -1; const u_char *cp; char *subject = NULL; @@ -1015,9 +1113,6 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, goto out; } - if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], rsa)) - goto out; - key = sshkey_new(KEY_UNSPEC); if (key == NULL) { error("sshkey_new failed"); @@ -1031,7 +1126,16 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, fatal("EVP_PKEY_set1_RSA failed"); key->type = KEY_RSA; key->flags |= SSHKEY_FLAG_EXT; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) + if (EVP_PKEY_bits(key->pkey) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + error_f("RSA key too small %d < minumum %d", + EVP_PKEY_bits(key->pkey), + SSH_RSA_MINIMUM_MODULUS_SIZE); + goto out; + } + if (pkcs11_record_key(p, slotidx, &cert_attr[0], key)) + goto out; + /* success */ + success = 0; } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) { if (EVP_PKEY_get0_EC_KEY(evp) == NULL) { error("invalid x509; no ec key"); @@ -1041,16 +1145,17 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, error("EC_KEY_dup failed"); goto out; } - + if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(ec), + EC_KEY_get0_public_key(ec))) != 0) { + error_fr(r, "invalid EC key"); + goto out; + } nid = sshkey_ecdsa_key_to_nid(ec); if (nid < 0) { error("couldn't get curve nid"); goto out; } - if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], ec)) - goto out; - key = sshkey_new(KEY_UNSPEC); if (key == NULL) { error("sshkey_new failed"); @@ -1065,7 +1170,10 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, key->ecdsa_nid = nid; key->type = KEY_ECDSA; key->flags |= SSHKEY_FLAG_EXT; -#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + if (pkcs11_record_key(p, slotidx, &cert_attr[0], key)) + goto out; + /* success */ + success = 0; } else { error("unknown certificate key type"); goto out; @@ -1075,10 +1183,9 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, free(cert_attr[i].pValue); X509_free(x509); RSA_free(rsa); -#ifdef OPENSSL_HAS_ECC EC_KEY_free(ec); -#endif - if (key == NULL) { + if (success != 0 || key == NULL) { + sshkey_free(key); free(subject); return -1; } @@ -1098,6 +1205,7 @@ have_rsa_key(const RSA *rsa) return rsa_n != NULL && rsa_e != NULL; } #endif +#endif /* WITH_OPENSSL */ static void note_key(struct pkcs11_provider *p, CK_ULONG slotidx, const char *context, @@ -1289,15 +1397,16 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, case CKK_RSA: key = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); break; -#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) +#if defined(OPENSSL_HAS_ECC) case CKK_ECDSA: key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); break; -#endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ +#endif /* OPENSSL_HAS_ECC */ default: /* XXX print key type? */ key = NULL; - error("skipping unsupported key type"); + error("skipping unsupported key type 0x%lx", + (u_long)ck_key_type); } if (key == NULL) { @@ -1693,6 +1802,35 @@ pkcs11_register_provider(char *provider_id, char *pin, return (ret); } +int +pkcs11_init(int interactive) +{ + debug3_f("called, interactive = %d", interactive); + + pkcs11_interactive = interactive; + TAILQ_INIT(&pkcs11_providers); + TAILQ_INIT(&pkcs11_keys); + return (0); +} + +/* unregister all providers, keys might still point to the providers */ +void +pkcs11_terminate(void) +{ + struct pkcs11_provider *p; + struct pkcs11_key *k11; + + debug3_f("called"); + + while ((k11 = TAILQ_FIRST(&pkcs11_keys)) != NULL) + pkcs11_k11_free(k11); + while ((p = TAILQ_FIRST(&pkcs11_providers)) != NULL) { + TAILQ_REMOVE(&pkcs11_providers, p, next); + pkcs11_provider_finalize(p); + pkcs11_provider_unref(p); + } +} + /* * register a new provider and get number of keys hold by the token, * fails if provider already exists @@ -1719,6 +1857,33 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp, return (nkeys); } +int +pkcs11_sign(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) +{ + switch (key->type) { + case KEY_RSA: + case KEY_RSA_CERT: + return pkcs11_sign_rsa(key, sigp, lenp, data, datalen, + alg, sk_provider, sk_pin, compat); + case KEY_ECDSA: + case KEY_ECDSA_CERT: + return pkcs11_sign_ecdsa(key, sigp, lenp, data, datalen, + alg, sk_provider, sk_pin, compat); + default: + return SSH_ERR_KEY_TYPE_UNKNOWN; + } +} + +void +pkcs11_key_free(struct sshkey *key) +{ + /* never called */ +} + #ifdef WITH_PKCS11_KEYGEN struct sshkey * pkcs11_gakp(char *provider_id, char *pin, unsigned int slotidx, char *label, diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h index 526022319b4b..f3a03b6fa913 100644 --- a/ssh-pkcs11.h +++ b/ssh-pkcs11.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.h,v 1.7 2023/12/18 14:46:56 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.h,v 1.8 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -22,10 +22,17 @@ #define SSH_PKCS11_ERR_PIN_REQUIRED 4 #define SSH_PKCS11_ERR_PIN_LOCKED 5 +struct sshkey; + int pkcs11_init(int); void pkcs11_terminate(void); int pkcs11_add_provider(char *, char *, struct sshkey ***, char ***); int pkcs11_del_provider(char *); +int pkcs11_sign(struct sshkey *, u_char **, size_t *, + const u_char *, size_t, const char *, const char *, + const char *, u_int); +void pkcs11_key_free(struct sshkey *); + #ifdef WITH_PKCS11_KEYGEN struct sshkey * pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int, @@ -35,9 +42,10 @@ struct sshkey * u_int32_t *); #endif -/* Only available in ssh-pkcs11-client.c so far */ +/* Only available in ssh-pkcs11-client.c */ int pkcs11_make_cert(const struct sshkey *, const struct sshkey *, struct sshkey **); + #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) #undef ENABLE_PKCS11 #endif diff --git a/ssh-rsa.c b/ssh-rsa.c index 3ad1fddc4e16..abc5b17fbeb7 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.c,v 1.80 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: ssh-rsa.c,v 1.81 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl * @@ -309,8 +309,8 @@ ssh_rsa_deserialize_private(const char *ktype, struct sshbuf *b, return r; } -static const char * -rsa_hash_alg_ident(int hash_alg) +const char * +ssh_rsa_hash_alg_ident(int hash_alg) { switch (hash_alg) { case SSH_DIGEST_SHA1: @@ -344,8 +344,8 @@ rsa_hash_id_from_ident(const char *ident) * all the cases of rsa_hash_id_from_ident() but also the certificate key * types. */ -static int -rsa_hash_id_from_keyname(const char *alg) +int +ssh_rsa_hash_id_from_keyname(const char *alg) { int r; @@ -410,7 +410,6 @@ ssh_rsa_sign(struct sshkey *key, size_t diff, len = 0; int slen = 0; int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; if (lenp != NULL) *lenp = 0; @@ -420,7 +419,7 @@ ssh_rsa_sign(struct sshkey *key, if (alg == NULL || strlen(alg) == 0) hash_alg = SSH_DIGEST_SHA1; else - hash_alg = rsa_hash_id_from_keyname(alg); + hash_alg = ssh_rsa_hash_id_from_keyname(alg); if (key == NULL || key->pkey == NULL || hash_alg == -1 || sshkey_type_plain(key->type) != KEY_RSA) @@ -442,16 +441,42 @@ ssh_rsa_sign(struct sshkey *key, ret = SSH_ERR_INTERNAL_ERROR; goto out; } + if ((ret = ssh_rsa_encode_store_sig(hash_alg, sig, slen, + sigp, lenp)) != 0) + goto out; + + /* success */ + ret = 0; + out: + freezero(sig, slen); + return ret; +} - /* encode signature */ +int +ssh_rsa_encode_store_sig(int hash_alg, const u_char *sig, size_t slen, + u_char **sigp, size_t *lenp) +{ + struct sshbuf *b = NULL; + int ret = SSH_ERR_INTERNAL_ERROR; + size_t len; + + if (lenp != NULL) + *lenp = 0; + if (sigp != NULL) + *sigp = NULL; + + /* Encode signature */ if ((b = sshbuf_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; } - if ((ret = sshbuf_put_cstring(b, rsa_hash_alg_ident(hash_alg))) != 0 || + if ((ret = sshbuf_put_cstring(b, + ssh_rsa_hash_alg_ident(hash_alg))) != 0 || (ret = sshbuf_put_string(b, sig, slen)) != 0) goto out; len = sshbuf_len(b); + + /* Store signature */ if (sigp != NULL) { if ((*sigp = malloc(len)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; @@ -463,7 +488,6 @@ ssh_rsa_sign(struct sshkey *key, *lenp = len; ret = 0; out: - freezero(sig, slen); sshbuf_free(b); return ret; } @@ -502,7 +526,7 @@ ssh_rsa_verify(const struct sshkey *key, * legacy reasons, but otherwise the signature type should match. */ if (alg != NULL && strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) { - if ((want_alg = rsa_hash_id_from_keyname(alg)) == -1) { + if ((want_alg = ssh_rsa_hash_id_from_keyname(alg)) == -1) { ret = SSH_ERR_INVALID_ARGUMENT; goto out; } diff --git a/ssh-sk-helper.c b/ssh-sk-helper.c index 9857b632bfcb..806019c46a3d 100644 --- a/ssh-sk-helper.c +++ b/ssh-sk-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-helper.c,v 1.14 2022/12/04 11:03:11 dtucker Exp $ */ +/* $OpenBSD: ssh-sk-helper.c,v 1.15 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -45,6 +45,7 @@ #include "uidswap.h" #include "ssherr.h" #include "ssh-sk.h" +#include "ssh-pkcs11.h" #ifdef ENABLE_SK extern char *__progname; @@ -87,6 +88,22 @@ null_empty(char **s) *s = NULL; } +/* stubs */ +int +pkcs11_sign(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) +{ + return SSH_ERR_INTERNAL_ERROR; +} + +void +pkcs11_key_free(struct sshkey *key) +{ +} + static struct sshbuf * process_sign(struct sshbuf *req) { diff --git a/sshbuf-misc.c b/sshbuf-misc.c index 201279faf0f2..bc92866db60a 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.20 2025/06/16 09:02:19 dtucker Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.21 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -285,6 +285,20 @@ sshbuf_cmp(const struct sshbuf *b, size_t offset, return 0; } +int +sshbuf_equals(const struct sshbuf *a, const struct sshbuf *b) +{ + if (sshbuf_ptr(a) == NULL || sshbuf_ptr(b) == NULL) + return SSH_ERR_INTERNAL_ERROR; + if (sshbuf_len(a) != sshbuf_len(b)) + return SSH_ERR_MESSAGE_INCOMPLETE; + if (sshbuf_len(a) == 0) + return 0; + if (memcmp(sshbuf_ptr(a), sshbuf_ptr(b), sshbuf_len(a)) != 0) + return SSH_ERR_INVALID_FORMAT; + return 0; +} + int sshbuf_find(const struct sshbuf *b, size_t start_offset, const void *s, size_t len, size_t *offsetp) diff --git a/sshbuf.h b/sshbuf.h index 681abb9eec03..f0cc4c5f8e38 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.30 2025/05/21 06:43:48 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.31 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -263,6 +263,15 @@ int sshbuf_b64tod(struct sshbuf *buf, const char *b64); int sshbuf_cmp(const struct sshbuf *b, size_t offset, const void *s, size_t len); +/* + * Test whether two buffers have identical contents. + * SSH_ERR_MESSAGE_INCOMPLETE indicates the buffers had differing size. + * SSH_ERR_INVALID_FORMAT indicates the buffers were the same size but + * had differing contents. + * Returns 0 on successful compare (comparing two empty buffers returns 0). + */ +int sshbuf_equals(const struct sshbuf *a, const struct sshbuf *b); + /* * Searches the buffer for the specified string. Returns 0 on success * and updates *offsetp with the offset of the first match, relative to diff --git a/sshkey.c b/sshkey.c index 9e31411e21d6..3b1335d99725 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.150 2025/05/12 05:41:20 tb Exp $ */ +/* $OpenBSD: sshkey.c,v 1.151 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -60,6 +60,7 @@ #include "sshkey.h" #include "match.h" #include "ssh-sk.h" +#include "ssh-pkcs11.h" #ifdef WITH_XMSS #include "sshkey-xmss.h" @@ -778,6 +779,8 @@ sshkey_free_contents(struct sshkey *k) if (k == NULL) return; + if ((k->flags & SSHKEY_FLAG_EXT) != 0) + pkcs11_key_free(k); if ((impl = sshkey_impl_from_type(k->type)) != NULL && impl->funcs->cleanup != NULL) impl->funcs->cleanup(k); @@ -900,22 +903,29 @@ sshkey_putb(const struct sshkey *key, struct sshbuf *b) return to_blob_buf(key, b, 0, SSHKEY_SERIALIZE_DEFAULT); } -int -sshkey_puts_opts(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) +static int +sshkey_puts_opts_internal(const struct sshkey *key, struct sshbuf *b, + enum sshkey_serialize_rep opts, int force_plain) { struct sshbuf *tmp; int r; if ((tmp = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - r = to_blob_buf(key, tmp, 0, opts); + r = to_blob_buf(key, tmp, force_plain, opts); if (r == 0) r = sshbuf_put_stringb(b, tmp); sshbuf_free(tmp); return r; } +int +sshkey_puts_opts(const struct sshkey *key, struct sshbuf *b, + enum sshkey_serialize_rep opts) +{ + return sshkey_puts_opts_internal(key, b, opts, 0); +} + int sshkey_puts(const struct sshkey *key, struct sshbuf *b) { @@ -928,6 +938,12 @@ sshkey_putb_plain(const struct sshkey *key, struct sshbuf *b) return to_blob_buf(key, b, 1, SSHKEY_SERIALIZE_DEFAULT); } +int +sshkey_puts_plain(const struct sshkey *key, struct sshbuf *b) +{ + return sshkey_puts_opts_internal(key, b, SSHKEY_SERIALIZE_DEFAULT, 1); +} + static int to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp, int force_plain, enum sshkey_serialize_rep opts) @@ -2200,6 +2216,9 @@ sshkey_sign(struct sshkey *key, if (sshkey_is_sk(key)) { r = sshsk_sign(sk_provider, key, sigp, lenp, data, datalen, compat, sk_pin); + } else if ((key->flags & SSHKEY_FLAG_EXT) != 0) { + r = pkcs11_sign(key, sigp, lenp, data, datalen, + alg, sk_provider, sk_pin, compat); } else { if (impl->funcs->sign == NULL) r = SSH_ERR_SIGN_ALG_UNSUPPORTED; diff --git a/sshkey.h b/sshkey.h index 5fa410b9431d..13309416b6c8 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.67 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.68 2025/07/24 05:44:55 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -275,6 +275,7 @@ int sshkey_puts_opts(const struct sshkey *, struct sshbuf *, enum sshkey_serialize_rep); int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *); int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); +int sshkey_puts_plain(const struct sshkey *, struct sshbuf *); int sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, const char *, const char *, u_int); @@ -312,6 +313,12 @@ int sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, int type, struct sshkey **pubkeyp); int sshkey_check_rsa_length(const struct sshkey *, int); +int ssh_rsa_hash_id_from_keyname(const char *); +const char *ssh_rsa_hash_alg_ident(int); +int ssh_rsa_encode_store_sig(int, const u_char *, size_t, + u_char **, size_t *); +int ssh_ecdsa_encode_store_sig(const struct sshkey *, + const BIGNUM *, const BIGNUM *, u_char **, size_t *); /* XXX should be internal, but used by ssh-keygen */ int ssh_rsa_complete_crt_parameters(const BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BIGNUM **, BIGNUM **); From 1641ab8744f500f55f12155d03f1a3116aaea374 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 24 Jul 2025 06:12:08 +0000 Subject: [PATCH 149/687] upstream: factor out encoding of a raw ed25519 signature into its ssh form into a separate function OpenBSD-Commit-ID: 3711c6d6b52dde0bd1f17884da5cddb8716f1b64 --- ssh-ed25519.c | 37 ++++++++++++++++++++++++++++++------- sshkey.h | 4 +++- 2 files changed, 33 insertions(+), 8 deletions(-) diff --git a/ssh-ed25519.c b/ssh-ed25519.c index 22d8db026b4c..c8caa22214b7 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519.c,v 1.19 2022/10/28 00:44:44 djm Exp $ */ +/* $OpenBSD: ssh-ed25519.c,v 1.20 2025/07/24 06:12:08 djm Exp $ */ /* * Copyright (c) 2013 Markus Friedl * @@ -149,10 +149,9 @@ ssh_ed25519_sign(struct sshkey *key, const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) { u_char *sig = NULL; - size_t slen = 0, len; + size_t slen = 0; unsigned long long smlen; int r, ret; - struct sshbuf *b = NULL; if (lenp != NULL) *lenp = 0; @@ -173,13 +172,40 @@ ssh_ed25519_sign(struct sshkey *key, r = SSH_ERR_INVALID_ARGUMENT; /* XXX better error? */ goto out; } + if ((r = ssh_ed25519_encode_store_sig(sig, smlen - datalen, + sigp, lenp)) != 0) + goto out; + + /* success */ + r = 0; + out: + freezero(sig, slen); + return r; +} + +int +ssh_ed25519_encode_store_sig(const u_char *sig, size_t slen, + u_char **sigp, size_t *lenp) +{ + struct sshbuf *b = NULL; + int r = -1; + size_t len; + + if (lenp != NULL) + *lenp = 0; + if (sigp != NULL) + *sigp = NULL; + + if (slen != crypto_sign_ed25519_BYTES) + return SSH_ERR_INVALID_ARGUMENT; + /* encode signature */ if ((b = sshbuf_new()) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } if ((r = sshbuf_put_cstring(b, "ssh-ed25519")) != 0 || - (r = sshbuf_put_string(b, sig, smlen - datalen)) != 0) + (r = sshbuf_put_string(b, sig, slen)) != 0) goto out; len = sshbuf_len(b); if (sigp != NULL) { @@ -195,9 +221,6 @@ ssh_ed25519_sign(struct sshkey *key, r = 0; out: sshbuf_free(b); - if (sig != NULL) - freezero(sig, slen); - return r; } diff --git a/sshkey.h b/sshkey.h index 13309416b6c8..77253bc4e12a 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.68 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.69 2025/07/24 06:12:08 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -319,6 +319,8 @@ int ssh_rsa_encode_store_sig(int, const u_char *, size_t, u_char **, size_t *); int ssh_ecdsa_encode_store_sig(const struct sshkey *, const BIGNUM *, const BIGNUM *, u_char **, size_t *); +int ssh_ed25519_encode_store_sig(const u_char *, size_t, + u_char **, size_t *); /* XXX should be internal, but used by ssh-keygen */ int ssh_rsa_complete_crt_parameters(const BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BIGNUM **, BIGNUM **); From 9f8ccc3b81b53324cc489f3fe00f03c329c0acb2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 24 Jul 2025 06:59:51 +0000 Subject: [PATCH 150/687] upstream: less stale reference to PKCS#1 1.5 hash OIDs; feedback from tb@ OpenBSD-Commit-ID: 9fda77978491a130a7b77d87d40c79277b796721 --- ssh-pkcs11.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 147c52049500..c28da677d4db 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.65 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.66 2025/07/24 06:59:51 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -467,8 +467,7 @@ pkcs11_lookup_key(struct sshkey *key) #ifdef WITH_OPENSSL /* * See: - * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ - * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn + * https://datatracker.ietf.org/doc/html/rfc8017#section-9.2 */ /* @@ -485,7 +484,6 @@ static const u_char id_sha1[] = { }; /* - * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) * id-sha256(1) } @@ -500,7 +498,6 @@ static const u_char id_sha256[] = { }; /* - * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) * id-sha256(3) } From bf33a73c40522ce60961d4fff316a7187fb06ca0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 24 Jul 2025 23:27:04 +0000 Subject: [PATCH 151/687] upstream: this should include stdlib.h explicitly OpenBSD-Commit-ID: 1c0cc5c3838344b33ae4ab7aa62c01530357bf29 --- ssh-pkcs11-client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index 8aaa4d2d684c..a1bf85aa6b64 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.21 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.22 2025/07/24 23:27:04 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. From 2f5269938a8e4769f484c9d45419a86529078ede Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 25 Jul 2025 12:46:10 +1000 Subject: [PATCH 152/687] remove vestigial stub --- regress/misc/fuzz-harness/agent_fuzz_helper.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/regress/misc/fuzz-harness/agent_fuzz_helper.c b/regress/misc/fuzz-harness/agent_fuzz_helper.c index 2750221154e6..400b63156b7a 100644 --- a/regress/misc/fuzz-harness/agent_fuzz_helper.c +++ b/regress/misc/fuzz-harness/agent_fuzz_helper.c @@ -175,10 +175,3 @@ test_one(const uint8_t* s, size_t slen) cleanup_idtab(); cleanup_sockettab(); } - -int -pkcs11_make_cert(const struct sshkey *priv, - const struct sshkey *certpub, struct sshkey **certprivp) -{ - return -1; /* XXX */ -} From 03e9e993ef1ef5accc6457152278cab5988f9b3d Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 25 Jul 2025 12:46:59 +1000 Subject: [PATCH 153/687] include ssh-pkcs11-client.o as common dep --- regress/misc/fuzz-harness/Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/regress/misc/fuzz-harness/Makefile b/regress/misc/fuzz-harness/Makefile index 55dcc17175c4..999e0d32c5af 100644 --- a/regress/misc/fuzz-harness/Makefile +++ b/regress/misc/fuzz-harness/Makefile @@ -7,9 +7,10 @@ FUZZ_LIBS=-L/usr/lib/llvm-16/lib -lFuzzer CFLAGS=-D_GNU_SOURCE=1 -O2 -g -Wall -Wextra -Wno-unused-parameter -Wno-exceptions -Wno-deprecated -I ../../.. CXXFLAGS=$(CFLAGS) $(FUZZ_FLAGS) LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g -LIBS=-lssh -lopenbsd-compat -lmd -lcrypto -lfido2 -lcbor $(FUZZ_LIBS) +COMMON_OBJS=../../../ssh-pkcs11-client.o +LIBS=$(COMMON_OBJS) -lssh -lopenbsd-compat -lmd -lcrypto -lfido2 -lcbor $(FUZZ_LIBS) SK_NULL_OBJS=ssh-sk-null.o -COMMON_DEPS=../../../libssh.a +COMMON_DEPS=../../../libssh.a $(COMMON_OBJS) TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz authkeys_fuzz sshsig_fuzz \ sshsigopt_fuzz privkey_fuzz kex_fuzz agent_fuzz \ From 33b4f05c8ddab24aa6c47afb313b8cbd0d4b77f4 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 25 Jul 2025 12:47:17 +1000 Subject: [PATCH 154/687] update clang-16 -> clang-19 --- regress/misc/fuzz-harness/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/regress/misc/fuzz-harness/Makefile b/regress/misc/fuzz-harness/Makefile index 999e0d32c5af..2963ba6824e8 100644 --- a/regress/misc/fuzz-harness/Makefile +++ b/regress/misc/fuzz-harness/Makefile @@ -1,8 +1,8 @@ # NB. libssh and libopenbsd-compat should be built with the same sanitizer opts. -CC=clang-16 -CXX=clang++-16 +CC=clang-19 +CXX=clang++-19 FUZZ_FLAGS=-fsanitize=address,fuzzer -fno-omit-frame-pointer -FUZZ_LIBS=-L/usr/lib/llvm-16/lib -lFuzzer +FUZZ_LIBS=-L/usr/lib/llvm-19/lib -lFuzzer CFLAGS=-D_GNU_SOURCE=1 -O2 -g -Wall -Wextra -Wno-unused-parameter -Wno-exceptions -Wno-deprecated -I ../../.. CXXFLAGS=$(CFLAGS) $(FUZZ_FLAGS) From 203f5ac6cfa0e257db7509d4bb830e8a4bba6211 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 24 Jul 2025 06:04:47 +0000 Subject: [PATCH 155/687] upstream: test code now needs to link ssh-pkcs11-client.c any time sshkey.c is included OpenBSD-Regress-ID: 9d07188eae9a96801c3150b3433bb220626d4443 --- Makefile.in | 12 ++++++------ regress/unittests/authopt/Makefile | 4 ++-- regress/unittests/hostkeys/Makefile | 4 ++-- regress/unittests/kex/Makefile | 4 ++-- regress/unittests/sshkey/Makefile | 4 ++-- regress/unittests/sshsig/Makefile | 4 ++-- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/Makefile.in b/Makefile.in index 399c8ae6ec56..9e45d522088b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -613,7 +613,7 @@ UNITTESTS_TEST_SSHKEY_OBJS=\ regress/unittests/sshkey/common.o \ regress/unittests/sshkey/test_file.o \ regress/unittests/sshkey/test_sshkey.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) regress/unittests/sshkey/test_sshkey$(EXEEXT): ${UNITTESTS_TEST_SSHKEY_OBJS} \ regress/unittests/test_helper/libtest_helper.a libssh.a @@ -624,7 +624,7 @@ regress/unittests/sshkey/test_sshkey$(EXEEXT): ${UNITTESTS_TEST_SSHKEY_OBJS} \ UNITTESTS_TEST_SSHSIG_OBJS=\ sshsig.o \ regress/unittests/sshsig/tests.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) regress/unittests/sshsig/test_sshsig$(EXEEXT): ${UNITTESTS_TEST_SSHSIG_OBJS} \ regress/unittests/test_helper/libtest_helper.a libssh.a @@ -644,7 +644,7 @@ regress/unittests/bitmap/test_bitmap$(EXEEXT): ${UNITTESTS_TEST_BITMAP_OBJS} \ UNITTESTS_TEST_AUTHOPT_OBJS=\ regress/unittests/authopt/tests.o \ auth-options.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) regress/unittests/authopt/test_authopt$(EXEEXT): \ ${UNITTESTS_TEST_AUTHOPT_OBJS} \ @@ -667,7 +667,7 @@ UNITTESTS_TEST_KEX_OBJS=\ regress/unittests/kex/tests.o \ regress/unittests/kex/test_kex.o \ regress/unittests/kex/test_proposal.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) regress/unittests/kex/test_kex$(EXEEXT): ${UNITTESTS_TEST_KEX_OBJS} \ regress/unittests/test_helper/libtest_helper.a libssh.a @@ -678,7 +678,7 @@ regress/unittests/kex/test_kex$(EXEEXT): ${UNITTESTS_TEST_KEX_OBJS} \ UNITTESTS_TEST_HOSTKEYS_OBJS=\ regress/unittests/hostkeys/tests.o \ regress/unittests/hostkeys/test_iterate.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) regress/unittests/hostkeys/test_hostkeys$(EXEEXT): \ ${UNITTESTS_TEST_HOSTKEYS_OBJS} \ @@ -741,7 +741,7 @@ regress/misc/sk-dummy/sk-dummy.so: $(SK_DUMMY_OBJS) SSH_VERIFY_ATTESTATION_OBJS=\ regress/misc/ssh-verify-attestation/ssh-verify-attestation.o \ - $(SKOBJS) + $(P11OBJS) $(SKOBJS) ssh-verify-attestation: regress/misc/ssh-verify-attestation/ssh-verify-attestation$(EXEEXT) diff --git a/regress/unittests/authopt/Makefile b/regress/unittests/authopt/Makefile index d5ea2c796be1..1ecaa30ce343 100644 --- a/regress/unittests/authopt/Makefile +++ b/regress/unittests/authopt/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.9 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile,v 1.10 2025/07/24 06:04:47 djm Exp $ PROG=test_authopt SRCS=tests.c @@ -13,7 +13,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c SRCS+=digest-openssl.c #SRCS+=digest-libc.c diff --git a/regress/unittests/hostkeys/Makefile b/regress/unittests/hostkeys/Makefile index 142ffa632aad..76c8e67f8aa1 100644 --- a/regress/unittests/hostkeys/Makefile +++ b/regress/unittests/hostkeys/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.12 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile,v 1.13 2025/07/24 06:04:47 djm Exp $ PROG=test_hostkeys SRCS=tests.c test_iterate.c @@ -11,7 +11,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c hostfile.c SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c SRCS+=digest-openssl.c #SRCS+=digest-libc.c diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index 645fb0609733..5201a35df5bc 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.18 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile,v 1.19 2025/07/24 06:04:47 djm Exp $ PROG=test_kex SRCS=tests.c test_kex.c test_proposal.c @@ -11,7 +11,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c SRCS+=compat.c ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c SRCS+= kex.c SRCS+= kex-names.c diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile index b237ff55c8d3..77d07d1b550e 100644 --- a/regress/unittests/sshkey/Makefile +++ b/regress/unittests/sshkey/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.13 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile,v 1.14 2025/07/24 06:04:47 djm Exp $ PROG=test_sshkey SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c @@ -11,7 +11,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c SRCS+=digest-openssl.c #SRCS+=digest-libc.c diff --git a/regress/unittests/sshsig/Makefile b/regress/unittests/sshsig/Makefile index f8b6560eba18..f2f03e843856 100644 --- a/regress/unittests/sshsig/Makefile +++ b/regress/unittests/sshsig/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile,v 1.5 2025/07/24 06:04:47 djm Exp $ PROG=test_sshsig SRCS=tests.c @@ -11,7 +11,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c sshsig.c SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c SRCS+=digest-openssl.c #SRCS+=digest-libc.c From eedab8db12d57c4f4583f6b60e48a4ce25b47b9c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 25 Jul 2025 16:21:43 +1000 Subject: [PATCH 156/687] unbreak !EC builds --- ssh-pkcs11.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c28da677d4db..ee6bf77d83b9 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -86,7 +86,7 @@ TAILQ_HEAD(, pkcs11_key) pkcs11_keys; /* XXX a tree would be better */ int pkcs11_interactive = 0; -#ifdef WITH_OPENSSL +#ifdef OPENSSL_HAS_ECC static void ossl_error(const char *msg) { @@ -1133,6 +1133,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, goto out; /* success */ success = 0; +#if defined(OPENSSL_HAS_ECC) } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) { if (EVP_PKEY_get0_EC_KEY(evp) == NULL) { error("invalid x509; no ec key"); @@ -1171,6 +1172,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, goto out; /* success */ success = 0; +#endif /* OPENSSL_HAS_ECC */ } else { error("unknown certificate key type"); goto out; @@ -1866,10 +1868,12 @@ pkcs11_sign(struct sshkey *key, case KEY_RSA_CERT: return pkcs11_sign_rsa(key, sigp, lenp, data, datalen, alg, sk_provider, sk_pin, compat); +#if defined(OPENSSL_HAS_ECC) case KEY_ECDSA: case KEY_ECDSA_CERT: return pkcs11_sign_ecdsa(key, sigp, lenp, data, datalen, alg, sk_provider, sk_pin, compat); +#endif /* OPENSSL_HAS_ECC */ default: return SSH_ERR_KEY_TYPE_UNKNOWN; } From ed1e370d84e9dc39bc31c19cca12222d991fdc6f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 25 Jul 2025 11:50:45 +0000 Subject: [PATCH 157/687] upstream: Don't snprintf a NULL since not all platforms support it. OpenBSD-Commit-ID: 6e0c268e40047e96fab6bc56dc340580b537183b --- ssh-pkcs11-client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index a1bf85aa6b64..64b8f4c1c0ac 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.22 2025/07/24 23:27:04 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.23 2025/07/25 11:50:45 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -450,7 +450,7 @@ pkcs11_del_provider(char *name) * ssh-agent deletes keys before calling this, so the helper entry * should be gone before we get here. */ - debug3_f("delete %s", name); + debug3_f("delete %s", name ? name : "(null)"); if ((helper = helper_by_provider(name)) != NULL) helper_terminate(helper); return 0; From 550d2a4a66c50f7641563a63b900761d99efb24a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 25 Jul 2025 23:04:33 +1000 Subject: [PATCH 158/687] another attempt at fixing !EC builds --- ssh-pkcs11.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index ee6bf77d83b9..e22b3e419fb5 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1036,9 +1036,12 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, RSA *rsa = NULL; EC_KEY *ec = NULL; struct sshkey *key = NULL; - int r, i, nid, success = -1; + int i, success = -1; const u_char *cp; char *subject = NULL; +#ifdef OPENSSL_HAS_ECC + int r, nid; +#endif *keyp = NULL; *labelp = NULL; @@ -1133,7 +1136,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, goto out; /* success */ success = 0; -#if defined(OPENSSL_HAS_ECC) +#ifdef OPENSSL_HAS_ECC } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) { if (EVP_PKEY_get0_EC_KEY(evp) == NULL) { error("invalid x509; no ec key"); @@ -1182,7 +1185,9 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, free(cert_attr[i].pValue); X509_free(x509); RSA_free(rsa); +#ifdef OPENSSL_HAS_ECC EC_KEY_free(ec); +#endif /* OPENSSL_HAS_ECC */ if (success != 0 || key == NULL) { sshkey_free(key); free(subject); @@ -1396,7 +1401,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, case CKK_RSA: key = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); break; -#if defined(OPENSSL_HAS_ECC) +#ifdef OPENSSL_HAS_ECC case CKK_ECDSA: key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); break; @@ -1868,7 +1873,7 @@ pkcs11_sign(struct sshkey *key, case KEY_RSA_CERT: return pkcs11_sign_rsa(key, sigp, lenp, data, datalen, alg, sk_provider, sk_pin, compat); -#if defined(OPENSSL_HAS_ECC) +#ifdef OPENSSL_HAS_ECC case KEY_ECDSA: case KEY_ECDSA_CERT: return pkcs11_sign_ecdsa(key, sigp, lenp, data, datalen, From 2b530cc3005a71c5ba6b712978872fc9c147439c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 25 Jul 2025 13:06:07 +0000 Subject: [PATCH 159/687] upstream: update our PKCS#11 API header to v3.0; feedback/ok tb@ OpenBSD-Commit-ID: e67fa6a26e515c2b1fb7b0d1519d138aafb3e017 --- pkcs11.h | 1502 +++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 1023 insertions(+), 479 deletions(-) diff --git a/pkcs11.h b/pkcs11.h index b01d58f9483a..707333f02f0f 100644 --- a/pkcs11.h +++ b/pkcs11.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs11.h,v 1.3 2013/11/26 19:15:09 deraadt Exp $ */ +/* $OpenBSD: pkcs11.h,v 1.4 2025/07/25 13:06:07 djm Exp $ */ /* pkcs11.h Copyright 2006, 2007 g10 Code GmbH Copyright 2006 Andreas Jellinghaus @@ -64,9 +64,9 @@ extern "C" { version of this file, please consider deleting the revision macro (you may use a macro with a different name to keep track of your versions). */ -#define CRYPTOKI_VERSION_MAJOR 2 -#define CRYPTOKI_VERSION_MINOR 20 -#define CRYPTOKI_VERSION_REVISION 6 +#define CRYPTOKI_VERSION_MAJOR 3 +#define CRYPTOKI_VERSION_MINOR 0 +#define CRYPTOKI_VERSION_REVISION 0 /* Compatibility interface is default, unless CRYPTOKI_GNU is @@ -96,7 +96,6 @@ extern "C" { #endif - #ifdef CRYPTOKI_COMPAT /* If we are in compatibility mode, switch all exposed names to the PKCS #11 variant. There are corresponding #undefs below. */ @@ -155,6 +154,8 @@ extern "C" { #define ck_mechanism_type_t CK_MECHANISM_TYPE +#define ck_rsa_pkcs_mgf_type_t CK_RSA_PKCS_MGF_TYPE + #define ck_mechanism _CK_MECHANISM #define parameter pParameter #define parameter_len ulParameterLen @@ -166,7 +167,10 @@ extern "C" { #define ck_rv_t CK_RV #define ck_notify_t CK_NOTIFY +#define ck_interface CK_INTERFACE + #define ck_function_list _CK_FUNCTION_LIST +#define ck_function_list_3_0 _CK_FUNCTION_LIST_3_0 #define ck_createmutex_t CK_CREATEMUTEX #define ck_destroymutex_t CK_DESTROYMUTEX @@ -183,7 +187,6 @@ extern "C" { #endif /* CRYPTOKI_COMPAT */ - typedef unsigned long ck_flags_t; struct ck_version @@ -205,7 +208,7 @@ struct ck_info typedef unsigned long ck_notification_t; -#define CKN_SURRENDER (0) +#define CKN_SURRENDER (0UL) typedef unsigned long ck_slot_id_t; @@ -221,10 +224,10 @@ struct ck_slot_info }; -#define CKF_TOKEN_PRESENT (1 << 0) -#define CKF_REMOVABLE_DEVICE (1 << 1) -#define CKF_HW_SLOT (1 << 2) -#define CKF_ARRAY_ATTRIBUTE (1 << 30) +#define CKF_TOKEN_PRESENT (1UL << 0) +#define CKF_REMOVABLE_DEVICE (1UL << 1) +#define CKF_HW_SLOT (1UL << 2) +#define CKF_ARRAY_ATTRIBUTE (1UL << 30) struct ck_token_info @@ -250,48 +253,48 @@ struct ck_token_info }; -#define CKF_RNG (1 << 0) -#define CKF_WRITE_PROTECTED (1 << 1) -#define CKF_LOGIN_REQUIRED (1 << 2) -#define CKF_USER_PIN_INITIALIZED (1 << 3) -#define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5) -#define CKF_CLOCK_ON_TOKEN (1 << 6) -#define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8) -#define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9) -#define CKF_TOKEN_INITIALIZED (1 << 10) -#define CKF_SECONDARY_AUTHENTICATION (1 << 11) -#define CKF_USER_PIN_COUNT_LOW (1 << 16) -#define CKF_USER_PIN_FINAL_TRY (1 << 17) -#define CKF_USER_PIN_LOCKED (1 << 18) -#define CKF_USER_PIN_TO_BE_CHANGED (1 << 19) -#define CKF_SO_PIN_COUNT_LOW (1 << 20) -#define CKF_SO_PIN_FINAL_TRY (1 << 21) -#define CKF_SO_PIN_LOCKED (1 << 22) -#define CKF_SO_PIN_TO_BE_CHANGED (1 << 23) +#define CKF_RNG (1UL << 0) +#define CKF_WRITE_PROTECTED (1UL << 1) +#define CKF_LOGIN_REQUIRED (1UL << 2) +#define CKF_USER_PIN_INITIALIZED (1UL << 3) +#define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5) +#define CKF_CLOCK_ON_TOKEN (1UL << 6) +#define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8) +#define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9) +#define CKF_TOKEN_INITIALIZED (1UL << 10) +#define CKF_SECONDARY_AUTHENTICATION (1UL << 11) +#define CKF_USER_PIN_COUNT_LOW (1UL << 16) +#define CKF_USER_PIN_FINAL_TRY (1UL << 17) +#define CKF_USER_PIN_LOCKED (1UL << 18) +#define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19) +#define CKF_SO_PIN_COUNT_LOW (1UL << 20) +#define CKF_SO_PIN_FINAL_TRY (1UL << 21) +#define CKF_SO_PIN_LOCKED (1UL << 22) +#define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23) #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) -#define CK_EFFECTIVELY_INFINITE (0) +#define CK_EFFECTIVELY_INFINITE (0UL) typedef unsigned long ck_session_handle_t; -#define CK_INVALID_HANDLE (0) +#define CK_INVALID_HANDLE (0UL) typedef unsigned long ck_user_type_t; -#define CKU_SO (0) -#define CKU_USER (1) -#define CKU_CONTEXT_SPECIFIC (2) +#define CKU_SO (0UL) +#define CKU_USER (1UL) +#define CKU_CONTEXT_SPECIFIC (2UL) typedef unsigned long ck_state_t; -#define CKS_RO_PUBLIC_SESSION (0) -#define CKS_RO_USER_FUNCTIONS (1) -#define CKS_RW_PUBLIC_SESSION (2) -#define CKS_RW_USER_FUNCTIONS (3) -#define CKS_RW_SO_FUNCTIONS (4) +#define CKS_RO_PUBLIC_SESSION (0UL) +#define CKS_RO_USER_FUNCTIONS (1UL) +#define CKS_RW_PUBLIC_SESSION (2UL) +#define CKS_RW_USER_FUNCTIONS (3UL) +#define CKS_RW_SO_FUNCTIONS (4UL) struct ck_session_info @@ -302,8 +305,8 @@ struct ck_session_info unsigned long device_error; }; -#define CKF_RW_SESSION (1 << 1) -#define CKF_SERIAL_SESSION (1 << 2) +#define CKF_RW_SESSION (1UL << 1) +#define CKF_SERIAL_SESSION (1UL << 2) typedef unsigned long ck_object_handle_t; @@ -311,149 +314,194 @@ typedef unsigned long ck_object_handle_t; typedef unsigned long ck_object_class_t; -#define CKO_DATA (0) -#define CKO_CERTIFICATE (1) -#define CKO_PUBLIC_KEY (2) -#define CKO_PRIVATE_KEY (3) -#define CKO_SECRET_KEY (4) -#define CKO_HW_FEATURE (5) -#define CKO_DOMAIN_PARAMETERS (6) -#define CKO_MECHANISM (7) -#define CKO_VENDOR_DEFINED (1U << 31) - +#define CKO_DATA (0UL) +#define CKO_CERTIFICATE (1UL) +#define CKO_PUBLIC_KEY (2UL) +#define CKO_PRIVATE_KEY (3UL) +#define CKO_SECRET_KEY (4UL) +#define CKO_HW_FEATURE (5UL) +#define CKO_DOMAIN_PARAMETERS (6UL) +#define CKO_MECHANISM (7UL) +#define CKO_OTP_KEY (8UL) +#define CKO_PROFILE (9UL) +#define CKO_VENDOR_DEFINED (1UL << 31) + +#define CKP_INVALID_ID (0UL) +#define CKP_BASELINE_PROVIDER (1UL) +#define CKP_EXTENDED_PROVIDER (2UL) +#define CKP_AUTHENTICATION_TOKEN (3UL) +#define CKP_PUBLIC_CERTIFICATES_TOKEN (4UL) +#define CKP_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_hw_feature_type_t; -#define CKH_MONOTONIC_COUNTER (1) -#define CKH_CLOCK (2) -#define CKH_USER_INTERFACE (3) -#define CKH_VENDOR_DEFINED (1U << 31) +#define CKH_MONOTONIC_COUNTER (1UL) +#define CKH_CLOCK (2UL) +#define CKH_USER_INTERFACE (3UL) +#define CKH_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_key_type_t; -#define CKK_RSA (0) -#define CKK_DSA (1) -#define CKK_DH (2) -#define CKK_ECDSA (3) -#define CKK_EC (3) -#define CKK_X9_42_DH (4) -#define CKK_KEA (5) -#define CKK_GENERIC_SECRET (0x10) -#define CKK_RC2 (0x11) -#define CKK_RC4 (0x12) -#define CKK_DES (0x13) -#define CKK_DES2 (0x14) -#define CKK_DES3 (0x15) -#define CKK_CAST (0x16) -#define CKK_CAST3 (0x17) -#define CKK_CAST128 (0x18) -#define CKK_RC5 (0x19) -#define CKK_IDEA (0x1a) -#define CKK_SKIPJACK (0x1b) -#define CKK_BATON (0x1c) -#define CKK_JUNIPER (0x1d) -#define CKK_CDMF (0x1e) -#define CKK_AES (0x1f) -#define CKK_BLOWFISH (0x20) -#define CKK_TWOFISH (0x21) -#define CKK_VENDOR_DEFINED (1U << 31) +#define CKK_RSA (0UL) +#define CKK_DSA (1UL) +#define CKK_DH (2UL) +#define CKK_ECDSA (3UL) +#define CKK_EC (3UL) +#define CKK_X9_42_DH (4UL) +#define CKK_KEA (5UL) +#define CKK_GENERIC_SECRET (0x10UL) +#define CKK_RC2 (0x11UL) +#define CKK_RC4 (0x12UL) +#define CKK_DES (0x13UL) +#define CKK_DES2 (0x14UL) +#define CKK_DES3 (0x15UL) +#define CKK_CAST (0x16UL) +#define CKK_CAST3 (0x17UL) +#define CKK_CAST128 (0x18UL) +#define CKK_RC5 (0x19UL) +#define CKK_IDEA (0x1aUL) +#define CKK_SKIPJACK (0x1bUL) +#define CKK_BATON (0x1cUL) +#define CKK_JUNIPER (0x1dUL) +#define CKK_CDMF (0x1eUL) +#define CKK_AES (0x1fUL) +#define CKK_BLOWFISH (0x20UL) +#define CKK_TWOFISH (0x21UL) +#define CKK_GOSTR3410 (0x30UL) +#define CKK_GOSTR3411 (0x31UL) +#define CKK_GOST28147 (0x32UL) +#define CKK_EC_EDWARDS (0x40UL) +#define CKK_EC_MONTGOMERY (0x41UL) +#define CKK_HKDF (0x42UL) +#define CKK_VENDOR_DEFINED (1UL << 31) + +/* + * A mask for new GOST algorithms. + * For details visit https://tc26.ru/standarts/perevody/guidelines-the-pkcs-11-extensions-for-implementing-the-gost-r-34-10-2012-and-gost-r-34-11-2012-russian-standards-.html + */ +#define NSSCK_VENDOR_PKCS11_RU_TEAM (CKK_VENDOR_DEFINED | 0x54321000) +#define CK_VENDOR_PKCS11_RU_TEAM_TK26 NSSCK_VENDOR_PKCS11_RU_TEAM + +#define CKK_GOSTR3410_512 (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x003) typedef unsigned long ck_certificate_type_t; -#define CKC_X_509 (0) -#define CKC_X_509_ATTR_CERT (1) -#define CKC_WTLS (2) -#define CKC_VENDOR_DEFINED (1U << 31) +#define CKC_X_509 (0UL) +#define CKC_X_509_ATTR_CERT (1UL) +#define CKC_WTLS (2UL) +#define CKC_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_attribute_type_t; -#define CKA_CLASS (0) -#define CKA_TOKEN (1) -#define CKA_PRIVATE (2) -#define CKA_LABEL (3) -#define CKA_APPLICATION (0x10) -#define CKA_VALUE (0x11) -#define CKA_OBJECT_ID (0x12) -#define CKA_CERTIFICATE_TYPE (0x80) -#define CKA_ISSUER (0x81) -#define CKA_SERIAL_NUMBER (0x82) -#define CKA_AC_ISSUER (0x83) -#define CKA_OWNER (0x84) -#define CKA_ATTR_TYPES (0x85) -#define CKA_TRUSTED (0x86) -#define CKA_CERTIFICATE_CATEGORY (0x87) -#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88) -#define CKA_URL (0x89) -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a) -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b) -#define CKA_CHECK_VALUE (0x90) -#define CKA_KEY_TYPE (0x100) -#define CKA_SUBJECT (0x101) -#define CKA_ID (0x102) -#define CKA_SENSITIVE (0x103) -#define CKA_ENCRYPT (0x104) -#define CKA_DECRYPT (0x105) -#define CKA_WRAP (0x106) -#define CKA_UNWRAP (0x107) -#define CKA_SIGN (0x108) -#define CKA_SIGN_RECOVER (0x109) -#define CKA_VERIFY (0x10a) -#define CKA_VERIFY_RECOVER (0x10b) -#define CKA_DERIVE (0x10c) -#define CKA_START_DATE (0x110) -#define CKA_END_DATE (0x111) -#define CKA_MODULUS (0x120) -#define CKA_MODULUS_BITS (0x121) -#define CKA_PUBLIC_EXPONENT (0x122) -#define CKA_PRIVATE_EXPONENT (0x123) -#define CKA_PRIME_1 (0x124) -#define CKA_PRIME_2 (0x125) -#define CKA_EXPONENT_1 (0x126) -#define CKA_EXPONENT_2 (0x127) -#define CKA_COEFFICIENT (0x128) -#define CKA_PRIME (0x130) -#define CKA_SUBPRIME (0x131) -#define CKA_BASE (0x132) -#define CKA_PRIME_BITS (0x133) -#define CKA_SUB_PRIME_BITS (0x134) -#define CKA_VALUE_BITS (0x160) -#define CKA_VALUE_LEN (0x161) -#define CKA_EXTRACTABLE (0x162) -#define CKA_LOCAL (0x163) -#define CKA_NEVER_EXTRACTABLE (0x164) -#define CKA_ALWAYS_SENSITIVE (0x165) -#define CKA_KEY_GEN_MECHANISM (0x166) -#define CKA_MODIFIABLE (0x170) -#define CKA_ECDSA_PARAMS (0x180) -#define CKA_EC_PARAMS (0x180) -#define CKA_EC_POINT (0x181) -#define CKA_SECONDARY_AUTH (0x200) -#define CKA_AUTH_PIN_FLAGS (0x201) -#define CKA_ALWAYS_AUTHENTICATE (0x202) -#define CKA_WRAP_WITH_TRUSTED (0x210) -#define CKA_HW_FEATURE_TYPE (0x300) -#define CKA_RESET_ON_INIT (0x301) -#define CKA_HAS_RESET (0x302) -#define CKA_PIXEL_X (0x400) -#define CKA_PIXEL_Y (0x401) -#define CKA_RESOLUTION (0x402) -#define CKA_CHAR_ROWS (0x403) -#define CKA_CHAR_COLUMNS (0x404) -#define CKA_COLOR (0x405) -#define CKA_BITS_PER_PIXEL (0x406) -#define CKA_CHAR_SETS (0x480) -#define CKA_ENCODING_METHODS (0x481) -#define CKA_MIME_TYPES (0x482) -#define CKA_MECHANISM_TYPE (0x500) -#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501) -#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502) -#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503) -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212) -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600) -#define CKA_VENDOR_DEFINED (1U << 31) +#define CKA_CLASS (0UL) +#define CKA_TOKEN (1UL) +#define CKA_PRIVATE (2UL) +#define CKA_LABEL (3UL) +#define CKA_UNIQUE_ID (4UL) +#define CKA_APPLICATION (0x10UL) +#define CKA_VALUE (0x11UL) +#define CKA_OBJECT_ID (0x12UL) +#define CKA_CERTIFICATE_TYPE (0x80UL) +#define CKA_ISSUER (0x81UL) +#define CKA_SERIAL_NUMBER (0x82UL) +#define CKA_AC_ISSUER (0x83UL) +#define CKA_OWNER (0x84UL) +#define CKA_ATTR_TYPES (0x85UL) +#define CKA_TRUSTED (0x86UL) +#define CKA_CERTIFICATE_CATEGORY (0x87UL) +#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) +#define CKA_URL (0x89UL) +#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) +#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) +#define CKA_CHECK_VALUE (0x90UL) +#define CKA_KEY_TYPE (0x100UL) +#define CKA_SUBJECT (0x101UL) +#define CKA_ID (0x102UL) +#define CKA_SENSITIVE (0x103UL) +#define CKA_ENCRYPT (0x104UL) +#define CKA_DECRYPT (0x105UL) +#define CKA_WRAP (0x106UL) +#define CKA_UNWRAP (0x107UL) +#define CKA_SIGN (0x108UL) +#define CKA_SIGN_RECOVER (0x109UL) +#define CKA_VERIFY (0x10aUL) +#define CKA_VERIFY_RECOVER (0x10bUL) +#define CKA_DERIVE (0x10cUL) +#define CKA_START_DATE (0x110UL) +#define CKA_END_DATE (0x111UL) +#define CKA_MODULUS (0x120UL) +#define CKA_MODULUS_BITS (0x121UL) +#define CKA_PUBLIC_EXPONENT (0x122UL) +#define CKA_PRIVATE_EXPONENT (0x123UL) +#define CKA_PRIME_1 (0x124UL) +#define CKA_PRIME_2 (0x125UL) +#define CKA_EXPONENT_1 (0x126UL) +#define CKA_EXPONENT_2 (0x127UL) +#define CKA_COEFFICIENT (0x128UL) +#define CKA_PUBLIC_KEY_INFO (0x129UL) +#define CKA_PRIME (0x130UL) +#define CKA_SUBPRIME (0x131UL) +#define CKA_BASE (0x132UL) +#define CKA_PRIME_BITS (0x133UL) +#define CKA_SUB_PRIME_BITS (0x134UL) +#define CKA_VALUE_BITS (0x160UL) +#define CKA_VALUE_LEN (0x161UL) +#define CKA_EXTRACTABLE (0x162UL) +#define CKA_LOCAL (0x163UL) +#define CKA_NEVER_EXTRACTABLE (0x164UL) +#define CKA_ALWAYS_SENSITIVE (0x165UL) +#define CKA_KEY_GEN_MECHANISM (0x166UL) +#define CKA_MODIFIABLE (0x170UL) +#define CKA_COPYABLE (0x171UL) +#define CKA_DESTROYABLE (0x172UL) +#define CKA_ECDSA_PARAMS (0x180UL) +#define CKA_EC_PARAMS (0x180UL) +#define CKA_EC_POINT (0x181UL) +#define CKA_SECONDARY_AUTH (0x200UL) +#define CKA_AUTH_PIN_FLAGS (0x201UL) +#define CKA_ALWAYS_AUTHENTICATE (0x202UL) +#define CKA_WRAP_WITH_TRUSTED (0x210UL) +#define CKA_GOSTR3410_PARAMS (0x250UL) +#define CKA_GOSTR3411_PARAMS (0x251UL) +#define CKA_GOST28147_PARAMS (0x252UL) +#define CKA_HW_FEATURE_TYPE (0x300UL) +#define CKA_RESET_ON_INIT (0x301UL) +#define CKA_HAS_RESET (0x302UL) +#define CKA_PIXEL_X (0x400UL) +#define CKA_PIXEL_Y (0x401UL) +#define CKA_RESOLUTION (0x402UL) +#define CKA_CHAR_ROWS (0x403UL) +#define CKA_CHAR_COLUMNS (0x404UL) +#define CKA_COLOR (0x405UL) +#define CKA_BITS_PER_PIXEL (0x406UL) +#define CKA_CHAR_SETS (0x480UL) +#define CKA_ENCODING_METHODS (0x481UL) +#define CKA_MIME_TYPES (0x482UL) +#define CKA_MECHANISM_TYPE (0x500UL) +#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) +#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) +#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) +#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) +#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) +#define CKA_OTP_FORMAT (0x220UL) +#define CKA_OTP_LENGTH (0x221UL) +#define CKA_OTP_TIME_INTERVAL (0x222UL) +#define CKA_OTP_USER_FRIENDLY_MODE (0x223UL) +#define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL) +#define CKA_OTP_TIME_REQUIREMENT (0x225UL) +#define CKA_OTP_COUNTER_REQUIREMENT (0x226UL) +#define CKA_OTP_PIN_REQUIREMENT (0x227UL) +#define CKA_OTP_USER_IDENTIFIER (0x22AUL) +#define CKA_OTP_SERVICE_IDENTIFIER (0x22BUL) +#define CKA_OTP_SERVICE_LOGO (0x22CUL) +#define CKA_OTP_SERVICE_LOGO_TYPE (0x22DUL) +#define CKA_OTP_COUNTER (0x22EUL) +#define CKA_OTP_TIME (0x22FUL) +#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) +#define CKA_PROFILE_ID (0x601UL) +#define CKA_VENDOR_DEFINED (1UL << 31) struct ck_attribute @@ -474,206 +522,304 @@ struct ck_date typedef unsigned long ck_mechanism_type_t; -#define CKM_RSA_PKCS_KEY_PAIR_GEN (0) -#define CKM_RSA_PKCS (1) -#define CKM_RSA_9796 (2) -#define CKM_RSA_X_509 (3) -#define CKM_MD2_RSA_PKCS (4) -#define CKM_MD5_RSA_PKCS (5) -#define CKM_SHA1_RSA_PKCS (6) -#define CKM_RIPEMD128_RSA_PKCS (7) -#define CKM_RIPEMD160_RSA_PKCS (8) -#define CKM_RSA_PKCS_OAEP (9) -#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa) -#define CKM_RSA_X9_31 (0xb) -#define CKM_SHA1_RSA_X9_31 (0xc) -#define CKM_RSA_PKCS_PSS (0xd) -#define CKM_SHA1_RSA_PKCS_PSS (0xe) -#define CKM_DSA_KEY_PAIR_GEN (0x10) -#define CKM_DSA (0x11) -#define CKM_DSA_SHA1 (0x12) -#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20) -#define CKM_DH_PKCS_DERIVE (0x21) -#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30) -#define CKM_X9_42_DH_DERIVE (0x31) -#define CKM_X9_42_DH_HYBRID_DERIVE (0x32) -#define CKM_X9_42_MQV_DERIVE (0x33) -#define CKM_SHA256_RSA_PKCS (0x40) -#define CKM_SHA384_RSA_PKCS (0x41) -#define CKM_SHA512_RSA_PKCS (0x42) -#define CKM_SHA256_RSA_PKCS_PSS (0x43) -#define CKM_SHA384_RSA_PKCS_PSS (0x44) -#define CKM_SHA512_RSA_PKCS_PSS (0x45) -#define CKM_RC2_KEY_GEN (0x100) -#define CKM_RC2_ECB (0x101) -#define CKM_RC2_CBC (0x102) -#define CKM_RC2_MAC (0x103) -#define CKM_RC2_MAC_GENERAL (0x104) -#define CKM_RC2_CBC_PAD (0x105) -#define CKM_RC4_KEY_GEN (0x110) -#define CKM_RC4 (0x111) -#define CKM_DES_KEY_GEN (0x120) -#define CKM_DES_ECB (0x121) -#define CKM_DES_CBC (0x122) -#define CKM_DES_MAC (0x123) -#define CKM_DES_MAC_GENERAL (0x124) -#define CKM_DES_CBC_PAD (0x125) -#define CKM_DES2_KEY_GEN (0x130) -#define CKM_DES3_KEY_GEN (0x131) -#define CKM_DES3_ECB (0x132) -#define CKM_DES3_CBC (0x133) -#define CKM_DES3_MAC (0x134) -#define CKM_DES3_MAC_GENERAL (0x135) -#define CKM_DES3_CBC_PAD (0x136) -#define CKM_CDMF_KEY_GEN (0x140) -#define CKM_CDMF_ECB (0x141) -#define CKM_CDMF_CBC (0x142) -#define CKM_CDMF_MAC (0x143) -#define CKM_CDMF_MAC_GENERAL (0x144) -#define CKM_CDMF_CBC_PAD (0x145) -#define CKM_MD2 (0x200) -#define CKM_MD2_HMAC (0x201) -#define CKM_MD2_HMAC_GENERAL (0x202) -#define CKM_MD5 (0x210) -#define CKM_MD5_HMAC (0x211) -#define CKM_MD5_HMAC_GENERAL (0x212) -#define CKM_SHA_1 (0x220) -#define CKM_SHA_1_HMAC (0x221) -#define CKM_SHA_1_HMAC_GENERAL (0x222) -#define CKM_RIPEMD128 (0x230) -#define CKM_RIPEMD128_HMAC (0x231) -#define CKM_RIPEMD128_HMAC_GENERAL (0x232) -#define CKM_RIPEMD160 (0x240) -#define CKM_RIPEMD160_HMAC (0x241) -#define CKM_RIPEMD160_HMAC_GENERAL (0x242) -#define CKM_SHA256 (0x250) -#define CKM_SHA256_HMAC (0x251) -#define CKM_SHA256_HMAC_GENERAL (0x252) -#define CKM_SHA384 (0x260) -#define CKM_SHA384_HMAC (0x261) -#define CKM_SHA384_HMAC_GENERAL (0x262) -#define CKM_SHA512 (0x270) -#define CKM_SHA512_HMAC (0x271) -#define CKM_SHA512_HMAC_GENERAL (0x272) -#define CKM_CAST_KEY_GEN (0x300) -#define CKM_CAST_ECB (0x301) -#define CKM_CAST_CBC (0x302) -#define CKM_CAST_MAC (0x303) -#define CKM_CAST_MAC_GENERAL (0x304) -#define CKM_CAST_CBC_PAD (0x305) -#define CKM_CAST3_KEY_GEN (0x310) -#define CKM_CAST3_ECB (0x311) -#define CKM_CAST3_CBC (0x312) -#define CKM_CAST3_MAC (0x313) -#define CKM_CAST3_MAC_GENERAL (0x314) -#define CKM_CAST3_CBC_PAD (0x315) -#define CKM_CAST5_KEY_GEN (0x320) -#define CKM_CAST128_KEY_GEN (0x320) -#define CKM_CAST5_ECB (0x321) -#define CKM_CAST128_ECB (0x321) -#define CKM_CAST5_CBC (0x322) -#define CKM_CAST128_CBC (0x322) -#define CKM_CAST5_MAC (0x323) -#define CKM_CAST128_MAC (0x323) -#define CKM_CAST5_MAC_GENERAL (0x324) -#define CKM_CAST128_MAC_GENERAL (0x324) -#define CKM_CAST5_CBC_PAD (0x325) -#define CKM_CAST128_CBC_PAD (0x325) -#define CKM_RC5_KEY_GEN (0x330) -#define CKM_RC5_ECB (0x331) -#define CKM_RC5_CBC (0x332) -#define CKM_RC5_MAC (0x333) -#define CKM_RC5_MAC_GENERAL (0x334) -#define CKM_RC5_CBC_PAD (0x335) -#define CKM_IDEA_KEY_GEN (0x340) -#define CKM_IDEA_ECB (0x341) -#define CKM_IDEA_CBC (0x342) -#define CKM_IDEA_MAC (0x343) -#define CKM_IDEA_MAC_GENERAL (0x344) -#define CKM_IDEA_CBC_PAD (0x345) -#define CKM_GENERIC_SECRET_KEY_GEN (0x350) -#define CKM_CONCATENATE_BASE_AND_KEY (0x360) -#define CKM_CONCATENATE_BASE_AND_DATA (0x362) -#define CKM_CONCATENATE_DATA_AND_BASE (0x363) -#define CKM_XOR_BASE_AND_DATA (0x364) -#define CKM_EXTRACT_KEY_FROM_KEY (0x365) -#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370) -#define CKM_SSL3_MASTER_KEY_DERIVE (0x371) -#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372) -#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373) -#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374) -#define CKM_TLS_MASTER_KEY_DERIVE (0x375) -#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376) -#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377) -#define CKM_SSL3_MD5_MAC (0x380) -#define CKM_SSL3_SHA1_MAC (0x381) -#define CKM_MD5_KEY_DERIVATION (0x390) -#define CKM_MD2_KEY_DERIVATION (0x391) -#define CKM_SHA1_KEY_DERIVATION (0x392) -#define CKM_PBE_MD2_DES_CBC (0x3a0) -#define CKM_PBE_MD5_DES_CBC (0x3a1) -#define CKM_PBE_MD5_CAST_CBC (0x3a2) -#define CKM_PBE_MD5_CAST3_CBC (0x3a3) -#define CKM_PBE_MD5_CAST5_CBC (0x3a4) -#define CKM_PBE_MD5_CAST128_CBC (0x3a4) -#define CKM_PBE_SHA1_CAST5_CBC (0x3a5) -#define CKM_PBE_SHA1_CAST128_CBC (0x3a5) -#define CKM_PBE_SHA1_RC4_128 (0x3a6) -#define CKM_PBE_SHA1_RC4_40 (0x3a7) -#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) -#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) -#define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) -#define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) -#define CKM_PKCS5_PBKD2 (0x3b0) -#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0) -#define CKM_KEY_WRAP_LYNKS (0x400) -#define CKM_KEY_WRAP_SET_OAEP (0x401) -#define CKM_SKIPJACK_KEY_GEN (0x1000) -#define CKM_SKIPJACK_ECB64 (0x1001) -#define CKM_SKIPJACK_CBC64 (0x1002) -#define CKM_SKIPJACK_OFB64 (0x1003) -#define CKM_SKIPJACK_CFB64 (0x1004) -#define CKM_SKIPJACK_CFB32 (0x1005) -#define CKM_SKIPJACK_CFB16 (0x1006) -#define CKM_SKIPJACK_CFB8 (0x1007) -#define CKM_SKIPJACK_WRAP (0x1008) -#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009) -#define CKM_SKIPJACK_RELAYX (0x100a) -#define CKM_KEA_KEY_PAIR_GEN (0x1010) -#define CKM_KEA_KEY_DERIVE (0x1011) -#define CKM_FORTEZZA_TIMESTAMP (0x1020) -#define CKM_BATON_KEY_GEN (0x1030) -#define CKM_BATON_ECB128 (0x1031) -#define CKM_BATON_ECB96 (0x1032) -#define CKM_BATON_CBC128 (0x1033) -#define CKM_BATON_COUNTER (0x1034) -#define CKM_BATON_SHUFFLE (0x1035) -#define CKM_BATON_WRAP (0x1036) -#define CKM_ECDSA_KEY_PAIR_GEN (0x1040) -#define CKM_EC_KEY_PAIR_GEN (0x1040) -#define CKM_ECDSA (0x1041) -#define CKM_ECDSA_SHA1 (0x1042) -#define CKM_ECDH1_DERIVE (0x1050) -#define CKM_ECDH1_COFACTOR_DERIVE (0x1051) -#define CKM_ECMQV_DERIVE (0x1052) -#define CKM_JUNIPER_KEY_GEN (0x1060) -#define CKM_JUNIPER_ECB128 (0x1061) -#define CKM_JUNIPER_CBC128 (0x1062) -#define CKM_JUNIPER_COUNTER (0x1063) -#define CKM_JUNIPER_SHUFFLE (0x1064) -#define CKM_JUNIPER_WRAP (0x1065) -#define CKM_FASTHASH (0x1070) -#define CKM_AES_KEY_GEN (0x1080) -#define CKM_AES_ECB (0x1081) -#define CKM_AES_CBC (0x1082) -#define CKM_AES_MAC (0x1083) -#define CKM_AES_MAC_GENERAL (0x1084) -#define CKM_AES_CBC_PAD (0x1085) -#define CKM_DSA_PARAMETER_GEN (0x2000) -#define CKM_DH_PKCS_PARAMETER_GEN (0x2001) -#define CKM_X9_42_DH_PARAMETER_GEN (0x2002) -#define CKM_VENDOR_DEFINED (1U << 31) - +#define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL) +#define CKM_RSA_PKCS (1UL) +#define CKM_RSA_9796 (2UL) +#define CKM_RSA_X_509 (3UL) +#define CKM_MD2_RSA_PKCS (4UL) +#define CKM_MD5_RSA_PKCS (5UL) +#define CKM_SHA1_RSA_PKCS (6UL) +#define CKM_RIPEMD128_RSA_PKCS (7UL) +#define CKM_RIPEMD160_RSA_PKCS (8UL) +#define CKM_RSA_PKCS_OAEP (9UL) +#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL) +#define CKM_RSA_X9_31 (0xbUL) +#define CKM_SHA1_RSA_X9_31 (0xcUL) +#define CKM_RSA_PKCS_PSS (0xdUL) +#define CKM_SHA1_RSA_PKCS_PSS (0xeUL) +#define CKM_DSA_KEY_PAIR_GEN (0x10UL) +#define CKM_DSA (0x11UL) +#define CKM_DSA_SHA1 (0x12UL) +#define CKM_DSA_SHA224 (0x13UL) +#define CKM_DSA_SHA256 (0x14UL) +#define CKM_DSA_SHA384 (0x15UL) +#define CKM_DSA_SHA512 (0x16UL) +#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL) +#define CKM_DH_PKCS_DERIVE (0x21UL) +#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL) +#define CKM_X9_42_DH_DERIVE (0x31UL) +#define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL) +#define CKM_X9_42_MQV_DERIVE (0x33UL) +#define CKM_SHA256_RSA_PKCS (0x40UL) +#define CKM_SHA384_RSA_PKCS (0x41UL) +#define CKM_SHA512_RSA_PKCS (0x42UL) +#define CKM_SHA256_RSA_PKCS_PSS (0x43UL) +#define CKM_SHA384_RSA_PKCS_PSS (0x44UL) +#define CKM_SHA512_RSA_PKCS_PSS (0x45UL) +#define CKM_SHA224_RSA_PKCS (0x46UL) +#define CKM_SHA224_RSA_PKCS_PSS (0x47UL) +#define CKM_SHA3_256_RSA_PKCS (0x60UL) +#define CKM_SHA3_384_RSA_PKCS (0x61UL) +#define CKM_SHA3_512_RSA_PKCS (0x62UL) +#define CKM_SHA3_256_RSA_PKCS_PSS (0x63UL) +#define CKM_SHA3_384_RSA_PKCS_PSS (0x64UL) +#define CKM_SHA3_512_RSA_PKCS_PSS (0x65UL) +#define CKM_SHA3_224_RSA_PKCS (0x66UL) +#define CKM_SHA3_224_RSA_PKCS_PSS (0x67UL) +#define CKM_RC2_KEY_GEN (0x100UL) +#define CKM_RC2_ECB (0x101UL) +#define CKM_RC2_CBC (0x102UL) +#define CKM_RC2_MAC (0x103UL) +#define CKM_RC2_MAC_GENERAL (0x104UL) +#define CKM_RC2_CBC_PAD (0x105UL) +#define CKM_RC4_KEY_GEN (0x110UL) +#define CKM_RC4 (0x111UL) +#define CKM_DES_KEY_GEN (0x120UL) +#define CKM_DES_ECB (0x121UL) +#define CKM_DES_CBC (0x122UL) +#define CKM_DES_MAC (0x123UL) +#define CKM_DES_MAC_GENERAL (0x124UL) +#define CKM_DES_CBC_PAD (0x125UL) +#define CKM_DES2_KEY_GEN (0x130UL) +#define CKM_DES3_KEY_GEN (0x131UL) +#define CKM_DES3_ECB (0x132UL) +#define CKM_DES3_CBC (0x133UL) +#define CKM_DES3_MAC (0x134UL) +#define CKM_DES3_MAC_GENERAL (0x135UL) +#define CKM_DES3_CBC_PAD (0x136UL) +#define CKM_DES3_CMAC_GENERAL (0x137UL) +#define CKM_DES3_CMAC (0x138UL) +#define CKM_CDMF_KEY_GEN (0x140UL) +#define CKM_CDMF_ECB (0x141UL) +#define CKM_CDMF_CBC (0x142UL) +#define CKM_CDMF_MAC (0x143UL) +#define CKM_CDMF_MAC_GENERAL (0x144UL) +#define CKM_CDMF_CBC_PAD (0x145UL) +#define CKM_MD2 (0x200UL) +#define CKM_MD2_HMAC (0x201UL) +#define CKM_MD2_HMAC_GENERAL (0x202UL) +#define CKM_MD5 (0x210UL) +#define CKM_MD5_HMAC (0x211UL) +#define CKM_MD5_HMAC_GENERAL (0x212UL) +#define CKM_SHA_1 (0x220UL) +#define CKM_SHA_1_HMAC (0x221UL) +#define CKM_SHA_1_HMAC_GENERAL (0x222UL) +#define CKM_RIPEMD128 (0x230UL) +#define CKM_RIPEMD128_HMAC (0x231UL) +#define CKM_RIPEMD128_HMAC_GENERAL (0x232UL) +#define CKM_RIPEMD160 (0x240UL) +#define CKM_RIPEMD160_HMAC (0x241UL) +#define CKM_RIPEMD160_HMAC_GENERAL (0x242UL) +#define CKM_SHA256 (0x250UL) +#define CKM_SHA256_HMAC (0x251UL) +#define CKM_SHA256_HMAC_GENERAL (0x252UL) +#define CKM_SHA224 (0x255UL) +#define CKM_SHA224_HMAC (0x256UL) +#define CKM_SHA224_HMAC_GENERAL (0x257UL) +#define CKM_SHA384 (0x260UL) +#define CKM_SHA384_HMAC (0x261UL) +#define CKM_SHA384_HMAC_GENERAL (0x262UL) +#define CKM_SHA512 (0x270UL) +#define CKM_SHA512_HMAC (0x271UL) +#define CKM_SHA512_HMAC_GENERAL (0x272UL) +#define CKM_SHA3_256 (0x2B0UL) +#define CKM_SHA3_256_HMAC (0x2B1UL) +#define CKM_SHA3_256_HMAC_GENERAL (0x2B2UL) +#define CKM_SHA3_256_KEY_GEN (0x2B3UL) +#define CKM_SHA3_224 (0x2B5UL) +#define CKM_SHA3_224_HMAC (0x2B6UL) +#define CKM_SHA3_224_HMAC_GENERAL (0x2B7UL) +#define CKM_SHA3_224_KEY_GEN (0x2B8UL) +#define CKM_SHA3_384 (0x2C0UL) +#define CKM_SHA3_384_HMAC (0x2C1UL) +#define CKM_SHA3_384_HMAC_GENERAL (0x2C2UL) +#define CKM_SHA3_384_KEY_GEN (0x2C3UL) +#define CKM_SHA3_512 (0x2D0UL) +#define CKM_SHA3_512_HMAC (0x2D1UL) +#define CKM_SHA3_512_HMAC_GENERAL (0x2D2UL) +#define CKM_SHA3_512_KEY_GEN (0x2D3UL) +#define CKM_CAST_KEY_GEN (0x300UL) +#define CKM_CAST_ECB (0x301UL) +#define CKM_CAST_CBC (0x302UL) +#define CKM_CAST_MAC (0x303UL) +#define CKM_CAST_MAC_GENERAL (0x304UL) +#define CKM_CAST_CBC_PAD (0x305UL) +#define CKM_CAST3_KEY_GEN (0x310UL) +#define CKM_CAST3_ECB (0x311UL) +#define CKM_CAST3_CBC (0x312UL) +#define CKM_CAST3_MAC (0x313UL) +#define CKM_CAST3_MAC_GENERAL (0x314UL) +#define CKM_CAST3_CBC_PAD (0x315UL) +#define CKM_CAST5_KEY_GEN (0x320UL) +#define CKM_CAST128_KEY_GEN (0x320UL) +#define CKM_CAST5_ECB (0x321UL) +#define CKM_CAST128_ECB (0x321UL) +#define CKM_CAST5_CBC (0x322UL) +#define CKM_CAST128_CBC (0x322UL) +#define CKM_CAST5_MAC (0x323UL) +#define CKM_CAST128_MAC (0x323UL) +#define CKM_CAST5_MAC_GENERAL (0x324UL) +#define CKM_CAST128_MAC_GENERAL (0x324UL) +#define CKM_CAST5_CBC_PAD (0x325UL) +#define CKM_CAST128_CBC_PAD (0x325UL) +#define CKM_RC5_KEY_GEN (0x330UL) +#define CKM_RC5_ECB (0x331UL) +#define CKM_RC5_CBC (0x332UL) +#define CKM_RC5_MAC (0x333UL) +#define CKM_RC5_MAC_GENERAL (0x334UL) +#define CKM_RC5_CBC_PAD (0x335UL) +#define CKM_IDEA_KEY_GEN (0x340UL) +#define CKM_IDEA_ECB (0x341UL) +#define CKM_IDEA_CBC (0x342UL) +#define CKM_IDEA_MAC (0x343UL) +#define CKM_IDEA_MAC_GENERAL (0x344UL) +#define CKM_IDEA_CBC_PAD (0x345UL) +#define CKM_GENERIC_SECRET_KEY_GEN (0x350UL) +#define CKM_CONCATENATE_BASE_AND_KEY (0x360UL) +#define CKM_CONCATENATE_BASE_AND_DATA (0x362UL) +#define CKM_CONCATENATE_DATA_AND_BASE (0x363UL) +#define CKM_XOR_BASE_AND_DATA (0x364UL) +#define CKM_EXTRACT_KEY_FROM_KEY (0x365UL) +#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL) +#define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL) +#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL) +#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL) +#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL) +#define CKM_TLS_MASTER_KEY_DERIVE (0x375UL) +#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL) +#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL) +#define CKM_SSL3_MD5_MAC (0x380UL) +#define CKM_SSL3_SHA1_MAC (0x381UL) +#define CKM_MD5_KEY_DERIVATION (0x390UL) +#define CKM_MD2_KEY_DERIVATION (0x391UL) +#define CKM_SHA1_KEY_DERIVATION (0x392UL) +#define CKM_PBE_MD2_DES_CBC (0x3a0UL) +#define CKM_PBE_MD5_DES_CBC (0x3a1UL) +#define CKM_PBE_MD5_CAST_CBC (0x3a2UL) +#define CKM_PBE_MD5_CAST3_CBC (0x3a3UL) +#define CKM_PBE_MD5_CAST5_CBC (0x3a4UL) +#define CKM_PBE_MD5_CAST128_CBC (0x3a4UL) +#define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL) +#define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL) +#define CKM_PBE_SHA1_RC4_128 (0x3a6UL) +#define CKM_PBE_SHA1_RC4_40 (0x3a7UL) +#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL) +#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL) +#define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL) +#define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL) +#define CKM_PKCS5_PBKD2 (0x3b0UL) +#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL) +#define CKM_KEY_WRAP_LYNKS (0x400UL) +#define CKM_KEY_WRAP_SET_OAEP (0x401UL) +#define CKM_SKIPJACK_KEY_GEN (0x1000UL) +#define CKM_SKIPJACK_ECB64 (0x1001UL) +#define CKM_SKIPJACK_CBC64 (0x1002UL) +#define CKM_SKIPJACK_OFB64 (0x1003UL) +#define CKM_SKIPJACK_CFB64 (0x1004UL) +#define CKM_SKIPJACK_CFB32 (0x1005UL) +#define CKM_SKIPJACK_CFB16 (0x1006UL) +#define CKM_SKIPJACK_CFB8 (0x1007UL) +#define CKM_SKIPJACK_WRAP (0x1008UL) +#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL) +#define CKM_SKIPJACK_RELAYX (0x100aUL) +#define CKM_KEA_KEY_PAIR_GEN (0x1010UL) +#define CKM_KEA_KEY_DERIVE (0x1011UL) +#define CKM_FORTEZZA_TIMESTAMP (0x1020UL) +#define CKM_BATON_KEY_GEN (0x1030UL) +#define CKM_BATON_ECB128 (0x1031UL) +#define CKM_BATON_ECB96 (0x1032UL) +#define CKM_BATON_CBC128 (0x1033UL) +#define CKM_BATON_COUNTER (0x1034UL) +#define CKM_BATON_SHUFFLE (0x1035UL) +#define CKM_BATON_WRAP (0x1036UL) +#define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL) +#define CKM_EC_KEY_PAIR_GEN (0x1040UL) +#define CKM_ECDSA (0x1041UL) +#define CKM_ECDSA_SHA1 (0x1042UL) +#define CKM_ECDSA_SHA224 (0x1043UL) +#define CKM_ECDSA_SHA256 (0x1044UL) +#define CKM_ECDSA_SHA384 (0x1045UL) +#define CKM_ECDSA_SHA512 (0x1046UL) +#define CKM_ECDSA_SHA3_224 (0x1047UL) +#define CKM_ECDSA_SHA3_256 (0x1048UL) +#define CKM_ECDSA_SHA3_384 (0x1049UL) +#define CKM_ECDSA_SHA3_512 (0x104AUL) +#define CKM_ECDH1_DERIVE (0x1050UL) +#define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL) +#define CKM_ECMQV_DERIVE (0x1052UL) +#define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055UL) +#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN (0x1056UL) +#define CKM_EDDSA (0x1057UL) +#define CKM_JUNIPER_KEY_GEN (0x1060UL) +#define CKM_JUNIPER_ECB128 (0x1061UL) +#define CKM_JUNIPER_CBC128 (0x1062UL) +#define CKM_JUNIPER_COUNTER (0x1063UL) +#define CKM_JUNIPER_SHUFFLE (0x1064UL) +#define CKM_JUNIPER_WRAP (0x1065UL) +#define CKM_FASTHASH (0x1070UL) +#define CKM_AES_KEY_GEN (0x1080UL) +#define CKM_AES_ECB (0x1081UL) +#define CKM_AES_CBC (0x1082UL) +#define CKM_AES_MAC (0x1083UL) +#define CKM_AES_MAC_GENERAL (0x1084UL) +#define CKM_AES_CBC_PAD (0x1085UL) +#define CKM_AES_CTR (0x1086UL) +#define CKM_AES_GCM (0x1087UL) +#define CKM_AES_CCM (0x1088UL) +#define CKM_AES_CTS (0x1089UL) +#define CKM_AES_CMAC (0x108AUL) +#define CKM_AES_CMAC_GENERAL (0x108BUL) +#define CKM_AES_XCBC_MAC (0x108CUL) +#define CKM_AES_XCBC_MAC_96 (0x108DUL) +#define CKM_AES_GMAC (0x108EUL) +#define CKM_BLOWFISH_KEY_GEN (0x1090UL) +#define CKM_BLOWFISH_CBC (0x1091UL) +#define CKM_TWOFISH_KEY_GEN (0x1092UL) +#define CKM_TWOFISH_CBC (0x1093UL) +#define CKM_DES_ECB_ENCRYPT_DATA (0x1100UL) +#define CKM_DES_CBC_ENCRYPT_DATA (0x1101UL) +#define CKM_DES3_ECB_ENCRYPT_DATA (0x1102UL) +#define CKM_DES3_CBC_ENCRYPT_DATA (0x1103UL) +#define CKM_AES_ECB_ENCRYPT_DATA (0x1104UL) +#define CKM_AES_CBC_ENCRYPT_DATA (0x1105UL) +#define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL) +#define CKM_GOSTR3410 (0x1201UL) +#define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL) +#define CKM_GOSTR3410_KEY_WRAP (0x1203UL) +#define CKM_GOSTR3410_DERIVE (0x1204UL) +#define CKM_GOSTR3410_512_KEY_PAIR_GEN (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x005) +#define CKM_GOSTR3410_512 (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x006) +#define CKM_GOSTR3410_12_DERIVE (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x007) +#define CKM_GOSTR3410_WITH_GOSTR3411_12_256 (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x008) +#define CKM_GOSTR3410_WITH_GOSTR3411_12_512 (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x009) +#define CKM_GOSTR3411 (0x1210UL) +#define CKM_GOSTR3411_HMAC (0x1211UL) +#define CKM_GOSTR3411_12_256 (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x012) +#define CKM_GOSTR3411_12_512 (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x013) +#define CKM_GOSTR3411_12_256_HMAC (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x014) +#define CKM_GOSTR3411_12_512_HMAC (CK_VENDOR_PKCS11_RU_TEAM_TK26 | 0x015) +#define CKM_GOST28147_KEY_GEN (0x1220UL) +#define CKM_GOST28147_ECB (0x1221UL) +#define CKM_GOST28147 (0x1222UL) +#define CKM_GOST28147_MAC (0x1223UL) +#define CKM_GOST28147_KEY_WRAP (0x1224UL) + +#define CKM_DSA_PARAMETER_GEN (0x2000UL) +#define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL) +#define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL) +#define CKM_AES_OFB (0x2104UL) +#define CKM_AES_CFB64 (0x2105UL) +#define CKM_AES_CFB8 (0x2106UL) +#define CKM_AES_CFB128 (0x2107UL) +#define CKM_AES_CFB1 (0x2108UL) +#define CKM_AES_KEY_WRAP (0x2109UL) +#define CKM_AES_KEY_WRAP_PAD (0x210AUL) +#define CKM_XEDDSA (0x4029UL) +#define CKM_HKDF_DERIVE (0x402AUL) +#define CKM_HKDF_DATA (0x402BUL) +#define CKM_HKDF_KEY_GEN (0x402CUL) + +#define CKM_VENDOR_DEFINED (1UL << 31) struct ck_mechanism { @@ -690,25 +836,143 @@ struct ck_mechanism_info ck_flags_t flags; }; -#define CKF_HW (1 << 0) -#define CKF_ENCRYPT (1 << 8) -#define CKF_DECRYPT (1 << 9) -#define CKF_DIGEST (1 << 10) -#define CKF_SIGN (1 << 11) -#define CKF_SIGN_RECOVER (1 << 12) -#define CKF_VERIFY (1 << 13) -#define CKF_VERIFY_RECOVER (1 << 14) -#define CKF_GENERATE (1 << 15) -#define CKF_GENERATE_KEY_PAIR (1 << 16) -#define CKF_WRAP (1 << 17) -#define CKF_UNWRAP (1 << 18) -#define CKF_DERIVE (1 << 19) -#define CKF_EXTENSION (1U << 31) - +#define CKF_HW (1UL << 0) + +#define CKF_MESSAGE_ENCRYPT (1UL << 1) +#define CKF_MESSAGE_DECRYPT (1UL << 2) +#define CKF_MESSAGE_SIGN (1UL << 3) +#define CKF_MESSAGE_VERIFY (1UL << 4) +#define CKF_MULTI_MESSAGE (1UL << 5) +#define CKF_FIND_OBJECTS (1UL << 6) + +#define CKF_ENCRYPT (1UL << 8) +#define CKF_DECRYPT (1UL << 9) +#define CKF_DIGEST (1UL << 10) +#define CKF_SIGN (1UL << 11) +#define CKF_SIGN_RECOVER (1UL << 12) +#define CKF_VERIFY (1UL << 13) +#define CKF_VERIFY_RECOVER (1UL << 14) +#define CKF_GENERATE (1UL << 15) +#define CKF_GENERATE_KEY_PAIR (1UL << 16) +#define CKF_WRAP (1UL << 17) +#define CKF_UNWRAP (1UL << 18) +#define CKF_DERIVE (1UL << 19) +#define CKF_EXTENSION (1UL << 31) + +#define CKF_EC_F_P (1UL << 20) +#define CKF_EC_F_2M (1UL << 21) +#define CKF_EC_ECPARAMETERS (1UL << 22) +#define CKF_EC_OID (1UL << 23) +#define CKF_EC_NAMEDCURVE CKF_EC_OID +#define CKF_EC_UNCOMPRESS (1UL << 24) +#define CKF_EC_COMPRESS (1UL << 25) +#define CKF_EC_CURVENAME (1UL << 26) /* Flags for C_WaitForSlotEvent. */ -#define CKF_DONT_BLOCK (1) - +#define CKF_DONT_BLOCK (1UL) + +/* Flags for Key derivation */ +#define CKD_NULL (0x1UL) +#define CKD_SHA1_KDF (0x2UL) +#define CKD_SHA224_KDF (0x5UL) +#define CKD_SHA256_KDF (0x6UL) +#define CKD_SHA384_KDF (0x7UL) +#define CKD_SHA512_KDF (0x8UL) + +typedef struct CK_ECDH1_DERIVE_PARAMS { + unsigned long kdf; + unsigned long ulSharedDataLen; + unsigned char * pSharedData; + unsigned long ulPublicDataLen; + unsigned char * pPublicData; +} CK_ECDH1_DERIVE_PARAMS; + +typedef struct CK_ECMQV_DERIVE_PARAMS { + unsigned long kdf; + unsigned long ulSharedDataLen; + unsigned char * pSharedData; + unsigned long ulPublicDataLen; + unsigned char * pPublicData; + unsigned long ulPrivateDataLen; + CK_OBJECT_HANDLE hPrivateData; + unsigned long ulPublicDataLen2; + unsigned char * pPublicData2; + CK_OBJECT_HANDLE publicKey; +} CK_ECMQV_DERIVE_PARAMS; + +typedef unsigned long ck_rsa_pkcs_mgf_type_t; +typedef unsigned long CK_RSA_PKCS_OAEP_SOURCE_TYPE; + +typedef struct CK_RSA_PKCS_OAEP_PARAMS { + CK_MECHANISM_TYPE hashAlg; + CK_RSA_PKCS_MGF_TYPE mgf; + CK_RSA_PKCS_OAEP_SOURCE_TYPE source; + void *pSourceData; + unsigned long ulSourceDataLen; +} CK_RSA_PKCS_OAEP_PARAMS; + +typedef struct CK_RSA_PKCS_PSS_PARAMS { + ck_mechanism_type_t hashAlg; + CK_RSA_PKCS_MGF_TYPE mgf; + unsigned long sLen; +} CK_RSA_PKCS_PSS_PARAMS; + +#define CKG_MGF1_SHA1 (0x00000001UL) +#define CKG_MGF1_SHA224 (0x00000005UL) +#define CKG_MGF1_SHA256 (0x00000002UL) +#define CKG_MGF1_SHA384 (0x00000003UL) +#define CKG_MGF1_SHA512 (0x00000004UL) +#define CKG_MGF1_SHA3_224 (0x00000006UL) +#define CKG_MGF1_SHA3_256 (0x00000007UL) +#define CKG_MGF1_SHA3_384 (0x00000008UL) +#define CKG_MGF1_SHA3_512 (0x00000009UL) + +#define CKZ_DATA_SPECIFIED (0x00000001UL) + +typedef struct CK_GCM_PARAMS { + void * pIv; + unsigned long ulIvLen; + unsigned long ulIvBits; + void * pAAD; + unsigned long ulAADLen; + unsigned long ulTagBits; +} CK_GCM_PARAMS; + +typedef struct CK_CCM_PARAMS { + unsigned long ulDataLen; + unsigned char *pNonce; + unsigned long ulNonceLen; + unsigned char *pAAD; + unsigned long ulAADLen; + unsigned long ulMACLen; +} CK_CCM_PARAMS; + +/* EDDSA */ +typedef struct CK_EDDSA_PARAMS { + unsigned char phFlag; + unsigned long ulContextDataLen; + unsigned char *pContextData; +} CK_EDDSA_PARAMS; + +typedef CK_EDDSA_PARAMS *CK_EDDSA_PARAMS_PTR; + +/* XEDDSA */ +typedef struct CK_XEDDSA_PARAMS { + unsigned long hash; +} CK_XEDDSA_PARAMS; + +typedef CK_XEDDSA_PARAMS *CK_XEDDSA_PARAMS_PTR; + +typedef struct CK_AES_CTR_PARAMS { + unsigned long ulCounterBits; + unsigned char cb[16]; +} CK_AES_CTR_PARAMS; + +typedef CK_AES_CTR_PARAMS *CK_AES_CTR_PARAMS_PTR; + +typedef unsigned long CK_MAC_GENERAL_PARAMS; + +typedef CK_MAC_GENERAL_PARAMS *CK_MAC_GENERAL_PARAMS_PTR; typedef unsigned long ck_rv_t; @@ -716,8 +980,17 @@ typedef unsigned long ck_rv_t; typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, ck_notification_t event, void *application); +struct ck_interface { + char * pInterfaceName; + void * pFunctionList; + ck_flags_t flags; +}; + +#define CKF_INTERFACE_FORK_SAFE (0x00000001UL) + /* Forward reference. */ struct ck_function_list; +struct ck_function_list_3_0; #define _CK_DECLARE_FUNCTION(name, args) \ typedef ck_rv_t (*CK_ ## name) args; \ @@ -774,7 +1047,7 @@ _CK_DECLARE_FUNCTION (C_SetOperationState, unsigned char *operation_state, unsigned long operation_state_len, ck_object_handle_t encryption_key, - ck_object_handle_t authentiation_key)); + ck_object_handle_t authentication_key)); _CK_DECLARE_FUNCTION (C_Login, (ck_session_handle_t session, ck_user_type_t user_type, unsigned char *pin, unsigned long pin_len)); @@ -999,6 +1272,147 @@ _CK_DECLARE_FUNCTION (C_GenerateRandom, _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); +_CK_DECLARE_FUNCTION (C_GetInterfaceList, + (struct ck_interface *interfaces_list, + unsigned long *count)); +_CK_DECLARE_FUNCTION (C_GetInterface, + (unsigned char *interface_name, + struct ck_version *version, + struct ck_interface **interface_ptr, + ck_flags_t flags)); + +_CK_DECLARE_FUNCTION (C_LoginUser, + (ck_session_handle_t session, + ck_user_type_t user_type, + unsigned char *pin, + unsigned long pin_len, + unsigned char *username, + unsigned long username_len)); + +_CK_DECLARE_FUNCTION (C_SessionCancel, + (ck_session_handle_t session, + ck_flags_t flags)); + +_CK_DECLARE_FUNCTION (C_MessageEncryptInit, + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); +_CK_DECLARE_FUNCTION (C_EncryptMessage, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len, + unsigned char *plaintext, + unsigned long plaintext_len, + unsigned char *ciphertext, + unsigned long *ciphertext_len)); +_CK_DECLARE_FUNCTION (C_EncryptMessageBegin, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len)); +_CK_DECLARE_FUNCTION (C_EncryptMessageNext, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *plaintext_part, + unsigned long plaintext_part_len, + unsigned char *ciphertext_part, + unsigned long *ciphertext_part_len, + ck_flags_t flags)); +_CK_DECLARE_FUNCTION (C_MessageEncryptFinal, + (ck_session_handle_t session)); + +_CK_DECLARE_FUNCTION (C_MessageDecryptInit, + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); +_CK_DECLARE_FUNCTION (C_DecryptMessage, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len, + unsigned char *ciphertext, + unsigned long ciphertext_len, + unsigned char *plaintext, + unsigned long *plaintext_len)); +_CK_DECLARE_FUNCTION (C_DecryptMessageBegin, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len)); +_CK_DECLARE_FUNCTION (C_DecryptMessageNext, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *ciphertext_part, + unsigned long ciphertext_part_len, + unsigned char *plaintext_part, + unsigned long *plaintext_part_len, + ck_flags_t flags)); +_CK_DECLARE_FUNCTION (C_MessageDecryptFinal, + (ck_session_handle_t session)); + +_CK_DECLARE_FUNCTION (C_MessageSignInit, + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); +_CK_DECLARE_FUNCTION (C_SignMessage, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long *signature_len)); +_CK_DECLARE_FUNCTION (C_SignMessageBegin, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len)); +_CK_DECLARE_FUNCTION (C_SignMessageNext, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long *signature_len)); +_CK_DECLARE_FUNCTION (C_MessageSignFinal, + (ck_session_handle_t session)); + +_CK_DECLARE_FUNCTION (C_MessageVerifyInit, + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); +_CK_DECLARE_FUNCTION (C_VerifyMessage, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long signature_len)); +_CK_DECLARE_FUNCTION (C_VerifyMessageBegin, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len)); +_CK_DECLARE_FUNCTION (C_VerifyMessageNext, + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long signature_len)); +_CK_DECLARE_FUNCTION (C_MessageVerifyFinal, + (ck_session_handle_t session)); + +/* Flags in Message-based encryption/decryption API */ +#define CKF_END_OF_MESSAGE (0x00000001UL) struct ck_function_list { @@ -1073,6 +1487,105 @@ struct ck_function_list CK_C_WaitForSlotEvent C_WaitForSlotEvent; }; +struct ck_function_list_3_0 +{ + struct ck_version version; + CK_C_Initialize C_Initialize; + CK_C_Finalize C_Finalize; + CK_C_GetInfo C_GetInfo; + CK_C_GetFunctionList C_GetFunctionList; + CK_C_GetSlotList C_GetSlotList; + CK_C_GetSlotInfo C_GetSlotInfo; + CK_C_GetTokenInfo C_GetTokenInfo; + CK_C_GetMechanismList C_GetMechanismList; + CK_C_GetMechanismInfo C_GetMechanismInfo; + CK_C_InitToken C_InitToken; + CK_C_InitPIN C_InitPIN; + CK_C_SetPIN C_SetPIN; + CK_C_OpenSession C_OpenSession; + CK_C_CloseSession C_CloseSession; + CK_C_CloseAllSessions C_CloseAllSessions; + CK_C_GetSessionInfo C_GetSessionInfo; + CK_C_GetOperationState C_GetOperationState; + CK_C_SetOperationState C_SetOperationState; + CK_C_Login C_Login; + CK_C_Logout C_Logout; + CK_C_CreateObject C_CreateObject; + CK_C_CopyObject C_CopyObject; + CK_C_DestroyObject C_DestroyObject; + CK_C_GetObjectSize C_GetObjectSize; + CK_C_GetAttributeValue C_GetAttributeValue; + CK_C_SetAttributeValue C_SetAttributeValue; + CK_C_FindObjectsInit C_FindObjectsInit; + CK_C_FindObjects C_FindObjects; + CK_C_FindObjectsFinal C_FindObjectsFinal; + CK_C_EncryptInit C_EncryptInit; + CK_C_Encrypt C_Encrypt; + CK_C_EncryptUpdate C_EncryptUpdate; + CK_C_EncryptFinal C_EncryptFinal; + CK_C_DecryptInit C_DecryptInit; + CK_C_Decrypt C_Decrypt; + CK_C_DecryptUpdate C_DecryptUpdate; + CK_C_DecryptFinal C_DecryptFinal; + CK_C_DigestInit C_DigestInit; + CK_C_Digest C_Digest; + CK_C_DigestUpdate C_DigestUpdate; + CK_C_DigestKey C_DigestKey; + CK_C_DigestFinal C_DigestFinal; + CK_C_SignInit C_SignInit; + CK_C_Sign C_Sign; + CK_C_SignUpdate C_SignUpdate; + CK_C_SignFinal C_SignFinal; + CK_C_SignRecoverInit C_SignRecoverInit; + CK_C_SignRecover C_SignRecover; + CK_C_VerifyInit C_VerifyInit; + CK_C_Verify C_Verify; + CK_C_VerifyUpdate C_VerifyUpdate; + CK_C_VerifyFinal C_VerifyFinal; + CK_C_VerifyRecoverInit C_VerifyRecoverInit; + CK_C_VerifyRecover C_VerifyRecover; + CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; + CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; + CK_C_SignEncryptUpdate C_SignEncryptUpdate; + CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; + CK_C_GenerateKey C_GenerateKey; + CK_C_GenerateKeyPair C_GenerateKeyPair; + CK_C_WrapKey C_WrapKey; + CK_C_UnwrapKey C_UnwrapKey; + CK_C_DeriveKey C_DeriveKey; + CK_C_SeedRandom C_SeedRandom; + CK_C_GenerateRandom C_GenerateRandom; + CK_C_GetFunctionStatus C_GetFunctionStatus; + CK_C_CancelFunction C_CancelFunction; + CK_C_WaitForSlotEvent C_WaitForSlotEvent; + /* PKCS #11 3.0 functions */ + CK_C_GetInterfaceList C_GetInterfaceList; + CK_C_GetInterface C_GetInterface; + CK_C_LoginUser C_LoginUser; + CK_C_SessionCancel C_SessionCancel; + CK_C_MessageEncryptInit C_MessageEncryptInit; + CK_C_EncryptMessage C_EncryptMessage; + CK_C_EncryptMessageBegin C_EncryptMessageBegin; + CK_C_EncryptMessageNext C_EncryptMessageNext; + CK_C_MessageEncryptFinal C_MessageEncryptFinal; + CK_C_MessageDecryptInit C_MessageDecryptInit; + CK_C_DecryptMessage C_DecryptMessage; + CK_C_DecryptMessageBegin C_DecryptMessageBegin; + CK_C_DecryptMessageNext C_DecryptMessageNext; + CK_C_MessageDecryptFinal C_MessageDecryptFinal; + CK_C_MessageSignInit C_MessageSignInit; + CK_C_SignMessage C_SignMessage; + CK_C_SignMessageBegin C_SignMessageBegin; + CK_C_SignMessageNext C_SignMessageNext; + CK_C_MessageSignFinal C_MessageSignFinal; + CK_C_MessageVerifyInit C_MessageVerifyInit; + CK_C_VerifyMessage C_VerifyMessage; + CK_C_VerifyMessageBegin C_VerifyMessageBegin; + CK_C_VerifyMessageNext C_VerifyMessageNext; + CK_C_MessageVerifyFinal C_MessageVerifyFinal; +}; + + typedef ck_rv_t (*ck_createmutex_t) (void **mutex); typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); @@ -1091,96 +1604,97 @@ struct ck_c_initialize_args }; -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0) -#define CKF_OS_LOCKING_OK (1 << 1) - -#define CKR_OK (0) -#define CKR_CANCEL (1) -#define CKR_HOST_MEMORY (2) -#define CKR_SLOT_ID_INVALID (3) -#define CKR_GENERAL_ERROR (5) -#define CKR_FUNCTION_FAILED (6) -#define CKR_ARGUMENTS_BAD (7) -#define CKR_NO_EVENT (8) -#define CKR_NEED_TO_CREATE_THREADS (9) -#define CKR_CANT_LOCK (0xa) -#define CKR_ATTRIBUTE_READ_ONLY (0x10) -#define CKR_ATTRIBUTE_SENSITIVE (0x11) -#define CKR_ATTRIBUTE_TYPE_INVALID (0x12) -#define CKR_ATTRIBUTE_VALUE_INVALID (0x13) -#define CKR_DATA_INVALID (0x20) -#define CKR_DATA_LEN_RANGE (0x21) -#define CKR_DEVICE_ERROR (0x30) -#define CKR_DEVICE_MEMORY (0x31) -#define CKR_DEVICE_REMOVED (0x32) -#define CKR_ENCRYPTED_DATA_INVALID (0x40) -#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41) -#define CKR_FUNCTION_CANCELED (0x50) -#define CKR_FUNCTION_NOT_PARALLEL (0x51) -#define CKR_FUNCTION_NOT_SUPPORTED (0x54) -#define CKR_KEY_HANDLE_INVALID (0x60) -#define CKR_KEY_SIZE_RANGE (0x62) -#define CKR_KEY_TYPE_INCONSISTENT (0x63) -#define CKR_KEY_NOT_NEEDED (0x64) -#define CKR_KEY_CHANGED (0x65) -#define CKR_KEY_NEEDED (0x66) -#define CKR_KEY_INDIGESTIBLE (0x67) -#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68) -#define CKR_KEY_NOT_WRAPPABLE (0x69) -#define CKR_KEY_UNEXTRACTABLE (0x6a) -#define CKR_MECHANISM_INVALID (0x70) -#define CKR_MECHANISM_PARAM_INVALID (0x71) -#define CKR_OBJECT_HANDLE_INVALID (0x82) -#define CKR_OPERATION_ACTIVE (0x90) -#define CKR_OPERATION_NOT_INITIALIZED (0x91) -#define CKR_PIN_INCORRECT (0xa0) -#define CKR_PIN_INVALID (0xa1) -#define CKR_PIN_LEN_RANGE (0xa2) -#define CKR_PIN_EXPIRED (0xa3) -#define CKR_PIN_LOCKED (0xa4) -#define CKR_SESSION_CLOSED (0xb0) -#define CKR_SESSION_COUNT (0xb1) -#define CKR_SESSION_HANDLE_INVALID (0xb3) -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4) -#define CKR_SESSION_READ_ONLY (0xb5) -#define CKR_SESSION_EXISTS (0xb6) -#define CKR_SESSION_READ_ONLY_EXISTS (0xb7) -#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8) -#define CKR_SIGNATURE_INVALID (0xc0) -#define CKR_SIGNATURE_LEN_RANGE (0xc1) -#define CKR_TEMPLATE_INCOMPLETE (0xd0) -#define CKR_TEMPLATE_INCONSISTENT (0xd1) -#define CKR_TOKEN_NOT_PRESENT (0xe0) -#define CKR_TOKEN_NOT_RECOGNIZED (0xe1) -#define CKR_TOKEN_WRITE_PROTECTED (0xe2) -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0) -#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1) -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2) -#define CKR_USER_ALREADY_LOGGED_IN (0x100) -#define CKR_USER_NOT_LOGGED_IN (0x101) -#define CKR_USER_PIN_NOT_INITIALIZED (0x102) -#define CKR_USER_TYPE_INVALID (0x103) -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104) -#define CKR_USER_TOO_MANY_TYPES (0x105) -#define CKR_WRAPPED_KEY_INVALID (0x110) -#define CKR_WRAPPED_KEY_LEN_RANGE (0x112) -#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113) -#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114) -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115) -#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120) -#define CKR_RANDOM_NO_RNG (0x121) -#define CKR_DOMAIN_PARAMS_INVALID (0x130) -#define CKR_BUFFER_TOO_SMALL (0x150) -#define CKR_SAVED_STATE_INVALID (0x160) -#define CKR_INFORMATION_SENSITIVE (0x170) -#define CKR_STATE_UNSAVEABLE (0x180) -#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190) -#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191) -#define CKR_MUTEX_BAD (0x1a0) -#define CKR_MUTEX_NOT_LOCKED (0x1a1) -#define CKR_FUNCTION_REJECTED (0x200) -#define CKR_VENDOR_DEFINED (1U << 31) - +#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0) +#define CKF_OS_LOCKING_OK (1UL << 1) + +#define CKR_OK (0UL) +#define CKR_CANCEL (1UL) +#define CKR_HOST_MEMORY (2UL) +#define CKR_SLOT_ID_INVALID (3UL) +#define CKR_GENERAL_ERROR (5UL) +#define CKR_FUNCTION_FAILED (6UL) +#define CKR_ARGUMENTS_BAD (7UL) +#define CKR_NO_EVENT (8UL) +#define CKR_NEED_TO_CREATE_THREADS (9UL) +#define CKR_CANT_LOCK (0xaUL) +#define CKR_ATTRIBUTE_READ_ONLY (0x10UL) +#define CKR_ATTRIBUTE_SENSITIVE (0x11UL) +#define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL) +#define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL) +#define CKR_ACTION_PROHIBITED (0x1BUL) +#define CKR_DATA_INVALID (0x20UL) +#define CKR_DATA_LEN_RANGE (0x21UL) +#define CKR_DEVICE_ERROR (0x30UL) +#define CKR_DEVICE_MEMORY (0x31UL) +#define CKR_DEVICE_REMOVED (0x32UL) +#define CKR_ENCRYPTED_DATA_INVALID (0x40UL) +#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL) +#define CKR_FUNCTION_CANCELED (0x50UL) +#define CKR_FUNCTION_NOT_PARALLEL (0x51UL) +#define CKR_FUNCTION_NOT_SUPPORTED (0x54UL) +#define CKR_KEY_HANDLE_INVALID (0x60UL) +#define CKR_KEY_SIZE_RANGE (0x62UL) +#define CKR_KEY_TYPE_INCONSISTENT (0x63UL) +#define CKR_KEY_NOT_NEEDED (0x64UL) +#define CKR_KEY_CHANGED (0x65UL) +#define CKR_KEY_NEEDED (0x66UL) +#define CKR_KEY_INDIGESTIBLE (0x67UL) +#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL) +#define CKR_KEY_NOT_WRAPPABLE (0x69UL) +#define CKR_KEY_UNEXTRACTABLE (0x6aUL) +#define CKR_MECHANISM_INVALID (0x70UL) +#define CKR_MECHANISM_PARAM_INVALID (0x71UL) +#define CKR_OBJECT_HANDLE_INVALID (0x82UL) +#define CKR_OPERATION_ACTIVE (0x90UL) +#define CKR_OPERATION_NOT_INITIALIZED (0x91UL) +#define CKR_PIN_INCORRECT (0xa0UL) +#define CKR_PIN_INVALID (0xa1UL) +#define CKR_PIN_LEN_RANGE (0xa2UL) +#define CKR_PIN_EXPIRED (0xa3UL) +#define CKR_PIN_LOCKED (0xa4UL) +#define CKR_SESSION_CLOSED (0xb0UL) +#define CKR_SESSION_COUNT (0xb1UL) +#define CKR_SESSION_HANDLE_INVALID (0xb3UL) +#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL) +#define CKR_SESSION_READ_ONLY (0xb5UL) +#define CKR_SESSION_EXISTS (0xb6UL) +#define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL) +#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL) +#define CKR_SIGNATURE_INVALID (0xc0UL) +#define CKR_SIGNATURE_LEN_RANGE (0xc1UL) +#define CKR_TEMPLATE_INCOMPLETE (0xd0UL) +#define CKR_TEMPLATE_INCONSISTENT (0xd1UL) +#define CKR_TOKEN_NOT_PRESENT (0xe0UL) +#define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL) +#define CKR_TOKEN_WRITE_PROTECTED (0xe2UL) +#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL) +#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL) +#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL) +#define CKR_USER_ALREADY_LOGGED_IN (0x100UL) +#define CKR_USER_NOT_LOGGED_IN (0x101UL) +#define CKR_USER_PIN_NOT_INITIALIZED (0x102UL) +#define CKR_USER_TYPE_INVALID (0x103UL) +#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL) +#define CKR_USER_TOO_MANY_TYPES (0x105UL) +#define CKR_WRAPPED_KEY_INVALID (0x110UL) +#define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL) +#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL) +#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL) +#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL) +#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL) +#define CKR_RANDOM_NO_RNG (0x121UL) +#define CKR_DOMAIN_PARAMS_INVALID (0x130UL) +#define CKR_CURVE_NOT_SUPPORTED (0x140UL) +#define CKR_BUFFER_TOO_SMALL (0x150UL) +#define CKR_SAVED_STATE_INVALID (0x160UL) +#define CKR_INFORMATION_SENSITIVE (0x170UL) +#define CKR_STATE_UNSAVEABLE (0x180UL) +#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL) +#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL) +#define CKR_MUTEX_BAD (0x1a0UL) +#define CKR_MUTEX_NOT_LOCKED (0x1a1UL) +#define CKR_FUNCTION_REJECTED (0x200UL) +#define CKR_VENDOR_DEFINED (1UL << 31) /* Compatibility layer. */ @@ -1216,6 +1730,22 @@ typedef void **CK_VOID_PTR_PTR; #endif #endif +typedef struct CK_HKDF_PARAMS { + CK_BBOOL bExtract; + CK_BBOOL bExpand; + CK_MECHANISM_TYPE prfHashMechanism; + CK_ULONG ulSaltType; + CK_BYTE_PTR pSalt; + CK_ULONG ulSaltLen; + CK_OBJECT_HANDLE hSaltKey; + CK_BYTE_PTR pInfo; + CK_ULONG ulInfoLen; +} CK_HKDF_PARAMS; + +#define CKF_HKDF_SALT_NULL 0x00000001UL +#define CKF_HKDF_SALT_DATA 0x00000002UL +#define CKF_HKDF_SALT_KEY 0x00000004UL + typedef struct ck_version CK_VERSION; typedef struct ck_version *CK_VERSION_PTR; @@ -1247,16 +1777,26 @@ typedef struct ck_date *CK_DATE_PTR; typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; +typedef ck_rsa_pkcs_mgf_type_t *CK_RSA_PKCS_MGF_TYPE_PTR; + typedef struct ck_mechanism CK_MECHANISM; typedef struct ck_mechanism *CK_MECHANISM_PTR; typedef struct ck_mechanism_info CK_MECHANISM_INFO; typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; +typedef struct ck_interface CK_INTERFACE; +typedef struct ck_interface *CK_INTERFACE_PTR; +typedef struct ck_interface **CK_INTERFACE_PTR_PTR; + typedef struct ck_function_list CK_FUNCTION_LIST; typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; +typedef struct ck_function_list_3_0 CK_FUNCTION_LIST_3_0; +typedef struct ck_function_list_3_0 *CK_FUNCTION_LIST_3_0_PTR; +typedef struct ck_function_list_3_0 **CK_FUNCTION_LIST_3_0_PTR_PTR; + typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; @@ -1317,6 +1857,8 @@ typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #undef ck_mechanism_type_t +#undef ck_rsa_pkcs_mgf_type_t + #undef ck_mechanism #undef parameter #undef parameter_len @@ -1328,7 +1870,10 @@ typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #undef ck_rv_t #undef ck_notify_t +#undef ck_interface + #undef ck_function_list +#undef ck_function_list_3_0 #undef ck_createmutex_t #undef ck_destroymutex_t @@ -1344,7 +1889,6 @@ typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #endif /* CRYPTOKI_COMPAT */ - /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) From 361ff0ca308ac02449e71689fc5ea72114db43db Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 26 Jul 2025 01:51:44 +0000 Subject: [PATCH 160/687] upstream: Support ed25519 keys hosted on PKCS#11 tokens. Tested on Yubikeys and against SoftHSM2. feedback/ok tb@ OpenBSD-Commit-ID: 90ddb6529f2e12e98e8bba21d8592e60579ce2e4 --- ssh-pkcs11.c | 217 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 214 insertions(+), 3 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index e22b3e419fb5..34e430875510 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.66 2025/07/24 06:59:51 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.67 2025/07/26 01:51:44 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -51,6 +51,7 @@ #include "ssh-pkcs11.h" #include "digest.h" #include "xmalloc.h" +#include "crypto_api.h" struct pkcs11_slotinfo { CK_TOKEN_INFO token; @@ -709,6 +710,69 @@ pkcs11_sign_ecdsa(struct sshkey *key, #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ +static int +pkcs11_sign_ed25519(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) +{ + struct pkcs11_key *k11; + struct pkcs11_slotinfo *si; + CK_FUNCTION_LIST *f; + CK_ULONG slen = 0; + CK_RV rv; + u_char *sig = NULL; + CK_BYTE *xdata = NULL; + int ret = -1; + + if (sigp != NULL) + *sigp = 0; + if (lenp != NULL) + *lenp = 0; + + if ((k11 = pkcs11_lookup_key(key)) == NULL) { + error_f("no key found"); + return SSH_ERR_KEY_NOT_FOUND; + } + + if (pkcs11_get_key(k11, CKM_EDDSA) == -1) { + error("pkcs11_get_key failed"); + return SSH_ERR_AGENT_FAILURE; + } + + debug3_f("sign using provider %s slotidx %lu", + k11->provider->name, (u_long)k11->slotidx); + + f = k11->provider->function_list; + si = &k11->provider->slotinfo[k11->slotidx]; + + xdata = xmalloc(datalen); + memcpy(xdata, data, datalen); + sig = xmalloc(crypto_sign_ed25519_BYTES); + slen = crypto_sign_ed25519_BYTES; + + rv = f->C_Sign(si->session, xdata, datalen, sig, &slen); + if (rv != CKR_OK) { + error("C_Sign failed: %lu", rv); + goto done; + } + if (slen != crypto_sign_ed25519_BYTES) { + error_f("bad signature length: %lu", (u_long)slen); + goto done; + } + if ((ret = ssh_ed25519_encode_store_sig(sig, slen, sigp, lenp)) != 0) + fatal_fr(ret, "couldn't store signature"); + + /* success */ + ret = 0; + done: + if (xdata != NULL) + freezero(xdata, datalen); + free(sig); + return ret; +} + /* remove trailing spaces */ static char * rmspace(u_char *buf, size_t len) @@ -1022,6 +1086,115 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, return key; } +static struct sshkey * +pkcs11_fetch_ed25519_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + CK_OBJECT_HANDLE *obj) +{ + CK_ATTRIBUTE key_attr[3]; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *f = NULL; + CK_RV rv; + struct sshkey *key = NULL; + const unsigned char *d = NULL; + size_t len; + char *hex = NULL; + int success = -1, i; + /* https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/os/pkcs11-curr-v3.0-os.html#_Toc30061180 */ + const u_char id1[14] = { + 0x13, 0x0c, 0x65, 0x64, 0x77, 0x61, 0x72, 0x64, + 0x73, 0x32, 0x35, 0x35, 0x31, 0x39, + }; /* PrintableString { "edwards25519" } */ + const u_char id2[5] = { + 0x06, 0x03, 0x2b, 0x65, 0x70, + }; /* OBJECT_IDENTIFIER { 1.3.101.112 } */ + + memset(&key_attr, 0, sizeof(key_attr)); + key_attr[0].type = CKA_ID; + key_attr[1].type = CKA_EC_POINT; /* XXX or CKA_VALUE ? */ + key_attr[2].type = CKA_EC_PARAMS; + + session = p->slotinfo[slotidx].session; + f = p->function_list; + + /* figure out size of the attributes */ + rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + return (NULL); + } + + /* + * Allow CKA_ID (always first attribute) to be empty, but + * ensure that none of the others are zero length. + * XXX assumes CKA_ID is always first. + */ + if (key_attr[1].ulValueLen == 0 || + key_attr[2].ulValueLen == 0) { + error("invalid attribute length"); + return (NULL); + } + + /* allocate buffers for attributes */ + for (i = 0; i < 3; i++) { + if (key_attr[i].ulValueLen > 0) + key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); + } + + /* retrieve ID, public point and curve parameters of EC key */ + rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + goto fail; + } + + /* Expect one of the supported identifiers in CKA_EC_PARAMS */ + d = (u_char *)key_attr[2].pValue; + len = key_attr[2].ulValueLen; + if ((len != sizeof(id1) || memcmp(d, id1, sizeof(id1)) != 0) && + (len != sizeof(id2) || memcmp(d, id2, sizeof(id2)) != 0)) { + hex = tohex(d, len); + logit_f("unsupported CKA_EC_PARAMS: %s (len %zu)", hex, len); + goto fail; + } + + /* + * Expect either a raw 32 byte pubkey or an OCTET STRING with + * a 32 byte pubkey in CKA_VALUE + */ + d = (u_char *)key_attr[1].pValue; + len = key_attr[1].ulValueLen; + if (len == ED25519_PK_SZ + 2 && d[0] == 0x04 && d[1] == ED25519_PK_SZ) { + d += 2; + len -= 2; + } + if (len != ED25519_PK_SZ) { + hex = tohex(key_attr[1].pValue, key_attr[1].ulValueLen); + logit_f("CKA_EC_POINT invalid octet str: %s (len %lu)", + hex, (u_long)key_attr[1].ulValueLen); + goto fail; + } + + if ((key = sshkey_new(KEY_UNSPEC)) == NULL) + fatal_f("sshkey_new failed"); + key->ed25519_pk = xmalloc(ED25519_PK_SZ); + memcpy(key->ed25519_pk, d, ED25519_PK_SZ); + key->type = KEY_ED25519; + key->flags |= SSHKEY_FLAG_EXT; + if (pkcs11_record_key(p, slotidx, &key_attr[0], key)) + goto fail; + /* success */ + success = 0; + fail: + if (success != 0) { + sshkey_free(key); + key = NULL; + } + free(hex); + for (i = 0; i < 3; i++) + free(key_attr[i].pValue); + return key; +} + static int pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_HANDLE *obj, struct sshkey **keyp, char **labelp) @@ -1039,6 +1212,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, int i, success = -1; const u_char *cp; char *subject = NULL; + size_t len; #ifdef OPENSSL_HAS_ECC int r, nid; #endif @@ -1176,6 +1350,26 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, /* success */ success = 0; #endif /* OPENSSL_HAS_ECC */ + } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_ED25519) { + if ((key = sshkey_new(KEY_UNSPEC)) == NULL || + (key->ed25519_pk = calloc(1, ED25519_PK_SZ)) == NULL) + fatal_f("allocation failed"); + len = ED25519_PK_SZ; + if (!EVP_PKEY_get_raw_public_key(evp, key->ed25519_pk, &len)) { + ossl_error("EVP_PKEY_get_raw_public_key failed"); + goto out; + } + if (len != ED25519_PK_SZ) { + error_f("incorrect returned public key " + "length for ed25519"); + goto out; + } + key->type = KEY_ED25519; + key->flags |= SSHKEY_FLAG_EXT; + if (pkcs11_record_key(p, slotidx, &cert_attr[0], key)) + goto out; + /* success */ + success = 0; } else { error("unknown certificate key type"); goto out; @@ -1406,6 +1600,9 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); break; #endif /* OPENSSL_HAS_ECC */ + case CKK_EC_EDWARDS: + key = pkcs11_fetch_ed25519_pubkey(p, slotidx, &obj); + break; default: /* XXX print key type? */ key = NULL; @@ -1879,6 +2076,10 @@ pkcs11_sign(struct sshkey *key, return pkcs11_sign_ecdsa(key, sigp, lenp, data, datalen, alg, sk_provider, sk_pin, compat); #endif /* OPENSSL_HAS_ECC */ + case KEY_ED25519: + case KEY_ED25519_CERT: + return pkcs11_sign_ed25519(key, sigp, lenp, data, datalen, + alg, sk_provider, sk_pin, compat); default: return SSH_ERR_KEY_TYPE_UNKNOWN; } @@ -2033,10 +2234,20 @@ pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, *err = rv; key_type = -1; } - if (key_type == CKK_RSA) + switch (key_type) { + case CKK_RSA: k = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); - else if (key_type == CKK_ECDSA) + break; + case CKK_ECDSA: k = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); + break; + case CKK_EC_EDWARDS: + k = pkcs11_fetch_ed25519_pubkey(p, slotidx, &obj); + break; + default: + debug_f("unsupported key type %lu", (u_long)key_type); + continue; + } if ((rv = f->C_DestroyObject(session, obj)) != CKR_OK) { debug_f("could not destroy public key 0x%hhx", keyid); From a729163c56ecc002c0cb04db56e7d86ceec2e8b0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 26 Jul 2025 01:53:31 +0000 Subject: [PATCH 161/687] upstream: regression tests for Ed25519 keys in PKCS#11 tokens OpenBSD-Regress-ID: 50067c0716abfea3a526b4a0c8f1fe15e7665c0f --- regress/agent-pkcs11-cert.sh | 28 +++++++++++++++++++++------- regress/agent-pkcs11-restrict.sh | 3 ++- regress/agent-pkcs11.sh | 4 ++-- regress/test-exec.sh | 14 +++++++++++++- 4 files changed, 38 insertions(+), 11 deletions(-) diff --git a/regress/agent-pkcs11-cert.sh b/regress/agent-pkcs11-cert.sh index 39e839f9c26a..551067d23f5f 100644 --- a/regress/agent-pkcs11-cert.sh +++ b/regress/agent-pkcs11-cert.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-pkcs11-cert.sh,v 1.2 2025/05/24 04:41:12 djm Exp $ +# $OpenBSD: agent-pkcs11-cert.sh,v 1.3 2025/07/26 01:53:31 djm Exp $ # Placed in the Public Domain. tid="pkcs11 agent certificate test" @@ -16,7 +16,10 @@ $SSHKEYGEN -qs $OBJ/ca -I "ecdsa_key" -n $USER -z 1 ${SSH_SOFTHSM_DIR}/EC.pub || fatal "certify ECDSA key failed" $SSHKEYGEN -qs $OBJ/ca -I "rsa_key" -n $USER -z 2 ${SSH_SOFTHSM_DIR}/RSA.pub || fatal "certify RSA key failed" -$SSHKEYGEN -qs $OBJ/ca -I "ca_ca" -n $USER -z 3 $OBJ/ca.pub || +$SSHKEYGEN -qs $OBJ/ca -I "ed25519_key" -n $USER -z 3 \ + ${SSH_SOFTHSM_DIR}/ED25519.pub || + fatal "certify ed25519 key failed" +$SSHKEYGEN -qs $OBJ/ca -I "ca_ca" -n $USER -z 4 $OBJ/ca.pub || fatal "certify CA key failed" start_ssh_agent @@ -25,6 +28,8 @@ verbose "load pkcs11 keys and certs" # Note: deliberately contains non-cert keys and non-matching cert on commandline p11_ssh_add -qs ${TEST_SSH_PKCS11} \ $OBJ/ca.pub \ + ${SSH_SOFTHSM_DIR}/ED25519.pub \ + ${SSH_SOFTHSM_DIR}/ED25519-cert.pub \ ${SSH_SOFTHSM_DIR}/EC.pub \ ${SSH_SOFTHSM_DIR}/EC-cert.pub \ ${SSH_SOFTHSM_DIR}/RSA.pub \ @@ -33,8 +38,10 @@ p11_ssh_add -qs ${TEST_SSH_PKCS11} \ # Verify their presence verbose "verify presence" cut -d' ' -f1-2 \ + ${SSH_SOFTHSM_DIR}/ED25519.pub \ ${SSH_SOFTHSM_DIR}/EC.pub \ ${SSH_SOFTHSM_DIR}/RSA.pub \ + ${SSH_SOFTHSM_DIR}/ED25519-cert.pub \ ${SSH_SOFTHSM_DIR}/EC-cert.pub \ ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list $SSHADD -L | cut -d' ' -f1-2 | sort > $OBJ/output_list @@ -43,16 +50,19 @@ diff $OBJ/expect_list $OBJ/output_list # Verify that all can perform signatures. verbose "check signatures" for x in ${SSH_SOFTHSM_DIR}/EC.pub ${SSH_SOFTHSM_DIR}/RSA.pub \ - ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do + ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub \ + ${SSH_SOFTHSM_DIR}/ED25519.pub ${SSH_SOFTHSM_DIR}/ED25519-cert.pub ; do $SSHADD -T $x || fail "Signing failed for $x" done # Delete plain keys. verbose "delete plain keys" $SSHADD -qd ${SSH_SOFTHSM_DIR}/EC.pub ${SSH_SOFTHSM_DIR}/RSA.pub +$SSHADD -qd ${SSH_SOFTHSM_DIR}/ED25519.pub # Verify that certs can still perform signatures. verbose "reverify certificate signatures" -for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do +for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub \ + ${SSH_SOFTHSM_DIR}/ED25519-cert.pub ; do $SSHADD -T $x || fail "Signing failed for $x" done @@ -64,18 +74,22 @@ p11_ssh_add -qCs ${TEST_SSH_PKCS11} \ ${SSH_SOFTHSM_DIR}/EC.pub \ ${SSH_SOFTHSM_DIR}/EC-cert.pub \ ${SSH_SOFTHSM_DIR}/RSA.pub \ - ${SSH_SOFTHSM_DIR}/RSA-cert.pub || + ${SSH_SOFTHSM_DIR}/RSA-cert.pub \ + ${SSH_SOFTHSM_DIR}/ED25519.pub \ + ${SSH_SOFTHSM_DIR}/ED25519-cert.pub || fatal "failed to add keys" # Verify their presence verbose "verify presence" cut -d' ' -f1-2 \ ${SSH_SOFTHSM_DIR}/EC-cert.pub \ - ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list + ${SSH_SOFTHSM_DIR}/RSA-cert.pub \ + ${SSH_SOFTHSM_DIR}/ED25519-cert.pub | sort > $OBJ/expect_list $SSHADD -L | cut -d' ' -f1-2 | sort > $OBJ/output_list diff $OBJ/expect_list $OBJ/output_list # Verify that certs can perform signatures. verbose "check signatures" -for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do +for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub \ + ${SSH_SOFTHSM_DIR}/ED25519-cert.pub ; do $SSHADD -T $x || fail "Signing failed for $x" done diff --git a/regress/agent-pkcs11-restrict.sh b/regress/agent-pkcs11-restrict.sh index e5763ea8f6d0..9fc5e1c69f50 100644 --- a/regress/agent-pkcs11-restrict.sh +++ b/regress/agent-pkcs11-restrict.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-pkcs11-restrict.sh,v 1.2 2025/05/24 04:41:12 djm Exp $ +# $OpenBSD: agent-pkcs11-restrict.sh,v 1.3 2025/07/26 01:53:31 djm Exp $ # Placed in the Public Domain. tid="pkcs11 agent constraint test" @@ -16,6 +16,7 @@ for h in a b x ca ; do done # XXX test CA hostcerts too. +# XXX test ed25519 keys key_for() { case $h in diff --git a/regress/agent-pkcs11.sh b/regress/agent-pkcs11.sh index 731c1f9ddc96..491466659211 100644 --- a/regress/agent-pkcs11.sh +++ b/regress/agent-pkcs11.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-pkcs11.sh,v 1.14 2025/05/24 04:41:03 djm Exp $ +# $OpenBSD: agent-pkcs11.sh,v 1.15 2025/07/26 01:53:31 djm Exp $ # Placed in the Public Domain. tid="pkcs11 agent test" @@ -21,7 +21,7 @@ if [ $r -ne 0 ]; then fail "ssh-add -l failed: exit code $r" fi -for k in $RSA $EC; do +for k in $ED25519 $RSA $EC; do trace "testing $k" pub=$(cat $k.pub) ${SSHADD} -L | grep -q "$pub" || \ diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 0ecf6c5a83c0..c5270042e6a9 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.130 2025/06/28 13:34:08 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.131 2025/07/26 01:53:31 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -979,6 +979,18 @@ EOF --import $ECP8 >/dev/null || fatal "softhsm import EC fail" chmod 600 $EC ssh-keygen -y -f $EC > ${EC}.pub + # Ed25519 key + ED25519=${SSH_SOFTHSM_DIR}/ED25519 + ED25519P8=${SSH_SOFTHSM_DIR}/ED25519P8 + $OPENSSL_BIN genpkey -algorithm ed25519 > $ED25519 || \ + fatal "genpkey Ed25519 fail" + $OPENSSL_BIN pkcs8 -nocrypt -in $ED25519 > $ED25519P8 || \ + fatal "pkcs8 Ed25519 fail" + softhsm2-util --slot "$slot" --label 03 --id 03 --pin "$TEST_SSH_PIN" \ + --import $ED25519P8 >/dev/null || \ + fatal "softhsm import ed25519 fail" + chmod 600 $ED25519 + ssh-keygen -y -f $ED25519 > ${ED25519}.pub # Prepare askpass script to load PIN. PIN_SH=$SSH_SOFTHSM_DIR/pin.sh cat > $PIN_SH << EOF From 2603098959eff55cbe188c3dfcbe5302808a80fc Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Jul 2025 14:27:53 +1000 Subject: [PATCH 162/687] repair build for libcrypto without ed25519 support --- ssh-pkcs11.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 34e430875510..4ab1fa90e9b0 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1212,7 +1212,9 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, int i, success = -1; const u_char *cp; char *subject = NULL; +#ifdef OPENSSL_HAS_ED25519 size_t len; +#endif /* OPENSSL_HAS_ED25519 */ #ifdef OPENSSL_HAS_ECC int r, nid; #endif @@ -1350,6 +1352,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, /* success */ success = 0; #endif /* OPENSSL_HAS_ECC */ +#ifdef OPENSSL_HAS_ED25519 } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_ED25519) { if ((key = sshkey_new(KEY_UNSPEC)) == NULL || (key->ed25519_pk = calloc(1, ED25519_PK_SZ)) == NULL) @@ -1370,6 +1373,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, goto out; /* success */ success = 0; +#endif /* OPENSSL_HAS_ED25519 */ } else { error("unknown certificate key type"); goto out; From 5e4bfe6c16924b1c21a733f3e218cfcba98e301e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Jul 2025 19:19:46 +1000 Subject: [PATCH 163/687] more ec/ed25519 fixing --- ssh-pkcs11.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 4ab1fa90e9b0..98d1732bbed6 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -87,7 +87,7 @@ TAILQ_HEAD(, pkcs11_key) pkcs11_keys; /* XXX a tree would be better */ int pkcs11_interactive = 0; -#ifdef OPENSSL_HAS_ECC +#if defined(OPENSSL_HAS_ECC) || defined(OPENSSL_HAS_ED25519) static void ossl_error(const char *msg) { @@ -1207,7 +1207,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, X509_NAME *x509_name = NULL; EVP_PKEY *evp; RSA *rsa = NULL; - EC_KEY *ec = NULL; + struct sshkey *key = NULL; int i, success = -1; const u_char *cp; @@ -1216,6 +1216,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, size_t len; #endif /* OPENSSL_HAS_ED25519 */ #ifdef OPENSSL_HAS_ECC + EC_KEY *ec = NULL; int r, nid; #endif From a5bec2cdfc4f38ddb6211809851aae29ba99a35a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 30 Jul 2025 04:19:17 +0000 Subject: [PATCH 164/687] upstream: fix variable name in disabled code OpenBSD-Commit-ID: 5612e979575d5da933c8b720d296423fd84392f5 --- ssh-pkcs11.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 98d1732bbed6..18e6c1ff7821 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.67 2025/07/26 01:51:44 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.68 2025/07/30 04:19:17 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -1746,7 +1746,7 @@ pkcs11_decode_hex(const char *hex, unsigned char **dest, size_t *rlen) *dest = xmalloc(len); for (i = 0; i < len; i++) { - int hi, low; + int hi, lo; hi = h2i(hex[2 * i]); lo = h2i(hex[(2 * i) + 1]); @@ -2251,7 +2251,7 @@ pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, break; default: debug_f("unsupported key type %lu", (u_long)key_type); - continue; + break; } if ((rv = f->C_DestroyObject(session, obj)) != CKR_OK) { From dc630e6d81be8aa495254839731e4f3521cf9e31 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 30 Jul 2025 04:27:42 +0000 Subject: [PATCH 165/687] upstream: unbreak WITH_OPENSSL=no builds, also allowing ed25519 keys to be used via PKCS#11 when OpenSSH is built without libcrypto. OpenBSD-Commit-ID: ecf26fdf7591bf2c98bac5136fbc36e0b59c3fc2 --- configure.ac | 3 --- ssh-pkcs11-helper.c | 2 +- ssh-pkcs11.c | 31 +++++++++++++++++++------------ ssh-pkcs11.h | 6 +----- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/configure.ac b/configure.ac index 9bc664172b0d..460ebd3b476c 100644 --- a/configure.ac +++ b/configure.ac @@ -3322,9 +3322,6 @@ AC_CHECK_DECL([OPENSSL_IS_AWSLC], [], [#include ] ) -if test "x$openssl" != "xyes" ; then - enable_pkcs11="disabled; missing libcrypto" -fi if test "x$ac_cv_func_dlopen" != "xyes" ; then enable_pkcs11="disabled; missing dlopen(3)" enable_sk="disabled; missing dlopen(3)" diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 2d818b8970a4..32111fef6b29 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.28 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.29 2025/07/30 04:27:42 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 18e6c1ff7821..5b0ce304e925 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.68 2025/07/30 04:19:17 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.69 2025/07/30 04:27:42 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -35,9 +35,11 @@ #include "openbsd-compat/sys-queue.h" #include "openbsd-compat/openssl-compat.h" +#ifdef WITH_OPENSSL #include #include #include +#endif #define CRYPTOKI_COMPAT #include "pkcs11.h" @@ -1085,6 +1087,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, } return key; } +#endif /* WITH_OPENSSL */ static struct sshkey * pkcs11_fetch_ed25519_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, @@ -1195,6 +1198,7 @@ pkcs11_fetch_ed25519_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, return key; } +#ifdef WITH_OPENSSL static int pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_HANDLE *obj, struct sshkey **keyp, char **labelp) @@ -1397,17 +1401,6 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, *labelp = subject; return 0; } - -#if 0 -static int -have_rsa_key(const RSA *rsa) -{ - const BIGNUM *rsa_n, *rsa_e; - - RSA_get0_key(rsa, &rsa_n, &rsa_e, NULL); - return rsa_n != NULL && rsa_e != NULL; -} -#endif #endif /* WITH_OPENSSL */ static void @@ -1426,6 +1419,7 @@ note_key(struct pkcs11_provider *p, CK_ULONG slotidx, const char *context, free(fp); } +#ifdef WITH_OPENSSL /* libcrypto needed for certificate parsing */ /* * lookup certificates for token in slot identified by slotidx, * add 'wrapped' public keys to the 'keysp' array and increment nkeys. @@ -1530,6 +1524,7 @@ pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, return (ret); } +#endif /* WITH_OPENSSL */ /* * lookup public keys for token in slot identified by slotidx, @@ -1597,6 +1592,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, label[key_attr[1].ulValueLen] = '\0'; switch (ck_key_type) { +#ifdef WITH_OPENSSL case CKK_RSA: key = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); break; @@ -1605,6 +1601,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); break; #endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ case CKK_EC_EDWARDS: key = pkcs11_fetch_ed25519_pubkey(p, slotidx, &obj); break; @@ -1967,7 +1964,9 @@ pkcs11_register_provider(char *provider_id, char *pin, keyp == NULL) continue; pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys); +#ifdef WITH_OPENSSL pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys); +#endif if (nkeys == 0 && !p->slotinfo[i].logged_in && pkcs11_interactive) { /* @@ -1980,7 +1979,9 @@ pkcs11_register_provider(char *provider_id, char *pin, continue; } pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys); +#ifdef WITH_OPENSSL pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys); +#endif } } @@ -2073,6 +2074,7 @@ pkcs11_sign(struct sshkey *key, switch (key->type) { case KEY_RSA: case KEY_RSA_CERT: +#ifdef WITH_OPENSSL return pkcs11_sign_rsa(key, sigp, lenp, data, datalen, alg, sk_provider, sk_pin, compat); #ifdef OPENSSL_HAS_ECC @@ -2081,6 +2083,7 @@ pkcs11_sign(struct sshkey *key, return pkcs11_sign_ecdsa(key, sigp, lenp, data, datalen, alg, sk_provider, sk_pin, compat); #endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: return pkcs11_sign_ed25519(key, sigp, lenp, data, datalen, @@ -2240,12 +2243,16 @@ pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, key_type = -1; } switch (key_type) { +#ifdef WITH_OPENSSL case CKK_RSA: k = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); break; +#ifdef OPENSSL_HAS_ECC case CKK_ECDSA: k = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); break; +#endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ case CKK_EC_EDWARDS: k = pkcs11_fetch_ed25519_pubkey(p, slotidx, &obj); break; diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h index f3a03b6fa913..d86c506c1c57 100644 --- a/ssh-pkcs11.h +++ b/ssh-pkcs11.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.h,v 1.8 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.h,v 1.9 2025/07/30 04:27:42 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -45,7 +45,3 @@ struct sshkey * /* Only available in ssh-pkcs11-client.c */ int pkcs11_make_cert(const struct sshkey *, const struct sshkey *, struct sshkey **); - -#if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) -#undef ENABLE_PKCS11 -#endif From 284abbed9a8d815b1ec5e96aff885d77e26537e7 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 30 Jul 2025 10:17:13 +0000 Subject: [PATCH 166/687] upstream: Plug leak in case where sigp is passed as NULL. Coverity CID 483725, ok djm@ OpenBSD-Commit-ID: 47cf7b399c84e102b670b9f97ab6926c9a7256b5 --- ssh-pkcs11-client.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index 64b8f4c1c0ac..8be0d8aecff0 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.23 2025/07/25 11:50:45 dtucker Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.24 2025/07/30 10:17:13 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -278,6 +278,7 @@ pkcs11_sign(struct sshkey *key, ret = 0; fail: + free(signature); sshbuf_free(msg); return ret; } From b1c4cedbee107dc611ce091f27ea9f1de28ee378 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 1 Aug 2025 19:29:00 +1000 Subject: [PATCH 167/687] Replace fbsd64ppc VM with physical host. Run 64bit bigendian interop test on NetBSD arm64be instead. --- .github/workflows/selfhosted.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index 281b2fc84dee..3bc54d64b1ed 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -20,7 +20,7 @@ jobs: REMOTE: ${{ startsWith(matrix.host, 'remote') }} VM: ${{ startsWith(matrix.host, 'libvirt') || startsWith(matrix.host, 'persist') }} SSHFS: ${{ startsWith(matrix.host, 'libvirt') || startsWith(matrix.host, 'persist') || startsWith(matrix.host, 'remote') }} - BIGENDIAN: ${{ matrix.target == 'aix51' || matrix.target == 'fbsd14-ppc64' || matrix.target == 'openwrt-mips' }} + BIGENDIAN: ${{ matrix.target == 'aix51' || matrix.target == 'nbsd-arm64be' || matrix.target == 'openwrt-mips' }} strategy: fail-fast: false # We use a matrix in two parts: firstly all of the VMs are tested with the @@ -63,7 +63,6 @@ jobs: include: # Long-running/slow tests have access to high priority runners. - { target: aix51, config: default, host: libvirt-hipri } - - { target: fbsd14-ppc64, config: default, host: libvirt-hipri } - { target: openindiana, config: pam, host: libvirt-hipri } - { target: sol10, config: default, host: libvirt-hipri } - { target: sol10, config: pam, host: libvirt-hipri } @@ -100,6 +99,7 @@ jobs: - { target: debian-riscv64, config: default, host: remote-debian-riscv64 } - { target: openwrt-mips, config: default, host: remote-openwrt-mips } - { target: openwrt-mipsel, config: default, host: remote-openwrt-mipsel } + - { target: nbsd-arm64be, config: default, host: remote-nbsd-arm64be } steps: - name: shutdown VM if running if: env.VM == 'true' From e85248df3f1073343da87a6b00512e6a1e4a863d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 2 Aug 2025 12:51:42 +1000 Subject: [PATCH 168/687] Comment out atime restore test. This works on filesystems mounted 'noatime', but on others the stat() resets atime causing the test to fail. --- openbsd-compat/regress/utimensattest.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/openbsd-compat/regress/utimensattest.c b/openbsd-compat/regress/utimensattest.c index bbc66c48523e..b4405e464d03 100644 --- a/openbsd-compat/regress/utimensattest.c +++ b/openbsd-compat/regress/utimensattest.c @@ -77,11 +77,17 @@ main(void) fail("utimensat", 0, 0); if (stat(TMPFILE, &sb) == -1) - fail("stat", 0, 0 ); + fail("stat", 0, 0); +#if 0 + /* + * This test only works on filesystems mounted 'noatime', otherwise the + * stat() above resets atime. Skip by default. + */ if (sb.st_atime != 12345678) - fail("st_atime", 0, 0 ); + fail("st_atime", 0, 0); +#endif if (sb.st_mtime != 34567890) - fail("st_mtime", 0, 0 ); + fail("st_mtime", 0, 0); #if 0 /* * Results expected to be rounded to the nearest microsecond. From d1c6c67a50fc957010fa027c6ab970424e9b9142 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 2 Aug 2025 14:49:00 +1000 Subject: [PATCH 169/687] Disable security key tests for bigendian interop --- .github/configs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/configs b/.github/configs index aa363be7d3ff..230258f93f24 100755 --- a/.github/configs +++ b/.github/configs @@ -283,7 +283,7 @@ case "${TARGET_HOST}" in # Native linker is not great with PIC so OpenSSL is built w/out. CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key" ;; - fbsd14-ppc64) + fbsd14-ppc64|nbsd-arm64be) # Disable security key tests for bigendian interop test. CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key" ;; From 65909fa114e7dd7511800db2b7bacb8774afe887 Mon Sep 17 00:00:00 2001 From: "job@openbsd.org" Date: Thu, 31 Jul 2025 09:38:41 +0000 Subject: [PATCH 170/687] upstream: Set default IPQoS for interactive sessions to Expedited Forwarding (EF) Marking interactive session data with DSCP value EF (RFC3246, RFC3247) helps inform the network on relative priority compared to other traffic. This is especially useful for differentiated treatment over wireless media. Following the reconciled IETF Diffserv to IEEE 802.11 mappings (RFC 8325), traffic marked with DSCP value EF maps to User Priority 6 in QoS Control, in turn mapping to the high priority WMM AC_VO access category. OK djm@ OpenBSD-Commit-ID: aadda7b9da794d70d7c6b381a861a0610afce1b3 --- readconf.c | 4 ++-- servconf.c | 4 ++-- ssh_config.5 | 8 ++++---- sshd_config.5 | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/readconf.c b/readconf.c index b5a9f925fc4a..5e97d710e7cd 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.401 2025/07/23 05:07:19 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.402 2025/07/31 09:38:41 job Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2947,7 +2947,7 @@ fill_default_options(Options * options) if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->ip_qos_interactive == -1) - options->ip_qos_interactive = IPTOS_DSCP_AF21; + options->ip_qos_interactive = IPTOS_DSCP_EF; if (options->ip_qos_bulk == -1) options->ip_qos_bulk = IPTOS_DSCP_CS1; if (options->request_tty == -1) diff --git a/servconf.c b/servconf.c index 14165429f20f..63176d0d0086 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.427 2025/05/24 08:13:29 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.428 2025/07/31 09:38:41 job Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -472,7 +472,7 @@ fill_default_server_options(ServerOptions *options) if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; if (options->ip_qos_interactive == -1) - options->ip_qos_interactive = IPTOS_DSCP_AF21; + options->ip_qos_interactive = IPTOS_DSCP_EF; if (options->ip_qos_bulk == -1) options->ip_qos_bulk = IPTOS_DSCP_CS1; if (options->version_addendum == NULL) diff --git a/ssh_config.5 b/ssh_config.5 index 14115fff1e1e..4b5b62408f15 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.414 2025/07/23 05:07:19 djm Exp $ -.Dd $Mdocdate: July 23 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.415 2025/07/31 09:38:41 job Exp $ +.Dd $Mdocdate: July 31 2025 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1277,8 +1277,8 @@ If one argument is specified, it is used as the packet class unconditionally. If two values are specified, the first is automatically selected for interactive sessions and the second for non-interactive sessions. The default is -.Cm af21 -(Low-Latency Data) +.Cm ef +(Expedited Forwarding) for interactive sessions and .Cm cs1 (Lower Effort) diff --git a/sshd_config.5 b/sshd_config.5 index c07717375d90..ae57d0cb9c86 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.381 2025/02/15 01:52:07 djm Exp $ -.Dd $Mdocdate: February 15 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.382 2025/07/31 09:38:41 job Exp $ +.Dd $Mdocdate: July 31 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -958,8 +958,8 @@ If one argument is specified, it is used as the packet class unconditionally. If two values are specified, the first is automatically selected for interactive sessions and the second for non-interactive sessions. The default is -.Cm af21 -(Low-Latency Data) +.Cm ef +(Expedited Forwarding) for interactive sessions and .Cm cs1 (Lower Effort) From ec3465f59c651405e395092f3ad606f8992328d8 Mon Sep 17 00:00:00 2001 From: "job@openbsd.org" Date: Thu, 31 Jul 2025 11:23:39 +0000 Subject: [PATCH 171/687] upstream: Deprecate support for IPv4 type-of-service (TOS) IPQoS keywords Type of Service (ToS) was deprecated in the late nineties and replaced with the Differentiated Services architecture. Diffserv has significant advantages for operators because this mechanism offers more granularity. OpenSSH switched its default IPQoS from ToS to DSCP values in 2018. IPQoS configurations with 'lowdelay', 'reliability', or 'throughput' will be ignored and instead the system default QoS settings apply. Additionally, a debug message is logged about the deprecation with a suggestion to use DSCP. with/OK deraadt@ sthen@ djm@ OpenBSD-Commit-ID: 40c8c0c5cb20151a348728703536af2ec1c754ba --- misc.c | 8 ++++---- readconf.c | 14 +++++++++++++- readconf.h | 6 +++--- servconf.c | 14 +++++++++++++- ssh_config.5 | 9 ++++----- sshd_config.5 | 9 ++++----- 6 files changed, 41 insertions(+), 19 deletions(-) diff --git a/misc.c b/misc.c index f4e02bd04a78..838a7f788a7f 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.200 2025/05/22 03:53:46 dtucker Exp $ */ +/* $OpenBSD: misc.c,v 1.201 2025/07/31 11:23:39 job Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -1885,9 +1885,9 @@ static const struct { { "cs7", IPTOS_DSCP_CS7 }, { "ef", IPTOS_DSCP_EF }, { "le", IPTOS_DSCP_LE }, - { "lowdelay", IPTOS_LOWDELAY }, - { "throughput", IPTOS_THROUGHPUT }, - { "reliability", IPTOS_RELIABILITY }, + { "lowdelay", INT_MIN }, /* deprecated */ + { "throughput", INT_MIN }, /* deprecated */ + { "reliability", INT_MIN }, /* deprecated */ { NULL, -1 } }; diff --git a/readconf.c b/readconf.c index 5e97d710e7cd..02452edbf1d2 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.402 2025/07/31 09:38:41 job Exp $ */ +/* $OpenBSD: readconf.c,v 1.403 2025/07/31 11:23:39 job Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2160,6 +2160,12 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, filename, linenum, arg); goto out; } + if (value == INT_MIN) { + debug("%s line %d: Deprecated IPQoS value \"%s\" " + "ignored - using system default instead. Consider" + " using DSCP values.", filename, linenum, arg); + value = INT_MAX; + } arg = argv_next(&ac, &av); if (arg == NULL) value2 = value; @@ -2168,6 +2174,12 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, filename, linenum, arg); goto out; } + if (value2 == INT_MIN) { + debug("%s line %d: Deprecated IPQoS value \"%s\" " + "ignored - using system default instead. Consider" + " using DSCP values.", filename, linenum, arg); + value2 = INT_MAX; + } if (*activep && options->ip_qos_interactive == -1) { options->ip_qos_interactive = value; options->ip_qos_bulk = value2; diff --git a/readconf.h b/readconf.h index cd49139b13c0..153fa62260d3 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.159 2025/02/15 01:48:30 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.160 2025/07/31 11:23:39 job Exp $ */ /* * Author: Tatu Ylonen @@ -49,8 +49,8 @@ typedef struct { int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ int tcp_keep_alive; /* Set SO_KEEPALIVE. */ - int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ - int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ + int ip_qos_interactive; /* DSCP value for interactive */ + int ip_qos_bulk; /* DSCP value for bulk traffic */ SyslogFacility log_facility; /* Facility for system logging. */ LogLevel log_level; /* Level for logging. */ u_int num_log_verbose; /* Verbose log overrides */ diff --git a/servconf.c b/servconf.c index 63176d0d0086..2bd9d11916ad 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.428 2025/07/31 09:38:41 job Exp $ */ +/* $OpenBSD: servconf.c,v 1.429 2025/07/31 11:23:39 job Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2512,12 +2512,24 @@ process_server_config_line_depth(ServerOptions *options, char *line, if ((value = parse_ipqos(arg)) == -1) fatal("%s line %d: Bad %s value: %s", filename, linenum, keyword, arg); + if (value == INT_MIN) { + debug("%s line %d: Deprecated IPQoS value \"%s\" " + "ignored - using system default instead. Consider" + " using DSCP values.", filename, linenum, arg); + value = INT_MAX; + } arg = argv_next(&ac, &av); if (arg == NULL) value2 = value; else if ((value2 = parse_ipqos(arg)) == -1) fatal("%s line %d: Bad %s value: %s", filename, linenum, keyword, arg); + if (value2 == INT_MIN) { + debug("%s line %d: Deprecated IPQoS value \"%s\" " + "ignored - using system default instead. Consider" + " using DSCP values.", filename, linenum, arg); + value2 = INT_MAX; + } if (*activep) { options->ip_qos_interactive = value; options->ip_qos_bulk = value2; diff --git a/ssh_config.5 b/ssh_config.5 index 4b5b62408f15..390bc44aba8e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.415 2025/07/31 09:38:41 job Exp $ +.\" $OpenBSD: ssh_config.5,v 1.416 2025/07/31 11:23:39 job Exp $ .Dd $Mdocdate: July 31 2025 $ .Dt SSH_CONFIG 5 .Os @@ -1242,7 +1242,9 @@ or block to perform conditional inclusion. .It Cm IPQoS -Specifies the IPv4 type-of-service or DSCP class for connections. +Specifies the +.Em Differentiated Services Field Codepoint Pq DSCP +value for connections. Accepted values are .Cm af11 , .Cm af12 , @@ -1266,9 +1268,6 @@ Accepted values are .Cm cs7 , .Cm ef , .Cm le , -.Cm lowdelay , -.Cm throughput , -.Cm reliability , a numeric value, or .Cm none to use the operating system default. diff --git a/sshd_config.5 b/sshd_config.5 index ae57d0cb9c86..ee1b2934138d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.382 2025/07/31 09:38:41 job Exp $ +.\" $OpenBSD: sshd_config.5,v 1.383 2025/07/31 11:23:39 job Exp $ .Dd $Mdocdate: July 31 2025 $ .Dt SSHD_CONFIG 5 .Os @@ -923,7 +923,9 @@ directive may appear inside a block to perform conditional inclusion. .It Cm IPQoS -Specifies the IPv4 type-of-service or DSCP class for the connection. +Specifies the +.Em Differentiated Services Field Codepoint Pq DSCP +value for the connection. Accepted values are .Cm af11 , .Cm af12 , @@ -947,9 +949,6 @@ Accepted values are .Cm cs7 , .Cm ef , .Cm le , -.Cm lowdelay , -.Cm throughput , -.Cm reliability , a numeric value, or .Cm none to use the operating system default. From 6ebd472c391a73574abe02771712d407c48e130d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 5 Aug 2025 04:00:15 +0000 Subject: [PATCH 172/687] upstream: a bunch of the protocol extensions we support now have RFCs and I-Ds that are more complete and detailed than what we have in the PROTOCOL.* files. Refer to these when possible instead of documenting them here. OpenBSD-Commit-ID: 4fa5b0fcf5d5f24093d33d9e82c7ca4850d50d70 --- PROTOCOL | 115 +++++++------------------------------- PROTOCOL.chacha20poly1305 | 107 ----------------------------------- 2 files changed, 21 insertions(+), 201 deletions(-) delete mode 100644 PROTOCOL.chacha20poly1305 diff --git a/PROTOCOL b/PROTOCOL index f99173c527b7..af2a813f9df8 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -33,10 +33,7 @@ The method is documented in: https://www.openssh.com/txt/draft-miller-secsh-compression-delayed-00.txt -1.3. transport: New public key algorithms "ssh-rsa-cert-v01@openssh.com", - "ecdsa-sha2-nistp256-cert-v01@openssh.com", - "ecdsa-sha2-nistp384-cert-v01@openssh.com" and - "ecdsa-sha2-nistp521-cert-v01@openssh.com" +1.3. transport: Certificate key algorithms OpenSSH introduces new public key algorithms to support certificate authentication for users and host keys. These methods are documented @@ -81,29 +78,20 @@ contains: 1.6 transport: AES-GCM OpenSSH supports the AES-GCM algorithm as specified in RFC 5647. -Because of problems with the specification of the key exchange -the behaviour of OpenSSH differs from the RFC as follows: +Because of problems with design of algorithm negotiation in this +RFC, OpenSSH (and other SSH implementation) use different rules as +described in: -AES-GCM is only negotiated as the cipher algorithms -"aes128-gcm@openssh.com" or "aes256-gcm@openssh.com" and never as -an MAC algorithm. Additionally, if AES-GCM is selected as the cipher -the exchanged MAC algorithms are ignored and there doesn't have to be -a matching MAC. +https://datatracker.ietf.org/doc/draft-miller-sshm-aes-gcm/ 1.7 transport: chacha20-poly1305@openssh.com authenticated encryption OpenSSH supports authenticated encryption using ChaCha20 and Poly1305 -as described in PROTOCOL.chacha20poly1305. +as described in: -1.8 transport: curve25519-sha256@libssh.org key exchange algorithm +https://datatracker.ietf.org/doc/draft-ietf-sshm-chacha20-poly1305/ -OpenSSH supports the use of ECDH in Curve25519 for key exchange as -described at: -http://git.libssh.org/users/aris/libssh.git/plain/doc/curve25519-sha256@libssh.org.txt?h=curve25519 - -This is identical to curve25519-sha256 as later published in RFC8731. - -1.9 transport: ping facility +1.8 transport: ping facility OpenSSH implements a transport level ping message SSH2_MSG_PING and a corresponding SSH2_MSG_PONG reply. @@ -136,34 +124,16 @@ than as a named global or channel request to allow pings with very short packet lengths, which would not be possible with other approaches. -1.10 transport: strict key exchange extension - -OpenSSH supports a number of transport-layer hardening measures under -a "strict KEX" feature. This feature is signalled similarly to the -RFC8308 ext-info feature: by including a additional algorithm in the -initial SSH2_MSG_KEXINIT kex_algorithms field. The client may append -"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server -may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms -are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored -if they are present in subsequent SSH2_MSG_KEXINIT packets. - -When an endpoint that supports this extension observes this algorithm -name in a peer's KEXINIT packet, it MUST make the following changes to -the protocol: - -a) During initial KEX, terminate the connection if out-of-sequence - packet or any message that is not strictly required by KEX is - received. This includes terminating the connection if the first - packet received is not SSH2_MSG_KEXINIT. Unexpected packets for - the purpose of strict KEX include messages that are otherwise - valid at any time during the connection such as SSH2_MSG_DEBUG, - SSH2_MSG_IGNORE or SSH2_MSG_UNIMPLEMENTED. -b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the - packet sequence number to zero. This behaviour persists for the - duration of the connection (i.e. not just the first - SSH2_MSG_NEWKEYS). - -1.11 transport: SSH2_MSG_EXT_INFO during user authentication +1.9 transport: strict key exchange extension + +OpenSSH supports a number of transport-layer hardening measures +designed to thwart the so-called "Terrapin" attack against the +early SSH protocol. These are collectively referred to as +"strict KEX" and documented in an Internet-Draft: + +https://datatracker.ietf.org/doc/draft-miller-sshm-strict-kex/ + +1.10 transport: SSH2_MSG_EXT_INFO during user authentication This protocol extension allows the SSH2_MSG_EXT_INFO to be sent during user authentication. RFC8308 does allow a second @@ -368,52 +338,9 @@ and "hostkeys-prove-00@openssh.com" OpenSSH supports a protocol extension allowing a server to inform a client of all its protocol v.2 host keys after user-authentication -has completed. - - byte SSH_MSG_GLOBAL_REQUEST - string "hostkeys-00@openssh.com" - char 0 /* want-reply */ - string[] hostkeys - -Upon receiving this message, a client should check which of the -supplied host keys are present in known_hosts. - -Note that the server may send key types that the client does not -support. The client should disregard such keys if they are received. - -If the client identifies any keys that are not present for the host, -it should send a "hostkeys-prove@openssh.com" message to request the -server prove ownership of the private half of the key. - - byte SSH_MSG_GLOBAL_REQUEST - string "hostkeys-prove-00@openssh.com" - char 1 /* want-reply */ - string[] hostkeys - -When a server receives this message, it should generate a signature -using each requested key over the following: - - string "hostkeys-prove-00@openssh.com" - string session identifier - string hostkey - -These signatures should be included in the reply, in the order matching -the hostkeys in the request: - - byte SSH_MSG_REQUEST_SUCCESS - string[] signatures - -When the client receives this reply (and not a failure), it should -validate the signatures and may update its known_hosts file, adding keys -that it has not seen before and deleting keys for the server host that -are no longer offered. +has completed. This is documented in an Internet-Draft -These extensions let a client learn key types that it had not previously -encountered, thereby allowing it to potentially upgrade from weaker -key algorithms to better ones. It also supports graceful key rotation: -a server may offer multiple keys of the same type for a period (to -give clients an opportunity to learn them using this extension) before -removing the deprecated key from those offered. +https://datatracker.ietf.org/doc/draft-miller-sshm-hostkey-update/ 2.6. connection: SIGINFO support for "signal" channel request @@ -791,4 +718,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.57 2025/05/06 05:40:56 djm Exp $ +$OpenBSD: PROTOCOL,v 1.58 2025/08/05 04:00:15 djm Exp $ diff --git a/PROTOCOL.chacha20poly1305 b/PROTOCOL.chacha20poly1305 deleted file mode 100644 index 0bfff28d70ef..000000000000 --- a/PROTOCOL.chacha20poly1305 +++ /dev/null @@ -1,107 +0,0 @@ -This document describes the chacha20-poly1305@openssh.com authenticated -encryption cipher supported by OpenSSH. - -Background ----------- - -ChaCha20 is a stream cipher designed by Daniel Bernstein and described -in [1]. It operates by permuting 128 fixed bits, 128 or 256 bits of key, -a 64 bit nonce and a 64 bit counter into 64 bytes of output. This output -is used as a keystream, with any unused bytes simply discarded. - -Poly1305[2], also by Daniel Bernstein, is a one-time Carter-Wegman MAC -that computes a 128 bit integrity tag given a message and a single-use -256 bit secret key. - -The chacha20-poly1305@openssh.com combines these two primitives into an -authenticated encryption mode. The construction used is based on that -proposed for TLS by Adam Langley in [3], but differs in the layout of -data passed to the MAC and in the addition of encryption of the packet -lengths. - -Negotiation ------------ - -The chacha20-poly1305@openssh.com offers both encryption and -authentication. As such, no separate MAC is required. If the -chacha20-poly1305@openssh.com cipher is selected in key exchange, -the offered MAC algorithms are ignored and no MAC is required to be -negotiated. - -Detailed Construction ---------------------- - -The chacha20-poly1305@openssh.com cipher requires 512 bits of key -material as output from the SSH key exchange. This forms two 256 bit -keys (K_1 and K_2), used by two separate instances of chacha20. -The first 256 bits constitute K_2 and the second 256 bits become -K_1. - -The instance keyed by K_1 is a stream cipher that is used only -to encrypt the 4 byte packet length field. The second instance, -keyed by K_2, is used in conjunction with poly1305 to build an AEAD -(Authenticated Encryption with Associated Data) that is used to encrypt -and authenticate the entire packet. - -Two separate cipher instances are used here so as to keep the packet -lengths confidential but not create an oracle for the packet payload -cipher by decrypting and using the packet length prior to checking -the MAC. By using an independently-keyed cipher instance to encrypt the -length, an active attacker seeking to exploit the packet input handling -as a decryption oracle can learn nothing about the payload contents or -its MAC (assuming key derivation, ChaCha20 and Poly1305 are secure). - -The AEAD is constructed as follows: for each packet, generate a Poly1305 -key by taking the first 256 bits of ChaCha20 stream output generated -using K_2, an IV consisting of the packet sequence number encoded as an -uint64 under the SSH wire encoding rules and a ChaCha20 block counter of -zero. The K_2 ChaCha20 block counter is then set to the little-endian -encoding of 1 (i.e. {1, 0, 0, 0, 0, 0, 0, 0}) and this instance is used -for encryption of the packet payload. - -Packet Handling ---------------- - -When receiving a packet, the length must be decrypted first. When 4 -bytes of ciphertext length have been received, they may be decrypted -using the K_1 key, a nonce consisting of the packet sequence number -encoded as a uint64 under the usual SSH wire encoding and a zero block -counter to obtain the plaintext length. - -Once the entire packet has been received, the MAC MUST be checked -before decryption. A per-packet Poly1305 key is generated as described -above and the MAC tag calculated using Poly1305 with this key over the -ciphertext of the packet length and the payload together. The calculated -MAC is then compared in constant time with the one appended to the -packet and the packet decrypted using ChaCha20 as described above (with -K_2, the packet sequence number as nonce and a starting block counter of -1). - -To send a packet, first encode the 4 byte length and encrypt it using -K_1. Encrypt the packet payload (using K_2) and append it to the -encrypted length. Finally, calculate a MAC tag and append it. - -Rekeying --------- - -ChaCha20 must never reuse a {key, nonce} for encryption nor may it be -used to encrypt more than 2^70 bytes under the same {key, nonce}. The -SSH Transport protocol (RFC4253) recommends a far more conservative -rekeying every 1GB of data sent or received. If this recommendation -is followed, then chacha20-poly1305@openssh.com requires no special -handling in this area. - -References ----------- - -[1] "ChaCha, a variant of Salsa20", Daniel Bernstein - http://cr.yp.to/chacha/chacha-20080128.pdf - -[2] "The Poly1305-AES message-authentication code", Daniel Bernstein - http://cr.yp.to/mac/poly1305-20050329.pdf - -[3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley - http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 - -$OpenBSD: PROTOCOL.chacha20poly1305,v 1.5 2020/02/21 00:04:43 dtucker Exp $ - From 2a31009c36eb2da412c2784fe131fcb6ba800978 Mon Sep 17 00:00:00 2001 From: "job@openbsd.org" Date: Tue, 5 Aug 2025 09:08:16 +0000 Subject: [PATCH 173/687] upstream: Use the operating system default DSCP marking for non-interactive traffic It seems the CS1 traffic class mark is considered ambiguous and therefore somewhat unhelpful (see RFC 8622 for more considerations). But, the new 'LE' scavenger class (also proposed in RFC 8622) offers high probability of excessive delays & high packet loss, which would be inappropriate for use with, for example, X11 forwardings. In fact, it is not known to SSH what's appropriate because SSH is not aware of the content of what passing through session forwardings. Therefore, no marking is appropriate. Non-interactive traffic simply is best effort. OK djm@ deraadt@ OpenBSD-Commit-ID: db1da1a432ecd53fc28feb84287aedb6bec80b01 --- readconf.c | 4 ++-- servconf.c | 4 ++-- ssh_config.5 | 8 ++++---- sshd_config.5 | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/readconf.c b/readconf.c index 02452edbf1d2..781e5b004068 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.403 2025/07/31 11:23:39 job Exp $ */ +/* $OpenBSD: readconf.c,v 1.404 2025/08/05 09:08:16 job Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2961,7 +2961,7 @@ fill_default_options(Options * options) if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_EF; if (options->ip_qos_bulk == -1) - options->ip_qos_bulk = IPTOS_DSCP_CS1; + options->ip_qos_bulk = IPTOS_DSCP_CS0; if (options->request_tty == -1) options->request_tty = REQUEST_TTY_AUTO; if (options->session_type == -1) diff --git a/servconf.c b/servconf.c index 2bd9d11916ad..92f924e6015c 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.429 2025/07/31 11:23:39 job Exp $ */ +/* $OpenBSD: servconf.c,v 1.430 2025/08/05 09:08:16 job Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -474,7 +474,7 @@ fill_default_server_options(ServerOptions *options) if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_EF; if (options->ip_qos_bulk == -1) - options->ip_qos_bulk = IPTOS_DSCP_CS1; + options->ip_qos_bulk = IPTOS_DSCP_CS0; if (options->version_addendum == NULL) options->version_addendum = xstrdup(""); if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) diff --git a/ssh_config.5 b/ssh_config.5 index 390bc44aba8e..f1673e014910 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.416 2025/07/31 11:23:39 job Exp $ -.Dd $Mdocdate: July 31 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.417 2025/08/05 09:08:16 job Exp $ +.Dd $Mdocdate: August 5 2025 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1279,8 +1279,8 @@ The default is .Cm ef (Expedited Forwarding) for interactive sessions and -.Cm cs1 -(Lower Effort) +.Cm none +(the operating system default) for non-interactive sessions. .It Cm KbdInteractiveAuthentication Specifies whether to use keyboard-interactive authentication. diff --git a/sshd_config.5 b/sshd_config.5 index ee1b2934138d..4536286b750d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.383 2025/07/31 11:23:39 job Exp $ -.Dd $Mdocdate: July 31 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.384 2025/08/05 09:08:16 job Exp $ +.Dd $Mdocdate: August 5 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -960,8 +960,8 @@ The default is .Cm ef (Expedited Forwarding) for interactive sessions and -.Cm cs1 -(Lower Effort) +.Cm none +(the operating system default) for non-interactive sessions. .It Cm KbdInteractiveAuthentication Specifies whether to allow keyboard-interactive authentication. From 9ffa98111dbe53bf86d07da8e01ded8c5c25456b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 6 Aug 2025 04:53:04 +0000 Subject: [PATCH 174/687] upstream: when refusing a certificate for user authentication, log enough information to identify the certificate in addition to the reason why it was being denied. Makes debugging certificate authz problems a bit easier. ok dlg@ OpenBSD-Commit-ID: 4c4621b2e70412754b3fe7540af8f4bf02b722b1 --- auth2-hostbased.c | 14 +++++++++++--- auth2-pubkey.c | 12 +++++++++--- auth2-pubkeyfile.c | 23 ++++++++++++++++------- 3 files changed, 36 insertions(+), 13 deletions(-) diff --git a/auth2-hostbased.c b/auth2-hostbased.c index eb21479a0270..e28134a1ae2c 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.53 2024/05/17 00:30:23 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.54 2025/08/06 04:53:04 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -213,8 +213,16 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, if (sshkey_is_cert(key) && sshkey_cert_check_authority_now(key, 1, 0, 0, lookup, &reason)) { - error("%s", reason); - auth_debug_add("%s", reason); + if ((fp = sshkey_fingerprint(key->cert->signature_key, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + fatal_f("sshkey_fingerprint fail"); + error("Refusing certificate ID \"%s\" serial=%llu signed by " + "%s CA %s: %s", key->cert->key_id, key->cert->serial, + sshkey_type(key->cert->signature_key), fp, reason); + auth_debug_add("Refused Certificate ID \"%s\" serial=%llu: %s", + key->cert->key_id, (unsigned long long)key->cert->serial, + reason); + free(fp); return 0; } diff --git a/auth2-pubkey.c b/auth2-pubkey.c index aa24fda05753..221b242f831d 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.122 2024/12/12 09:09:09 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.123 2025/08/06 04:53:04 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -590,8 +590,14 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key, if ((final_opts = sshauthopt_merge(principals_opts, cert_opts, &reason)) == NULL) { fail_reason: - error("%s", reason); - auth_debug_add("%s", reason); + error("Refusing certificate ID \"%s\" serial=%llu " + "signed by %s CA %s: %s", key->cert->key_id, + key->cert->serial, + sshkey_type(key->cert->signature_key), ca_fp, + reason); + auth_debug_add("Refused Certificate ID \"%s\" " + "serial=%llu: %s", key->cert->key_id, + (unsigned long long)key->cert->serial, reason); goto out; } } diff --git a/auth2-pubkeyfile.c b/auth2-pubkeyfile.c index 31e7481fbe55..531a266ac336 100644 --- a/auth2-pubkeyfile.c +++ b/auth2-pubkeyfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkeyfile.c,v 1.4 2023/03/05 05:34:09 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkeyfile.c,v 1.5 2025/08/06 04:53:04 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -344,15 +344,15 @@ auth_check_authkey_line(struct passwd *pw, struct sshkey *key, /* Parse and check options present in certificate */ if ((certopts = sshauthopt_from_cert(key)) == NULL) { reason = "Invalid certificate options"; - goto fail_reason; + goto cert_fail_reason; } if (auth_authorise_keyopts(pw, certopts, 0, remote_ip, remote_host, loc) != 0) { reason = "Refused by certificate options"; - goto fail_reason; + goto cert_fail_reason; } if ((finalopts = sshauthopt_merge(keyopts, certopts, &reason)) == NULL) - goto fail_reason; + goto cert_fail_reason; /* * If the user has specified a list of principals as @@ -362,12 +362,12 @@ auth_check_authkey_line(struct passwd *pw, struct sshkey *key, if (keyopts->cert_principals != NULL && !match_principals_option(keyopts->cert_principals, key->cert)) { reason = "Certificate does not contain an authorized principal"; - goto fail_reason; + goto cert_fail_reason; } if (sshkey_cert_check_authority_now(key, 0, 0, 0, keyopts->cert_principals == NULL ? pw->pw_name : NULL, &reason) != 0) - goto fail_reason; + goto cert_fail_reason; verbose("Accepted certificate ID \"%s\" (serial %llu) " "signed by CA %s %s found at %s", @@ -386,8 +386,17 @@ auth_check_authkey_line(struct passwd *pw, struct sshkey *key, ret = 0; goto out; + cert_fail_reason: + error("Refusing certificate ID \"%s\" serial=%llu " + "signed by %s CA %s via %s: %s", key->cert->key_id, + key->cert->serial, sshkey_type(key->cert->signature_key), + fp, loc, reason); + auth_debug_add("Refused Certificate ID \"%s\" serial=%llu: %s", + key->cert->key_id, (unsigned long long)key->cert->serial, reason); + goto out; + fail_reason: - error("%s", reason); + error("%s at %s", reason, loc); auth_debug_add("%s", reason); out: free(fp); From 60b909fb110f77c1ffd15cceb5d09b8e3f79b27e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 6 Aug 2025 11:22:53 +0000 Subject: [PATCH 175/687] upstream: Improve sentence. ok djm@ OpenBSD-Commit-ID: 9c481ddd6bad110af7e530ba90db41f6d5fe2273 --- PROTOCOL | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/PROTOCOL b/PROTOCOL index af2a813f9df8..a94b36ba6c7e 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -78,8 +78,8 @@ contains: 1.6 transport: AES-GCM OpenSSH supports the AES-GCM algorithm as specified in RFC 5647. -Because of problems with design of algorithm negotiation in this -RFC, OpenSSH (and other SSH implementation) use different rules as +Because of problems with the design of the algorithm negotiation in this +RFC, OpenSSH (and other SSH implementations) use different rules as described in: https://datatracker.ietf.org/doc/draft-miller-sshm-aes-gcm/ @@ -718,4 +718,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.58 2025/08/05 04:00:15 djm Exp $ +$OpenBSD: PROTOCOL,v 1.59 2025/08/06 11:22:53 dtucker Exp $ From 2ebc6384258b58ace0ad2adb2593744f62749235 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 6 Aug 2025 23:44:09 +0000 Subject: [PATCH 176/687] upstream: all state related to the ssh connection should live in struct ssh or struct packet_state; one static int escaped this rule, so move it to struct packet_state now. ok millert tb OpenBSD-Commit-ID: bd6737168bf61a836ffbdc99ee4803468db90a53 --- packet.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/packet.c b/packet.c index 9dea2cfc5188..7f67f4fcd55e 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.318 2025/02/18 08:02:12 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.319 2025/08/06 23:44:09 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -219,6 +219,12 @@ struct session_state { /* One-off warning about weak ciphers */ int cipher_warning_done; + /* + * Disconnect in progress. Used to prevent reentry in + * ssh_packet_disconnect() + */ + int disconnecting; + /* Hook for fuzzing inbound packets */ ssh_packet_hook_fn *hook_in; void *hook_in_ctx; @@ -2064,12 +2070,12 @@ ssh_packet_disconnect(struct ssh *ssh, const char *fmt,...) { char buf[1024], remote_id[512]; va_list args; - static int disconnecting = 0; int r; - if (disconnecting) /* Guard against recursive invocations. */ + /* Guard against recursive invocations. */ + if (ssh->state->disconnecting) fatal("packet_disconnect called recursively."); - disconnecting = 1; + ssh->state->disconnecting = 1; /* * Format the message. Note that the caller must make sure the From 0e1b8aa27f7c86d412c9e54ad9e2cae30d9ddab4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 11 Aug 2025 10:55:38 +0000 Subject: [PATCH 177/687] upstream: ssh(1): add a warning when the connection negotiates a non-post quantum safe key agreement algorithm. Controlled via a new WarnWeakCrypto ssh_config option, defaulting to on. This option might grow additional weak crypto warnings in the future. More details at https://openssh.com/pq.html mostly by deraadt@ feedback dtucker@ ok deraadt@ OpenBSD-Commit-ID: 974ff243a1eccceac6a1a9d8fab3bcc89d74a2a4 --- kex-names.c | 45 ++++++++++++++++++++++++++++----------------- kex.c | 6 +++--- kex.h | 7 ++++++- readconf.c | 24 ++++++++++++++++++++++-- readconf.h | 4 +++- ssh_config.5 | 18 ++++++++++++++++-- sshconnect.c | 14 +++++++++++++- 7 files changed, 91 insertions(+), 27 deletions(-) diff --git a/kex-names.c b/kex-names.c index ec840c1f9dbc..96deb8817dbb 100644 --- a/kex-names.c +++ b/kex-names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex-names.c,v 1.4 2024/09/09 02:39:57 djm Exp $ */ +/* $OpenBSD: kex-names.c,v 1.5 2025/08/11 10:55:38 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -50,44 +50,45 @@ struct kexalg { u_int type; int ec_nid; int hash_alg; + int pq_alg; }; static const struct kexalg kexalgs[] = { #ifdef WITH_OPENSSL - { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, - { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, - { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, - { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 }, - { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, + { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, + { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, + { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, + { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ }, + { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ }, + { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, #ifdef HAVE_EVP_SHA256 - { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, + { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, #endif /* HAVE_EVP_SHA256 */ #ifdef OPENSSL_HAS_ECC { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, - NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, + NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ }, { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, - SSH_DIGEST_SHA384 }, + SSH_DIGEST_SHA384, KEX_NOT_PQ }, # ifdef OPENSSL_HAS_NISTP521 { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, - SSH_DIGEST_SHA512 }, + SSH_DIGEST_SHA512, KEX_NOT_PQ }, # endif /* OPENSSL_HAS_NISTP521 */ #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL) - { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, - { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, + { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, + { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, #ifdef USE_SNTRUP761X25519 { KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0, - SSH_DIGEST_SHA512 }, + SSH_DIGEST_SHA512, KEX_IS_PQ }, { KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0, - SSH_DIGEST_SHA512 }, + SSH_DIGEST_SHA512, KEX_IS_PQ }, #endif #ifdef USE_MLKEM768X25519 { KEX_MLKEM768X25519_SHA256, KEX_KEM_MLKEM768X25519_SHA256, 0, - SSH_DIGEST_SHA256 }, + SSH_DIGEST_SHA256, KEX_IS_PQ }, #endif #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ - { NULL, 0, -1, -1}, + { NULL, 0, -1, -1, 0 }, }; char * @@ -130,6 +131,16 @@ kex_name_valid(const char *name) return kex_alg_by_name(name) != NULL; } +int +kex_is_pq_from_name(const char *name) +{ + const struct kexalg *k; + + if ((k = kex_alg_by_name(name)) == NULL) + return 0; + return k->pq_alg == KEX_IS_PQ; +} + u_int kex_type_from_name(const char *name) { diff --git a/kex.c b/kex.c index 6b957e5e18f5..f8eaa8c970c6 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.187 2024/08/23 04:51:00 deraadt Exp $ */ +/* $OpenBSD: kex.c,v 1.188 2025/08/11 10:55:38 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -563,8 +563,6 @@ kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh) kex->flags &= ~KEX_INITIAL; sshbuf_reset(kex->peer); kex->flags &= ~KEX_INIT_SENT; - free(kex->name); - kex->name = NULL; return 0; } @@ -620,6 +618,8 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh) error_f("no kex"); return SSH_ERR_INTERNAL_ERROR; } + free(kex->name); + kex->name = NULL; ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error); ptr = sshpkt_ptr(ssh, &dlen); if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) diff --git a/kex.h b/kex.h index d08988b3e141..55baa6a1e641 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.126 2024/09/02 12:13:56 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.127 2025/08/11 10:55:38 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -115,6 +115,10 @@ enum kex_exchange { #define KEX_HAS_PING 0x0020 #define KEX_HAS_EXT_INFO_IN_AUTH 0x0040 +/* kex->pq */ +#define KEX_NOT_PQ 0 +#define KEX_IS_PQ 1 + struct sshenc { char *name; const struct sshcipher *cipher; @@ -189,6 +193,7 @@ int kex_name_valid(const char *); u_int kex_type_from_name(const char *); int kex_hash_from_name(const char *); int kex_nid_from_name(const char *); +int kex_is_pq_from_name(const char *); int kex_names_valid(const char *); char *kex_alg_list(char); char *kex_names_cat(const char *, const char *); diff --git a/readconf.c b/readconf.c index 781e5b004068..c7701d8c2633 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.404 2025/08/05 09:08:16 job Exp $ */ +/* $OpenBSD: readconf.c,v 1.405 2025/08/11 10:55:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -180,7 +180,7 @@ typedef enum { oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, oEnableEscapeCommandline, oObscureKeystrokeTiming, oChannelTimeout, - oVersionAddendum, oRefuseConnection, + oVersionAddendum, oRefuseConnection, oWarnWeakCrypto, oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -333,6 +333,7 @@ static struct { { "channeltimeout", oChannelTimeout }, { "versionaddendum", oVersionAddendum }, { "refuseconnection", oRefuseConnection }, + { "warnweakcrypto", oWarnWeakCrypto }, { NULL, oBadOption } }; @@ -1101,6 +1102,15 @@ static const struct multistate multistate_compression[] = { { "no", COMP_NONE }, { NULL, -1 } }; +/* XXX this will need to be replaced with a bitmask if we add more flags */ +static const struct multistate multistate_warnweakcrypto[] = { + { "true", 1 }, + { "false", 0 }, + { "yes", 1 }, + { "no", 0 }, + { "no-pq-kex", 0 }, + { NULL, -1 } +}; static int parse_multistate_value(const char *arg, const char *filename, int linenum, @@ -2427,6 +2437,11 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, intptr = &options->required_rsa_size; goto parse_int; + case oWarnWeakCrypto: + intptr = &options->warn_weak_crypto; + multistate_ptr = multistate_warnweakcrypto; + goto parse_multistate; + case oObscureKeystrokeTiming: value = -1; while ((arg = argv_next(&ac, &av)) != NULL) { @@ -2786,6 +2801,7 @@ initialize_options(Options * options) options->pubkey_accepted_algos = NULL; options->known_hosts_command = NULL; options->required_rsa_size = -1; + options->warn_weak_crypto = -1; options->enable_escape_commandline = -1; options->obscure_keystroke_timing_interval = -1; options->tag = NULL; @@ -2989,6 +3005,8 @@ fill_default_options(Options * options) #endif if (options->required_rsa_size == -1) options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; + if (options->warn_weak_crypto == -1) + options->warn_weak_crypto = 1; if (options->enable_escape_commandline == -1) options->enable_escape_commandline = 0; if (options->obscure_keystroke_timing_interval == -1) { @@ -3016,6 +3034,7 @@ fill_default_options(Options * options) goto fail; \ } \ } while (0) + options->kex_algorithms_set = options->kex_algorithms != NULL; ASSEMBLE(ciphers, def_cipher, all_cipher); ASSEMBLE(macs, def_mac, all_mac); ASSEMBLE(kex_algorithms, def_kex, all_kex); @@ -3703,6 +3722,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); dump_cfg_fmtint(oEnableEscapeCommandline, o->enable_escape_commandline); + dump_cfg_fmtint(oWarnWeakCrypto, o->warn_weak_crypto); /* Integer options */ dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); diff --git a/readconf.h b/readconf.h index 153fa62260d3..942149f9ae3f 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.160 2025/07/31 11:23:39 job Exp $ */ +/* $OpenBSD: readconf.h,v 1.161 2025/08/11 10:55:38 djm Exp $ */ /* * Author: Tatu Ylonen @@ -67,6 +67,7 @@ typedef struct { char *macs; /* SSH2 macs in order of preference. */ char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ char *kex_algorithms; /* SSH2 kex methods in order of preference. */ + int kex_algorithms_set; /* KexAlgorithms was set by the user */ char *ca_sign_algorithms; /* Allowed CA signature algorithms */ char *hostname; /* Real host to connect. */ char *tag; /* Configuration tag name. */ @@ -180,6 +181,7 @@ typedef struct { int required_rsa_size; /* minimum size of RSA keys */ int enable_escape_commandline; /* ~C commandline */ int obscure_keystroke_timing_interval; + int warn_weak_crypto; char **channel_timeouts; /* inactivity timeout by channel type */ u_int num_channel_timeouts; diff --git a/ssh_config.5 b/ssh_config.5 index f1673e014910..4cbe98631051 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.417 2025/08/05 09:08:16 job Exp $ -.Dd $Mdocdate: August 5 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.418 2025/08/11 10:55:38 djm Exp $ +.Dd $Mdocdate: August 11 2025 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -2229,6 +2229,20 @@ If this flag is set to (the default), no fingerprint strings are printed at login and only the fingerprint string will be printed for unknown host keys. +.It Cm WarnWeakCrypto +controls whether the user is warned when the cryptographic algorithms +negotiated for the connection are weak or otherwise recommended against. +Warnings may be disabled by turning off a specific warning or by disabling +all warnings. +Warnings that the connection is using a non-post quantum safe key exchange +may be disabled using the +.Cm no-pq-kex +flag. +.Cm no +will disable all warnings. +The default, equivalent to +.Cm yes , +is to enable all warnings. .It Cm XAuthLocation Specifies the full pathname of the .Xr xauth 1 diff --git a/sshconnect.c b/sshconnect.c index a90167fd6dae..09e937c9e64f 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.371 2025/05/24 09:46:16 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.372 2025/08/11 10:55:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1580,6 +1580,14 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key, return r; } +static void +warn_nonpq_kex(void) +{ + logit("** WARNING: connection is not using a post-quantum kex exchange algorithm."); + logit("** This session may be vulnerable to \"store now, decrypt later\" attacks."); + logit("** The server may need to be upgraded. See https://openssh.com/pq.html"); +} + /* * Starts a dialog with the server, and authenticates the current user on the * server. This does not need any extra privileges. The basic connection @@ -1615,6 +1623,10 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, /* authenticate user */ debug("Authenticating to %s:%d as '%s'", host, port, server_user); ssh_kex2(ssh, host, hostaddr, port, cinfo); + if (!options.kex_algorithms_set && ssh->kex != NULL && + ssh->kex->name != NULL && options.warn_weak_crypto && + !kex_is_pq_from_name(ssh->kex->name)) + warn_nonpq_kex(); ssh_userauth2(ssh, local_user, server_user, host, sensitive); free(local_user); free(host); From 8b6c1f402feb9eb6438003a312d7ffe8d5669896 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Mon, 11 Aug 2025 14:37:43 +0000 Subject: [PATCH 178/687] upstream: Handle localtime_r() failure by return "UNKNOWN-TIME" which is only used in user-visible contexts. freebsd 288773 shows their localtime_r() has failed at least once for unknown reason. discussed with djm OpenBSD-Commit-ID: 68f4c92d46b2578d4594b0ed940958d597fd61ac --- misc.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/misc.c b/misc.c index 838a7f788a7f..2e77eeb88de4 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.201 2025/07/31 11:23:39 job Exp $ */ +/* $OpenBSD: misc.c,v 1.202 2025/08/11 14:37:43 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -2540,8 +2540,10 @@ format_absolute_time(uint64_t t, char *buf, size_t len) time_t tt = t > SSH_TIME_T_MAX ? SSH_TIME_T_MAX : t; struct tm tm; - localtime_r(&tt, &tm); - strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm); + if (localtime_r(&tt, &tm) == NULL) + strlcpy(buf, "UNKNOWN-TIME", len); + else + strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm); } /* From ab5074dfb614e3801fecbd376d8ed4cea613c629 Mon Sep 17 00:00:00 2001 From: "sthen@openbsd.org" Date: Tue, 12 Aug 2025 11:09:48 +0000 Subject: [PATCH 179/687] upstream: fix typo, ok markus dtucker OpenBSD-Commit-ID: 8f223da7633752162c64a659c6cf55202703d870 --- sshconnect.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshconnect.c b/sshconnect.c index 09e937c9e64f..d2c8cf0bd8f2 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.372 2025/08/11 10:55:38 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.373 2025/08/12 11:09:48 sthen Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1583,7 +1583,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key, static void warn_nonpq_kex(void) { - logit("** WARNING: connection is not using a post-quantum kex exchange algorithm."); + logit("** WARNING: connection is not using a post-quantum key exchange algorithm."); logit("** This session may be vulnerable to \"store now, decrypt later\" attacks."); logit("** The server may need to be upgraded. See https://openssh.com/pq.html"); } From fde5a4d2cd01bea700439fa6d5bbad88e65c99bd Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 14 Aug 2025 09:26:53 +0000 Subject: [PATCH 180/687] upstream: Cast serial no for %lld to prevent compiler warnings on some platforms. OpenBSD-Commit-ID: 15644234b58abc9c6da2994f0422a5aa344a9e89 --- auth2-hostbased.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/auth2-hostbased.c b/auth2-hostbased.c index e28134a1ae2c..9d8b860eb14e 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.54 2025/08/06 04:53:04 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.55 2025/08/14 09:26:53 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -217,7 +217,8 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) fatal_f("sshkey_fingerprint fail"); error("Refusing certificate ID \"%s\" serial=%llu signed by " - "%s CA %s: %s", key->cert->key_id, key->cert->serial, + "%s CA %s: %s", key->cert->key_id, + (unsigned long long)key->cert->serial, sshkey_type(key->cert->signature_key), fp, reason); auth_debug_add("Refused Certificate ID \"%s\" serial=%llu: %s", key->cert->key_id, (unsigned long long)key->cert->serial, From 883886c959ecab152650e231335857eb3193c662 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 14 Aug 2025 09:44:39 +0000 Subject: [PATCH 181/687] upstream: Cast serial no for %lld to prevent compiler warnings on some platforms. OpenBSD-Commit-ID: 46c6063284d318f7e4dc922479a3e394c94b0588 --- auth2-pubkey.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 221b242f831d..d7704e5102ff 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.123 2025/08/06 04:53:04 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.124 2025/08/14 09:44:39 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -592,7 +592,7 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key, fail_reason: error("Refusing certificate ID \"%s\" serial=%llu " "signed by %s CA %s: %s", key->cert->key_id, - key->cert->serial, + (unsigned long long)key->cert->serial, sshkey_type(key->cert->signature_key), ca_fp, reason); auth_debug_add("Refused Certificate ID \"%s\" " From 32deb00b38b4ee2b3302f261ea1e68c04e020a08 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 14 Aug 2025 10:03:44 +0000 Subject: [PATCH 182/687] upstream: Cast serial no for %lld to prevent compiler warnings on some platforms. OpenBSD-Commit-ID: afadd741622f16c6733d461c0d6053ed52868a57 --- auth2-pubkeyfile.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/auth2-pubkeyfile.c b/auth2-pubkeyfile.c index 531a266ac336..9d59e566658e 100644 --- a/auth2-pubkeyfile.c +++ b/auth2-pubkeyfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkeyfile.c,v 1.5 2025/08/06 04:53:04 djm Exp $ */ +/* $OpenBSD: auth2-pubkeyfile.c,v 1.6 2025/08/14 10:03:44 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -389,8 +389,8 @@ auth_check_authkey_line(struct passwd *pw, struct sshkey *key, cert_fail_reason: error("Refusing certificate ID \"%s\" serial=%llu " "signed by %s CA %s via %s: %s", key->cert->key_id, - key->cert->serial, sshkey_type(key->cert->signature_key), - fp, loc, reason); + (unsigned long long)key->cert->serial, + sshkey_type(key->cert->signature_key), fp, loc, reason); auth_debug_add("Refused Certificate ID \"%s\" serial=%llu: %s", key->cert->key_id, (unsigned long long)key->cert->serial, reason); goto out; From a00f5b02e171bc6d6fb130050afb7a08f5ece1d8 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 13:44:53 +1000 Subject: [PATCH 183/687] handle futex_time64 properly in seccomp sandbox Previously we only allowed __NR_futex, but some 32-bit systems apparently support __NR_futex_time64. We had support for this in the sandbox, but because of a macro error only __NR_futex was allowlisted. ok dtucker@ --- sandbox-seccomp-filter.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index b31062c2b56c..827cb61ee696 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -180,12 +180,12 @@ /* Use this for both __NR_futex and __NR_futex_time64 */ # define SC_FUTEX(_nr) \ - SC_ALLOW_FUTEX_OP(__NR_futex, FUTEX_WAIT), \ - SC_ALLOW_FUTEX_OP(__NR_futex, FUTEX_WAIT_BITSET), \ - SC_ALLOW_FUTEX_OP(__NR_futex, FUTEX_WAKE), \ - SC_ALLOW_FUTEX_OP(__NR_futex, FUTEX_WAKE_BITSET), \ - SC_ALLOW_FUTEX_OP(__NR_futex, FUTEX_REQUEUE), \ - SC_ALLOW_FUTEX_OP(__NR_futex, FUTEX_CMP_REQUEUE) + SC_ALLOW_FUTEX_OP(_nr, FUTEX_WAIT), \ + SC_ALLOW_FUTEX_OP(_nr, FUTEX_WAIT_BITSET), \ + SC_ALLOW_FUTEX_OP(_nr, FUTEX_WAKE), \ + SC_ALLOW_FUTEX_OP(_nr, FUTEX_WAKE_BITSET), \ + SC_ALLOW_FUTEX_OP(_nr, FUTEX_REQUEUE), \ + SC_ALLOW_FUTEX_OP(_nr, FUTEX_CMP_REQUEUE) #endif /* __NR_futex || __NR_futex_time64 */ #if defined(__NR_mmap) || defined(__NR_mmap2) From 3a039108bd25ff10047d7fa64750ed7df10c717c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 13:46:37 +1000 Subject: [PATCH 184/687] allow some socket syscalls in seccomp sandbox Allow getsockname(2), getpeername(2) and getsockopt(2). Also allow setsockopt(2) but only IP_TOS and IPV6_TCLASS. Note that systems that use the older socketcall(2) mux syscall will not have IP_TOS and IPV6_TCLASS allowlisted. On these platforms, these calls will be soft-blocked (i.e. will fail rather than terminate the whole process with a sandbox violation). Needed for upcoming IPQoS change; ok dtucker@ --- sandbox-seccomp-filter.c | 44 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index 827cb61ee696..a8f34a76c995 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -49,6 +49,8 @@ #include #include +#include + #include #include #include @@ -200,6 +202,32 @@ SC_ALLOW_ARG_MASK(_nr, 2, PROT_READ|PROT_WRITE|PROT_NONE) #endif /* __NR_mmap || __NR_mmap2 */ +/* Special handling for setsockopt(2) */ +#define SC_ALLOW_SETSOCKOPT(_level, _optname) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_setsockopt, 0, 10), \ + /* load and test level, low word */ \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + offsetof(struct seccomp_data, args[1]) + ARG_LO_OFFSET), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, \ + ((_level) & 0xFFFFFFFF), 0, 7), \ + /* load and test level high word is zero */ \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + offsetof(struct seccomp_data, args[1]) + ARG_HI_OFFSET), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, 0, 0, 5), \ + /* load and test optname, low word */ \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + offsetof(struct seccomp_data, args[2]) + ARG_LO_OFFSET), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, \ + ((_optname) & 0xFFFFFFFF), 0, 3), \ + /* load and test level high word is zero */ \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + offsetof(struct seccomp_data, args[2]) + ARG_HI_OFFSET), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, 0, 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), \ + /* reload syscall number; all rules expect it in accumulator */ \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + offsetof(struct seccomp_data, nr)) + /* Syscall filtering set for preauth. */ static const struct sock_filter preauth_insns[] = { /* Ensure the syscall arch convention is as expected. */ @@ -398,7 +426,23 @@ static const struct sock_filter preauth_insns[] = { #ifdef __NR_writev SC_ALLOW(__NR_writev), #endif +#ifdef __NR_getsockopt + SC_ALLOW(__NR_getsockopt), +#endif +#ifdef __NR_getsockname + SC_ALLOW(__NR_getsockname), +#endif +#ifdef __NR_getpeername + SC_ALLOW(__NR_getpeername), +#endif +#ifdef __NR_setsockopt + SC_ALLOW_SETSOCKOPT(IPPROTO_IPV6, IPV6_TCLASS), + SC_ALLOW_SETSOCKOPT(IPPROTO_IP, IP_TOS), +#endif #ifdef __NR_socketcall + SC_ALLOW_ARG(__NR_socketcall, 0, SYS_GETPEERNAME), + SC_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKNAME), + SC_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKOPT), SC_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN), SC_DENY(__NR_socketcall, EACCES), #endif From 80b5ffd22abd4093201939e31d1ea6dc8cc7913a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 01:59:53 +0000 Subject: [PATCH 185/687] upstream: make -E a no-op in sshd-auth. Redirecting logging to a file doesn't work in this program as logging already goes via the parent sshd-session process. ok dtucker@ OpenBSD-Commit-ID: 73325b9e69364117c18305f896c620a3abcf4f87 --- sshd-auth.c | 21 ++------------------- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/sshd-auth.c b/sshd-auth.c index 5de06a5baa49..6bf596e7a5fa 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.4 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.5 2025/08/18 01:59:53 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -445,7 +445,7 @@ main(int ac, char **av) extern int optind; int r, opt, have_key = 0; int sock_in = -1, sock_out = -1, rexeced_flag = 0; - char *line, *logfile = NULL; + char *line; u_int i; mode_t new_umask; Authctxt *authctxt; @@ -508,11 +508,7 @@ main(int ac, char **av) options.log_level++; break; case 'D': - /* ignore */ - break; case 'E': - logfile = optarg; - /* FALLTHROUGH */ case 'e': /* ignore */ break; @@ -601,19 +597,6 @@ main(int ac, char **av) OpenSSL_add_all_algorithms(); #endif - /* If requested, redirect the logs to the specified logfile. */ - if (logfile != NULL) { - char *cp, pid_s[32]; - - snprintf(pid_s, sizeof(pid_s), "%ld", (unsigned long)getpid()); - cp = percent_expand(logfile, - "p", pid_s, - "P", "sshd-auth", - (char *)NULL); - log_redirect_stderr_to(cp); - free(cp); - } - log_init(__progname, options.log_level == SYSLOG_LEVEL_NOT_SET ? SYSLOG_LEVEL_INFO : options.log_level, From 9b61679d73a8a001c25ab308db8a3162456010cf Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 03:28:02 +0000 Subject: [PATCH 186/687] upstream: add channel_report_open() to report (to logs) open channels; ok deraadt@ (as part of bigger diff) OpenBSD-Commit-ID: 7f691e25366c5621d7ed6f7f9018d868f7511c0d --- channels.c | 17 ++++++++++++++++- channels.h | 3 ++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/channels.c b/channels.c index 0efbd8d174c7..9d56310172f3 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.446 2025/06/02 14:09:34 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.447 2025/08/18 03:28:02 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1096,6 +1096,21 @@ channel_open_message(struct ssh *ssh) return ret; } +void +channel_report_open(struct ssh *ssh, int level) +{ + char *open, *oopen, *cp, ident[256]; + + sshpkt_fmt_connection_id(ssh, ident, sizeof(ident)); + do_log2(level, "Connection: %s (pid %ld)", ident, (long)getpid()); + open = oopen = channel_open_message(ssh); + while ((cp = strsep(&open, "\r\n")) != NULL) { + if (*cp != '\0') + do_log2(level, "%s", cp); + } + free(oopen); +} + static void open_preamble(struct ssh *ssh, const char *where, Channel *c, const char *type) { diff --git a/channels.h b/channels.h index 134528d59c72..1bfade4c5c77 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.158 2024/10/13 22:20:06 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.159 2025/08/18 03:28:02 djm Exp $ */ /* * Author: Tatu Ylonen @@ -344,6 +344,7 @@ int channel_still_open(struct ssh *); int channel_tty_open(struct ssh *); const char *channel_format_extended_usage(const Channel *); char *channel_open_message(struct ssh *); +void channel_report_open(struct ssh *, int); int channel_find_open(struct ssh *); /* tcp forwarding */ From f807a598c96be683d97810481e954ec9db6b0027 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 03:28:36 +0000 Subject: [PATCH 187/687] upstream: SIGINFO handler for ssh(1) to dump active channels/sessions ok deraadt@ OpenBSD-Commit-ID: 12f88a5044bca40ef5f41ff61b1755d0e25df901 --- clientloop.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/clientloop.c b/clientloop.c index 5f6577f65632..b9c050409861 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.412 2025/06/17 01:20:17 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.413 2025/08/18 03:28:36 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -147,7 +147,8 @@ extern char *forward_agent_sock_path; * because this is updated in a signal handler. */ static volatile sig_atomic_t received_window_change_signal = 0; -static volatile sig_atomic_t received_signal = 0; +static volatile sig_atomic_t siginfo_received = 0; +static volatile sig_atomic_t received_signal = 0; /* exit signals */ /* Time when backgrounded control master using ControlPersist should exit */ static time_t control_persist_exit_time = 0; @@ -224,6 +225,13 @@ window_change_handler(int sig) received_window_change_signal = 1; } +/* Signal handler for SIGINFO */ +static void +siginfo_handler(int sig) +{ + siginfo_received = 1; +} + /* * Signal handler for signals that cause the program to terminate. These * signals must be trapped to restore terminal modes. @@ -1514,6 +1522,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, if (ssh_signal(SIGTERM, SIG_IGN) != SIG_IGN) ssh_signal(SIGTERM, signal_handler); ssh_signal(SIGWINCH, window_change_handler); + ssh_signal(SIGINFO, siginfo_handler); if (have_pty) enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); @@ -1536,7 +1545,8 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, sigaddset(&bsigset, SIGHUP) == -1 || sigaddset(&bsigset, SIGINT) == -1 || sigaddset(&bsigset, SIGQUIT) == -1 || - sigaddset(&bsigset, SIGTERM) == -1) + sigaddset(&bsigset, SIGTERM) == -1 || + sigaddset(&bsigset, SIGINFO) == -1) error_f("bsigset setup: %s", strerror(errno)); /* Main loop of the client for the interactive session mode. */ @@ -1577,6 +1587,10 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, */ if (sigprocmask(SIG_BLOCK, &bsigset, &osigset) == -1) error_f("bsigset sigprocmask: %s", strerror(errno)); + if (siginfo_received) { + siginfo_received = 0; + channel_report_open(ssh, SYSLOG_LEVEL_INFO); + } if (quit_pending) break; client_wait_until_can_do_something(ssh, &pfd, &npfd_alloc, From dc5147028ff19213a32281dad07bba02e58da3fa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 03:29:11 +0000 Subject: [PATCH 188/687] upstream: SIGINFO handler for sshd(8) to dump active channels/sessions ok deraadt@ OpenBSD-Commit-ID: 9955cb6d157c6d7aa23a819e8ef61b1edabc8b7d --- serverloop.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/serverloop.c b/serverloop.c index 40ddfb042b49..dc96288745ea 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.241 2024/11/26 22:01:37 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.242 2025/08/18 03:29:11 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -89,7 +89,8 @@ extern struct sshauthopt *auth_opts; static int no_more_sessions = 0; /* Disallow further sessions. */ -static volatile sig_atomic_t child_terminated = 0; /* The child has terminated. */ +static volatile sig_atomic_t child_terminated = 0; /* set on SIGCHLD */ +static volatile sig_atomic_t siginfo_received = 0; /* prototypes */ static void server_init_dispatch(struct ssh *); @@ -103,6 +104,12 @@ sigchld_handler(int sig) child_terminated = 1; } +static void +siginfo_handler(int sig) +{ + siginfo_received = 1; +} + static void client_alive_check(struct ssh *ssh) { @@ -326,9 +333,12 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) debug("Entering interactive session for SSH2."); - if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGCHLD) == -1) + if (sigemptyset(&bsigset) == -1 || + sigaddset(&bsigset, SIGCHLD) == -1 || + sigaddset(&bsigset, SIGINFO) == -1) error_f("bsigset setup: %s", strerror(errno)); ssh_signal(SIGCHLD, sigchld_handler); + ssh_signal(SIGINFO, siginfo_handler); child_terminated = 0; connection_in = ssh_packet_get_connection_in(ssh); connection_out = ssh_packet_get_connection_out(ssh); @@ -350,6 +360,10 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) if (sigprocmask(SIG_BLOCK, &bsigset, &osigset) == -1) error_f("bsigset sigprocmask: %s", strerror(errno)); collect_children(ssh); + if (siginfo_received) { + siginfo_received = 0; + channel_report_open(ssh, SYSLOG_LEVEL_INFO); + } wait_until_can_do_something(ssh, connection_in, connection_out, &pfd, &npfd_alloc, &npfd_active, &osigset, &conn_in_ready, &conn_out_ready); From 289239046b2c4b0076c14394ae9703a879e78706 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 03:43:01 +0000 Subject: [PATCH 189/687] upstream: Make ssh(1) and sshd(8) set IP QoS (aka IP_TOS, IPV6_TCLASS) continually at runtime based on what sessions/channels are open. Previously, ssh(1) and sshd(8) would pick a QoS value when they were started and use it for the whole connection. This could produce suboptimal choices for the QoS value, e.g. for multiplexed sessions that started interactive but picked up a sftp client, or sessions that moved large amounts of data via port forwarding. Now the QoS value will change to the non-interactive IPQoS whenever a "non-interactive" channel is open; basically any channel that lacks a tty other than agent forwarding. This is important now that the default interactive IPQoS is EF (Expedited Forwarding), as many networks are configured to allow only relatively small amounts of traffic of this class and they will aggressively deprioritise the entire connection if this is exceeded. NB. because ssh(1) and sshd(8) now change IP_TOS/IPV6_TCLASS continually via setsockopt(), this commit requires a recent pledge(2) change that landed recently in the OpenBSD kernel. Please ensure you have updated to a kernel from within the last two weeks before updating OpenSSH. with job@ deraadt@ OpenBSD-Commit-ID: 325fc41717eecdf5e4b534bfa8d66817425b840f --- channels.c | 46 ++++++++++++++++++++++++++++--- channels.h | 9 ++++++- clientloop.c | 13 +++++---- misc.c | 6 ++++- mux.c | 4 ++- packet.c | 73 ++++++++++++++++++++++++++++++++++---------------- packet.h | 5 ++-- serverloop.c | 9 ++++++- session.c | 7 +---- ssh.c | 27 ++++++------------- sshd-auth.c | 4 ++- sshd-session.c | 4 ++- 12 files changed, 142 insertions(+), 65 deletions(-) diff --git a/channels.c b/channels.c index 9d56310172f3..61cc8a008bfd 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.447 2025/08/18 03:28:02 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.448 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -212,6 +212,10 @@ struct ssh_channels { /* Global timeout for all OPEN channels */ int global_deadline; time_t lastused; + /* pattern-lists used to classify channels as bulk */ + char *bulk_classifier_tty, *bulk_classifier_notty; + /* Number of active bulk channels (set by channel_handler) */ + u_int nbulk; }; /* helper */ @@ -239,6 +243,8 @@ channel_init_channels(struct ssh *ssh) sc->channels_alloc = 10; sc->channels = xcalloc(sc->channels_alloc, sizeof(*sc->channels)); sc->IPv4or6 = AF_UNSPEC; + sc->bulk_classifier_tty = xstrdup(CHANNEL_BULK_TTY); + sc->bulk_classifier_notty = xstrdup(CHANNEL_BULK_NOTTY); channel_handler_init(sc); ssh->chanctxt = sc; @@ -357,6 +363,17 @@ lookup_timeout(struct ssh *ssh, const char *type) return 0; } +static void +channel_classify(struct ssh *ssh, Channel *c) +{ + struct ssh_channels *sc = ssh->chanctxt; + const char *type = c->xctype == NULL ? c->ctype : c->xctype; + const char *classifier = c->isatty ? + sc->bulk_classifier_tty : sc->bulk_classifier_notty; + + c->bulk = type != NULL && match_pattern_list(type, classifier, 0) == 1; +} + /* * Sets "extended type" of a channel; used by session layer to add additional * information about channel types (e.g. shell, login, subsystem) that can then @@ -375,6 +392,7 @@ channel_set_xtype(struct ssh *ssh, int id, const char *xctype) c->xctype = xstrdup(xctype); /* Type has changed, so look up inactivity deadline again */ c->inactive_deadline = lookup_timeout(ssh, c->xctype); + channel_classify(ssh, c); debug2_f("labeled channel %d as %s (inactive timeout %u)", id, xctype, c->inactive_deadline); } @@ -411,6 +429,13 @@ channel_get_expiry(struct ssh *ssh, Channel *c) return expiry; } +/* Returns non-zero if there is an open, non-interactive channel */ +int +channel_has_bulk(struct ssh *ssh) +{ + return ssh->chanctxt != NULL && ssh->chanctxt->nbulk != 0; +} + /* * Register filedescriptors for a channel, used when allocating a channel or * when the channel consumer/producer is ready, e.g. shell exec'd @@ -478,6 +503,7 @@ channel_register_fds(struct ssh *ssh, Channel *c, int rfd, int wfd, int efd, } /* channel might be entering a larval state, so reset global timeout */ channel_set_used_time(ssh, NULL); + channel_classify(ssh, c); } /* @@ -537,11 +563,19 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd, c->delayed = 1; /* prevent call to channel_post handler */ c->inactive_deadline = lookup_timeout(ssh, c->ctype); TAILQ_INIT(&c->status_confirms); + channel_classify(ssh, c); debug("channel %d: new %s [%s] (inactive timeout: %u)", found, c->ctype, remote_name, c->inactive_deadline); return c; } +void +channel_set_tty(struct ssh *ssh, Channel *c) +{ + c->isatty = 1; + channel_classify(ssh, c); +} + int channel_close_fd(struct ssh *ssh, Channel *c, int *fdp) { @@ -1019,7 +1053,7 @@ channel_format_status(const Channel *c) char *ret = NULL; xasprintf(&ret, "t%d [%s] %s%u %s%u i%u/%zu o%u/%zu e[%s]/%zu " - "fd %d/%d/%d sock %d cc %d %s%u io 0x%02x/0x%02x", + "fd %d/%d/%d sock %d cc %d %s%u io 0x%02x/0x%02x %s%s", c->type, c->xctype != NULL ? c->xctype : c->ctype, c->have_remote_id ? "r" : "nr", c->remote_id, c->mux_ctx != NULL ? "m" : "nm", c->mux_downstream_id, @@ -1028,7 +1062,8 @@ channel_format_status(const Channel *c) channel_format_extended_usage(c), sshbuf_len(c->extended), c->rfd, c->wfd, c->efd, c->sock, c->ctl_chan, c->have_ctl_child_id ? "c" : "nc", c->ctl_child_id, - c->io_want, c->io_ready); + c->io_want, c->io_ready, + c->isatty ? "T" : "", c->bulk ? "B" : "I"); return ret; } @@ -2621,10 +2656,13 @@ channel_handler(struct ssh *ssh, int table, struct timespec *timeout) time_t now; now = monotime(); - for (i = 0, oalloc = sc->channels_alloc; i < oalloc; i++) { + for (sc->nbulk = i = 0, oalloc = sc->channels_alloc; i < oalloc; i++) { c = sc->channels[i]; if (c == NULL) continue; + /* Count open channels in bulk state */ + if (c->type == SSH_CHANNEL_OPEN && c->bulk) + sc->nbulk++; /* Try to keep IO going while rekeying */ if (ssh_packet_is_rekeying(ssh) && c->type != SSH_CHANNEL_OPEN) continue; diff --git a/channels.h b/channels.h index 1bfade4c5c77..145ea2f69445 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.159 2025/08/18 03:28:02 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.160 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen @@ -82,6 +82,10 @@ #define FORWARD_ADM 0x100 #define FORWARD_USER 0x101 +/* default pattern-lists used to classify channel types as bulk */ +#define CHANNEL_BULK_TTY "" +#define CHANNEL_BULK_NOTTY "direct-*,forwarded-*,tun-*,x11-*,session*" + struct ssh; struct Channel; typedef struct Channel Channel; @@ -180,6 +184,7 @@ struct Channel { char *ctype; /* const type - NB. not freed on channel_free */ char *xctype; /* extended type */ + int bulk; /* channel is non-interactive */ /* callback */ channel_open_fn *open_confirm; @@ -289,6 +294,7 @@ Channel *channel_new(struct ssh *, char *, int, int, int, int, u_int, u_int, int, const char *, int); void channel_set_fds(struct ssh *, int, int, int, int, int, int, int, u_int); +void channel_set_tty(struct ssh *, Channel *); void channel_free(struct ssh *, Channel *); void channel_free_all(struct ssh *); void channel_stop_listening(struct ssh *); @@ -308,6 +314,7 @@ void channel_register_status_confirm(struct ssh *, int, void channel_cancel_cleanup(struct ssh *, int); int channel_close_fd(struct ssh *, Channel *, int *); void channel_send_window_changes(struct ssh *); +int channel_has_bulk(struct ssh *); /* channel inactivity timeouts */ void channel_add_timeout(struct ssh *, const char *, int); diff --git a/clientloop.c b/clientloop.c index b9c050409861..677bf40f0233 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.413 2025/08/18 03:28:36 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.414 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1455,7 +1455,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, struct pollfd *pfd = NULL; u_int npfd_alloc = 0, npfd_active = 0; double start_time, total_time; - int channel_did_enqueue = 0, r; + int interactive = -1, channel_did_enqueue = 0, r; u_int64_t ibytes, obytes; int conn_in_ready, conn_out_ready; sigset_t bsigset, osigset; @@ -1621,6 +1621,12 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, * sender. */ if (conn_out_ready) { + if (interactive != !channel_has_bulk(ssh)) { + interactive = !channel_has_bulk(ssh); + debug2_f("session QoS is now %s", interactive ? + "interactive" : "non-interactive"); + ssh_packet_set_interactive(ssh, interactive); + } if ((r = ssh_packet_write_poll(ssh)) != 0) { sshpkt_fatal(ssh, r, "%s: ssh_packet_write_poll", __func__); @@ -2706,9 +2712,6 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, if ((c = channel_lookup(ssh, id)) == NULL) fatal_f("channel %d: unknown channel", id); - ssh_packet_set_interactive(ssh, want_tty, - options.ip_qos_interactive, options.ip_qos_bulk); - if (want_tty) { struct winsize ws; diff --git a/misc.c b/misc.c index 2e77eeb88de4..ef77a6b7f612 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.202 2025/08/11 14:37:43 deraadt Exp $ */ +/* $OpenBSD: misc.c,v 1.203 2025/08/18 03:43:01 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -297,6 +297,10 @@ set_sock_tos(int fd, int tos) #ifndef IP_TOS_IS_BROKEN int af; + if (tos < 0 || tos == INT_MAX) { + debug_f("invalid TOS %d", tos); + return; + } switch ((af = get_sock_af(fd))) { case -1: /* assume not a socket */ diff --git a/mux.c b/mux.c index 1a4f357d46f0..542024e7a448 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.104 2025/07/04 00:17:55 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.105 2025/08/18 03:43:01 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -460,6 +460,8 @@ mux_master_process_new_session(struct ssh *ssh, u_int rid, nc = channel_new(ssh, "session", SSH_CHANNEL_OPENING, new_fd[0], new_fd[1], new_fd[2], window, packetmax, CHAN_EXTENDED_WRITE, "client-session", CHANNEL_NONBLOCK_STDIO); + if (cctx->want_tty) + channel_set_tty(ssh, nc); nc->ctl_chan = c->self; /* link session -> control channel */ c->ctl_child_id = nc->self; /* link control -> session channel */ diff --git a/packet.c b/packet.c index 7f67f4fcd55e..b899fcafb57d 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.319 2025/08/06 23:44:09 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.320 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -210,8 +210,8 @@ struct session_state { /* Used in ssh_packet_send_mux() */ int mux; - /* Used in packet_set_interactive */ - int set_interactive_called; + /* QoS handling */ + int qos_interactive, qos_other; /* Used in packet_set_maxsize */ int set_maxsize_called; @@ -225,6 +225,9 @@ struct session_state { */ int disconnecting; + /* Nagle disabled on socket */ + int nodelay_set; + /* Hook for fuzzing inbound packets */ ssh_packet_hook_fn *hook_in; void *hook_in_ctx; @@ -253,6 +256,8 @@ ssh_alloc_session_state(void) state->connection_out = -1; state->max_packet_size = 32768; state->packet_timeout_ms = -1; + state->interactive_mode = 1; + state->qos_interactive = state->qos_other = -1; state->p_send.packets = state->p_read.packets = 0; state->initialized = 1; /* @@ -2212,37 +2217,44 @@ ssh_packet_interactive_data_to_write(struct ssh *ssh) sshbuf_len(ssh->state->output) < 256; } -void -ssh_packet_set_tos(struct ssh *ssh, int tos) +static void +apply_qos(struct ssh *ssh) { - if (!ssh_packet_connection_is_on_socket(ssh) || tos == INT_MAX) + struct session_state *state = ssh->state; + int qos = state->interactive_mode ? + state->qos_interactive : state->qos_other; + + if (!ssh_packet_connection_is_on_socket(ssh)) return; - set_sock_tos(ssh->state->connection_in, tos); + if (!state->nodelay_set) { + set_nodelay(state->connection_in); + state->nodelay_set = 1; + } + set_sock_tos(ssh->state->connection_in, qos); } -/* Informs that the current session is interactive. Sets IP flags for that. */ - +/* Informs that the current session is interactive. */ void -ssh_packet_set_interactive(struct ssh *ssh, int interactive, int qos_interactive, int qos_bulk) +ssh_packet_set_interactive(struct ssh *ssh, int interactive) { struct session_state *state = ssh->state; - if (state->set_interactive_called) - return; - state->set_interactive_called = 1; - - /* Record that we are in interactive mode. */ state->interactive_mode = interactive; + apply_qos(ssh); +} - /* Only set socket options if using a socket. */ - if (!ssh_packet_connection_is_on_socket(ssh)) - return; - set_nodelay(state->connection_in); - ssh_packet_set_tos(ssh, interactive ? qos_interactive : qos_bulk); +/* Set QoS flags to be used for interactive and non-interactive sessions */ +void +ssh_packet_set_qos(struct ssh *ssh, int qos_interactive, int qos_other) +{ + struct session_state *state = ssh->state; + + state->qos_interactive = qos_interactive; + state->qos_other = qos_other; + apply_qos(ssh); } /* Returns true if the current connection is interactive. */ - int ssh_packet_is_interactive(struct ssh *ssh) { @@ -2421,6 +2433,7 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m) struct session_state *state = ssh->state; int r; +#define ENCODE_INT(v) (((v) < 0) ? 0xFFFFFFFF : (u_int)v) if ((r = kex_to_blob(m, ssh->kex)) != 0 || (r = newkeys_to_blob(m, ssh, MODE_OUT)) != 0 || (r = newkeys_to_blob(m, ssh, MODE_IN)) != 0 || @@ -2435,9 +2448,12 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m) (r = sshbuf_put_u32(m, state->p_read.packets)) != 0 || (r = sshbuf_put_u64(m, state->p_read.bytes)) != 0 || (r = sshbuf_put_stringb(m, state->input)) != 0 || - (r = sshbuf_put_stringb(m, state->output)) != 0) + (r = sshbuf_put_stringb(m, state->output)) != 0 || + (r = sshbuf_put_u32(m, ENCODE_INT(state->interactive_mode))) != 0 || + (r = sshbuf_put_u32(m, ENCODE_INT(state->qos_interactive))) != 0 || + (r = sshbuf_put_u32(m, ENCODE_INT(state->qos_other))) != 0) return r; - +#undef ENCODE_INT return 0; } @@ -2556,6 +2572,7 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m) const u_char *input, *output; size_t ilen, olen; int r; + u_int interactive, qos_interactive, qos_other; if ((r = kex_from_blob(m, &ssh->kex)) != 0 || (r = newkeys_from_blob(m, ssh, MODE_OUT)) != 0 || @@ -2592,6 +2609,16 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m) (r = sshbuf_put(state->output, output, olen)) != 0) return r; + if ((r = sshbuf_get_u32(m, &interactive)) != 0 || + (r = sshbuf_get_u32(m, &qos_interactive)) != 0 || + (r = sshbuf_get_u32(m, &qos_other)) != 0) + return r; +#define DECODE_INT(v) ((v) > INT_MAX ? -1 : (v)) + state->interactive_mode = DECODE_INT(interactive); + state->qos_interactive = DECODE_INT(qos_interactive); + state->qos_other = DECODE_INT(qos_other); +#undef DECODE_INT + if (sshbuf_len(m)) return SSH_ERR_INVALID_FORMAT; debug3_f("done"); diff --git a/packet.h b/packet.h index 49bb87f0750b..6828476c7923 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.99 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.100 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen @@ -111,8 +111,9 @@ int ssh_packet_check_rekey(struct ssh *); void ssh_packet_set_protocol_flags(struct ssh *, u_int); u_int ssh_packet_get_protocol_flags(struct ssh *); void ssh_packet_set_tos(struct ssh *, int); -void ssh_packet_set_interactive(struct ssh *, int, int, int); +void ssh_packet_set_interactive(struct ssh *, int); int ssh_packet_is_interactive(struct ssh *); +void ssh_packet_set_qos(struct ssh *, int, int); void ssh_packet_set_server(struct ssh *); void ssh_packet_set_authenticated(struct ssh *); void ssh_packet_set_mux(struct ssh *); diff --git a/serverloop.c b/serverloop.c index dc96288745ea..753f56388b38 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.242 2025/08/18 03:29:11 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.243 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -292,8 +292,15 @@ static void process_output(struct ssh *ssh, int connection_out) { int r; + static int interactive = -1; /* Send any buffered packet data to the client. */ + if (interactive != !channel_has_bulk(ssh)) { + interactive = !channel_has_bulk(ssh); + debug2_f("session QoS is now %s", interactive ? + "interactive" : "non-interactive"); + ssh_packet_set_interactive(ssh, interactive); + } if ((r = ssh_packet_write_poll(ssh)) != 0) { sshpkt_fatal(ssh, r, "%s: ssh_packet_write_poll", __func__); diff --git a/session.c b/session.c index 630e0e6a353c..7b030793ac28 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.342 2025/05/05 02:48:06 djm Exp $ */ +/* $OpenBSD: session.c,v 1.343 2025/08/18 03:43:01 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -498,9 +498,6 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) #endif s->pid = pid; - /* Set interactive/non-interactive mode. */ - ssh_packet_set_interactive(ssh, s->display != NULL, - options.ip_qos_interactive, options.ip_qos_bulk); /* * Clear loginmsg, since it's the child's responsibility to display @@ -628,8 +625,6 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) /* Enter interactive session. */ s->ptymaster = ptymaster; - ssh_packet_set_interactive(ssh, 1, - options.ip_qos_interactive, options.ip_qos_bulk); session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); return 0; } diff --git a/ssh.c b/ssh.c index b44a943134ee..58c254b93d86 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.614 2025/06/19 05:49:05 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.615 2025/08/18 03:43:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -758,7 +758,6 @@ main(int ac, char **av) fatal("Couldn't allocate session state"); channel_init_channels(ssh); - /* Parse command-line arguments. */ args = argv_assemble(ac, av); /* logged later */ host = NULL; @@ -1376,6 +1375,8 @@ main(int ac, char **av) if (options.port == 0) options.port = default_ssh_port(); channel_set_af(ssh, options.address_family); + ssh_packet_set_qos(ssh, options.ip_qos_interactive, + options.ip_qos_bulk); /* Tidy and check options */ if (options.host_key_alias != NULL) @@ -2182,7 +2183,7 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) { extern char **environ; const char *display, *term; - int r, interactive = tty_flag; + int r; char *proto = NULL, *data = NULL; if (!success) @@ -2201,7 +2202,6 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) data, 1); client_expect_confirm(ssh, id, "X11 forwarding", CONFIRM_WARN); /* XXX exit_on_forward_failure */ - interactive = 1; } check_agent_present(); @@ -2212,10 +2212,6 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) fatal_fr(r, "send packet"); } - /* Tell the packet module whether this is an interactive session. */ - ssh_packet_set_interactive(ssh, interactive, - options.ip_qos_interactive, options.ip_qos_bulk); - if ((term = lookup_env_in_list("TERM", options.setenv, options.num_setenv)) == NULL || *term == '\0') term = getenv("TERM"); @@ -2252,8 +2248,9 @@ ssh_session2_open(struct ssh *ssh) "session", SSH_CHANNEL_OPENING, in, out, err, window, packetmax, CHAN_EXTENDED_WRITE, "client-session", CHANNEL_NONBLOCK_STDIO); - - debug3_f("channel_new: %d", c->self); + if (tty_flag) + channel_set_tty(ssh, c); + debug3_f("channel_new: %d%s", c->self, tty_flag ? " (tty)" : ""); channel_send_open(ssh, c->self); if (options.session_type != SESSION_TYPE_NONE) @@ -2266,7 +2263,7 @@ ssh_session2_open(struct ssh *ssh) static int ssh_session2(struct ssh *ssh, const struct ssh_conn_info *cinfo) { - int r, interactive, id = -1; + int r, id = -1; char *cp, *tun_fwd_ifname = NULL; /* XXX should be pre-session */ @@ -2322,14 +2319,6 @@ ssh_session2(struct ssh *ssh, const struct ssh_conn_info *cinfo) if (options.session_type != SESSION_TYPE_NONE) id = ssh_session2_open(ssh); - else { - interactive = options.control_master == SSHCTL_MASTER_NO; - /* ControlPersist may have clobbered ControlMaster, so check */ - if (need_controlpersist_detach) - interactive = otty_flag != 0; - ssh_packet_set_interactive(ssh, interactive, - options.ip_qos_interactive, options.ip_qos_bulk); - } /* If we don't expect to open a new session, then disallow it */ if (options.control_master == SSHCTL_MASTER_NO && diff --git a/sshd-auth.c b/sshd-auth.c index 6bf596e7a5fa..9dd086c4ce6a 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.5 2025/08/18 01:59:53 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.6 2025/08/18 03:43:01 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -652,6 +652,8 @@ main(int ac, char **av) /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); options.timing_secret = timing_secret; /* XXX eliminate from unpriv */ + ssh_packet_set_qos(ssh, options.ip_qos_interactive, + options.ip_qos_bulk); /* Reinit logging in case config set Level, Facility or Verbose. */ log_init(__progname, options.log_level, options.log_facility, 1); diff --git a/sshd-session.c b/sshd-session.c index 60f887e92d7b..4aad8b6fe140 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.13 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.14 2025/08/18 03:43:01 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -1207,6 +1207,8 @@ main(int ac, char **av) fatal("Unable to create connection"); the_active_state = ssh; ssh_packet_set_server(ssh); + ssh_packet_set_qos(ssh, options.ip_qos_interactive, + options.ip_qos_bulk); check_ip_options(ssh); From b7ee13fbbb4ebafcf71f29685f053ecb97d1bcef Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 14:22:18 +1000 Subject: [PATCH 190/687] wrap SIGINFO in ifdef --- clientloop.c | 11 +++++++++-- serverloop.c | 9 +++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/clientloop.c b/clientloop.c index 677bf40f0233..b9a010414ff3 100644 --- a/clientloop.c +++ b/clientloop.c @@ -225,12 +225,14 @@ window_change_handler(int sig) received_window_change_signal = 1; } +#ifdef SIGINFO /* Signal handler for SIGINFO */ static void siginfo_handler(int sig) { siginfo_received = 1; } +#endif /* * Signal handler for signals that cause the program to terminate. These @@ -1522,7 +1524,9 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, if (ssh_signal(SIGTERM, SIG_IGN) != SIG_IGN) ssh_signal(SIGTERM, signal_handler); ssh_signal(SIGWINCH, window_change_handler); +#ifdef SIGINFO ssh_signal(SIGINFO, siginfo_handler); +#endif if (have_pty) enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); @@ -1545,9 +1549,12 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, sigaddset(&bsigset, SIGHUP) == -1 || sigaddset(&bsigset, SIGINT) == -1 || sigaddset(&bsigset, SIGQUIT) == -1 || - sigaddset(&bsigset, SIGTERM) == -1 || - sigaddset(&bsigset, SIGINFO) == -1) + sigaddset(&bsigset, SIGTERM) == -1) error_f("bsigset setup: %s", strerror(errno)); +#ifdef SIGINFO + if (sigaddset(&bsigset, SIGINFO) == -1) + error_f("bsigset setup: %s", strerror(errno)); +#endif /* Main loop of the client for the interactive session mode. */ while (!quit_pending) { diff --git a/serverloop.c b/serverloop.c index 753f56388b38..4beb2a390b6d 100644 --- a/serverloop.c +++ b/serverloop.c @@ -104,11 +104,13 @@ sigchld_handler(int sig) child_terminated = 1; } +#ifdef SIGINFO static void siginfo_handler(int sig) { siginfo_received = 1; } +#endif static void client_alive_check(struct ssh *ssh) @@ -341,11 +343,14 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) debug("Entering interactive session for SSH2."); if (sigemptyset(&bsigset) == -1 || - sigaddset(&bsigset, SIGCHLD) == -1 || - sigaddset(&bsigset, SIGINFO) == -1) + sigaddset(&bsigset, SIGCHLD) == -1) error_f("bsigset setup: %s", strerror(errno)); ssh_signal(SIGCHLD, sigchld_handler); +#ifdef SIGINFO + if (sigaddset(&bsigset, SIGINFO) == -1) + error_f("bsigset setup: %s", strerror(errno)); ssh_signal(SIGINFO, siginfo_handler); +#endif child_terminated = 0; connection_in = ssh_packet_get_connection_in(ssh); connection_out = ssh_packet_get_connection_out(ssh); From 056022261e6cf7eb65bbacac72afe5f4d5945f2c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 14:22:32 +1000 Subject: [PATCH 191/687] depend --- .depend | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.depend b/.depend index f569b603d450..6961e34dd392 100644 --- a/.depend +++ b/.depend @@ -8,8 +8,11 @@ atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth-bsdauth-monitor.o: xmalloc.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h log.h ssherr.h auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-log.o: authfile.h monitor_wrap.h channels.h +auth-log.o: xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h auth-options.h canohost.h packet.h dispatch.h auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h @@ -18,17 +21,25 @@ auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth.o: authfile.h monitor_wrap.h channels.h auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h dispatch.h +auth2-banner.o: atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h pathnames.h auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth2-hostbased-monitor.o: canohost.h pathnames.h match.h +auth2-hostbased-monitor.o: xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h uidswap.h auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h auth2-hostbased.o: monitor_wrap.h pathnames.h match.h +auth2-kbdint-monitor.o: xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h auth2-methods.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h xmalloc.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h misc.h servconf.h ssh2.h monitor_wrap.h auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h +auth2-pubkey-monitor.o: loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h +auth2-pubkey-monitor.o: xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h auth2-pubkey.o: audit.h loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h +auth2-userauth.o: atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h pathnames.h monitor_wrap.h +auth2-userauth.o: digest.h auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h kex.h auth2.o: mac.h crypto_api.h authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h log.h ssherr.h atomicio.h misc.h @@ -161,8 +172,14 @@ sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h ssherr.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h utf8.h ssh-sk.h sk-api.h sshd-auth.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h ssh-sandbox.h dh.h sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h +sshd-monitor.o: openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h dh.h +sshd-monitor.o: xmalloc.h ssh.h ssh2.h sshpty.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h sshd-session.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h dh.h sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h +sshd-unpriv-postauth.o: openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h dh.h +sshd-unpriv-postauth.o: xmalloc.h ssh.h ssh2.h sshpty.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h +sshd-unpriv-preauth.o: openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h dh.h +sshd-unpriv-preauth.o: xmalloc.h ssh.h ssh2.h sshpty.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h monitor_wrap.h sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h ssherr.o: ssherr.h From c2c8bae39380392449ac3297061cbfc486126ad5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 04:38:21 +0000 Subject: [PATCH 192/687] upstream: missing set_log_handler() call in ssh-auth.c, exposed after last commit OpenBSD-Commit-ID: 09f5c3cf33c18b8ad321edbf96c30ae3deada2b0 --- sshd-auth.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sshd-auth.c b/sshd-auth.c index 9dd086c4ce6a..6bb4aff0d726 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.6 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.7 2025/08/18 04:38:21 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -657,6 +657,7 @@ main(int ac, char **av) /* Reinit logging in case config set Level, Facility or Verbose. */ log_init(__progname, options.log_level, options.log_facility, 1); + set_log_handler(mm_log_handler, pmonitor); debug("sshd-auth version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); From ae44cd74f3a4ac711152f50b2712803ccf785593 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 18 Aug 2025 04:50:35 +0000 Subject: [PATCH 193/687] upstream: cast OpenBSD-Commit-ID: d69bd2328513c2dcd99f4f346b77e2bd90cf1964 --- packet.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packet.c b/packet.c index b899fcafb57d..34bf91d75e52 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.320 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.321 2025/08/18 04:50:35 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2613,7 +2613,7 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m) (r = sshbuf_get_u32(m, &qos_interactive)) != 0 || (r = sshbuf_get_u32(m, &qos_other)) != 0) return r; -#define DECODE_INT(v) ((v) > INT_MAX ? -1 : (v)) +#define DECODE_INT(v) ((v) > INT_MAX ? -1 : (int)(v)) state->interactive_mode = DECODE_INT(interactive); state->qos_interactive = DECODE_INT(qos_interactive); state->qos_other = DECODE_INT(qos_other); From 9184fa363687fcb5dac056b093fb3b8e9d327242 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 16:45:15 +1000 Subject: [PATCH 194/687] check for setsockopt IP_TOS in OpenBSD pledge OpenBSD has recently relaxed the pledge(2) sandbox to allow some setsockopt options to be changed without the "inet" promise. This adds compatibility for OpenBSD that predates this relaxation. --- clientloop.c | 4 ++-- configure.ac | 29 +++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/clientloop.c b/clientloop.c index b9a010414ff3..577771f06963 100644 --- a/clientloop.c +++ b/clientloop.c @@ -975,11 +975,11 @@ client_repledge(void) } else if (options.forward_agent != 0) { /* agent forwarding needs to open $SSH_AUTH_SOCK at will */ debug("pledge: agent"); - if (pledge("stdio unix proc tty", NULL) == -1) + if (pledge(PLEDGE_EXTRA_INET "stdio unix proc tty", NULL) == -1) fatal_f("pledge(): %s", strerror(errno)); } else { debug("pledge: fork"); - if (pledge("stdio proc tty", NULL) == -1) + if (pledge(PLEDGE_EXTRA_INET "stdio proc tty", NULL) == -1) fatal_f("pledge(): %s", strerror(errno)); } /* XXX further things to do: diff --git a/configure.ac b/configure.ac index 460ebd3b476c..bc1900af7ad6 100644 --- a/configure.ac +++ b/configure.ac @@ -1128,6 +1128,35 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE([SYSLOG_R_SAFE_IN_SIGHAND], [1], [syslog_r function is safe to use in in a signal handler]) TEST_MALLOC_OPTIONS="SJRU" + AC_MSG_CHECKING([whether pledge(2) allows IP_TOS]) + need_pledge_inet="" + AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[ +#include +#include +#include +#include +#include + ]], [[ +int s, one = 1; +if ((s = socket(AF_INET, SOCK_STREAM, 0)) == -1) + err(1, "socket"); +if (pledge("stdio", NULL) == -1) + err(1, "pledge"); +if (setsockopt(s, IPPROTO_IP, IP_TOS, &one, sizeof(one)) == -1) + err(1, "setsockopt"); + ]])], + [ AC_MSG_RESULT([yes]) ], [ + AC_MSG_RESULT([no]) + need_pledge_inet=1 + ], + [ AC_MSG_WARN([cross compiling: cannot test]) ]) + if test -z "$need_pledge_inet" ; then + AC_DEFINE_UNQUOTED([PLEDGE_EXTRA_INET], []) + else + AC_DEFINE_UNQUOTED([PLEDGE_EXTRA_INET], ["inet "], + [need inet in pledge for setsockopt IP_TOS]) + fi ;; *-*-solaris*) if test "x$withval" != "xno" ; then From 6c84609e5f9ddd49e250d5cf190b2820dbeca178 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 16:47:00 +1000 Subject: [PATCH 195/687] depend --- .depend | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/.depend b/.depend index 6961e34dd392..f569b603d450 100644 --- a/.depend +++ b/.depend @@ -8,11 +8,8 @@ atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-bsdauth-monitor.o: xmalloc.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h log.h ssherr.h auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -auth-log.o: authfile.h monitor_wrap.h channels.h -auth-log.o: xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h auth-options.h canohost.h packet.h dispatch.h auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h @@ -21,25 +18,17 @@ auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth.o: authfile.h monitor_wrap.h channels.h auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h dispatch.h -auth2-banner.o: atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h pathnames.h auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth2-hostbased-monitor.o: canohost.h pathnames.h match.h -auth2-hostbased-monitor.o: xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h uidswap.h auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h auth2-hostbased.o: monitor_wrap.h pathnames.h match.h -auth2-kbdint-monitor.o: xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h auth2-methods.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h xmalloc.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h misc.h servconf.h ssh2.h monitor_wrap.h auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h -auth2-pubkey-monitor.o: loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h -auth2-pubkey-monitor.o: xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h auth2-pubkey.o: audit.h loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h -auth2-userauth.o: atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.h loginrec.h pathnames.h monitor_wrap.h -auth2-userauth.o: digest.h auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h kex.h auth2.o: mac.h crypto_api.h authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h log.h ssherr.h atomicio.h misc.h @@ -172,14 +161,8 @@ sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h ssherr.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h utf8.h ssh-sk.h sk-api.h sshd-auth.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h ssh-sandbox.h dh.h sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h -sshd-monitor.o: openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h dh.h -sshd-monitor.o: xmalloc.h ssh.h ssh2.h sshpty.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h sshd-session.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h dh.h sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h -sshd-unpriv-postauth.o: openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h dh.h -sshd-unpriv-postauth.o: xmalloc.h ssh.h ssh2.h sshpty.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h -sshd-unpriv-preauth.o: openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h dh.h -sshd-unpriv-preauth.o: xmalloc.h ssh.h ssh2.h sshpty.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h monitor_wrap.h sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h ssherr.o: ssherr.h From 5e9ca80fe65e407428dc46ed45804724d08b91b7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 16:47:23 +1000 Subject: [PATCH 196/687] Match version instead of groups in connect-bigconf The connect-bigconf makes a giant config file to test config passing between the sshd subprocesses. Previously it used a bunch of "Match group" lines to construct a large file. However checking group membership can be expensive (e.g. if a large groups database is present or if group lookup is remote via NSS). This could be slow enough to exceed LoginGraceTime. This switches it to "Match version" which is just a string compare and does just as well for making a giant nonsense config file. --- regress/connect-bigconf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/connect-bigconf.sh b/regress/connect-bigconf.sh index 56cf0ea649fc..ca2c11918dc0 100644 --- a/regress/connect-bigconf.sh +++ b/regress/connect-bigconf.sh @@ -4,7 +4,7 @@ tid="simple connect" for x in `jot 10000 1` ; do - echo "Match group NONEXIST" >> $OBJ/sshd_config + echo "Match version NONEXIST" >> $OBJ/sshd_config echo "ChrootDirectory /some/path/for/group/NONEXIST" >> $OBJ/sshd_config done #cat $OBJ/sshd_config From 3ef1a87d0a29eac94f32371af628e81eb2e2d817 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Aug 2025 17:00:26 +1000 Subject: [PATCH 197/687] Fix pledge(2) special casing Unbreaks non-OpenBSD platforms --- configure.ac | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index bc1900af7ad6..71766ba10e06 100644 --- a/configure.ac +++ b/configure.ac @@ -629,6 +629,9 @@ SOLARIS_PRIVS="no" # Default shared library extension SHLIBEXT=".so" +# See OpenBSD section in $host case below. +need_pledge_inet="" + # Check for some target-specific stuff case "$host" in *-*-aix*) @@ -1129,7 +1132,6 @@ mips-sony-bsd|mips-sony-newsos4) [syslog_r function is safe to use in in a signal handler]) TEST_MALLOC_OPTIONS="SJRU" AC_MSG_CHECKING([whether pledge(2) allows IP_TOS]) - need_pledge_inet="" AC_RUN_IFELSE( [AC_LANG_PROGRAM([[ #include @@ -1151,12 +1153,6 @@ if (setsockopt(s, IPPROTO_IP, IP_TOS, &one, sizeof(one)) == -1) need_pledge_inet=1 ], [ AC_MSG_WARN([cross compiling: cannot test]) ]) - if test -z "$need_pledge_inet" ; then - AC_DEFINE_UNQUOTED([PLEDGE_EXTRA_INET], []) - else - AC_DEFINE_UNQUOTED([PLEDGE_EXTRA_INET], ["inet "], - [need inet in pledge for setsockopt IP_TOS]) - fi ;; *-*-solaris*) if test "x$withval" != "xno" ; then @@ -1430,6 +1426,14 @@ AC_RUN_IFELSE([AC_LANG_PROGRAM([[ #include ]], [[ exit(0); ]])], [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] ) +dnl Finish up special pledge(2) handling from above. +if test -z "$need_pledge_inet" ; then + AC_DEFINE_UNQUOTED([PLEDGE_EXTRA_INET], []) +else + AC_DEFINE_UNQUOTED([PLEDGE_EXTRA_INET], ["inet "], + [need inet in pledge for setsockopt IP_TOS]) +fi + dnl Checks for header files. # Checks for libraries. AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])]) From ceca966bde4ab38b2434876416da12fe16747459 Mon Sep 17 00:00:00 2001 From: "job@openbsd.org" Date: Mon, 18 Aug 2025 09:16:36 +0000 Subject: [PATCH 198/687] upstream: Delete unused accessor function OK dtucker@ OpenBSD-Commit-ID: 93b59ac088fb254e1189729ece5bb9656d6e810b --- packet.c | 9 +-------- packet.h | 3 +-- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/packet.c b/packet.c index 34bf91d75e52..6dfa7ac31a95 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.321 2025/08/18 04:50:35 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.322 2025/08/18 09:16:36 job Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2254,13 +2254,6 @@ ssh_packet_set_qos(struct ssh *ssh, int qos_interactive, int qos_other) apply_qos(ssh); } -/* Returns true if the current connection is interactive. */ -int -ssh_packet_is_interactive(struct ssh *ssh) -{ - return ssh->state->interactive_mode; -} - int ssh_packet_set_maxsize(struct ssh *ssh, u_int s) { diff --git a/packet.h b/packet.h index 6828476c7923..ade3c0f9df6e 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.100 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.101 2025/08/18 09:16:36 job Exp $ */ /* * Author: Tatu Ylonen @@ -112,7 +112,6 @@ void ssh_packet_set_protocol_flags(struct ssh *, u_int); u_int ssh_packet_get_protocol_flags(struct ssh *); void ssh_packet_set_tos(struct ssh *, int); void ssh_packet_set_interactive(struct ssh *, int); -int ssh_packet_is_interactive(struct ssh *); void ssh_packet_set_qos(struct ssh *, int, int); void ssh_packet_set_server(struct ssh *); void ssh_packet_set_authenticated(struct ssh *); From 908e9d55139bed19ed87d6fec749974eb42702c6 Mon Sep 17 00:00:00 2001 From: "caspar@openbsd.org" Date: Mon, 18 Aug 2025 18:39:33 +0000 Subject: [PATCH 199/687] upstream: ssh_config.5: say "post-quantum" instead of "post quantum safe", and rephrase the sentence to make it easier to read. Input djm@, input and OK deraadt@, OK dtucker@ OpenBSD-Commit-ID: c3ee4d1cafdcfc20cc0d2f086021efce4b19c075 --- ssh_config.5 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh_config.5 b/ssh_config.5 index 4cbe98631051..d24e92f73f0a 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.418 2025/08/11 10:55:38 djm Exp $ -.Dd $Mdocdate: August 11 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.419 2025/08/18 18:39:33 caspar Exp $ +.Dd $Mdocdate: August 18 2025 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -2234,7 +2234,7 @@ controls whether the user is warned when the cryptographic algorithms negotiated for the connection are weak or otherwise recommended against. Warnings may be disabled by turning off a specific warning or by disabling all warnings. -Warnings that the connection is using a non-post quantum safe key exchange +Warnings about connections that don't use a post-quantum key exchange may be disabled using the .Cm no-pq-kex flag. From a9a3f025d76f06a6601e6e8d52b468ec467865d9 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 29 Aug 2025 03:50:38 +0000 Subject: [PATCH 200/687] upstream: remove experimental support for XMSS keys; ok deraadt markus OpenBSD-Commit-ID: 38eaf4df6189acad9e46eddf7cf32d7f6d07df35 --- .depend | 7 - Makefile.in | 12 +- PROTOCOL.agent | 13 +- authfd.c | 25 +- authfd.h | 8 +- authfile.c | 7 +- dns.c | 5 +- dns.h | 5 +- pathnames.h | 4 +- readconf.c | 3 +- servconf.c | 6 +- ssh-add.c | 73 +-- ssh-agent.c | 27 +- ssh-keygen.c | 14 +- ssh-keyscan.c | 10 +- ssh-keysign.c | 3 +- ssh-xmss.c | 389 --------------- ssh.c | 4 +- sshconnect.c | 5 +- sshd-auth.c | 5 +- sshd-session.c | 3 +- sshd.c | 3 +- sshkey-xmss.c | 1113 ------------------------------------------- sshkey-xmss.h | 56 --- sshkey.c | 153 +----- sshkey.h | 25 +- xmss_commons.c | 36 -- xmss_commons.h | 21 - xmss_fast.c | 1106 ------------------------------------------ xmss_fast.h | 111 ----- xmss_hash.c | 137 ------ xmss_hash.h | 22 - xmss_hash_address.c | 66 --- xmss_hash_address.h | 40 -- xmss_wots.c | 192 -------- xmss_wots.h | 64 --- 36 files changed, 53 insertions(+), 3720 deletions(-) delete mode 100644 ssh-xmss.c delete mode 100644 sshkey-xmss.c delete mode 100644 sshkey-xmss.h delete mode 100644 xmss_commons.c delete mode 100644 xmss_commons.h delete mode 100644 xmss_fast.c delete mode 100644 xmss_fast.h delete mode 100644 xmss_hash.c delete mode 100644 xmss_hash.h delete mode 100644 xmss_hash_address.c delete mode 100644 xmss_hash_address.h delete mode 100644 xmss_wots.c delete mode 100644 xmss_wots.h diff --git a/.depend b/.depend index f569b603d450..365db15a8cec 100644 --- a/.depend +++ b/.depend @@ -145,7 +145,6 @@ ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compa ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h digest.h pathnames.h ssh-sk.h misc.h ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h ssh-pkcs11.h ssh-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h channels.h ssh.o: sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h ssherr.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h myproposal.h utf8.h ssh_api.o: authfile.h dh.h misc.h version.h myproposal.h sshbuf.h openbsd-compat/openssl-compat.h @@ -166,7 +165,6 @@ sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd- sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h monitor_wrap.h sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h ssherr.o: ssherr.h -sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h match.h ssh-sk.h ssh-pkcs11.h openbsd-compat/openssl-compat.h sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h ssherr.h misc.h @@ -178,8 +176,3 @@ umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h utf8.h xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h -xmss_commons.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -xmss_fast.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -xmss_hash.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -xmss_hash_address.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -xmss_wots.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h diff --git a/Makefile.in b/Makefile.in index 9e45d522088b..19a9e4dcf1df 100644 --- a/Makefile.in +++ b/Makefile.in @@ -76,15 +76,6 @@ MKDIR_P=@MKDIR_P@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) sshd-auth$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) $(SK_STANDALONE) -XMSS_OBJS=\ - ssh-xmss.o \ - sshkey-xmss.o \ - xmss_commons.o \ - xmss_fast.o \ - xmss_hash.o \ - xmss_hash_address.o \ - xmss_wots.o - LIBOPENSSH_OBJS=\ ssh_api.o \ ssherr.o \ @@ -94,8 +85,7 @@ LIBOPENSSH_OBJS=\ sshbuf-misc.o \ sshbuf-getput-crypto.o \ krl.o \ - bitmap.o \ - ${XMSS_OBJS} + bitmap.o LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o \ diff --git a/PROTOCOL.agent b/PROTOCOL.agent index b6e14262d0f6..2af749b30b7b 100644 --- a/PROTOCOL.agent +++ b/PROTOCOL.agent @@ -73,17 +73,6 @@ identities and, in particular, signature requests will check the key constraints against the session-bind@openssh.com bindings recorded for the agent connection over which they were received. -3. SSH_AGENT_CONSTRAIN_MAXSIGN key constraint - -This key constraint allows communication to an agent of the maximum -number of signatures that may be made with an XMSS key. The format of -the constraint is: - - byte SSH_AGENT_CONSTRAIN_MAXSIGN (0x03) - uint32 max_signatures - -This option is only valid for XMSS keys. - 3. associated-certs-v00@openssh.com key constraint extension The key constraint extension allows certificates to be associated @@ -115,4 +104,4 @@ A SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED will return SSH_AGENT_SUCCESS if any key (plain private or certificate) was successfully loaded, or SSH_AGENT_FAILURE if no key was loaded. -$OpenBSD: PROTOCOL.agent,v 1.24 2024/11/27 13:27:34 djm Exp $ +$OpenBSD: PROTOCOL.agent,v 1.25 2025/08/29 03:50:38 djm Exp $ diff --git a/authfd.c b/authfd.c index 66797880af84..2bbe646e304a 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.135 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.136 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -505,7 +505,7 @@ encode_dest_constraint(struct sshbuf *m, const struct dest_constraint *dc) static int encode_constraints(struct sshbuf *m, u_int life, u_int confirm, - u_int maxsign, const char *provider, + const char *provider, struct dest_constraint **dest_constraints, size_t ndest_constraints, int cert_only, struct sshkey **certs, size_t ncerts) { @@ -522,11 +522,6 @@ encode_constraints(struct sshbuf *m, u_int life, u_int confirm, if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_CONFIRM)) != 0) goto out; } - if (maxsign != 0) { - if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_MAXSIGN)) != 0 || - (r = sshbuf_put_u32(m, maxsign)) != 0) - goto out; - } if (provider != NULL) { if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_EXTENSION)) != 0 || @@ -585,13 +580,12 @@ encode_constraints(struct sshbuf *m, u_int life, u_int confirm, */ int ssh_add_identity_constrained(int sock, struct sshkey *key, - const char *comment, u_int life, u_int confirm, u_int maxsign, + const char *comment, u_int life, u_int confirm, const char *provider, struct dest_constraint **dest_constraints, size_t ndest_constraints) { struct sshbuf *msg; - int r, constrained = (life || confirm || maxsign || - provider || dest_constraints); + int r, constrained = (life || confirm || provider || dest_constraints); u_char type; if ((msg = sshbuf_new()) == NULL) @@ -610,14 +604,11 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, case KEY_ED25519_CERT: case KEY_ED25519_SK: case KEY_ED25519_SK_CERT: - case KEY_XMSS: - case KEY_XMSS_CERT: type = constrained ? SSH2_AGENTC_ADD_ID_CONSTRAINED : SSH2_AGENTC_ADD_IDENTITY; if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = sshkey_private_serialize_maxsign(key, msg, maxsign, - 0)) != 0 || + (r = sshkey_private_serialize(key, msg)) != 0 || (r = sshbuf_put_cstring(msg, comment)) != 0) goto out; break; @@ -626,8 +617,8 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, goto out; } if (constrained && - (r = encode_constraints(msg, life, confirm, maxsign, - provider, dest_constraints, ndest_constraints, 0, NULL, 0)) != 0) + (r = encode_constraints(msg, life, confirm, provider, + dest_constraints, ndest_constraints, 0, NULL, 0)) != 0) goto out; if ((r = ssh_request_reply_decode(sock, msg)) != 0) goto out; @@ -703,7 +694,7 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin, (r = sshbuf_put_cstring(msg, pin)) != 0) goto out; if (constrained && - (r = encode_constraints(msg, life, confirm, 0, NULL, + (r = encode_constraints(msg, life, confirm, NULL, dest_constraints, ndest_constraints, cert_only, certs, ncerts)) != 0) goto out; diff --git a/authfd.h b/authfd.h index c1e4b405ce29..958d480de6c7 100644 --- a/authfd.h +++ b/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.52 2023/12/18 14:46:56 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.53 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen @@ -48,9 +48,8 @@ int ssh_lock_agent(int sock, int lock, const char *password); int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); void ssh_free_identitylist(struct ssh_identitylist *idl); int ssh_add_identity_constrained(int sock, struct sshkey *key, - const char *comment, u_int life, u_int confirm, u_int maxsign, - const char *provider, struct dest_constraint **dest_constraints, - size_t ndest_constraints); + const char *comment, u_int life, u_int confirm, const char *provider, + struct dest_constraint **dest_constraints, size_t ndest_constraints); int ssh_agent_has_key(int sock, const struct sshkey *key); int ssh_remove_identity(int sock, const struct sshkey *key); int ssh_update_card(int sock, int add, const char *reader_id, @@ -106,7 +105,6 @@ int ssh_agent_bind_hostkey(int sock, const struct sshkey *key, #define SSH_AGENT_CONSTRAIN_LIFETIME 1 #define SSH_AGENT_CONSTRAIN_CONFIRM 2 -#define SSH_AGENT_CONSTRAIN_MAXSIGN 3 #define SSH_AGENT_CONSTRAIN_EXTENSION 255 /* extended failure messages */ diff --git a/authfile.c b/authfile.c index bf485baf237a..16e02d9d0580 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.146 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.147 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -131,8 +131,6 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, goto out; r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); - if (r == 0 && keyp && *keyp) - r = sshkey_set_filename(*keyp, filename); out: close(fd); return r; @@ -184,8 +182,6 @@ sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp) (r = sshkey_parse_pubkey_from_private_fileblob_type(buffer, KEY_UNSPEC, &pubkey)) != 0) goto out; - if ((r = sshkey_set_filename(pubkey, filename)) != 0) - goto out; /* success */ if (pubkeyp != NULL) { *pubkeyp = pubkey; @@ -331,7 +327,6 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, case KEY_ECDSA: #endif /* WITH_OPENSSL */ case KEY_ED25519: - case KEY_XMSS: case KEY_UNSPEC: break; default: diff --git a/dns.c b/dns.c index c01c7bebee18..e8693cee8313 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.45 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.46 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -94,9 +94,6 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, case KEY_ED25519: *algorithm = SSHFP_KEY_ED25519; break; - case KEY_XMSS: - *algorithm = SSHFP_KEY_XMSS; - break; default: *algorithm = SSHFP_KEY_RESERVED; /* 0 */ } diff --git a/dns.h b/dns.h index 864ab7d00ac7..ab2df061e987 100644 --- a/dns.h +++ b/dns.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.h,v 1.20 2023/02/10 04:56:30 djm Exp $ */ +/* $OpenBSD: dns.h,v 1.21 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -33,8 +33,7 @@ enum sshfp_types { SSHFP_KEY_RSA = 1, SSHFP_KEY_DSA = 2, SSHFP_KEY_ECDSA = 3, - SSHFP_KEY_ED25519 = 4, - SSHFP_KEY_XMSS = 5 + SSHFP_KEY_ED25519 = 4 }; enum sshfp_hashes { diff --git a/pathnames.h b/pathnames.h index 9e76dbba841f..0dcc4955241f 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.35 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: pathnames.h,v 1.36 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen @@ -38,7 +38,6 @@ #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" -#define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key" #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" #define _PATH_DH_MODULI SSHDIR "/moduli" @@ -89,7 +88,6 @@ #define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" #define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" #define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519" -#define _PATH_SSH_CLIENT_ID_XMSS _PATH_SSH_USER_DIR "/id_xmss" #define _PATH_SSH_CLIENT_ID_ECDSA_SK _PATH_SSH_USER_DIR "/id_ecdsa_sk" #define _PATH_SSH_CLIENT_ID_ED25519_SK _PATH_SSH_USER_DIR "/id_ed25519_sk" diff --git a/readconf.c b/readconf.c index c7701d8c2633..ba25ba881047 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.405 2025/08/11 10:55:38 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.406 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2911,7 +2911,6 @@ fill_default_options(Options * options) _PATH_SSH_CLIENT_ID_ED25519, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ED25519_SK, 0); - add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); } if (options->escape_char == -1) options->escape_char = '~'; diff --git a/servconf.c b/servconf.c index 92f924e6015c..3175f0df8fce 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.430 2025/08/05 09:08:16 job Exp $ */ +/* $OpenBSD: servconf.c,v 1.431 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -314,10 +314,6 @@ fill_default_server_options(ServerOptions *options) #endif servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ED25519_KEY_FILE, 0); -#ifdef WITH_XMSS - servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_XMSS_KEY_FILE, 0); -#endif /* WITH_XMSS */ } /* No certificates by default */ if (options->num_ports == 0) diff --git a/ssh-add.c b/ssh-add.c index 18897a0a834d..2e41bc26a363 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.174 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.175 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -84,7 +84,6 @@ static char *default_files[] = { #endif /* WITH_OPENSSL */ _PATH_SSH_CLIENT_ID_ED25519, _PATH_SSH_CLIENT_ID_ED25519_SK, - _PATH_SSH_CLIENT_ID_XMSS, NULL }; @@ -96,10 +95,6 @@ static int lifetime = 0; /* User has to confirm key use */ static int confirm = 0; -/* Maximum number of signatures (XMSS) */ -static u_int maxsign = 0; -static u_int minleft = 0; - /* we keep a cache of one passphrase */ static char *pass = NULL; static void @@ -249,10 +244,7 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, char *comment = NULL; char msg[1024], *certpath = NULL; int r, fd, ret = -1; - size_t i; - u_int32_t left; struct sshbuf *keyblob; - struct ssh_identitylist *idlist; if (strcmp(filename, "-") == 0) { fd = STDIN_FILENO; @@ -328,38 +320,6 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, comment = xstrdup(filename); sshbuf_free(keyblob); - /* For XMSS */ - if ((r = sshkey_set_filename(private, filename)) != 0) { - fprintf(stderr, "Could not add filename to private key: %s (%s)\n", - filename, comment); - goto out; - } - if (maxsign && minleft && - (r = ssh_fetch_identitylist(agent_fd, &idlist)) == 0) { - for (i = 0; i < idlist->nkeys; i++) { - if (!sshkey_equal_public(idlist->keys[i], private)) - continue; - left = sshkey_signatures_left(idlist->keys[i]); - if (left < minleft) { - fprintf(stderr, - "Only %d signatures left.\n", left); - break; - } - fprintf(stderr, "Skipping update: "); - if (left == minleft) { - fprintf(stderr, - "required signatures left (%d).\n", left); - } else { - fprintf(stderr, - "more signatures left (%d) than" - " required (%d).\n", left, minleft); - } - ssh_free_identitylist(idlist); - goto out; - } - ssh_free_identitylist(idlist); - } - if (sshkey_is_sk(private)) { if (skprovider == NULL) { fprintf(stderr, "Cannot load FIDO key %s " @@ -373,7 +333,7 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, if (!cert_only && (r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm, maxsign, skprovider, + lifetime, confirm, skprovider, dest_constraints, ndest_constraints)) == 0) { ret = 0; if (!qflag) { @@ -427,7 +387,7 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, sshkey_free(cert); if ((r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm, maxsign, skprovider, + lifetime, confirm, skprovider, dest_constraints, ndest_constraints)) != 0) { error_r(r, "Certificate %s (%s) add failed", certpath, private->cert->key_id); @@ -531,7 +491,6 @@ list_identities(int agent_fd, int do_fp) char *fp; int r; struct ssh_identitylist *idlist; - u_int32_t left; size_t i; if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { @@ -556,12 +515,7 @@ list_identities(int agent_fd, int do_fp) ssh_err(r)); continue; } - fprintf(stdout, " %s", idlist->comments[i]); - left = sshkey_signatures_left(idlist->keys[i]); - if (left > 0) - fprintf(stdout, - " [signatures left %d]", left); - fprintf(stdout, "\n"); + fprintf(stdout, " %s\n", idlist->comments[i]); } } ssh_free_identitylist(idlist); @@ -620,7 +574,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag, fingerprint_hash, SSH_FP_DEFAULT)) == NULL) fatal_f("sshkey_fingerprint failed"); if ((r = ssh_add_identity_constrained(agent_fd, key, "", - lifetime, confirm, maxsign, skprovider, + lifetime, confirm, skprovider, dest_constraints, ndest_constraints)) != 0) { error("Unable to add key %s %s", sshkey_type(key), fp); @@ -791,9 +745,6 @@ usage(void) fprintf(stderr, "usage: ssh-add [-CcDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]\n" " [-h destination_constraint] [-S provider] [-t life]\n" -#ifdef WITH_XMSS -" [-M maxsign] [-m minleft]\n" -#endif " [file ...]\n" " ssh-add -s pkcs11 [-Cv] [certificate ...]\n" " ssh-add -e pkcs11\n" @@ -887,20 +838,8 @@ main(int argc, char **argv) confirm = 1; break; case 'm': - minleft = (u_int)strtonum(optarg, 1, UINT_MAX, NULL); - if (minleft == 0) { - usage(); - ret = 1; - goto done; - } - break; case 'M': - maxsign = (u_int)strtonum(optarg, 1, UINT_MAX, NULL); - if (maxsign == 0) { - usage(); - ret = 1; - goto done; - } + /* deprecated */ break; case 'd': deleting = 1; diff --git a/ssh-agent.c b/ssh-agent.c index d82b351d04b6..2c7b94be55f2 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.312 2025/05/05 02:48:06 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.313 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -644,8 +644,7 @@ process_request_identities(SocketEntry *e) /* identity not visible, don't include in response */ if (identity_permitted(id, e, NULL, NULL, NULL) != 0) continue; - if ((r = sshkey_puts_opts(id->key, keys, - SSHKEY_SERIALIZE_INFO)) != 0 || + if ((r = sshkey_puts(id->key, keys)) != 0 || (r = sshbuf_put_cstring(keys, id->comment)) != 0) { error_fr(r, "compose key/comment"); continue; @@ -1292,7 +1291,7 @@ parse_key_constraints(struct sshbuf *m, struct sshkey *k, time_t *deathp, { u_char ctype; int r; - u_int seconds, maxsign = 0; + u_int seconds; while (sshbuf_len(m)) { if ((r = sshbuf_get_u8(m, &ctype)) != 0) { @@ -1321,26 +1320,6 @@ parse_key_constraints(struct sshbuf *m, struct sshkey *k, time_t *deathp, } *confirmp = 1; break; - case SSH_AGENT_CONSTRAIN_MAXSIGN: - if (k == NULL) { - error_f("maxsign not valid here"); - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (maxsign != 0) { - error_f("maxsign already set"); - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((r = sshbuf_get_u32(m, &maxsign)) != 0) { - error_fr(r, "parse maxsign constraint"); - goto out; - } - if ((r = sshkey_enable_maxsign(k, maxsign)) != 0) { - error_fr(r, "enable maxsign"); - goto out; - } - break; case SSH_AGENT_CONSTRAIN_EXTENSION: if ((r = parse_key_constraint_extension(m, sk_providerp, dcsp, ndcsp, diff --git a/ssh-keygen.c b/ssh-keygen.c index 867fbd1ca014..6e62886378c7 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.481 2025/05/24 03:37:40 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.482 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -273,10 +273,6 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_ED25519_SK_CERT: name = _PATH_SSH_CLIENT_ID_ED25519_SK; break; - case KEY_XMSS: - case KEY_XMSS_CERT: - name = _PATH_SSH_CLIENT_ID_XMSS; - break; default: fatal("bad key type"); } @@ -1024,9 +1020,6 @@ do_gen_all_hostkeys(struct passwd *pw) #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ { "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE }, -#ifdef WITH_XMSS - { "xmss", "XMSS",_PATH_HOST_XMSS_KEY_FILE }, -#endif /* WITH_XMSS */ { NULL, NULL, NULL } }; @@ -1521,7 +1514,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment) } } - if (private->type != KEY_ED25519 && private->type != KEY_XMSS && + if (private->type != KEY_ED25519 && private_key_format != SSHKEY_PRIVATE_OPENSSH) { error("Comments are only supported for keys stored in " "the new format (-o)."); @@ -3727,9 +3720,6 @@ main(int argc, char **argv) n += do_print_resource_record(pw, _PATH_HOST_ED25519_KEY_FILE, rr_hostname, print_generic, opts, nopts); - n += do_print_resource_record(pw, - _PATH_HOST_XMSS_KEY_FILE, rr_hostname, - print_generic, opts, nopts); if (n == 0) fatal("no keys found."); exit(0); diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7b1e0ca86500..914de1244dd4 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.166 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.167 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -65,7 +65,6 @@ int ssh_port = SSH_DEFAULT_PORT; #define KT_RSA (1) #define KT_ECDSA (1<<1) #define KT_ED25519 (1<<2) -#define KT_XMSS (1<<3) #define KT_ECDSA_SK (1<<4) #define KT_ED25519_SK (1<<5) @@ -252,10 +251,6 @@ keygrab_ssh2(con *c) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "ssh-ed25519-cert-v01@openssh.com" : "ssh-ed25519"; break; - case KT_XMSS: - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? - "ssh-xmss-cert-v01@openssh.com" : "ssh-xmss@openssh.com"; - break; case KT_ECDSA: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "ecdsa-sha2-nistp256-cert-v01@openssh.com," @@ -747,9 +742,6 @@ main(int argc, char **argv) case KEY_ED25519: get_keytypes |= KT_ED25519; break; - case KEY_XMSS: - get_keytypes |= KT_XMSS; - break; case KEY_ED25519_SK: get_keytypes |= KT_ED25519_SK; break; diff --git a/ssh-keysign.c b/ssh-keysign.c index 4d65dd1d33a0..2410c6cd1b7b 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.76 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.77 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -202,7 +202,6 @@ main(int argc, char **argv) /* XXX This really needs to read sshd_config for the paths */ key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_XMSS_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); if ((pw = getpwuid(getuid())) == NULL) diff --git a/ssh-xmss.c b/ssh-xmss.c deleted file mode 100644 index b6d0561b1411..000000000000 --- a/ssh-xmss.c +++ /dev/null @@ -1,389 +0,0 @@ -/* $OpenBSD: ssh-xmss.c,v 1.14 2022/10/28 00:44:44 djm Exp $*/ -/* - * Copyright (c) 2017 Stefan-Lukas Gazdag. - * Copyright (c) 2017 Markus Friedl. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ -#include "includes.h" -#ifdef WITH_XMSS - -#define SSHKEY_INTERNAL -#include -#include - -#include -#include -#include -#ifdef HAVE_STDINT_H -# include -#endif -#include - -#include "log.h" -#include "sshbuf.h" -#include "sshkey.h" -#include "sshkey-xmss.h" -#include "ssherr.h" -#include "ssh.h" - -#include "xmss_fast.h" - -static void -ssh_xmss_cleanup(struct sshkey *k) -{ - freezero(k->xmss_pk, sshkey_xmss_pklen(k)); - freezero(k->xmss_sk, sshkey_xmss_sklen(k)); - sshkey_xmss_free_state(k); - free(k->xmss_name); - free(k->xmss_filename); - k->xmss_pk = NULL; - k->xmss_sk = NULL; - k->xmss_name = NULL; - k->xmss_filename = NULL; -} - -static int -ssh_xmss_equal(const struct sshkey *a, const struct sshkey *b) -{ - if (a->xmss_pk == NULL || b->xmss_pk == NULL) - return 0; - if (sshkey_xmss_pklen(a) != sshkey_xmss_pklen(b)) - return 0; - if (memcmp(a->xmss_pk, b->xmss_pk, sshkey_xmss_pklen(a)) != 0) - return 0; - return 1; -} - -static int -ssh_xmss_serialize_public(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - int r; - - if (key->xmss_name == NULL || key->xmss_pk == NULL || - sshkey_xmss_pklen(key) == 0) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshbuf_put_cstring(b, key->xmss_name)) != 0 || - (r = sshbuf_put_string(b, key->xmss_pk, - sshkey_xmss_pklen(key))) != 0 || - (r = sshkey_xmss_serialize_pk_info(key, b, opts)) != 0) - return r; - - return 0; -} - -static int -ssh_xmss_serialize_private(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - int r; - - if (key->xmss_name == NULL) - return SSH_ERR_INVALID_ARGUMENT; - /* Note: can't reuse ssh_xmss_serialize_public because of sk order */ - if ((r = sshbuf_put_cstring(b, key->xmss_name)) != 0 || - (r = sshbuf_put_string(b, key->xmss_pk, - sshkey_xmss_pklen(key))) != 0 || - (r = sshbuf_put_string(b, key->xmss_sk, - sshkey_xmss_sklen(key))) != 0 || - (r = sshkey_xmss_serialize_state_opt(key, b, opts)) != 0) - return r; - - return 0; -} - -static int -ssh_xmss_copy_public(const struct sshkey *from, struct sshkey *to) -{ - int r = SSH_ERR_INTERNAL_ERROR; - u_int32_t left; - size_t pklen; - - if ((r = sshkey_xmss_init(to, from->xmss_name)) != 0) - return r; - if (from->xmss_pk == NULL) - return 0; /* XXX SSH_ERR_INTERNAL_ERROR ? */ - - if ((pklen = sshkey_xmss_pklen(from)) == 0 || - sshkey_xmss_pklen(to) != pklen) - return SSH_ERR_INTERNAL_ERROR; - if ((to->xmss_pk = malloc(pklen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - memcpy(to->xmss_pk, from->xmss_pk, pklen); - /* simulate number of signatures left on pubkey */ - left = sshkey_xmss_signatures_left(from); - if (left) - sshkey_xmss_enable_maxsign(to, left); - return 0; -} - -static int -ssh_xmss_deserialize_public(const char *ktype, struct sshbuf *b, - struct sshkey *key) -{ - size_t len = 0; - char *xmss_name = NULL; - u_char *pk = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - - if ((ret = sshbuf_get_cstring(b, &xmss_name, NULL)) != 0) - goto out; - if ((ret = sshkey_xmss_init(key, xmss_name)) != 0) - goto out; - if ((ret = sshbuf_get_string(b, &pk, &len)) != 0) - goto out; - if (len == 0 || len != sshkey_xmss_pklen(key)) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - key->xmss_pk = pk; - pk = NULL; - if (!sshkey_is_cert(key) && - (ret = sshkey_xmss_deserialize_pk_info(key, b)) != 0) - goto out; - /* success */ - ret = 0; - out: - free(xmss_name); - freezero(pk, len); - return ret; -} - -static int -ssh_xmss_deserialize_private(const char *ktype, struct sshbuf *b, - struct sshkey *key) -{ - int r; - char *xmss_name = NULL; - size_t pklen = 0, sklen = 0; - u_char *xmss_pk = NULL, *xmss_sk = NULL; - - /* Note: can't reuse ssh_xmss_deserialize_public because of sk order */ - if ((r = sshbuf_get_cstring(b, &xmss_name, NULL)) != 0 || - (r = sshbuf_get_string(b, &xmss_pk, &pklen)) != 0 || - (r = sshbuf_get_string(b, &xmss_sk, &sklen)) != 0) - goto out; - if (!sshkey_is_cert(key) && - (r = sshkey_xmss_init(key, xmss_name)) != 0) - goto out; - if (pklen != sshkey_xmss_pklen(key) || - sklen != sshkey_xmss_sklen(key)) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - key->xmss_pk = xmss_pk; - key->xmss_sk = xmss_sk; - xmss_pk = xmss_sk = NULL; - /* optional internal state */ - if ((r = sshkey_xmss_deserialize_state_opt(key, b)) != 0) - goto out; - /* success */ - r = 0; - out: - free(xmss_name); - freezero(xmss_pk, pklen); - freezero(xmss_sk, sklen); - return r; -} - -static int -ssh_xmss_sign(struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) -{ - u_char *sig = NULL; - size_t slen = 0, len = 0, required_siglen; - unsigned long long smlen; - int r, ret; - struct sshbuf *b = NULL; - - if (lenp != NULL) - *lenp = 0; - if (sigp != NULL) - *sigp = NULL; - - if (key == NULL || - sshkey_type_plain(key->type) != KEY_XMSS || - key->xmss_sk == NULL || - sshkey_xmss_params(key) == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshkey_xmss_siglen(key, &required_siglen)) != 0) - return r; - if (datalen >= INT_MAX - required_siglen) - return SSH_ERR_INVALID_ARGUMENT; - smlen = slen = datalen + required_siglen; - if ((sig = malloc(slen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_xmss_get_state(key, 1)) != 0) - goto out; - if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen, - data, datalen, sshkey_xmss_params(key))) != 0 || smlen <= datalen) { - r = SSH_ERR_INVALID_ARGUMENT; /* XXX better error? */ - goto out; - } - /* encode signature */ - if ((b = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_put_cstring(b, "ssh-xmss@openssh.com")) != 0 || - (r = sshbuf_put_string(b, sig, smlen - datalen)) != 0) - goto out; - len = sshbuf_len(b); - if (sigp != NULL) { - if ((*sigp = malloc(len)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sshbuf_ptr(b), len); - } - if (lenp != NULL) - *lenp = len; - /* success */ - r = 0; - out: - if ((ret = sshkey_xmss_update_state(key, 1)) != 0) { - /* discard signature since we cannot update the state */ - if (r == 0 && sigp != NULL && *sigp != NULL) { - explicit_bzero(*sigp, len); - free(*sigp); - } - if (sigp != NULL) - *sigp = NULL; - if (lenp != NULL) - *lenp = 0; - r = ret; - } - sshbuf_free(b); - if (sig != NULL) - freezero(sig, slen); - - return r; -} - -static int -ssh_xmss_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) -{ - struct sshbuf *b = NULL; - char *ktype = NULL; - const u_char *sigblob; - u_char *sm = NULL, *m = NULL; - size_t len, required_siglen; - unsigned long long smlen = 0, mlen = 0; - int r, ret; - - if (key == NULL || - sshkey_type_plain(key->type) != KEY_XMSS || - key->xmss_pk == NULL || - sshkey_xmss_params(key) == NULL || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshkey_xmss_siglen(key, &required_siglen)) != 0) - return r; - if (dlen >= INT_MAX - required_siglen) - return SSH_ERR_INVALID_ARGUMENT; - - if ((b = sshbuf_from(sig, siglen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_get_cstring(b, &ktype, NULL)) != 0 || - (r = sshbuf_get_string_direct(b, &sigblob, &len)) != 0) - goto out; - if (strcmp("ssh-xmss@openssh.com", ktype) != 0) { - r = SSH_ERR_KEY_TYPE_MISMATCH; - goto out; - } - if (sshbuf_len(b) != 0) { - r = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } - if (len != required_siglen) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (dlen >= SIZE_MAX - len) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - smlen = len + dlen; - mlen = smlen; - if ((sm = malloc(smlen)) == NULL || (m = malloc(mlen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(sm, sigblob, len); - memcpy(sm+len, data, dlen); - if ((ret = xmss_sign_open(m, &mlen, sm, smlen, - key->xmss_pk, sshkey_xmss_params(key))) != 0) { - debug2_f("xmss_sign_open failed: %d", ret); - } - if (ret != 0 || mlen != dlen) { - r = SSH_ERR_SIGNATURE_INVALID; - goto out; - } - /* XXX compare 'm' and 'data' ? */ - /* success */ - r = 0; - out: - if (sm != NULL) - freezero(sm, smlen); - if (m != NULL) - freezero(m, smlen); - sshbuf_free(b); - free(ktype); - return r; -} - -static const struct sshkey_impl_funcs sshkey_xmss_funcs = { - /* .size = */ NULL, - /* .alloc = */ NULL, - /* .cleanup = */ ssh_xmss_cleanup, - /* .equal = */ ssh_xmss_equal, - /* .ssh_serialize_public = */ ssh_xmss_serialize_public, - /* .ssh_deserialize_public = */ ssh_xmss_deserialize_public, - /* .ssh_serialize_private = */ ssh_xmss_serialize_private, - /* .ssh_deserialize_private = */ ssh_xmss_deserialize_private, - /* .generate = */ sshkey_xmss_generate_private_key, - /* .copy_public = */ ssh_xmss_copy_public, - /* .sign = */ ssh_xmss_sign, - /* .verify = */ ssh_xmss_verify, -}; - -const struct sshkey_impl sshkey_xmss_impl = { - /* .name = */ "ssh-xmss@openssh.com", - /* .shortname = */ "XMSS", - /* .sigalg = */ NULL, - /* .type = */ KEY_XMSS, - /* .nid = */ 0, - /* .cert = */ 0, - /* .sigonly = */ 0, - /* .keybits = */ 256, - /* .funcs = */ &sshkey_xmss_funcs, -}; - -const struct sshkey_impl sshkey_xmss_cert_impl = { - /* .name = */ "ssh-xmss-cert-v01@openssh.com", - /* .shortname = */ "XMSS-CERT", - /* .sigalg = */ NULL, - /* .type = */ KEY_XMSS_CERT, - /* .nid = */ 0, - /* .cert = */ 1, - /* .sigonly = */ 0, - /* .keybits = */ 256, - /* .funcs = */ &sshkey_xmss_funcs, -}; -#endif /* WITH_XMSS */ diff --git a/ssh.c b/ssh.c index 58c254b93d86..1eaa5986ed47 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.615 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.616 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1762,8 +1762,6 @@ main(int ac, char **av) L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 4); L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 5); L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 6); - L_CERT(_PATH_HOST_XMSS_KEY_FILE, 8); - L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9); if (loaded == 0) debug("HostbasedAuthentication enabled but no " "local public host keys could be loaded."); diff --git a/sshconnect.c b/sshconnect.c index d2c8cf0bd8f2..8ddc531da571 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.373 2025/08/12 11:09:48 sthen Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.374 2025/08/29 03:50:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1640,7 +1640,6 @@ show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) KEY_RSA, KEY_ECDSA, KEY_ED25519, - KEY_XMSS, -1 }; int i, ret = 0; @@ -1763,7 +1762,7 @@ maybe_add_key_to_agent(const char *authfile, struct sshkey *private, if ((r = ssh_add_identity_constrained(auth_sock, private, comment == NULL ? authfile : comment, options.add_keys_to_agent_lifespan, - (options.add_keys_to_agent == 3), 0, skprovider, NULL, 0)) == 0) + (options.add_keys_to_agent == 3), skprovider, NULL, 0)) == 0) debug("identity added to agent: %s", authfile); else debug("could not add identity to agent: %s (%d)", authfile, r); diff --git a/sshd-auth.c b/sshd-auth.c index 6bb4aff0d726..95520608c433 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.7 2025/08/18 04:38:21 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.8 2025/08/29 03:50:38 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -254,7 +254,6 @@ list_hostkey_types(void) case KEY_ED25519: case KEY_ECDSA_SK: case KEY_ED25519_SK: - case KEY_XMSS: append_hostkey_type(b, sshkey_ssh_name(key)); break; } @@ -274,7 +273,6 @@ list_hostkey_types(void) case KEY_ED25519_CERT: case KEY_ECDSA_SK_CERT: case KEY_ED25519_SK_CERT: - case KEY_XMSS_CERT: append_hostkey_type(b, sshkey_ssh_name(key)); break; } @@ -299,7 +297,6 @@ get_hostkey_public_by_type(int type, int nid, struct ssh *ssh) case KEY_ED25519_CERT: case KEY_ECDSA_SK_CERT: case KEY_ED25519_SK_CERT: - case KEY_XMSS_CERT: key = host_certificates[i]; break; default: diff --git a/sshd-session.c b/sshd-session.c index 4aad8b6fe140..5c007563061c 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.14 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.15 2025/08/29 03:50:38 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -489,7 +489,6 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) case KEY_ED25519_CERT: case KEY_ECDSA_SK_CERT: case KEY_ED25519_SK_CERT: - case KEY_XMSS_CERT: key = sensitive_data.host_certificates[i]; break; default: diff --git a/sshd.c b/sshd.c index 6960193816f5..f77a4a2ec141 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.621 2025/07/04 09:51:01 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.622 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -1672,7 +1672,6 @@ main(int ac, char **av) case KEY_ED25519: case KEY_ECDSA_SK: case KEY_ED25519_SK: - case KEY_XMSS: if (have_agent || key != NULL) sensitive_data.have_ssh2_key = 1; break; diff --git a/sshkey-xmss.c b/sshkey-xmss.c deleted file mode 100644 index 818aba9059df..000000000000 --- a/sshkey-xmss.c +++ /dev/null @@ -1,1113 +0,0 @@ -/* $OpenBSD: sshkey-xmss.c,v 1.12 2022/10/28 00:39:29 djm Exp $ */ -/* - * Copyright (c) 2017 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -#ifdef WITH_XMSS - -#include -#include - -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_FILE_H -# include -#endif - -#include "ssh2.h" -#include "ssherr.h" -#include "sshbuf.h" -#include "cipher.h" -#include "sshkey.h" -#include "sshkey-xmss.h" -#include "atomicio.h" -#include "log.h" - -#include "xmss_fast.h" - -/* opaque internal XMSS state */ -#define XMSS_MAGIC "xmss-state-v1" -#define XMSS_CIPHERNAME "aes256-gcm@openssh.com" -struct ssh_xmss_state { - xmss_params params; - u_int32_t n, w, h, k; - - bds_state bds; - u_char *stack; - u_int32_t stackoffset; - u_char *stacklevels; - u_char *auth; - u_char *keep; - u_char *th_nodes; - u_char *retain; - treehash_inst *treehash; - - u_int32_t idx; /* state read from file */ - u_int32_t maxidx; /* restricted # of signatures */ - int have_state; /* .state file exists */ - int lockfd; /* locked in sshkey_xmss_get_state() */ - u_char allow_update; /* allow sshkey_xmss_update_state() */ - char *enc_ciphername;/* encrypt state with cipher */ - u_char *enc_keyiv; /* encrypt state with key */ - u_int32_t enc_keyiv_len; /* length of enc_keyiv */ -}; - -int sshkey_xmss_init_bds_state(struct sshkey *); -int sshkey_xmss_init_enc_key(struct sshkey *, const char *); -void sshkey_xmss_free_bds(struct sshkey *); -int sshkey_xmss_get_state_from_file(struct sshkey *, const char *, - int *, int); -int sshkey_xmss_encrypt_state(const struct sshkey *, struct sshbuf *, - struct sshbuf **); -int sshkey_xmss_decrypt_state(const struct sshkey *, struct sshbuf *, - struct sshbuf **); -int sshkey_xmss_serialize_enc_key(const struct sshkey *, struct sshbuf *); -int sshkey_xmss_deserialize_enc_key(struct sshkey *, struct sshbuf *); - -#define PRINT(...) do { if (printerror) sshlog(__FILE__, __func__, __LINE__, \ - 0, SYSLOG_LEVEL_ERROR, NULL, __VA_ARGS__); } while (0) - -int -sshkey_xmss_init(struct sshkey *key, const char *name) -{ - struct ssh_xmss_state *state; - - if (key->xmss_state != NULL) - return SSH_ERR_INVALID_FORMAT; - if (name == NULL) - return SSH_ERR_INVALID_FORMAT; - state = calloc(sizeof(struct ssh_xmss_state), 1); - if (state == NULL) - return SSH_ERR_ALLOC_FAIL; - if (strcmp(name, XMSS_SHA2_256_W16_H10_NAME) == 0) { - state->n = 32; - state->w = 16; - state->h = 10; - } else if (strcmp(name, XMSS_SHA2_256_W16_H16_NAME) == 0) { - state->n = 32; - state->w = 16; - state->h = 16; - } else if (strcmp(name, XMSS_SHA2_256_W16_H20_NAME) == 0) { - state->n = 32; - state->w = 16; - state->h = 20; - } else { - free(state); - return SSH_ERR_KEY_TYPE_UNKNOWN; - } - if ((key->xmss_name = strdup(name)) == NULL) { - free(state); - return SSH_ERR_ALLOC_FAIL; - } - state->k = 2; /* XXX hardcoded */ - state->lockfd = -1; - if (xmss_set_params(&state->params, state->n, state->h, state->w, - state->k) != 0) { - free(state); - return SSH_ERR_INVALID_FORMAT; - } - key->xmss_state = state; - return 0; -} - -void -sshkey_xmss_free_state(struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - - sshkey_xmss_free_bds(key); - if (state) { - if (state->enc_keyiv) { - explicit_bzero(state->enc_keyiv, state->enc_keyiv_len); - free(state->enc_keyiv); - } - free(state->enc_ciphername); - free(state); - } - key->xmss_state = NULL; -} - -#define SSH_XMSS_K2_MAGIC "k=2" -#define num_stack(x) ((x->h+1)*(x->n)) -#define num_stacklevels(x) (x->h+1) -#define num_auth(x) ((x->h)*(x->n)) -#define num_keep(x) ((x->h >> 1)*(x->n)) -#define num_th_nodes(x) ((x->h - x->k)*(x->n)) -#define num_retain(x) (((1ULL << x->k) - x->k - 1) * (x->n)) -#define num_treehash(x) ((x->h) - (x->k)) - -int -sshkey_xmss_init_bds_state(struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - u_int32_t i; - - state->stackoffset = 0; - if ((state->stack = calloc(num_stack(state), 1)) == NULL || - (state->stacklevels = calloc(num_stacklevels(state), 1))== NULL || - (state->auth = calloc(num_auth(state), 1)) == NULL || - (state->keep = calloc(num_keep(state), 1)) == NULL || - (state->th_nodes = calloc(num_th_nodes(state), 1)) == NULL || - (state->retain = calloc(num_retain(state), 1)) == NULL || - (state->treehash = calloc(num_treehash(state), - sizeof(treehash_inst))) == NULL) { - sshkey_xmss_free_bds(key); - return SSH_ERR_ALLOC_FAIL; - } - for (i = 0; i < state->h - state->k; i++) - state->treehash[i].node = &state->th_nodes[state->n*i]; - xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, - state->stacklevels, state->auth, state->keep, state->treehash, - state->retain, 0); - return 0; -} - -void -sshkey_xmss_free_bds(struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - - if (state == NULL) - return; - free(state->stack); - free(state->stacklevels); - free(state->auth); - free(state->keep); - free(state->th_nodes); - free(state->retain); - free(state->treehash); - state->stack = NULL; - state->stacklevels = NULL; - state->auth = NULL; - state->keep = NULL; - state->th_nodes = NULL; - state->retain = NULL; - state->treehash = NULL; -} - -void * -sshkey_xmss_params(const struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - - if (state == NULL) - return NULL; - return &state->params; -} - -void * -sshkey_xmss_bds_state(const struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - - if (state == NULL) - return NULL; - return &state->bds; -} - -int -sshkey_xmss_siglen(const struct sshkey *key, size_t *lenp) -{ - struct ssh_xmss_state *state = key->xmss_state; - - if (lenp == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (state == NULL) - return SSH_ERR_INVALID_FORMAT; - *lenp = 4 + state->n + - state->params.wots_par.keysize + - state->h * state->n; - return 0; -} - -size_t -sshkey_xmss_pklen(const struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - - if (state == NULL) - return 0; - return state->n * 2; -} - -size_t -sshkey_xmss_sklen(const struct sshkey *key) -{ - struct ssh_xmss_state *state = key->xmss_state; - - if (state == NULL) - return 0; - return state->n * 4 + 4; -} - -int -sshkey_xmss_init_enc_key(struct sshkey *k, const char *ciphername) -{ - struct ssh_xmss_state *state = k->xmss_state; - const struct sshcipher *cipher; - size_t keylen = 0, ivlen = 0; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((cipher = cipher_by_name(ciphername)) == NULL) - return SSH_ERR_INTERNAL_ERROR; - if ((state->enc_ciphername = strdup(ciphername)) == NULL) - return SSH_ERR_ALLOC_FAIL; - keylen = cipher_keylen(cipher); - ivlen = cipher_ivlen(cipher); - state->enc_keyiv_len = keylen + ivlen; - if ((state->enc_keyiv = calloc(state->enc_keyiv_len, 1)) == NULL) { - free(state->enc_ciphername); - state->enc_ciphername = NULL; - return SSH_ERR_ALLOC_FAIL; - } - arc4random_buf(state->enc_keyiv, state->enc_keyiv_len); - return 0; -} - -int -sshkey_xmss_serialize_enc_key(const struct sshkey *k, struct sshbuf *b) -{ - struct ssh_xmss_state *state = k->xmss_state; - int r; - - if (state == NULL || state->enc_keyiv == NULL || - state->enc_ciphername == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshbuf_put_cstring(b, state->enc_ciphername)) != 0 || - (r = sshbuf_put_string(b, state->enc_keyiv, - state->enc_keyiv_len)) != 0) - return r; - return 0; -} - -int -sshkey_xmss_deserialize_enc_key(struct sshkey *k, struct sshbuf *b) -{ - struct ssh_xmss_state *state = k->xmss_state; - size_t len; - int r; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshbuf_get_cstring(b, &state->enc_ciphername, NULL)) != 0 || - (r = sshbuf_get_string(b, &state->enc_keyiv, &len)) != 0) - return r; - state->enc_keyiv_len = len; - return 0; -} - -int -sshkey_xmss_serialize_pk_info(const struct sshkey *k, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - struct ssh_xmss_state *state = k->xmss_state; - u_char have_info = 1; - u_int32_t idx; - int r; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (opts != SSHKEY_SERIALIZE_INFO) - return 0; - idx = k->xmss_sk ? PEEK_U32(k->xmss_sk) : state->idx; - if ((r = sshbuf_put_u8(b, have_info)) != 0 || - (r = sshbuf_put_u32(b, idx)) != 0 || - (r = sshbuf_put_u32(b, state->maxidx)) != 0) - return r; - return 0; -} - -int -sshkey_xmss_deserialize_pk_info(struct sshkey *k, struct sshbuf *b) -{ - struct ssh_xmss_state *state = k->xmss_state; - u_char have_info; - int r; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - /* optional */ - if (sshbuf_len(b) == 0) - return 0; - if ((r = sshbuf_get_u8(b, &have_info)) != 0) - return r; - if (have_info != 1) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshbuf_get_u32(b, &state->idx)) != 0 || - (r = sshbuf_get_u32(b, &state->maxidx)) != 0) - return r; - return 0; -} - -int -sshkey_xmss_generate_private_key(struct sshkey *k, int bits) -{ - int r; - const char *name; - - if (bits == 10) { - name = XMSS_SHA2_256_W16_H10_NAME; - } else if (bits == 16) { - name = XMSS_SHA2_256_W16_H16_NAME; - } else if (bits == 20) { - name = XMSS_SHA2_256_W16_H20_NAME; - } else { - name = XMSS_DEFAULT_NAME; - } - if ((r = sshkey_xmss_init(k, name)) != 0 || - (r = sshkey_xmss_init_bds_state(k)) != 0 || - (r = sshkey_xmss_init_enc_key(k, XMSS_CIPHERNAME)) != 0) - return r; - if ((k->xmss_pk = malloc(sshkey_xmss_pklen(k))) == NULL || - (k->xmss_sk = malloc(sshkey_xmss_sklen(k))) == NULL) { - return SSH_ERR_ALLOC_FAIL; - } - xmss_keypair(k->xmss_pk, k->xmss_sk, sshkey_xmss_bds_state(k), - sshkey_xmss_params(k)); - return 0; -} - -int -sshkey_xmss_get_state_from_file(struct sshkey *k, const char *filename, - int *have_file, int printerror) -{ - struct sshbuf *b = NULL, *enc = NULL; - int ret = SSH_ERR_SYSTEM_ERROR, r, fd = -1; - u_int32_t len; - unsigned char buf[4], *data = NULL; - - *have_file = 0; - if ((fd = open(filename, O_RDONLY)) >= 0) { - *have_file = 1; - if (atomicio(read, fd, buf, sizeof(buf)) != sizeof(buf)) { - PRINT("corrupt state file: %s", filename); - goto done; - } - len = PEEK_U32(buf); - if ((data = calloc(len, 1)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto done; - } - if (atomicio(read, fd, data, len) != len) { - PRINT("cannot read blob: %s", filename); - goto done; - } - if ((enc = sshbuf_from(data, len)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto done; - } - sshkey_xmss_free_bds(k); - if ((r = sshkey_xmss_decrypt_state(k, enc, &b)) != 0) { - ret = r; - goto done; - } - if ((r = sshkey_xmss_deserialize_state(k, b)) != 0) { - ret = r; - goto done; - } - ret = 0; - } -done: - if (fd != -1) - close(fd); - free(data); - sshbuf_free(enc); - sshbuf_free(b); - return ret; -} - -int -sshkey_xmss_get_state(const struct sshkey *k, int printerror) -{ - struct ssh_xmss_state *state = k->xmss_state; - u_int32_t idx = 0; - char *filename = NULL; - char *statefile = NULL, *ostatefile = NULL, *lockfile = NULL; - int lockfd = -1, have_state = 0, have_ostate, tries = 0; - int ret = SSH_ERR_INVALID_ARGUMENT, r; - - if (state == NULL) - goto done; - /* - * If maxidx is set, then we are allowed a limited number - * of signatures, but don't need to access the disk. - * Otherwise we need to deal with the on-disk state. - */ - if (state->maxidx) { - /* xmss_sk always contains the current state */ - idx = PEEK_U32(k->xmss_sk); - if (idx < state->maxidx) { - state->allow_update = 1; - return 0; - } - return SSH_ERR_INVALID_ARGUMENT; - } - if ((filename = k->xmss_filename) == NULL) - goto done; - if (asprintf(&lockfile, "%s.lock", filename) == -1 || - asprintf(&statefile, "%s.state", filename) == -1 || - asprintf(&ostatefile, "%s.ostate", filename) == -1) { - ret = SSH_ERR_ALLOC_FAIL; - goto done; - } - if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) == -1) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("cannot open/create: %s", lockfile); - goto done; - } - while (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { - if (errno != EWOULDBLOCK) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("cannot lock: %s", lockfile); - goto done; - } - if (++tries > 10) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("giving up on: %s", lockfile); - goto done; - } - usleep(1000*100*tries); - } - /* XXX no longer const */ - if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k, - statefile, &have_state, printerror)) != 0) { - if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k, - ostatefile, &have_ostate, printerror)) == 0) { - state->allow_update = 1; - r = sshkey_xmss_forward_state(k, 1); - state->idx = PEEK_U32(k->xmss_sk); - state->allow_update = 0; - } - } - if (!have_state && !have_ostate) { - /* check that bds state is initialized */ - if (state->bds.auth == NULL) - goto done; - PRINT("start from scratch idx 0: %u", state->idx); - } else if (r != 0) { - ret = r; - goto done; - } - if (state->idx + 1 < state->idx) { - PRINT("state wrap: %u", state->idx); - goto done; - } - state->have_state = have_state; - state->lockfd = lockfd; - state->allow_update = 1; - lockfd = -1; - ret = 0; -done: - if (lockfd != -1) - close(lockfd); - free(lockfile); - free(statefile); - free(ostatefile); - return ret; -} - -int -sshkey_xmss_forward_state(const struct sshkey *k, u_int32_t reserve) -{ - struct ssh_xmss_state *state = k->xmss_state; - u_char *sig = NULL; - size_t required_siglen; - unsigned long long smlen; - u_char data; - int ret, r; - - if (state == NULL || !state->allow_update) - return SSH_ERR_INVALID_ARGUMENT; - if (reserve == 0) - return SSH_ERR_INVALID_ARGUMENT; - if (state->idx + reserve <= state->idx) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshkey_xmss_siglen(k, &required_siglen)) != 0) - return r; - if ((sig = malloc(required_siglen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - while (reserve-- > 0) { - state->idx = PEEK_U32(k->xmss_sk); - smlen = required_siglen; - if ((ret = xmss_sign(k->xmss_sk, sshkey_xmss_bds_state(k), - sig, &smlen, &data, 0, sshkey_xmss_params(k))) != 0) { - r = SSH_ERR_INVALID_ARGUMENT; - break; - } - } - free(sig); - return r; -} - -int -sshkey_xmss_update_state(const struct sshkey *k, int printerror) -{ - struct ssh_xmss_state *state = k->xmss_state; - struct sshbuf *b = NULL, *enc = NULL; - u_int32_t idx = 0; - unsigned char buf[4]; - char *filename = NULL; - char *statefile = NULL, *ostatefile = NULL, *nstatefile = NULL; - int fd = -1; - int ret = SSH_ERR_INVALID_ARGUMENT; - - if (state == NULL || !state->allow_update) - return ret; - if (state->maxidx) { - /* no update since the number of signatures is limited */ - ret = 0; - goto done; - } - idx = PEEK_U32(k->xmss_sk); - if (idx == state->idx) { - /* no signature happened, no need to update */ - ret = 0; - goto done; - } else if (idx != state->idx + 1) { - PRINT("more than one signature happened: idx %u state %u", - idx, state->idx); - goto done; - } - state->idx = idx; - if ((filename = k->xmss_filename) == NULL) - goto done; - if (asprintf(&statefile, "%s.state", filename) == -1 || - asprintf(&ostatefile, "%s.ostate", filename) == -1 || - asprintf(&nstatefile, "%s.nstate", filename) == -1) { - ret = SSH_ERR_ALLOC_FAIL; - goto done; - } - unlink(nstatefile); - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto done; - } - if ((ret = sshkey_xmss_serialize_state(k, b)) != 0) { - PRINT("SERLIALIZE FAILED: %d", ret); - goto done; - } - if ((ret = sshkey_xmss_encrypt_state(k, b, &enc)) != 0) { - PRINT("ENCRYPT FAILED: %d", ret); - goto done; - } - if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) == -1) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("open new state file: %s", nstatefile); - goto done; - } - POKE_U32(buf, sshbuf_len(enc)); - if (atomicio(vwrite, fd, buf, sizeof(buf)) != sizeof(buf)) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("write new state file hdr: %s", nstatefile); - close(fd); - goto done; - } - if (atomicio(vwrite, fd, sshbuf_mutable_ptr(enc), sshbuf_len(enc)) != - sshbuf_len(enc)) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("write new state file data: %s", nstatefile); - close(fd); - goto done; - } - if (fsync(fd) == -1) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("sync new state file: %s", nstatefile); - close(fd); - goto done; - } - if (close(fd) == -1) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("close new state file: %s", nstatefile); - goto done; - } - if (state->have_state) { - unlink(ostatefile); - if (link(statefile, ostatefile)) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("backup state %s to %s", statefile, ostatefile); - goto done; - } - } - if (rename(nstatefile, statefile) == -1) { - ret = SSH_ERR_SYSTEM_ERROR; - PRINT("rename %s to %s", nstatefile, statefile); - goto done; - } - ret = 0; -done: - if (state->lockfd != -1) { - close(state->lockfd); - state->lockfd = -1; - } - if (nstatefile) - unlink(nstatefile); - free(statefile); - free(ostatefile); - free(nstatefile); - sshbuf_free(b); - sshbuf_free(enc); - return ret; -} - -int -sshkey_xmss_serialize_state(const struct sshkey *k, struct sshbuf *b) -{ - struct ssh_xmss_state *state = k->xmss_state; - treehash_inst *th; - u_int32_t i, node; - int r; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (state->stack == NULL) - return SSH_ERR_INVALID_ARGUMENT; - state->stackoffset = state->bds.stackoffset; /* copy back */ - if ((r = sshbuf_put_cstring(b, SSH_XMSS_K2_MAGIC)) != 0 || - (r = sshbuf_put_u32(b, state->idx)) != 0 || - (r = sshbuf_put_string(b, state->stack, num_stack(state))) != 0 || - (r = sshbuf_put_u32(b, state->stackoffset)) != 0 || - (r = sshbuf_put_string(b, state->stacklevels, num_stacklevels(state))) != 0 || - (r = sshbuf_put_string(b, state->auth, num_auth(state))) != 0 || - (r = sshbuf_put_string(b, state->keep, num_keep(state))) != 0 || - (r = sshbuf_put_string(b, state->th_nodes, num_th_nodes(state))) != 0 || - (r = sshbuf_put_string(b, state->retain, num_retain(state))) != 0 || - (r = sshbuf_put_u32(b, num_treehash(state))) != 0) - return r; - for (i = 0; i < num_treehash(state); i++) { - th = &state->treehash[i]; - node = th->node - state->th_nodes; - if ((r = sshbuf_put_u32(b, th->h)) != 0 || - (r = sshbuf_put_u32(b, th->next_idx)) != 0 || - (r = sshbuf_put_u32(b, th->stackusage)) != 0 || - (r = sshbuf_put_u8(b, th->completed)) != 0 || - (r = sshbuf_put_u32(b, node)) != 0) - return r; - } - return 0; -} - -int -sshkey_xmss_serialize_state_opt(const struct sshkey *k, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - struct ssh_xmss_state *state = k->xmss_state; - int r = SSH_ERR_INVALID_ARGUMENT; - u_char have_stack, have_filename, have_enc; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = sshbuf_put_u8(b, opts)) != 0) - return r; - switch (opts) { - case SSHKEY_SERIALIZE_STATE: - r = sshkey_xmss_serialize_state(k, b); - break; - case SSHKEY_SERIALIZE_FULL: - if ((r = sshkey_xmss_serialize_enc_key(k, b)) != 0) - return r; - r = sshkey_xmss_serialize_state(k, b); - break; - case SSHKEY_SERIALIZE_SHIELD: - /* all of stack/filename/enc are optional */ - have_stack = state->stack != NULL; - if ((r = sshbuf_put_u8(b, have_stack)) != 0) - return r; - if (have_stack) { - state->idx = PEEK_U32(k->xmss_sk); /* update */ - if ((r = sshkey_xmss_serialize_state(k, b)) != 0) - return r; - } - have_filename = k->xmss_filename != NULL; - if ((r = sshbuf_put_u8(b, have_filename)) != 0) - return r; - if (have_filename && - (r = sshbuf_put_cstring(b, k->xmss_filename)) != 0) - return r; - have_enc = state->enc_keyiv != NULL; - if ((r = sshbuf_put_u8(b, have_enc)) != 0) - return r; - if (have_enc && - (r = sshkey_xmss_serialize_enc_key(k, b)) != 0) - return r; - if ((r = sshbuf_put_u32(b, state->maxidx)) != 0 || - (r = sshbuf_put_u8(b, state->allow_update)) != 0) - return r; - break; - case SSHKEY_SERIALIZE_DEFAULT: - r = 0; - break; - default: - r = SSH_ERR_INVALID_ARGUMENT; - break; - } - return r; -} - -int -sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) -{ - struct ssh_xmss_state *state = k->xmss_state; - treehash_inst *th; - u_int32_t i, lh, node; - size_t ls, lsl, la, lk, ln, lr; - char *magic; - int r = SSH_ERR_INTERNAL_ERROR; - - if (state == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (k->xmss_sk == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((state->treehash = calloc(num_treehash(state), - sizeof(treehash_inst))) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_get_cstring(b, &magic, NULL)) != 0 || - (r = sshbuf_get_u32(b, &state->idx)) != 0 || - (r = sshbuf_get_string(b, &state->stack, &ls)) != 0 || - (r = sshbuf_get_u32(b, &state->stackoffset)) != 0 || - (r = sshbuf_get_string(b, &state->stacklevels, &lsl)) != 0 || - (r = sshbuf_get_string(b, &state->auth, &la)) != 0 || - (r = sshbuf_get_string(b, &state->keep, &lk)) != 0 || - (r = sshbuf_get_string(b, &state->th_nodes, &ln)) != 0 || - (r = sshbuf_get_string(b, &state->retain, &lr)) != 0 || - (r = sshbuf_get_u32(b, &lh)) != 0) - goto out; - if (strcmp(magic, SSH_XMSS_K2_MAGIC) != 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - /* XXX check stackoffset */ - if (ls != num_stack(state) || - lsl != num_stacklevels(state) || - la != num_auth(state) || - lk != num_keep(state) || - ln != num_th_nodes(state) || - lr != num_retain(state) || - lh != num_treehash(state)) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - for (i = 0; i < num_treehash(state); i++) { - th = &state->treehash[i]; - if ((r = sshbuf_get_u32(b, &th->h)) != 0 || - (r = sshbuf_get_u32(b, &th->next_idx)) != 0 || - (r = sshbuf_get_u32(b, &th->stackusage)) != 0 || - (r = sshbuf_get_u8(b, &th->completed)) != 0 || - (r = sshbuf_get_u32(b, &node)) != 0) - goto out; - if (node < num_th_nodes(state)) - th->node = &state->th_nodes[node]; - } - POKE_U32(k->xmss_sk, state->idx); - xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, - state->stacklevels, state->auth, state->keep, state->treehash, - state->retain, 0); - /* success */ - r = 0; - out: - free(magic); - return r; -} - -int -sshkey_xmss_deserialize_state_opt(struct sshkey *k, struct sshbuf *b) -{ - struct ssh_xmss_state *state = k->xmss_state; - enum sshkey_serialize_rep opts; - u_char have_state, have_stack, have_filename, have_enc; - int r; - - if ((r = sshbuf_get_u8(b, &have_state)) != 0) - return r; - - opts = have_state; - switch (opts) { - case SSHKEY_SERIALIZE_DEFAULT: - r = 0; - break; - case SSHKEY_SERIALIZE_SHIELD: - if ((r = sshbuf_get_u8(b, &have_stack)) != 0) - return r; - if (have_stack && - (r = sshkey_xmss_deserialize_state(k, b)) != 0) - return r; - if ((r = sshbuf_get_u8(b, &have_filename)) != 0) - return r; - if (have_filename && - (r = sshbuf_get_cstring(b, &k->xmss_filename, NULL)) != 0) - return r; - if ((r = sshbuf_get_u8(b, &have_enc)) != 0) - return r; - if (have_enc && - (r = sshkey_xmss_deserialize_enc_key(k, b)) != 0) - return r; - if ((r = sshbuf_get_u32(b, &state->maxidx)) != 0 || - (r = sshbuf_get_u8(b, &state->allow_update)) != 0) - return r; - break; - case SSHKEY_SERIALIZE_STATE: - if ((r = sshkey_xmss_deserialize_state(k, b)) != 0) - return r; - break; - case SSHKEY_SERIALIZE_FULL: - if ((r = sshkey_xmss_deserialize_enc_key(k, b)) != 0 || - (r = sshkey_xmss_deserialize_state(k, b)) != 0) - return r; - break; - default: - r = SSH_ERR_INVALID_FORMAT; - break; - } - return r; -} - -int -sshkey_xmss_encrypt_state(const struct sshkey *k, struct sshbuf *b, - struct sshbuf **retp) -{ - struct ssh_xmss_state *state = k->xmss_state; - struct sshbuf *encrypted = NULL, *encoded = NULL, *padded = NULL; - struct sshcipher_ctx *ciphercontext = NULL; - const struct sshcipher *cipher; - u_char *cp, *key, *iv = NULL; - size_t i, keylen, ivlen, blocksize, authlen, encrypted_len, aadlen; - int r = SSH_ERR_INTERNAL_ERROR; - - if (retp != NULL) - *retp = NULL; - if (state == NULL || - state->enc_keyiv == NULL || - state->enc_ciphername == NULL) - return SSH_ERR_INTERNAL_ERROR; - if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { - r = SSH_ERR_INTERNAL_ERROR; - goto out; - } - blocksize = cipher_blocksize(cipher); - keylen = cipher_keylen(cipher); - ivlen = cipher_ivlen(cipher); - authlen = cipher_authlen(cipher); - if (state->enc_keyiv_len != keylen + ivlen) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - key = state->enc_keyiv; - if ((encrypted = sshbuf_new()) == NULL || - (encoded = sshbuf_new()) == NULL || - (padded = sshbuf_new()) == NULL || - (iv = malloc(ivlen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - /* replace first 4 bytes of IV with index to ensure uniqueness */ - memcpy(iv, key + keylen, ivlen); - POKE_U32(iv, state->idx); - - if ((r = sshbuf_put(encoded, XMSS_MAGIC, sizeof(XMSS_MAGIC))) != 0 || - (r = sshbuf_put_u32(encoded, state->idx)) != 0) - goto out; - - /* padded state will be encrypted */ - if ((r = sshbuf_putb(padded, b)) != 0) - goto out; - i = 0; - while (sshbuf_len(padded) % blocksize) { - if ((r = sshbuf_put_u8(padded, ++i & 0xff)) != 0) - goto out; - } - encrypted_len = sshbuf_len(padded); - - /* header including the length of state is used as AAD */ - if ((r = sshbuf_put_u32(encoded, encrypted_len)) != 0) - goto out; - aadlen = sshbuf_len(encoded); - - /* concat header and state */ - if ((r = sshbuf_putb(encoded, padded)) != 0) - goto out; - - /* reserve space for encryption of encoded data plus auth tag */ - /* encrypt at offset addlen */ - if ((r = sshbuf_reserve(encrypted, - encrypted_len + aadlen + authlen, &cp)) != 0 || - (r = cipher_init(&ciphercontext, cipher, key, keylen, - iv, ivlen, 1)) != 0 || - (r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(encoded), - encrypted_len, aadlen, authlen)) != 0) - goto out; - - /* success */ - r = 0; - out: - if (retp != NULL) { - *retp = encrypted; - encrypted = NULL; - } - sshbuf_free(padded); - sshbuf_free(encoded); - sshbuf_free(encrypted); - cipher_free(ciphercontext); - free(iv); - return r; -} - -int -sshkey_xmss_decrypt_state(const struct sshkey *k, struct sshbuf *encoded, - struct sshbuf **retp) -{ - struct ssh_xmss_state *state = k->xmss_state; - struct sshbuf *copy = NULL, *decrypted = NULL; - struct sshcipher_ctx *ciphercontext = NULL; - const struct sshcipher *cipher = NULL; - u_char *key, *iv = NULL, *dp; - size_t keylen, ivlen, authlen, aadlen; - u_int blocksize, encrypted_len, index; - int r = SSH_ERR_INTERNAL_ERROR; - - if (retp != NULL) - *retp = NULL; - if (state == NULL || - state->enc_keyiv == NULL || - state->enc_ciphername == NULL) - return SSH_ERR_INTERNAL_ERROR; - if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - blocksize = cipher_blocksize(cipher); - keylen = cipher_keylen(cipher); - ivlen = cipher_ivlen(cipher); - authlen = cipher_authlen(cipher); - if (state->enc_keyiv_len != keylen + ivlen) { - r = SSH_ERR_INTERNAL_ERROR; - goto out; - } - key = state->enc_keyiv; - - if ((copy = sshbuf_fromb(encoded)) == NULL || - (decrypted = sshbuf_new()) == NULL || - (iv = malloc(ivlen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - /* check magic */ - if (sshbuf_len(encoded) < sizeof(XMSS_MAGIC) || - memcmp(sshbuf_ptr(encoded), XMSS_MAGIC, sizeof(XMSS_MAGIC))) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* parse public portion */ - if ((r = sshbuf_consume(encoded, sizeof(XMSS_MAGIC))) != 0 || - (r = sshbuf_get_u32(encoded, &index)) != 0 || - (r = sshbuf_get_u32(encoded, &encrypted_len)) != 0) - goto out; - - /* check size of encrypted key blob */ - if (encrypted_len < blocksize || (encrypted_len % blocksize) != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* check that an appropriate amount of auth data is present */ - if (sshbuf_len(encoded) < authlen || - sshbuf_len(encoded) - authlen < encrypted_len) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - aadlen = sshbuf_len(copy) - sshbuf_len(encoded); - - /* replace first 4 bytes of IV with index to ensure uniqueness */ - memcpy(iv, key + keylen, ivlen); - POKE_U32(iv, index); - - /* decrypt private state of key */ - if ((r = sshbuf_reserve(decrypted, aadlen + encrypted_len, &dp)) != 0 || - (r = cipher_init(&ciphercontext, cipher, key, keylen, - iv, ivlen, 0)) != 0 || - (r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(copy), - encrypted_len, aadlen, authlen)) != 0) - goto out; - - /* there should be no trailing data */ - if ((r = sshbuf_consume(encoded, encrypted_len + authlen)) != 0) - goto out; - if (sshbuf_len(encoded) != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* remove AAD */ - if ((r = sshbuf_consume(decrypted, aadlen)) != 0) - goto out; - /* XXX encrypted includes unchecked padding */ - - /* success */ - r = 0; - if (retp != NULL) { - *retp = decrypted; - decrypted = NULL; - } - out: - cipher_free(ciphercontext); - sshbuf_free(copy); - sshbuf_free(decrypted); - free(iv); - return r; -} - -u_int32_t -sshkey_xmss_signatures_left(const struct sshkey *k) -{ - struct ssh_xmss_state *state = k->xmss_state; - u_int32_t idx; - - if (sshkey_type_plain(k->type) == KEY_XMSS && state && - state->maxidx) { - idx = k->xmss_sk ? PEEK_U32(k->xmss_sk) : state->idx; - if (idx < state->maxidx) - return state->maxidx - idx; - } - return 0; -} - -int -sshkey_xmss_enable_maxsign(struct sshkey *k, u_int32_t maxsign) -{ - struct ssh_xmss_state *state = k->xmss_state; - - if (sshkey_type_plain(k->type) != KEY_XMSS) - return SSH_ERR_INVALID_ARGUMENT; - if (maxsign == 0) - return 0; - if (state->idx + maxsign < state->idx) - return SSH_ERR_INVALID_ARGUMENT; - state->maxidx = state->idx + maxsign; - return 0; -} -#endif /* WITH_XMSS */ diff --git a/sshkey-xmss.h b/sshkey-xmss.h deleted file mode 100644 index ab8b9c905a96..000000000000 --- a/sshkey-xmss.h +++ /dev/null @@ -1,56 +0,0 @@ -/* $OpenBSD: sshkey-xmss.h,v 1.4 2022/10/28 00:39:29 djm Exp $ */ -/* - * Copyright (c) 2017 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef SSHKEY_XMSS_H -#define SSHKEY_XMSS_H - -#define XMSS_SHA2_256_W16_H10_NAME "XMSS_SHA2-256_W16_H10" -#define XMSS_SHA2_256_W16_H16_NAME "XMSS_SHA2-256_W16_H16" -#define XMSS_SHA2_256_W16_H20_NAME "XMSS_SHA2-256_W16_H20" -#define XMSS_DEFAULT_NAME XMSS_SHA2_256_W16_H10_NAME - -size_t sshkey_xmss_pklen(const struct sshkey *); -size_t sshkey_xmss_sklen(const struct sshkey *); -int sshkey_xmss_init(struct sshkey *, const char *); -void sshkey_xmss_free_state(struct sshkey *); -int sshkey_xmss_generate_private_key(struct sshkey *, int); -int sshkey_xmss_serialize_state(const struct sshkey *, struct sshbuf *); -int sshkey_xmss_serialize_state_opt(const struct sshkey *, struct sshbuf *, - enum sshkey_serialize_rep); -int sshkey_xmss_serialize_pk_info(const struct sshkey *, struct sshbuf *, - enum sshkey_serialize_rep); -int sshkey_xmss_deserialize_state(struct sshkey *, struct sshbuf *); -int sshkey_xmss_deserialize_state_opt(struct sshkey *, struct sshbuf *); -int sshkey_xmss_deserialize_pk_info(struct sshkey *, struct sshbuf *); - -int sshkey_xmss_siglen(const struct sshkey *, size_t *); -void *sshkey_xmss_params(const struct sshkey *); -void *sshkey_xmss_bds_state(const struct sshkey *); -int sshkey_xmss_get_state(const struct sshkey *, int); -int sshkey_xmss_enable_maxsign(struct sshkey *, u_int32_t); -int sshkey_xmss_forward_state(const struct sshkey *, u_int32_t); -int sshkey_xmss_update_state(const struct sshkey *, int); -u_int32_t sshkey_xmss_signatures_left(const struct sshkey *); - -#endif /* SSHKEY_XMSS_H */ diff --git a/sshkey.c b/sshkey.c index 3b1335d99725..6b3e24ec44e1 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.151 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.152 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -62,11 +62,6 @@ #include "ssh-sk.h" #include "ssh-pkcs11.h" -#ifdef WITH_XMSS -#include "sshkey-xmss.h" -#include "xmss_fast.h" -#endif - #include "openbsd-compat/openssl-compat.h" /* openssh private key file format */ @@ -88,8 +83,6 @@ #define SSHKEY_SHIELD_CIPHER "aes256-ctr" /* XXX want AES-EME* */ #define SSHKEY_SHIELD_PREKEY_HASH SSH_DIGEST_SHA512 -int sshkey_private_serialize_opt(struct sshkey *key, - struct sshbuf *buf, enum sshkey_serialize_rep); static int sshkey_from_blob_internal(struct sshbuf *buf, struct sshkey **keyp, int allow_cert); @@ -121,10 +114,6 @@ extern const struct sshkey_impl sshkey_rsa_sha256_cert_impl; extern const struct sshkey_impl sshkey_rsa_sha512_impl; extern const struct sshkey_impl sshkey_rsa_sha512_cert_impl; #endif /* WITH_OPENSSL */ -#ifdef WITH_XMSS -extern const struct sshkey_impl sshkey_xmss_impl; -extern const struct sshkey_impl sshkey_xmss_cert_impl; -#endif const struct sshkey_impl * const keyimpls[] = { &sshkey_ed25519_impl, @@ -156,10 +145,6 @@ const struct sshkey_impl * const keyimpls[] = { &sshkey_rsa_sha512_impl, &sshkey_rsa_sha512_cert_impl, #endif /* WITH_OPENSSL */ -#ifdef WITH_XMSS - &sshkey_xmss_impl, - &sshkey_xmss_cert_impl, -#endif NULL }; @@ -452,8 +437,6 @@ sshkey_type_plain(int type) return KEY_ED25519; case KEY_ED25519_SK_CERT: return KEY_ED25519_SK; - case KEY_XMSS_CERT: - return KEY_XMSS; default: return type; } @@ -474,8 +457,6 @@ sshkey_type_certified(int type) return KEY_ED25519_CERT; case KEY_ED25519_SK: return KEY_ED25519_SK_CERT; - case KEY_XMSS: - return KEY_XMSS_CERT; default: return -1; } @@ -919,17 +900,10 @@ sshkey_puts_opts_internal(const struct sshkey *key, struct sshbuf *b, return r; } -int -sshkey_puts_opts(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - return sshkey_puts_opts_internal(key, b, opts, 0); -} - int sshkey_puts(const struct sshkey *key, struct sshbuf *b) { - return sshkey_puts_opts(key, b, SSHKEY_SERIALIZE_DEFAULT); + return sshkey_puts_opts_internal(key, b, SSHKEY_SERIALIZE_DEFAULT, 0); } int @@ -1691,8 +1665,7 @@ sshkey_shield_private(struct sshkey *k) } if (sshkey_is_shielded(k) && (r = sshkey_unshield_private(k)) != 0) goto out; - if ((r = sshkey_private_serialize_opt(k, prvbuf, - SSHKEY_SERIALIZE_SHIELD)) != 0) + if ((r = sshkey_private_serialize(k, prvbuf)) != 0) goto out; /* pad to cipher blocksize */ i = 0; @@ -2550,7 +2523,7 @@ sshkey_serialize_private_sk(const struct sshkey *key, struct sshbuf *b) return 0; } -int +static int sshkey_private_serialize_opt(struct sshkey *key, struct sshbuf *buf, enum sshkey_serialize_rep opts) { @@ -2601,6 +2574,7 @@ sshkey_private_serialize(struct sshkey *key, struct sshbuf *b) SSHKEY_SERIALIZE_DEFAULT); } + /* Shared deserialization of FIDO private key components */ int sshkey_private_deserialize_sk(struct sshbuf *buf, struct sshkey *k) @@ -2660,7 +2634,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) expect_ed25519_pk = k->ed25519_pk; k->sk_application = NULL; k->ed25519_pk = NULL; - /* XXX xmss too or refactor */ } else { if ((k = sshkey_new(type)) == NULL) { r = SSH_ERR_ALLOC_FAIL; @@ -2674,7 +2647,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) if ((r = impl->funcs->deserialize_private(tname, buf, k)) != 0) goto out; - /* XXX xmss too or refactor */ if ((expect_sk_application != NULL && (k->sk_application == NULL || strcmp(expect_sk_application, k->sk_application) != 0)) || (expect_ed25519_pk != NULL && (k->ed25519_pk == NULL || @@ -2919,8 +2891,7 @@ sshkey_private_to_blob2(struct sshkey *prv, struct sshbuf *blob, goto out; /* append private key and comment*/ - if ((r = sshkey_private_serialize_opt(prv, encrypted, - SSHKEY_SERIALIZE_FULL)) != 0 || + if ((r = sshkey_private_serialize(prv, encrypted)) != 0 || (r = sshbuf_put_cstring(encrypted, comment)) != 0) goto out; @@ -3400,9 +3371,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_SK: -#ifdef WITH_XMSS - case KEY_XMSS: -#endif /* WITH_XMSS */ #ifdef WITH_OPENSSL case KEY_ECDSA_SK: #endif /* WITH_OPENSSL */ @@ -3664,24 +3632,16 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, if (commentp != NULL) *commentp = NULL; - switch (type) { - case KEY_XMSS: - /* No fallback for new-format-only keys */ - return sshkey_parse_private2(blob, type, passphrase, - keyp, commentp); - default: - r = sshkey_parse_private2(blob, type, passphrase, keyp, - commentp); - /* Only fallback to PEM parser if a format error occurred. */ - if (r != SSH_ERR_INVALID_FORMAT) - return r; + r = sshkey_parse_private2(blob, type, passphrase, keyp, commentp); + /* Only fallback to PEM parser if a format error occurred. */ + if (r != SSH_ERR_INVALID_FORMAT) + return r; #ifdef WITH_OPENSSL - return sshkey_parse_private_pem_fileblob(blob, type, - passphrase, keyp); + return sshkey_parse_private_pem_fileblob(blob, type, + passphrase, keyp); #else - return SSH_ERR_INVALID_FORMAT; + return SSH_ERR_INVALID_FORMAT; #endif /* WITH_OPENSSL */ - } } int @@ -3716,90 +3676,3 @@ sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, int type, return r; return 0; } - -#ifdef WITH_XMSS -/* - * serialize the key with the current state and forward the state - * maxsign times. - */ -int -sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b, - u_int32_t maxsign, int printerror) -{ - int r, rupdate; - - if (maxsign == 0 || - sshkey_type_plain(k->type) != KEY_XMSS) - return sshkey_private_serialize_opt(k, b, - SSHKEY_SERIALIZE_DEFAULT); - if ((r = sshkey_xmss_get_state(k, printerror)) != 0 || - (r = sshkey_private_serialize_opt(k, b, - SSHKEY_SERIALIZE_STATE)) != 0 || - (r = sshkey_xmss_forward_state(k, maxsign)) != 0) - goto out; - r = 0; -out: - if ((rupdate = sshkey_xmss_update_state(k, printerror)) != 0) { - if (r == 0) - r = rupdate; - } - return r; -} - -u_int32_t -sshkey_signatures_left(const struct sshkey *k) -{ - if (sshkey_type_plain(k->type) == KEY_XMSS) - return sshkey_xmss_signatures_left(k); - return 0; -} - -int -sshkey_enable_maxsign(struct sshkey *k, u_int32_t maxsign) -{ - if (sshkey_type_plain(k->type) != KEY_XMSS) - return SSH_ERR_INVALID_ARGUMENT; - return sshkey_xmss_enable_maxsign(k, maxsign); -} - -int -sshkey_set_filename(struct sshkey *k, const char *filename) -{ - if (k == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (sshkey_type_plain(k->type) != KEY_XMSS) - return 0; - if (filename == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((k->xmss_filename = strdup(filename)) == NULL) - return SSH_ERR_ALLOC_FAIL; - return 0; -} -#else -int -sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b, - u_int32_t maxsign, int printerror) -{ - return sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_DEFAULT); -} - -u_int32_t -sshkey_signatures_left(const struct sshkey *k) -{ - return 0; -} - -int -sshkey_enable_maxsign(struct sshkey *k, u_int32_t maxsign) -{ - return SSH_ERR_INVALID_ARGUMENT; -} - -int -sshkey_set_filename(struct sshkey *k, const char *filename) -{ - if (k == NULL) - return SSH_ERR_INVALID_ARGUMENT; - return 0; -} -#endif /* WITH_XMSS */ diff --git a/sshkey.h b/sshkey.h index 77253bc4e12a..c3262b896f06 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.69 2025/07/24 06:12:08 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.70 2025/08/29 03:50:38 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -63,8 +63,6 @@ enum sshkey_types { KEY_RSA_CERT, KEY_ECDSA_CERT, KEY_ED25519_CERT, - KEY_XMSS, - KEY_XMSS_CERT, KEY_ECDSA_SK, KEY_ECDSA_SK_CERT, KEY_ED25519_SK, @@ -87,10 +85,6 @@ enum sshkey_fp_rep { /* Private key serialisation formats, used on the wire */ enum sshkey_serialize_rep { SSHKEY_SERIALIZE_DEFAULT = 0, - SSHKEY_SERIALIZE_STATE = 1, /* only state is serialized */ - SSHKEY_SERIALIZE_FULL = 2, /* include keys for saving to disk */ - SSHKEY_SERIALIZE_SHIELD = 3, /* everything, for encrypting in ram */ - SSHKEY_SERIALIZE_INFO = 254, /* minimal information */ }; /* Private key disk formats */ @@ -130,12 +124,6 @@ struct sshkey { /* KEY_ED25519 and KEY_ED25519_SK */ u_char *ed25519_sk; u_char *ed25519_pk; - /* KEY_XMSS */ - char *xmss_name; - char *xmss_filename; /* for state file updates */ - void *xmss_state; /* depends on xmss_name, opaque */ - u_char *xmss_sk; - u_char *xmss_pk; /* KEY_ECDSA_SK and KEY_ED25519_SK */ char *sk_application; uint8_t sk_flags; @@ -271,8 +259,6 @@ int sshkey_to_blob(const struct sshkey *, u_char **, size_t *); int sshkey_to_base64(const struct sshkey *, char **); int sshkey_putb(const struct sshkey *, struct sshbuf *); int sshkey_puts(const struct sshkey *, struct sshbuf *); -int sshkey_puts_opts(const struct sshkey *, struct sshbuf *, - enum sshkey_serialize_rep); int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *); int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); int sshkey_puts_plain(const struct sshkey *, struct sshbuf *); @@ -297,8 +283,6 @@ void sshkey_dump_ec_key(const EC_KEY *); /* private key parsing and serialisation */ int sshkey_private_serialize(struct sshkey *key, struct sshbuf *buf); -int sshkey_private_serialize_opt(struct sshkey *key, struct sshbuf *buf, - enum sshkey_serialize_rep); int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **keyp); /* private key file format parsing and serialisation */ @@ -325,13 +309,6 @@ int ssh_ed25519_encode_store_sig(const u_char *, size_t, int ssh_rsa_complete_crt_parameters(const BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BIGNUM **, BIGNUM **); -/* stateful keys (e.g. XMSS) */ -int sshkey_set_filename(struct sshkey *, const char *); -int sshkey_enable_maxsign(struct sshkey *, u_int32_t); -u_int32_t sshkey_signatures_left(const struct sshkey *); -int sshkey_private_serialize_maxsign(struct sshkey *key, - struct sshbuf *buf, u_int32_t maxsign, int); - void sshkey_sig_details_free(struct sshkey_sig_details *); #ifdef WITH_OPENSSL diff --git a/xmss_commons.c b/xmss_commons.c deleted file mode 100644 index 8d6b80b6eb79..000000000000 --- a/xmss_commons.c +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: xmss_commons.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ -/* -xmss_commons.c 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#include "includes.h" -#ifdef WITH_XMSS - -#include "xmss_commons.h" -#include -#include -#ifdef HAVE_STDINT_H -# include -#endif - -void to_byte(unsigned char *out, unsigned long long in, uint32_t bytes) -{ - int32_t i; - for (i = bytes-1; i >= 0; i--) { - out[i] = in & 0xff; - in = in >> 8; - } -} - -#if 0 -void hexdump(const unsigned char *a, size_t len) -{ - size_t i; - for (i = 0; i < len; i++) - printf("%02x", a[i]); -} -#endif -#endif /* WITH_XMSS */ diff --git a/xmss_commons.h b/xmss_commons.h deleted file mode 100644 index a98e4799c425..000000000000 --- a/xmss_commons.h +++ /dev/null @@ -1,21 +0,0 @@ -#ifdef WITH_XMSS -/* $OpenBSD: xmss_commons.h,v 1.3 2018/02/26 03:56:44 dtucker Exp $ */ -/* -xmss_commons.h 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ -#ifndef XMSS_COMMONS_H -#define XMSS_COMMONS_H - -#include -#ifdef HAVE_STDINT_H -#include -#endif -#endif -void to_byte(unsigned char *output, unsigned long long in, uint32_t bytes); -#if 0 -void hexdump(const unsigned char *a, size_t len); -#endif -#endif /* WITH_XMSS */ diff --git a/xmss_fast.c b/xmss_fast.c deleted file mode 100644 index 421b39a37a9e..000000000000 --- a/xmss_fast.c +++ /dev/null @@ -1,1106 +0,0 @@ -/* $OpenBSD: xmss_fast.c,v 1.3 2018/03/22 07:06:11 markus Exp $ */ -/* -xmss_fast.c version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#include "includes.h" -#ifdef WITH_XMSS - -#include -#include -#ifdef HAVE_STDINT_H -# include -#endif - -#include "xmss_fast.h" -#include "crypto_api.h" -#include "xmss_wots.h" -#include "xmss_hash.h" - -#include "xmss_commons.h" -#include "xmss_hash_address.h" -// For testing -#include "stdio.h" - - - -/** - * Used for pseudorandom keygeneration, - * generates the seed for the WOTS keypair at address addr - * - * takes n byte sk_seed and returns n byte seed using 32 byte address addr. - */ -static void get_seed(unsigned char *seed, const unsigned char *sk_seed, int n, uint32_t addr[8]) -{ - unsigned char bytes[32]; - // Make sure that chain addr, hash addr, and key bit are 0! - setChainADRS(addr,0); - setHashADRS(addr,0); - setKeyAndMask(addr,0); - // Generate pseudorandom value - addr_to_byte(bytes, addr); - prf(seed, bytes, sk_seed, n); -} - -/** - * Initialize xmss params struct - * parameter names are the same as in the draft - * parameter k is K as used in the BDS algorithm - */ -int xmss_set_params(xmss_params *params, int n, int h, int w, int k) -{ - if (k >= h || k < 2 || (h - k) % 2) { - fprintf(stderr, "For BDS traversal, H - K must be even, with H > K >= 2!\n"); - return 1; - } - params->h = h; - params->n = n; - params->k = k; - wots_params wots_par; - wots_set_params(&wots_par, n, w); - params->wots_par = wots_par; - return 0; -} - -/** - * Initialize BDS state struct - * parameter names are the same as used in the description of the BDS traversal - */ -void xmss_set_bds_state(bds_state *state, unsigned char *stack, int stackoffset, unsigned char *stacklevels, unsigned char *auth, unsigned char *keep, treehash_inst *treehash, unsigned char *retain, int next_leaf) -{ - state->stack = stack; - state->stackoffset = stackoffset; - state->stacklevels = stacklevels; - state->auth = auth; - state->keep = keep; - state->treehash = treehash; - state->retain = retain; - state->next_leaf = next_leaf; -} - -/** - * Initialize xmssmt_params struct - * parameter names are the same as in the draft - * - * Especially h is the total tree height, i.e. the XMSS trees have height h/d - */ -int xmssmt_set_params(xmssmt_params *params, int n, int h, int d, int w, int k) -{ - if (h % d) { - fprintf(stderr, "d must divide h without remainder!\n"); - return 1; - } - params->h = h; - params->d = d; - params->n = n; - params->index_len = (h + 7) / 8; - xmss_params xmss_par; - if (xmss_set_params(&xmss_par, n, (h/d), w, k)) { - return 1; - } - params->xmss_par = xmss_par; - return 0; -} - -/** - * Computes a leaf from a WOTS public key using an L-tree. - */ -static void l_tree(unsigned char *leaf, unsigned char *wots_pk, const xmss_params *params, const unsigned char *pub_seed, uint32_t addr[8]) -{ - unsigned int l = params->wots_par.len; - unsigned int n = params->n; - uint32_t i = 0; - uint32_t height = 0; - uint32_t bound; - - //ADRS.setTreeHeight(0); - setTreeHeight(addr, height); - - while (l > 1) { - bound = l >> 1; //floor(l / 2); - for (i = 0; i < bound; i++) { - //ADRS.setTreeIndex(i); - setTreeIndex(addr, i); - //wots_pk[i] = RAND_HASH(pk[2i], pk[2i + 1], SEED, ADRS); - hash_h(wots_pk+i*n, wots_pk+i*2*n, pub_seed, addr, n); - } - //if ( l % 2 == 1 ) { - if (l & 1) { - //pk[floor(l / 2) + 1] = pk[l]; - memcpy(wots_pk+(l>>1)*n, wots_pk+(l-1)*n, n); - //l = ceil(l / 2); - l=(l>>1)+1; - } - else { - //l = ceil(l / 2); - l=(l>>1); - } - //ADRS.setTreeHeight(ADRS.getTreeHeight() + 1); - height++; - setTreeHeight(addr, height); - } - //return pk[0]; - memcpy(leaf, wots_pk, n); -} - -/** - * Computes the leaf at a given address. First generates the WOTS key pair, then computes leaf using l_tree. As this happens position independent, we only require that addr encodes the right ltree-address. - */ -static void gen_leaf_wots(unsigned char *leaf, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, uint32_t ltree_addr[8], uint32_t ots_addr[8]) -{ - unsigned char seed[params->n]; - unsigned char pk[params->wots_par.keysize]; - - get_seed(seed, sk_seed, params->n, ots_addr); - wots_pkgen(pk, seed, &(params->wots_par), pub_seed, ots_addr); - - l_tree(leaf, pk, params, pub_seed, ltree_addr); -} - -static int treehash_minheight_on_stack(bds_state* state, const xmss_params *params, const treehash_inst *treehash) { - unsigned int r = params->h, i; - for (i = 0; i < treehash->stackusage; i++) { - if (state->stacklevels[state->stackoffset - i - 1] < r) { - r = state->stacklevels[state->stackoffset - i - 1]; - } - } - return r; -} - -/** - * Merkle's TreeHash algorithm. The address only needs to initialize the first 78 bits of addr. Everything else will be set by treehash. - * Currently only used for key generation. - * - */ -static void treehash_setup(unsigned char *node, int height, int index, bds_state *state, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, const uint32_t addr[8]) -{ - unsigned int idx = index; - unsigned int n = params->n; - unsigned int h = params->h; - unsigned int k = params->k; - // use three different addresses because at this point we use all three formats in parallel - uint32_t ots_addr[8]; - uint32_t ltree_addr[8]; - uint32_t node_addr[8]; - // only copy layer and tree address parts - memcpy(ots_addr, addr, 12); - // type = ots - setType(ots_addr, 0); - memcpy(ltree_addr, addr, 12); - setType(ltree_addr, 1); - memcpy(node_addr, addr, 12); - setType(node_addr, 2); - - uint32_t lastnode, i; - unsigned char stack[(height+1)*n]; - unsigned int stacklevels[height+1]; - unsigned int stackoffset=0; - unsigned int nodeh; - - lastnode = idx+(1<treehash[i].h = i; - state->treehash[i].completed = 1; - state->treehash[i].stackusage = 0; - } - - i = 0; - for (; idx < lastnode; idx++) { - setLtreeADRS(ltree_addr, idx); - setOTSADRS(ots_addr, idx); - gen_leaf_wots(stack+stackoffset*n, sk_seed, params, pub_seed, ltree_addr, ots_addr); - stacklevels[stackoffset] = 0; - stackoffset++; - if (h - k > 0 && i == 3) { - memcpy(state->treehash[0].node, stack+stackoffset*n, n); - } - while (stackoffset>1 && stacklevels[stackoffset-1] == stacklevels[stackoffset-2]) - { - nodeh = stacklevels[stackoffset-1]; - if (i >> nodeh == 1) { - memcpy(state->auth + nodeh*n, stack+(stackoffset-1)*n, n); - } - else { - if (nodeh < h - k && i >> nodeh == 3) { - memcpy(state->treehash[nodeh].node, stack+(stackoffset-1)*n, n); - } - else if (nodeh >= h - k) { - memcpy(state->retain + ((1 << (h - 1 - nodeh)) + nodeh - h + (((i >> nodeh) - 3) >> 1)) * n, stack+(stackoffset-1)*n, n); - } - } - setTreeHeight(node_addr, stacklevels[stackoffset-1]); - setTreeIndex(node_addr, (idx >> (stacklevels[stackoffset-1]+1))); - hash_h(stack+(stackoffset-2)*n, stack+(stackoffset-2)*n, pub_seed, - node_addr, n); - stacklevels[stackoffset-2]++; - stackoffset--; - } - i++; - } - - for (i = 0; i < n; i++) - node[i] = stack[i]; -} - -static void treehash_update(treehash_inst *treehash, bds_state *state, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, const uint32_t addr[8]) { - int n = params->n; - - uint32_t ots_addr[8]; - uint32_t ltree_addr[8]; - uint32_t node_addr[8]; - // only copy layer and tree address parts - memcpy(ots_addr, addr, 12); - // type = ots - setType(ots_addr, 0); - memcpy(ltree_addr, addr, 12); - setType(ltree_addr, 1); - memcpy(node_addr, addr, 12); - setType(node_addr, 2); - - setLtreeADRS(ltree_addr, treehash->next_idx); - setOTSADRS(ots_addr, treehash->next_idx); - - unsigned char nodebuffer[2 * n]; - unsigned int nodeheight = 0; - gen_leaf_wots(nodebuffer, sk_seed, params, pub_seed, ltree_addr, ots_addr); - while (treehash->stackusage > 0 && state->stacklevels[state->stackoffset-1] == nodeheight) { - memcpy(nodebuffer + n, nodebuffer, n); - memcpy(nodebuffer, state->stack + (state->stackoffset-1)*n, n); - setTreeHeight(node_addr, nodeheight); - setTreeIndex(node_addr, (treehash->next_idx >> (nodeheight+1))); - hash_h(nodebuffer, nodebuffer, pub_seed, node_addr, n); - nodeheight++; - treehash->stackusage--; - state->stackoffset--; - } - if (nodeheight == treehash->h) { // this also implies stackusage == 0 - memcpy(treehash->node, nodebuffer, n); - treehash->completed = 1; - } - else { - memcpy(state->stack + state->stackoffset*n, nodebuffer, n); - treehash->stackusage++; - state->stacklevels[state->stackoffset] = nodeheight; - state->stackoffset++; - treehash->next_idx++; - } -} - -/** - * Computes a root node given a leaf and an authapth - */ -static void validate_authpath(unsigned char *root, const unsigned char *leaf, unsigned long leafidx, const unsigned char *authpath, const xmss_params *params, const unsigned char *pub_seed, uint32_t addr[8]) -{ - unsigned int n = params->n; - - uint32_t i, j; - unsigned char buffer[2*n]; - - // If leafidx is odd (last bit = 1), current path element is a right child and authpath has to go to the left. - // Otherwise, it is the other way around - if (leafidx & 1) { - for (j = 0; j < n; j++) - buffer[n+j] = leaf[j]; - for (j = 0; j < n; j++) - buffer[j] = authpath[j]; - } - else { - for (j = 0; j < n; j++) - buffer[j] = leaf[j]; - for (j = 0; j < n; j++) - buffer[n+j] = authpath[j]; - } - authpath += n; - - for (i=0; i < params->h-1; i++) { - setTreeHeight(addr, i); - leafidx >>= 1; - setTreeIndex(addr, leafidx); - if (leafidx&1) { - hash_h(buffer+n, buffer, pub_seed, addr, n); - for (j = 0; j < n; j++) - buffer[j] = authpath[j]; - } - else { - hash_h(buffer, buffer, pub_seed, addr, n); - for (j = 0; j < n; j++) - buffer[j+n] = authpath[j]; - } - authpath += n; - } - setTreeHeight(addr, (params->h-1)); - leafidx >>= 1; - setTreeIndex(addr, leafidx); - hash_h(root, buffer, pub_seed, addr, n); -} - -/** - * Performs one treehash update on the instance that needs it the most. - * Returns 1 if such an instance was not found - **/ -static char bds_treehash_update(bds_state *state, unsigned int updates, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, const uint32_t addr[8]) { - uint32_t i, j; - unsigned int level, l_min, low; - unsigned int h = params->h; - unsigned int k = params->k; - unsigned int used = 0; - - for (j = 0; j < updates; j++) { - l_min = h; - level = h - k; - for (i = 0; i < h - k; i++) { - if (state->treehash[i].completed) { - low = h; - } - else if (state->treehash[i].stackusage == 0) { - low = i; - } - else { - low = treehash_minheight_on_stack(state, params, &(state->treehash[i])); - } - if (low < l_min) { - level = i; - l_min = low; - } - } - if (level == h - k) { - break; - } - treehash_update(&(state->treehash[level]), state, sk_seed, params, pub_seed, addr); - used++; - } - return updates - used; -} - -/** - * Updates the state (typically NEXT_i) by adding a leaf and updating the stack - * Returns 1 if all leaf nodes have already been processed - **/ -static char bds_state_update(bds_state *state, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, const uint32_t addr[8]) { - uint32_t ltree_addr[8]; - uint32_t node_addr[8]; - uint32_t ots_addr[8]; - - int n = params->n; - int h = params->h; - int k = params->k; - - int nodeh; - int idx = state->next_leaf; - if (idx == 1 << h) { - return 1; - } - - // only copy layer and tree address parts - memcpy(ots_addr, addr, 12); - // type = ots - setType(ots_addr, 0); - memcpy(ltree_addr, addr, 12); - setType(ltree_addr, 1); - memcpy(node_addr, addr, 12); - setType(node_addr, 2); - - setOTSADRS(ots_addr, idx); - setLtreeADRS(ltree_addr, idx); - - gen_leaf_wots(state->stack+state->stackoffset*n, sk_seed, params, pub_seed, ltree_addr, ots_addr); - - state->stacklevels[state->stackoffset] = 0; - state->stackoffset++; - if (h - k > 0 && idx == 3) { - memcpy(state->treehash[0].node, state->stack+state->stackoffset*n, n); - } - while (state->stackoffset>1 && state->stacklevels[state->stackoffset-1] == state->stacklevels[state->stackoffset-2]) { - nodeh = state->stacklevels[state->stackoffset-1]; - if (idx >> nodeh == 1) { - memcpy(state->auth + nodeh*n, state->stack+(state->stackoffset-1)*n, n); - } - else { - if (nodeh < h - k && idx >> nodeh == 3) { - memcpy(state->treehash[nodeh].node, state->stack+(state->stackoffset-1)*n, n); - } - else if (nodeh >= h - k) { - memcpy(state->retain + ((1 << (h - 1 - nodeh)) + nodeh - h + (((idx >> nodeh) - 3) >> 1)) * n, state->stack+(state->stackoffset-1)*n, n); - } - } - setTreeHeight(node_addr, state->stacklevels[state->stackoffset-1]); - setTreeIndex(node_addr, (idx >> (state->stacklevels[state->stackoffset-1]+1))); - hash_h(state->stack+(state->stackoffset-2)*n, state->stack+(state->stackoffset-2)*n, pub_seed, node_addr, n); - - state->stacklevels[state->stackoffset-2]++; - state->stackoffset--; - } - state->next_leaf++; - return 0; -} - -/** - * Returns the auth path for node leaf_idx and computes the auth path for the - * next leaf node, using the algorithm described by Buchmann, Dahmen and Szydlo - * in "Post Quantum Cryptography", Springer 2009. - */ -static void bds_round(bds_state *state, const unsigned long leaf_idx, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, uint32_t addr[8]) -{ - unsigned int i; - unsigned int n = params->n; - unsigned int h = params->h; - unsigned int k = params->k; - - unsigned int tau = h; - unsigned int startidx; - unsigned int offset, rowidx; - unsigned char buf[2 * n]; - - uint32_t ots_addr[8]; - uint32_t ltree_addr[8]; - uint32_t node_addr[8]; - // only copy layer and tree address parts - memcpy(ots_addr, addr, 12); - // type = ots - setType(ots_addr, 0); - memcpy(ltree_addr, addr, 12); - setType(ltree_addr, 1); - memcpy(node_addr, addr, 12); - setType(node_addr, 2); - - for (i = 0; i < h; i++) { - if (! ((leaf_idx >> i) & 1)) { - tau = i; - break; - } - } - - if (tau > 0) { - memcpy(buf, state->auth + (tau-1) * n, n); - // we need to do this before refreshing state->keep to prevent overwriting - memcpy(buf + n, state->keep + ((tau-1) >> 1) * n, n); - } - if (!((leaf_idx >> (tau + 1)) & 1) && (tau < h - 1)) { - memcpy(state->keep + (tau >> 1)*n, state->auth + tau*n, n); - } - if (tau == 0) { - setLtreeADRS(ltree_addr, leaf_idx); - setOTSADRS(ots_addr, leaf_idx); - gen_leaf_wots(state->auth, sk_seed, params, pub_seed, ltree_addr, ots_addr); - } - else { - setTreeHeight(node_addr, (tau-1)); - setTreeIndex(node_addr, leaf_idx >> tau); - hash_h(state->auth + tau * n, buf, pub_seed, node_addr, n); - for (i = 0; i < tau; i++) { - if (i < h - k) { - memcpy(state->auth + i * n, state->treehash[i].node, n); - } - else { - offset = (1 << (h - 1 - i)) + i - h; - rowidx = ((leaf_idx >> i) - 1) >> 1; - memcpy(state->auth + i * n, state->retain + (offset + rowidx) * n, n); - } - } - - for (i = 0; i < ((tau < h - k) ? tau : (h - k)); i++) { - startidx = leaf_idx + 1 + 3 * (1 << i); - if (startidx < 1U << h) { - state->treehash[i].h = i; - state->treehash[i].next_idx = startidx; - state->treehash[i].completed = 0; - state->treehash[i].stackusage = 0; - } - } - } -} - -/* - * Generates a XMSS key pair for a given parameter set. - * Format sk: [(32bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] - * Format pk: [root || PUB_SEED] omitting algo oid. - */ -int xmss_keypair(unsigned char *pk, unsigned char *sk, bds_state *state, xmss_params *params) -{ - unsigned int n = params->n; - // Set idx = 0 - sk[0] = 0; - sk[1] = 0; - sk[2] = 0; - sk[3] = 0; - // Init SK_SEED (n byte), SK_PRF (n byte), and PUB_SEED (n byte) - randombytes(sk+4, 3*n); - // Copy PUB_SEED to public key - memcpy(pk+n, sk+4+2*n, n); - - uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - - // Compute root - treehash_setup(pk, params->h, 0, state, sk+4, params, sk+4+2*n, addr); - // copy root to sk - memcpy(sk+4+3*n, pk, n); - return 0; -} - -/** - * Signs a message. - * Returns - * 1. an array containing the signature followed by the message AND - * 2. an updated secret key! - * - */ -int xmss_sign(unsigned char *sk, bds_state *state, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmss_params *params) -{ - unsigned int h = params->h; - unsigned int n = params->n; - unsigned int k = params->k; - uint16_t i = 0; - - // Extract SK - unsigned long idx = ((unsigned long)sk[0] << 24) | ((unsigned long)sk[1] << 16) | ((unsigned long)sk[2] << 8) | sk[3]; - unsigned char sk_seed[n]; - memcpy(sk_seed, sk+4, n); - unsigned char sk_prf[n]; - memcpy(sk_prf, sk+4+n, n); - unsigned char pub_seed[n]; - memcpy(pub_seed, sk+4+2*n, n); - - // index as 32 bytes string - unsigned char idx_bytes_32[32]; - to_byte(idx_bytes_32, idx, 32); - - unsigned char hash_key[3*n]; - - // Update SK - sk[0] = ((idx + 1) >> 24) & 255; - sk[1] = ((idx + 1) >> 16) & 255; - sk[2] = ((idx + 1) >> 8) & 255; - sk[3] = (idx + 1) & 255; - // -- Secret key for this non-forward-secure version is now updated. - // -- A productive implementation should use a file handle instead and write the updated secret key at this point! - - // Init working params - unsigned char R[n]; - unsigned char msg_h[n]; - unsigned char ots_seed[n]; - uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - - // --------------------------------- - // Message Hashing - // --------------------------------- - - // Message Hash: - // First compute pseudorandom value - prf(R, idx_bytes_32, sk_prf, n); - // Generate hash key (R || root || idx) - memcpy(hash_key, R, n); - memcpy(hash_key+n, sk+4+3*n, n); - to_byte(hash_key+2*n, idx, n); - // Then use it for message digest - h_msg(msg_h, msg, msglen, hash_key, 3*n, n); - - // Start collecting signature - *sig_msg_len = 0; - - // Copy index to signature - sig_msg[0] = (idx >> 24) & 255; - sig_msg[1] = (idx >> 16) & 255; - sig_msg[2] = (idx >> 8) & 255; - sig_msg[3] = idx & 255; - - sig_msg += 4; - *sig_msg_len += 4; - - // Copy R to signature - for (i = 0; i < n; i++) - sig_msg[i] = R[i]; - - sig_msg += n; - *sig_msg_len += n; - - // ---------------------------------- - // Now we start to "really sign" - // ---------------------------------- - - // Prepare Address - setType(ots_addr, 0); - setOTSADRS(ots_addr, idx); - - // Compute seed for OTS key pair - get_seed(ots_seed, sk_seed, n, ots_addr); - - // Compute WOTS signature - wots_sign(sig_msg, msg_h, ots_seed, &(params->wots_par), pub_seed, ots_addr); - - sig_msg += params->wots_par.keysize; - *sig_msg_len += params->wots_par.keysize; - - // the auth path was already computed during the previous round - memcpy(sig_msg, state->auth, h*n); - - if (idx < (1U << h) - 1) { - bds_round(state, idx, sk_seed, params, pub_seed, ots_addr); - bds_treehash_update(state, (h - k) >> 1, sk_seed, params, pub_seed, ots_addr); - } - -/* TODO: save key/bds state here! */ - - sig_msg += params->h*n; - *sig_msg_len += params->h*n; - - //Whipe secret elements? - //zerobytes(tsk, CRYPTO_SECRETKEYBYTES); - - - memcpy(sig_msg, msg, msglen); - *sig_msg_len += msglen; - - return 0; -} - -/** - * Verifies a given message signature pair under a given public key. - */ -int xmss_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmss_params *params) -{ - unsigned int n = params->n; - - unsigned long long i, m_len; - unsigned long idx=0; - unsigned char wots_pk[params->wots_par.keysize]; - unsigned char pkhash[n]; - unsigned char root[n]; - unsigned char msg_h[n]; - unsigned char hash_key[3*n]; - - unsigned char pub_seed[n]; - memcpy(pub_seed, pk+n, n); - - // Init addresses - uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - uint32_t ltree_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - uint32_t node_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - - setType(ots_addr, 0); - setType(ltree_addr, 1); - setType(node_addr, 2); - - // Extract index - idx = ((unsigned long)sig_msg[0] << 24) | ((unsigned long)sig_msg[1] << 16) | ((unsigned long)sig_msg[2] << 8) | sig_msg[3]; - printf("verify:: idx = %lu\n", idx); - - // Generate hash key (R || root || idx) - memcpy(hash_key, sig_msg+4,n); - memcpy(hash_key+n, pk, n); - to_byte(hash_key+2*n, idx, n); - - sig_msg += (n+4); - sig_msg_len -= (n+4); - - // hash message - unsigned long long tmp_sig_len = params->wots_par.keysize+params->h*n; - m_len = sig_msg_len - tmp_sig_len; - h_msg(msg_h, sig_msg + tmp_sig_len, m_len, hash_key, 3*n, n); - - //----------------------- - // Verify signature - //----------------------- - - // Prepare Address - setOTSADRS(ots_addr, idx); - // Check WOTS signature - wots_pkFromSig(wots_pk, sig_msg, msg_h, &(params->wots_par), pub_seed, ots_addr); - - sig_msg += params->wots_par.keysize; - sig_msg_len -= params->wots_par.keysize; - - // Compute Ltree - setLtreeADRS(ltree_addr, idx); - l_tree(pkhash, wots_pk, params, pub_seed, ltree_addr); - - // Compute root - validate_authpath(root, pkhash, idx, sig_msg, params, pub_seed, node_addr); - - sig_msg += params->h*n; - sig_msg_len -= params->h*n; - - for (i = 0; i < n; i++) - if (root[i] != pk[i]) - goto fail; - - *msglen = sig_msg_len; - for (i = 0; i < *msglen; i++) - msg[i] = sig_msg[i]; - - return 0; - - -fail: - *msglen = sig_msg_len; - for (i = 0; i < *msglen; i++) - msg[i] = 0; - *msglen = -1; - return -1; -} - -/* - * Generates a XMSSMT key pair for a given parameter set. - * Format sk: [(ceil(h/8) bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] - * Format pk: [root || PUB_SEED] omitting algo oid. - */ -int xmssmt_keypair(unsigned char *pk, unsigned char *sk, bds_state *states, unsigned char *wots_sigs, xmssmt_params *params) -{ - unsigned int n = params->n; - unsigned int i; - unsigned char ots_seed[params->n]; - // Set idx = 0 - for (i = 0; i < params->index_len; i++) { - sk[i] = 0; - } - // Init SK_SEED (n byte), SK_PRF (n byte), and PUB_SEED (n byte) - randombytes(sk+params->index_len, 3*n); - // Copy PUB_SEED to public key - memcpy(pk+n, sk+params->index_len+2*n, n); - - // Set address to point on the single tree on layer d-1 - uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - setLayerADRS(addr, (params->d-1)); - // Set up state and compute wots signatures for all but topmost tree root - for (i = 0; i < params->d - 1; i++) { - // Compute seed for OTS key pair - treehash_setup(pk, params->xmss_par.h, 0, states + i, sk+params->index_len, &(params->xmss_par), pk+n, addr); - setLayerADRS(addr, (i+1)); - get_seed(ots_seed, sk+params->index_len, n, addr); - wots_sign(wots_sigs + i*params->xmss_par.wots_par.keysize, pk, ots_seed, &(params->xmss_par.wots_par), pk+n, addr); - } - treehash_setup(pk, params->xmss_par.h, 0, states + i, sk+params->index_len, &(params->xmss_par), pk+n, addr); - memcpy(sk+params->index_len+3*n, pk, n); - return 0; -} - -/** - * Signs a message. - * Returns - * 1. an array containing the signature followed by the message AND - * 2. an updated secret key! - * - */ -int xmssmt_sign(unsigned char *sk, bds_state *states, unsigned char *wots_sigs, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmssmt_params *params) -{ - unsigned int n = params->n; - - unsigned int tree_h = params->xmss_par.h; - unsigned int h = params->h; - unsigned int k = params->xmss_par.k; - unsigned int idx_len = params->index_len; - uint64_t idx_tree; - uint32_t idx_leaf; - uint64_t i, j; - int needswap_upto = -1; - unsigned int updates; - - unsigned char sk_seed[n]; - unsigned char sk_prf[n]; - unsigned char pub_seed[n]; - // Init working params - unsigned char R[n]; - unsigned char msg_h[n]; - unsigned char hash_key[3*n]; - unsigned char ots_seed[n]; - uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - unsigned char idx_bytes_32[32]; - bds_state tmp; - - // Extract SK - unsigned long long idx = 0; - for (i = 0; i < idx_len; i++) { - idx |= ((unsigned long long)sk[i]) << 8*(idx_len - 1 - i); - } - - memcpy(sk_seed, sk+idx_len, n); - memcpy(sk_prf, sk+idx_len+n, n); - memcpy(pub_seed, sk+idx_len+2*n, n); - - // Update SK - for (i = 0; i < idx_len; i++) { - sk[i] = ((idx + 1) >> 8*(idx_len - 1 - i)) & 255; - } - // -- Secret key for this non-forward-secure version is now updated. - // -- A productive implementation should use a file handle instead and write the updated secret key at this point! - - - // --------------------------------- - // Message Hashing - // --------------------------------- - - // Message Hash: - // First compute pseudorandom value - to_byte(idx_bytes_32, idx, 32); - prf(R, idx_bytes_32, sk_prf, n); - // Generate hash key (R || root || idx) - memcpy(hash_key, R, n); - memcpy(hash_key+n, sk+idx_len+3*n, n); - to_byte(hash_key+2*n, idx, n); - - // Then use it for message digest - h_msg(msg_h, msg, msglen, hash_key, 3*n, n); - - // Start collecting signature - *sig_msg_len = 0; - - // Copy index to signature - for (i = 0; i < idx_len; i++) { - sig_msg[i] = (idx >> 8*(idx_len - 1 - i)) & 255; - } - - sig_msg += idx_len; - *sig_msg_len += idx_len; - - // Copy R to signature - for (i = 0; i < n; i++) - sig_msg[i] = R[i]; - - sig_msg += n; - *sig_msg_len += n; - - // ---------------------------------- - // Now we start to "really sign" - // ---------------------------------- - - // Handle lowest layer separately as it is slightly different... - - // Prepare Address - setType(ots_addr, 0); - idx_tree = idx >> tree_h; - idx_leaf = (idx & ((1 << tree_h)-1)); - setLayerADRS(ots_addr, 0); - setTreeADRS(ots_addr, idx_tree); - setOTSADRS(ots_addr, idx_leaf); - - // Compute seed for OTS key pair - get_seed(ots_seed, sk_seed, n, ots_addr); - - // Compute WOTS signature - wots_sign(sig_msg, msg_h, ots_seed, &(params->xmss_par.wots_par), pub_seed, ots_addr); - - sig_msg += params->xmss_par.wots_par.keysize; - *sig_msg_len += params->xmss_par.wots_par.keysize; - - memcpy(sig_msg, states[0].auth, tree_h*n); - sig_msg += tree_h*n; - *sig_msg_len += tree_h*n; - - // prepare signature of remaining layers - for (i = 1; i < params->d; i++) { - // put WOTS signature in place - memcpy(sig_msg, wots_sigs + (i-1)*params->xmss_par.wots_par.keysize, params->xmss_par.wots_par.keysize); - - sig_msg += params->xmss_par.wots_par.keysize; - *sig_msg_len += params->xmss_par.wots_par.keysize; - - // put AUTH nodes in place - memcpy(sig_msg, states[i].auth, tree_h*n); - sig_msg += tree_h*n; - *sig_msg_len += tree_h*n; - } - - updates = (tree_h - k) >> 1; - - setTreeADRS(addr, (idx_tree + 1)); - // mandatory update for NEXT_0 (does not count towards h-k/2) if NEXT_0 exists - if ((1 + idx_tree) * (1 << tree_h) + idx_leaf < (1ULL << h)) { - bds_state_update(&states[params->d], sk_seed, &(params->xmss_par), pub_seed, addr); - } - - for (i = 0; i < params->d; i++) { - // check if we're not at the end of a tree - if (! (((idx + 1) & ((1ULL << ((i+1)*tree_h)) - 1)) == 0)) { - idx_leaf = (idx >> (tree_h * i)) & ((1 << tree_h)-1); - idx_tree = (idx >> (tree_h * (i+1))); - setLayerADRS(addr, i); - setTreeADRS(addr, idx_tree); - if (i == (unsigned int) (needswap_upto + 1)) { - bds_round(&states[i], idx_leaf, sk_seed, &(params->xmss_par), pub_seed, addr); - } - updates = bds_treehash_update(&states[i], updates, sk_seed, &(params->xmss_par), pub_seed, addr); - setTreeADRS(addr, (idx_tree + 1)); - // if a NEXT-tree exists for this level; - if ((1 + idx_tree) * (1 << tree_h) + idx_leaf < (1ULL << (h - tree_h * i))) { - if (i > 0 && updates > 0 && states[params->d + i].next_leaf < (1ULL << h)) { - bds_state_update(&states[params->d + i], sk_seed, &(params->xmss_par), pub_seed, addr); - updates--; - } - } - } - else if (idx < (1ULL << h) - 1) { - memcpy(&tmp, states+params->d + i, sizeof(bds_state)); - memcpy(states+params->d + i, states + i, sizeof(bds_state)); - memcpy(states + i, &tmp, sizeof(bds_state)); - - setLayerADRS(ots_addr, (i+1)); - setTreeADRS(ots_addr, ((idx + 1) >> ((i+2) * tree_h))); - setOTSADRS(ots_addr, (((idx >> ((i+1) * tree_h)) + 1) & ((1 << tree_h)-1))); - - get_seed(ots_seed, sk+params->index_len, n, ots_addr); - wots_sign(wots_sigs + i*params->xmss_par.wots_par.keysize, states[i].stack, ots_seed, &(params->xmss_par.wots_par), pub_seed, ots_addr); - - states[params->d + i].stackoffset = 0; - states[params->d + i].next_leaf = 0; - - updates--; // WOTS-signing counts as one update - needswap_upto = i; - for (j = 0; j < tree_h-k; j++) { - states[i].treehash[j].completed = 1; - } - } - } - - //Whipe secret elements? - //zerobytes(tsk, CRYPTO_SECRETKEYBYTES); - - memcpy(sig_msg, msg, msglen); - *sig_msg_len += msglen; - - return 0; -} - -/** - * Verifies a given message signature pair under a given public key. - */ -int xmssmt_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmssmt_params *params) -{ - unsigned int n = params->n; - - unsigned int tree_h = params->xmss_par.h; - unsigned int idx_len = params->index_len; - uint64_t idx_tree; - uint32_t idx_leaf; - - unsigned long long i, m_len; - unsigned long long idx=0; - unsigned char wots_pk[params->xmss_par.wots_par.keysize]; - unsigned char pkhash[n]; - unsigned char root[n]; - unsigned char msg_h[n]; - unsigned char hash_key[3*n]; - - unsigned char pub_seed[n]; - memcpy(pub_seed, pk+n, n); - - // Init addresses - uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - uint32_t ltree_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - uint32_t node_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - - // Extract index - for (i = 0; i < idx_len; i++) { - idx |= ((unsigned long long)sig_msg[i]) << (8*(idx_len - 1 - i)); - } - printf("verify:: idx = %llu\n", idx); - sig_msg += idx_len; - sig_msg_len -= idx_len; - - // Generate hash key (R || root || idx) - memcpy(hash_key, sig_msg,n); - memcpy(hash_key+n, pk, n); - to_byte(hash_key+2*n, idx, n); - - sig_msg += n; - sig_msg_len -= n; - - - // hash message (recall, R is now on pole position at sig_msg - unsigned long long tmp_sig_len = (params->d * params->xmss_par.wots_par.keysize) + (params->h * n); - m_len = sig_msg_len - tmp_sig_len; - h_msg(msg_h, sig_msg + tmp_sig_len, m_len, hash_key, 3*n, n); - - - //----------------------- - // Verify signature - //----------------------- - - // Prepare Address - idx_tree = idx >> tree_h; - idx_leaf = (idx & ((1 << tree_h)-1)); - setLayerADRS(ots_addr, 0); - setTreeADRS(ots_addr, idx_tree); - setType(ots_addr, 0); - - memcpy(ltree_addr, ots_addr, 12); - setType(ltree_addr, 1); - - memcpy(node_addr, ltree_addr, 12); - setType(node_addr, 2); - - setOTSADRS(ots_addr, idx_leaf); - - // Check WOTS signature - wots_pkFromSig(wots_pk, sig_msg, msg_h, &(params->xmss_par.wots_par), pub_seed, ots_addr); - - sig_msg += params->xmss_par.wots_par.keysize; - sig_msg_len -= params->xmss_par.wots_par.keysize; - - // Compute Ltree - setLtreeADRS(ltree_addr, idx_leaf); - l_tree(pkhash, wots_pk, &(params->xmss_par), pub_seed, ltree_addr); - - // Compute root - validate_authpath(root, pkhash, idx_leaf, sig_msg, &(params->xmss_par), pub_seed, node_addr); - - sig_msg += tree_h*n; - sig_msg_len -= tree_h*n; - - for (i = 1; i < params->d; i++) { - // Prepare Address - idx_leaf = (idx_tree & ((1 << tree_h)-1)); - idx_tree = idx_tree >> tree_h; - - setLayerADRS(ots_addr, i); - setTreeADRS(ots_addr, idx_tree); - setType(ots_addr, 0); - - memcpy(ltree_addr, ots_addr, 12); - setType(ltree_addr, 1); - - memcpy(node_addr, ltree_addr, 12); - setType(node_addr, 2); - - setOTSADRS(ots_addr, idx_leaf); - - // Check WOTS signature - wots_pkFromSig(wots_pk, sig_msg, root, &(params->xmss_par.wots_par), pub_seed, ots_addr); - - sig_msg += params->xmss_par.wots_par.keysize; - sig_msg_len -= params->xmss_par.wots_par.keysize; - - // Compute Ltree - setLtreeADRS(ltree_addr, idx_leaf); - l_tree(pkhash, wots_pk, &(params->xmss_par), pub_seed, ltree_addr); - - // Compute root - validate_authpath(root, pkhash, idx_leaf, sig_msg, &(params->xmss_par), pub_seed, node_addr); - - sig_msg += tree_h*n; - sig_msg_len -= tree_h*n; - - } - - for (i = 0; i < n; i++) - if (root[i] != pk[i]) - goto fail; - - *msglen = sig_msg_len; - for (i = 0; i < *msglen; i++) - msg[i] = sig_msg[i]; - - return 0; - - -fail: - *msglen = sig_msg_len; - for (i = 0; i < *msglen; i++) - msg[i] = 0; - *msglen = -1; - return -1; -} -#endif /* WITH_XMSS */ diff --git a/xmss_fast.h b/xmss_fast.h deleted file mode 100644 index 2ffba7057baf..000000000000 --- a/xmss_fast.h +++ /dev/null @@ -1,111 +0,0 @@ -#ifdef WITH_XMSS -/* $OpenBSD: xmss_fast.h,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ -/* -xmss_fast.h version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#include "xmss_wots.h" - -#ifndef XMSS_H -#define XMSS_H -typedef struct{ - unsigned int level; - unsigned long long subtree; - unsigned int subleaf; -} leafaddr; - -typedef struct{ - wots_params wots_par; - unsigned int n; - unsigned int h; - unsigned int k; -} xmss_params; - -typedef struct{ - xmss_params xmss_par; - unsigned int n; - unsigned int h; - unsigned int d; - unsigned int index_len; -} xmssmt_params; - -typedef struct{ - unsigned int h; - unsigned int next_idx; - unsigned int stackusage; - unsigned char completed; - unsigned char *node; -} treehash_inst; - -typedef struct { - unsigned char *stack; - unsigned int stackoffset; - unsigned char *stacklevels; - unsigned char *auth; - unsigned char *keep; - treehash_inst *treehash; - unsigned char *retain; - unsigned int next_leaf; -} bds_state; - -/** - * Initialize BDS state struct - * parameter names are the same as used in the description of the BDS traversal - */ -void xmss_set_bds_state(bds_state *state, unsigned char *stack, int stackoffset, unsigned char *stacklevels, unsigned char *auth, unsigned char *keep, treehash_inst *treehash, unsigned char *retain, int next_leaf); -/** - * Initializes parameter set. - * Needed, for any of the other methods. - */ -int xmss_set_params(xmss_params *params, int n, int h, int w, int k); -/** - * Initialize xmssmt_params struct - * parameter names are the same as in the draft - * - * Especially h is the total tree height, i.e. the XMSS trees have height h/d - */ -int xmssmt_set_params(xmssmt_params *params, int n, int h, int d, int w, int k); -/** - * Generates a XMSS key pair for a given parameter set. - * Format sk: [(32bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] - * Format pk: [root || PUB_SEED] omitting algo oid. - */ -int xmss_keypair(unsigned char *pk, unsigned char *sk, bds_state *state, xmss_params *params); -/** - * Signs a message. - * Returns - * 1. an array containing the signature followed by the message AND - * 2. an updated secret key! - * - */ -int xmss_sign(unsigned char *sk, bds_state *state, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg,unsigned long long msglen, const xmss_params *params); -/** - * Verifies a given message signature pair under a given public key. - * - * Note: msg and msglen are pure outputs which carry the message in case verification succeeds. The (input) message is assumed to be within sig_msg which has the form (sig||msg). - */ -int xmss_sign_open(unsigned char *msg,unsigned long long *msglen, const unsigned char *sig_msg,unsigned long long sig_msg_len, const unsigned char *pk, const xmss_params *params); - -/* - * Generates a XMSSMT key pair for a given parameter set. - * Format sk: [(ceil(h/8) bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] - * Format pk: [root || PUB_SEED] omitting algo oid. - */ -int xmssmt_keypair(unsigned char *pk, unsigned char *sk, bds_state *states, unsigned char *wots_sigs, xmssmt_params *params); -/** - * Signs a message. - * Returns - * 1. an array containing the signature followed by the message AND - * 2. an updated secret key! - * - */ -int xmssmt_sign(unsigned char *sk, bds_state *state, unsigned char *wots_sigs, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmssmt_params *params); -/** - * Verifies a given message signature pair under a given public key. - */ -int xmssmt_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmssmt_params *params); -#endif -#endif /* WITH_XMSS */ diff --git a/xmss_hash.c b/xmss_hash.c deleted file mode 100644 index 70c126ae25a3..000000000000 --- a/xmss_hash.c +++ /dev/null @@ -1,137 +0,0 @@ -/* $OpenBSD: xmss_hash.c,v 1.4 2023/12/20 00:06:25 jsg Exp $ */ -/* -hash.c version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#include "includes.h" -#ifdef WITH_XMSS - -#include "xmss_hash_address.h" -#include "xmss_commons.h" -#include "xmss_hash.h" - -#include -#ifdef HAVE_STDINT_H -# include -#endif -#include -#include - -int core_hash_SHA2(unsigned char *, const unsigned int, const unsigned char *, - unsigned int, const unsigned char *, unsigned long long, unsigned int); - -unsigned char* addr_to_byte(unsigned char *bytes, const uint32_t addr[8]){ -#if IS_LITTLE_ENDIAN==1 - int i = 0; - for(i=0;i<8;i++) - to_byte(bytes+i*4, addr[i],4); - return bytes; -#else - memcpy(bytes, addr, 32); - return bytes; -#endif -} - -int core_hash_SHA2(unsigned char *out, const unsigned int type, const unsigned char *key, unsigned int keylen, const unsigned char *in, unsigned long long inlen, unsigned int n){ - unsigned long long i = 0; - unsigned char buf[inlen + n + keylen]; - - // Input is (toByte(X, 32) || KEY || M) - - // set toByte - to_byte(buf, type, n); - - for (i=0; i < keylen; i++) { - buf[i+n] = key[i]; - } - - for (i=0; i < inlen; i++) { - buf[keylen + n + i] = in[i]; - } - - if (n == 32) { - SHA256(buf, inlen + keylen + n, out); - return 0; - } - else { - if (n == 64) { - SHA512(buf, inlen + keylen + n, out); - return 0; - } - } - return 1; -} - -/** - * Implements PRF - */ -int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen) -{ - return core_hash_SHA2(out, 3, key, keylen, in, 32, keylen); -} - -/* - * Implements H_msg - */ -int h_msg(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int keylen, const unsigned int n) -{ - if (keylen != 3*n){ - // H_msg takes 3n-bit keys, but n does not match the keylength of keylen - return -1; - } - return core_hash_SHA2(out, 2, key, keylen, in, inlen, n); -} - -/** - * We assume the left half is in in[0]...in[n-1] - */ -int hash_h(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n) -{ - - unsigned char buf[2*n]; - unsigned char key[n]; - unsigned char bitmask[2*n]; - unsigned char byte_addr[32]; - unsigned int i; - - setKeyAndMask(addr, 0); - addr_to_byte(byte_addr, addr); - prf(key, byte_addr, pub_seed, n); - // Use MSB order - setKeyAndMask(addr, 1); - addr_to_byte(byte_addr, addr); - prf(bitmask, byte_addr, pub_seed, n); - setKeyAndMask(addr, 2); - addr_to_byte(byte_addr, addr); - prf(bitmask+n, byte_addr, pub_seed, n); - for (i = 0; i < 2*n; i++) { - buf[i] = in[i] ^ bitmask[i]; - } - return core_hash_SHA2(out, 1, key, n, buf, 2*n, n); -} - -int hash_f(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n) -{ - unsigned char buf[n]; - unsigned char key[n]; - unsigned char bitmask[n]; - unsigned char byte_addr[32]; - unsigned int i; - - setKeyAndMask(addr, 0); - addr_to_byte(byte_addr, addr); - prf(key, byte_addr, pub_seed, n); - - setKeyAndMask(addr, 1); - addr_to_byte(byte_addr, addr); - prf(bitmask, byte_addr, pub_seed, n); - - for (i = 0; i < n; i++) { - buf[i] = in[i] ^ bitmask[i]; - } - return core_hash_SHA2(out, 0, key, n, buf, n, n); -} -#endif /* WITH_XMSS */ diff --git a/xmss_hash.h b/xmss_hash.h deleted file mode 100644 index d19c62152add..000000000000 --- a/xmss_hash.h +++ /dev/null @@ -1,22 +0,0 @@ -#ifdef WITH_XMSS -/* $OpenBSD: xmss_hash.h,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ -/* -hash.h version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#ifndef HASH_H -#define HASH_H - -#define IS_LITTLE_ENDIAN 1 - -unsigned char* addr_to_byte(unsigned char *bytes, const uint32_t addr[8]); -int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen); -int h_msg(unsigned char *out,const unsigned char *in,unsigned long long inlen, const unsigned char *key, const unsigned int keylen, const unsigned int n); -int hash_h(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n); -int hash_f(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n); - -#endif -#endif /* WITH_XMSS */ diff --git a/xmss_hash_address.c b/xmss_hash_address.c deleted file mode 100644 index 2702c4562bfc..000000000000 --- a/xmss_hash_address.c +++ /dev/null @@ -1,66 +0,0 @@ -/* $OpenBSD: xmss_hash_address.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ -/* -hash_address.c version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ -#include "includes.h" -#ifdef WITH_XMSS - -#ifdef HAVE_STDINT_H -# include -#endif -#include "xmss_hash_address.h" /* prototypes */ - -void setLayerADRS(uint32_t adrs[8], uint32_t layer){ - adrs[0] = layer; -} - -void setTreeADRS(uint32_t adrs[8], uint64_t tree){ - adrs[1] = (uint32_t) (tree >> 32); - adrs[2] = (uint32_t) tree; -} - -void setType(uint32_t adrs[8], uint32_t type){ - adrs[3] = type; - int i; - for(i = 4; i < 8; i++){ - adrs[i] = 0; - } -} - -void setKeyAndMask(uint32_t adrs[8], uint32_t keyAndMask){ - adrs[7] = keyAndMask; -} - -// OTS - -void setOTSADRS(uint32_t adrs[8], uint32_t ots){ - adrs[4] = ots; -} - -void setChainADRS(uint32_t adrs[8], uint32_t chain){ - adrs[5] = chain; -} - -void setHashADRS(uint32_t adrs[8], uint32_t hash){ - adrs[6] = hash; -} - -// L-tree - -void setLtreeADRS(uint32_t adrs[8], uint32_t ltree){ - adrs[4] = ltree; -} - -// Hash Tree & L-tree - -void setTreeHeight(uint32_t adrs[8], uint32_t treeHeight){ - adrs[5] = treeHeight; -} - -void setTreeIndex(uint32_t adrs[8], uint32_t treeIndex){ - adrs[6] = treeIndex; -} -#endif /* WITH_XMSS */ diff --git a/xmss_hash_address.h b/xmss_hash_address.h deleted file mode 100644 index 66bb4cc4d5fa..000000000000 --- a/xmss_hash_address.h +++ /dev/null @@ -1,40 +0,0 @@ -#ifdef WITH_XMSS -/* $OpenBSD: xmss_hash_address.h,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ -/* -hash_address.h version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#ifdef HAVE_STDINT_H -#include -#endif - -void setLayerADRS(uint32_t adrs[8], uint32_t layer); - -void setTreeADRS(uint32_t adrs[8], uint64_t tree); - -void setType(uint32_t adrs[8], uint32_t type); - -void setKeyAndMask(uint32_t adrs[8], uint32_t keyAndMask); - -// OTS - -void setOTSADRS(uint32_t adrs[8], uint32_t ots); - -void setChainADRS(uint32_t adrs[8], uint32_t chain); - -void setHashADRS(uint32_t adrs[8], uint32_t hash); - -// L-tree - -void setLtreeADRS(uint32_t adrs[8], uint32_t ltree); - -// Hash Tree & L-tree - -void setTreeHeight(uint32_t adrs[8], uint32_t treeHeight); - -void setTreeIndex(uint32_t adrs[8], uint32_t treeIndex); - -#endif /* WITH_XMSS */ diff --git a/xmss_wots.c b/xmss_wots.c deleted file mode 100644 index 993e661f6707..000000000000 --- a/xmss_wots.c +++ /dev/null @@ -1,192 +0,0 @@ -/* $OpenBSD: xmss_wots.c,v 1.3 2018/04/10 00:10:49 djm Exp $ */ -/* -wots.c version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#include "includes.h" -#ifdef WITH_XMSS - -#include -#ifdef HAVE_STDINT_H -# include -#endif -#include -#include "xmss_commons.h" -#include "xmss_hash.h" -#include "xmss_wots.h" -#include "xmss_hash_address.h" - - -/* libm-free version of log2() for wots */ -static inline int -wots_log2(uint32_t v) -{ - int b; - - for (b = sizeof (v) * CHAR_BIT - 1; b >= 0; b--) { - if ((1U << b) & v) { - return b; - } - } - return 0; -} - -void -wots_set_params(wots_params *params, int n, int w) -{ - params->n = n; - params->w = w; - params->log_w = wots_log2(params->w); - params->len_1 = (CHAR_BIT * n) / params->log_w; - params->len_2 = (wots_log2(params->len_1 * (w - 1)) / params->log_w) + 1; - params->len = params->len_1 + params->len_2; - params->keysize = params->len * params->n; -} - -/** - * Helper method for pseudorandom key generation - * Expands an n-byte array into a len*n byte array - * this is done using PRF - */ -static void expand_seed(unsigned char *outseeds, const unsigned char *inseed, const wots_params *params) -{ - uint32_t i = 0; - unsigned char ctr[32]; - for(i = 0; i < params->len; i++){ - to_byte(ctr, i, 32); - prf((outseeds + (i*params->n)), ctr, inseed, params->n); - } -} - -/** - * Computes the chaining function. - * out and in have to be n-byte arrays - * - * interprets in as start-th value of the chain - * addr has to contain the address of the chain - */ -static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) -{ - uint32_t i, j; - for (j = 0; j < params->n; j++) - out[j] = in[j]; - - for (i = start; i < (start+steps) && i < params->w; i++) { - setHashADRS(addr, i); - hash_f(out, out, pub_seed, addr, params->n); - } -} - -/** - * base_w algorithm as described in draft. - * - * - */ -static void base_w(int *output, const int out_len, const unsigned char *input, const wots_params *params) -{ - int in = 0; - int out = 0; - uint32_t total = 0; - int bits = 0; - int consumed = 0; - - for (consumed = 0; consumed < out_len; consumed++) { - if (bits == 0) { - total = input[in]; - in++; - bits += 8; - } - bits -= params->log_w; - output[out] = (total >> bits) & (params->w - 1); - out++; - } -} - -void wots_pkgen(unsigned char *pk, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) -{ - uint32_t i; - expand_seed(pk, sk, params); - for (i=0; i < params->len; i++) { - setChainADRS(addr, i); - gen_chain(pk+i*params->n, pk+i*params->n, 0, params->w-1, params, pub_seed, addr); - } -} - - -int wots_sign(unsigned char *sig, const unsigned char *msg, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) -{ - //int basew[params->len]; - int csum = 0; - uint32_t i = 0; - int *basew = calloc(params->len, sizeof(int)); - if (basew == NULL) - return -1; - - base_w(basew, params->len_1, msg, params); - - for (i=0; i < params->len_1; i++) { - csum += params->w - 1 - basew[i]; - } - - csum = csum << (8 - ((params->len_2 * params->log_w) % 8)); - - int len_2_bytes = ((params->len_2 * params->log_w) + 7) / 8; - - unsigned char csum_bytes[len_2_bytes]; - to_byte(csum_bytes, csum, len_2_bytes); - - int csum_basew[params->len_2]; - base_w(csum_basew, params->len_2, csum_bytes, params); - - for (i = 0; i < params->len_2; i++) { - basew[params->len_1 + i] = csum_basew[i]; - } - - expand_seed(sig, sk, params); - - for (i = 0; i < params->len; i++) { - setChainADRS(addr, i); - gen_chain(sig+i*params->n, sig+i*params->n, 0, basew[i], params, pub_seed, addr); - } - free(basew); - return 0; -} - -int wots_pkFromSig(unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) -{ - int csum = 0; - uint32_t i = 0; - int *basew = calloc(params->len, sizeof(int)); - if (basew == NULL) - return -1; - - base_w(basew, params->len_1, msg, params); - - for (i=0; i < params->len_1; i++) { - csum += params->w - 1 - basew[i]; - } - - csum = csum << (8 - ((params->len_2 * params->log_w) % 8)); - - int len_2_bytes = ((params->len_2 * params->log_w) + 7) / 8; - - unsigned char csum_bytes[len_2_bytes]; - to_byte(csum_bytes, csum, len_2_bytes); - - int csum_basew[params->len_2]; - base_w(csum_basew, params->len_2, csum_bytes, params); - - for (i = 0; i < params->len_2; i++) { - basew[params->len_1 + i] = csum_basew[i]; - } - for (i=0; i < params->len; i++) { - setChainADRS(addr, i); - gen_chain(pk+i*params->n, sig+i*params->n, basew[i], params->w-1-basew[i], params, pub_seed, addr); - } - free(basew); - return 0; -} -#endif /* WITH_XMSS */ diff --git a/xmss_wots.h b/xmss_wots.h deleted file mode 100644 index 1eebf3b215df..000000000000 --- a/xmss_wots.h +++ /dev/null @@ -1,64 +0,0 @@ -#ifdef WITH_XMSS -/* $OpenBSD: xmss_wots.h,v 1.3 2018/02/26 12:14:53 dtucker Exp $ */ -/* -wots.h version 20160722 -Andreas Hülsing -Joost Rijneveld -Public domain. -*/ - -#ifndef WOTS_H -#define WOTS_H - -#ifdef HAVE_STDINT_H -#include "stdint.h" -#endif - -/** - * WOTS parameter set - * - * Meaning as defined in draft-irtf-cfrg-xmss-hash-based-signatures-02 - */ -typedef struct { - uint32_t len_1; - uint32_t len_2; - uint32_t len; - uint32_t n; - uint32_t w; - uint32_t log_w; - uint32_t keysize; -} wots_params; - -/** - * Set the WOTS parameters, - * only m, n, w are required as inputs, - * len, len_1, and len_2 are computed from those. - * - * Assumes w is a power of 2 - */ -void wots_set_params(wots_params *params, int n, int w); - -/** - * WOTS key generation. Takes a 32byte seed for the secret key, expands it to a full WOTS secret key and computes the corresponding public key. - * For this it takes the seed pub_seed which is used to generate bitmasks and hash keys and the address of this WOTS key pair addr - * - * params, must have been initialized before using wots_set params for params ! This is not done in this function - * - * Places the computed public key at address pk. - */ -void wots_pkgen(unsigned char *pk, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]); - -/** - * Takes a m-byte message and the 32-byte seed for the secret key to compute a signature that is placed at "sig". - * - */ -int wots_sign(unsigned char *sig, const unsigned char *msg, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]); - -/** - * Takes a WOTS signature, a m-byte message and computes a WOTS public key that it places at pk. - * - */ -int wots_pkFromSig(unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]); - -#endif -#endif /* WITH_XMSS */ From 683d0abe596b069a896f1688f86256f1beeb0cdc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 1 Sep 2025 23:53:16 +0000 Subject: [PATCH 201/687] upstream: Make MaxStartups and PerSourceNetBlockSize first-match-wins as advertised. bz3859 reported by jan.v.hofmann; ok dtucker OpenBSD-Commit-ID: 08f7786f1b3b4a05a106cdbd2dc5f1f2d8299447 --- servconf.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/servconf.c b/servconf.c index 3175f0df8fce..2c51637fd5f0 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.431 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.432 2025/09/01 23:53:16 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1315,7 +1315,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, struct include_list *includes) { char *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword; - int cmdline = 0, *intptr, value, value2, n, port, oactive, r; + int cmdline = 0, *intptr, value, value2, value3, n, port, oactive, r; int ca_only = 0, found = 0; SyslogFacility *log_facility_ptr; LogLevel *log_level_ptr; @@ -2003,25 +2003,27 @@ process_server_config_line_depth(ServerOptions *options, char *line, if (!arg || *arg == '\0') fatal("%s line %d: %s missing argument.", filename, linenum, keyword); + /* begin:rate:max */ if ((n = sscanf(arg, "%d:%d:%d", - &options->max_startups_begin, - &options->max_startups_rate, - &options->max_startups)) == 3) { - if (options->max_startups_begin > - options->max_startups || - options->max_startups_rate > 100 || - options->max_startups_rate < 1) + &value, &value2, &value3)) == 3) { + if (value > value3 || value2 > 100 || value2 < 1) fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); - } else if (n != 1) + } else if (n == 1) { + value3 = value; + value = value2 = -1; + } else { fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); - else - options->max_startups = options->max_startups_begin; - if (options->max_startups <= 0 || - options->max_startups_begin <= 0) + } + if (value3 <= 0 || value <= 0) fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); + if (*activep && options->max_startups == -1) { + options->max_startups_begin = value; + options->max_startups_rate = value2; + options->max_startups = value3; + } break; case sPerSourceNetBlockSize: @@ -2041,7 +2043,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, if (n != 1 && n != 2) fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); - if (*activep) { + if (*activep && options->per_source_masklen_ipv4 == -1) { options->per_source_masklen_ipv4 = value; options->per_source_masklen_ipv6 = value2; } From 9313233a735733821dfd170b70782fb7da492962 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 01:03:43 +0000 Subject: [PATCH 202/687] upstream: fix previous OpenBSD-Commit-ID: 09d95dfb5e064a1d0e74afba8d77474cc1d110a4 --- servconf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/servconf.c b/servconf.c index 2c51637fd5f0..415868b32520 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.432 2025/09/01 23:53:16 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.433 2025/09/02 01:03:43 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2016,7 +2016,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); } - if (value3 <= 0 || value <= 0) + if (value3 <= 0 || (value2 != -1 && value <= 0)) fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); if (*activep && options->max_startups == -1) { From c357c4a1e626feba9a968b5f0cb832b989b2d433 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 21 Aug 2025 05:55:30 +0000 Subject: [PATCH 203/687] upstream: benchmark more diffie-hellman-group* KEXs use current KEX names, i.e. remove the "@openssh.com" where the KEX has been standardised OpenBSD-Regress-ID: a67e9da4efd9a971d39cb2481093f836046f9b7f --- regress/unittests/kex/test_kex.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index 54b826239ae8..0c33e80f869d 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_kex.c,v 1.11 2025/05/06 06:05:48 djm Exp $ */ +/* $OpenBSD: test_kex.c,v 1.12 2025/08/21 05:55:30 djm Exp $ */ /* * Regress test KEX * @@ -162,6 +162,9 @@ do_kex_with_key(char *kex, char *cipher, char *mac, server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; + server2->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; + server2->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; + server2->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; #ifdef OPENSSL_HAS_ECC server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server; #endif /* OPENSSL_HAS_ECC */ @@ -228,7 +231,7 @@ do_kex(char *kex) void kex_tests(void) { - do_kex("curve25519-sha256@libssh.org"); + do_kex("curve25519-sha256"); #ifdef WITH_OPENSSL #ifdef OPENSSL_HAS_ECC do_kex("ecdh-sha2-nistp256"); @@ -239,11 +242,16 @@ kex_tests(void) do_kex("diffie-hellman-group-exchange-sha1"); do_kex("diffie-hellman-group14-sha1"); do_kex("diffie-hellman-group1-sha1"); + if (test_is_benchmark()) { + do_kex("diffie-hellman-group14-sha256"); + do_kex("diffie-hellman-group16-sha512"); + do_kex("diffie-hellman-group18-sha512"); + } # ifdef USE_MLKEM768X25519 do_kex("mlkem768x25519-sha256"); # endif /* USE_MLKEM768X25519 */ # ifdef USE_SNTRUP761X25519 - do_kex("sntrup761x25519-sha512@openssh.com"); + do_kex("sntrup761x25519-sha512"); # endif /* USE_SNTRUP761X25519 */ #endif /* WITH_OPENSSL */ } From 19f7cb39eecb4b8f768f37e8294dc3a9142e022b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 1 Sep 2025 23:55:29 +0000 Subject: [PATCH 204/687] upstream: test MaxStatups idempotency; ok dtucker@ OpenBSD-Regress-ID: b5d713c2709000fa5e41d82c0cf8627e13cb43f9 --- regress/cfgparse.sh | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/regress/cfgparse.sh b/regress/cfgparse.sh index a9e5c6b09ee2..fc0afb0ce3cb 100644 --- a/regress/cfgparse.sh +++ b/regress/cfgparse.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgparse.sh,v 1.7 2018/05/11 03:51:06 dtucker Exp $ +# $OpenBSD: cfgparse.sh,v 1.8 2025/09/01 23:55:29 djm Exp $ # Placed in the Public Domain. tid="sshd config parse" @@ -51,7 +51,7 @@ listenaddress ::1 EOD ($SUDO ${SSHD} -T -f $OBJ/sshd_config.1 | \ - grep 'listenaddress ' >$OBJ/sshd_config.2 && + grep '^listenaddress ' >$OBJ/sshd_config.2 && diff $OBJ/sshd_config.0 $OBJ/sshd_config.2) || \ fail "listenaddress order 1" # test 2: listenaddress first @@ -67,9 +67,22 @@ listenaddress ::1 EOD ($SUDO ${SSHD} -T -f $OBJ/sshd_config.1 | \ - grep 'listenaddress ' >$OBJ/sshd_config.2 && + grep '^listenaddress ' >$OBJ/sshd_config.2 && diff $OBJ/sshd_config.0 $OBJ/sshd_config.2) || \ fail "listenaddress order 2" +# Check idempotence of MaxStartups +verbose "maxstartups idempotent" +echo "maxstartups 1:2:3" > sshd_config.0 +cat > $OBJ/sshd_config.1 <$OBJ/sshd_config.2 && + diff $OBJ/sshd_config.0 $OBJ/sshd_config.2) || \ + fail "maxstartups idempotence" + # cleanup rm -f $OBJ/sshd_config.[012] From a9b0b69f15e63bc4e8c8b38e24ee85ea076a7e11 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 09:26:21 +0000 Subject: [PATCH 205/687] upstream: replace remaining cases where we manually included __func__ in a debug or error log with the respective *_f log variant OpenBSD-Commit-ID: 46a280d78bcc0bc98f28e65a30b613366600328f --- sftp-client.c | 10 +++++----- sftp-server.c | 10 +++++----- srclimit.c | 10 +++++----- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/sftp-client.c b/sftp-client.c index 9f8ab4afa3e9..3d8bb34961c9 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.177 2025/03/11 07:48:51 dtucker Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.178 2025/09/02 09:26:21 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1138,7 +1138,7 @@ sftp_copy(struct sftp_conn *conn, const char *oldpath, const char *newpath) attr.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; if ((msg = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); attrib_clear(&junk); /* Send empty attributes */ @@ -1149,7 +1149,7 @@ sftp_copy(struct sftp_conn *conn, const char *oldpath, const char *newpath) (r = sshbuf_put_cstring(msg, oldpath)) != 0 || (r = sshbuf_put_u32(msg, SSH2_FXF_READ)) != 0 || (r = encode_attrib(msg, &junk)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); send_msg(conn, msg); debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, oldpath); @@ -1170,7 +1170,7 @@ sftp_copy(struct sftp_conn *conn, const char *oldpath, const char *newpath) (r = sshbuf_put_u32(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| SSH2_FXF_TRUNC)) != 0 || (r = encode_attrib(msg, &attr)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); send_msg(conn, msg); debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, newpath); @@ -1194,7 +1194,7 @@ sftp_copy(struct sftp_conn *conn, const char *oldpath, const char *newpath) (r = sshbuf_put_u64(msg, 0)) != 0 || (r = sshbuf_put_string(msg, new_handle, new_handle_len)) != 0 || (r = sshbuf_put_u64(msg, 0)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); send_msg(conn, msg); debug3("Sent message copy-data \"%s\" 0 0 -> \"%s\" 0", oldpath, newpath); diff --git a/sftp-server.c b/sftp-server.c index a4abb9f7cfee..c3baebd86410 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.148 2024/04/30 06:23:51 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.149 2025/09/02 09:26:21 djm Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1620,7 +1620,7 @@ process_extended_copy_data(u_int32_t id) (r = sshbuf_get_u64(iqueue, &read_len)) != 0 || (r = get_handle(iqueue, &write_handle)) != 0 || (r = sshbuf_get_u64(iqueue, &write_off)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); debug("request %u: copy-data from \"%s\" (handle %d) off %llu len %llu " "to \"%s\" (handle %d) off %llu", @@ -1648,14 +1648,14 @@ process_extended_copy_data(u_int32_t id) if (lseek(read_fd, read_off, SEEK_SET) < 0) { status = errno_to_portable(errno); - error("%s: read_seek failed", __func__); + error_f("read_seek failed"); goto out; } if ((handle_to_flags(write_handle) & O_APPEND) == 0 && lseek(write_fd, write_off, SEEK_SET) < 0) { status = errno_to_portable(errno); - error("%s: write_seek failed", __func__); + error_f("write_seek failed"); goto out; } @@ -1670,7 +1670,7 @@ process_extended_copy_data(u_int32_t id) break; } else if (ret == 0) { status = errno_to_portable(errno); - error("%s: read failed: %s", __func__, strerror(errno)); + error_f("read failed: %s", strerror(errno)); break; } len = ret; diff --git a/srclimit.c b/srclimit.c index c63a462e2783..8a47588e4f5b 100644 --- a/srclimit.c +++ b/srclimit.c @@ -119,7 +119,7 @@ srclimit_init(int max, int persource, int ipv4len, int ipv6len, debug("%s: max connections %d, per source %d, masks %d,%d", __func__, max, persource, ipv4len, ipv6len); if (max <= 0) - fatal("%s: invalid number of sockets: %d", __func__, max); + fatal_f("invalid number of sockets: %d", max); children = xcalloc(max_children, sizeof(*children)); for (i = 0; i < max_children; i++) children[i].id = -1; @@ -136,7 +136,7 @@ srclimit_check_allow(int sock, int id) if (max_persource == INT_MAX) /* no limit */ return 1; - debug("%s: sock %d id %d limit %d", __func__, sock, id, max_persource); + debug_f("sock %d id %d limit %d", sock, id, max_persource); if (srclimit_peer_addr(sock, &xa) != 0) return 1; bits = xa.af == AF_INET ? ipv4_masklen : ipv6_masklen; @@ -154,14 +154,14 @@ srclimit_check_allow(int sock, int id) } } if (addr_ntop(&xa, xas, sizeof(xas)) != 0) { - debug3("%s: addr ntop failed", __func__); + debug3_f("addr ntop failed"); return 1; } debug3("%s: new unauthenticated connection from %s/%d, at %d of %d", __func__, xas, bits, count, max_persource); if (first_unused == max_children) { /* no free slot found */ - debug3("%s: no free slot", __func__); + debug3_f("no free slot"); return 0; } if (first_unused < 0 || first_unused >= max_children) @@ -185,7 +185,7 @@ srclimit_done(int id) if (max_persource == INT_MAX) /* no limit */ return; - debug("%s: id %d", __func__, id); + debug_f("id %d", id); /* Clear corresponding state entry. */ for (i = 0; i < max_children; i++) { if (children[i].id == id) { From 23a2bb750547a9a5251cbc44c5ceb1d05303befe Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 2 Sep 2025 19:30:07 +1000 Subject: [PATCH 206/687] replace remaining manual logging of __func__ Use the appropriate log macro that prepends the function name (e.g. logit_f/debug2_f/etc). --- audit-bsm.c | 2 +- audit-linux.c | 2 +- auth-pam.c | 86 ++++++++++++++++++++-------------------- auth-shadow.c | 4 +- auth2.c | 2 +- channels.c | 2 +- loginrec.c | 36 ++++++++--------- misc.c | 2 +- monitor.c | 43 ++++++++++---------- monitor_fdpass.c | 2 +- monitor_wrap.c | 70 ++++++++++++++++---------------- sandbox-capsicum.c | 8 ++-- sandbox-darwin.c | 6 +-- sandbox-seccomp-filter.c | 10 ++--- ssh-pkcs11.c | 6 +-- sshd-session.c | 2 +- sshd.c | 2 +- sshlogin.c | 2 +- sshpty.c | 2 +- uidswap.c | 8 ++-- 20 files changed, 148 insertions(+), 149 deletions(-) diff --git a/audit-bsm.c b/audit-bsm.c index ccfcf6f7fc68..4bce22c37ed5 100644 --- a/audit-bsm.c +++ b/audit-bsm.c @@ -449,7 +449,7 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) break; default: - debug("%s: unhandled event %d", __func__, event); + debug_f("unhandled event %d", event); } } #endif /* BSM */ diff --git a/audit-linux.c b/audit-linux.c index 3fcbe5c53ef9..8b9854f7352a 100644 --- a/audit-linux.c +++ b/audit-linux.c @@ -117,7 +117,7 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) ssh_remote_ipaddr(ssh), "sshd", 0); break; default: - debug("%s: unhandled event %d", __func__, event); + debug_f("unhandled event %d", event); break; } } diff --git a/auth-pam.c b/auth-pam.c index 2481db45fd89..00d30ee9cdc4 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -229,7 +229,7 @@ pthread_join(sp_pthread_t thread, void **value) while (waitpid(thread, &status, 0) == -1) { if (errno == EINTR) continue; - fatal("%s: waitpid: %s", __func__, strerror(errno)); + fatal_f("waitpid: %s", strerror(errno)); } return (status); } @@ -287,10 +287,10 @@ sshpam_chauthtok_ruid(pam_handle_t *pamh, int flags) if (sshpam_authctxt == NULL) fatal("PAM: sshpam_authctxt not initialized"); if (setreuid(sshpam_authctxt->pw->pw_uid, -1) == -1) - fatal("%s: setreuid failed: %s", __func__, strerror(errno)); + fatal_f("setreuid failed: %s", strerror(errno)); result = pam_chauthtok(pamh, flags); if (setreuid(0, -1) == -1) - fatal("%s: setreuid failed: %s", __func__, strerror(errno)); + fatal_f("setreuid failed: %s", strerror(errno)); return result; } # define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b))) @@ -302,9 +302,9 @@ sshpam_password_change_required(int reqd) extern struct sshauthopt *auth_opts; static int saved_port, saved_agent, saved_x11; - debug3("%s %d", __func__, reqd); + debug3_f("reqd=%d", reqd); if (sshpam_authctxt == NULL) - fatal("%s: PAM authctxt not initialized", __func__); + fatal_f("PAM authctxt not initialized"); sshpam_authctxt->force_pwchange = reqd; if (reqd) { saved_port = auth_opts->permit_port_forwarding_flag; @@ -331,22 +331,22 @@ import_environments(struct sshbuf *b) u_int n, i, num_env; int r; - debug3("PAM: %s entering", __func__); + debug3_f("entering"); #ifndef UNSUPPORTED_POSIX_THREADS_HACK /* Import variables set by do_pam_account */ if ((r = sshbuf_get_u32(b, &n)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); if (n > INT_MAX) - fatal("%s: invalid PAM account status %u", __func__, n); + fatal_f("invalid PAM account status %u", n); sshpam_account_status = (int)n; if ((r = sshbuf_get_u32(b, &n)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); sshpam_password_change_required(n != 0); /* Import environment from subprocess */ if ((r = sshbuf_get_u32(b, &num_env)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); if (num_env > 1024) { fatal_f("received %u environment variables, expected <= 1024", num_env); @@ -355,13 +355,13 @@ import_environments(struct sshbuf *b) debug3("PAM: num env strings %u", num_env); for(i = 0; i < num_env; i++) { if ((r = sshbuf_get_cstring(b, &(sshpam_env[i]), NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } sshpam_env[num_env] = NULL; /* Import PAM environment from subprocess */ if ((r = sshbuf_get_u32(b, &num_env)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); if (num_env > 1024) { fatal_f("received %u PAM env variables, expected <= 1024", num_env); @@ -369,7 +369,7 @@ import_environments(struct sshbuf *b) debug("PAM: num PAM env strings %u", num_env); for (i = 0; i < num_env; i++) { if ((r = sshbuf_get_cstring(b, &env, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); /* Errors are not fatal here */ if ((r = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) { error("PAM: pam_putenv: %s", @@ -397,7 +397,7 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, int r, i; u_char status; - debug3("PAM: %s entering, %d messages", __func__, n); + debug3_f("PAM: entering, %d messages", n); *resp = NULL; if (data == NULL) { @@ -474,7 +474,7 @@ check_pam_user(Authctxt *authctxt) if (authctxt == NULL || authctxt->pw == NULL || authctxt->pw->pw_name == NULL) - fatal("%s: PAM authctxt user not initialized", __func__); + fatal_f("PAM authctxt user not initialized"); if ((sshpam_err = pam_get_item(sshpam_handle, PAM_USER, (sshpam_const void **) &pam_user)) != PAM_SUCCESS) @@ -533,10 +533,10 @@ sshpam_thread(void *ctxtp) sshpam_conv.appdata_ptr = ctxt; if (sshpam_authctxt == NULL) - fatal("%s: PAM authctxt not initialized", __func__); + fatal_f("PAM authctxt not initialized"); if ((buffer = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, (const void *)&sshpam_conv); @@ -563,38 +563,38 @@ sshpam_thread(void *ctxtp) } if ((r = sshbuf_put_cstring(buffer, "OK")) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); #ifndef UNSUPPORTED_POSIX_THREADS_HACK /* Export variables set by do_pam_account */ if ((r = sshbuf_put_u32(buffer, sshpam_account_status)) != 0 || (r = sshbuf_put_u32(buffer, sshpam_authctxt->force_pwchange)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); /* Export any environment strings set in child */ for (i = 0; environ[i] != NULL; i++) { /* Count */ if (i > INT_MAX) - fatal("%s: too many environment strings", __func__); + fatal_f("too many environment strings"); } if ((r = sshbuf_put_u32(buffer, i)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); for (i = 0; environ[i] != NULL; i++) { if ((r = sshbuf_put_cstring(buffer, environ[i])) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } /* Export any environment strings set by PAM in child */ env_from_pam = pam_getenvlist(sshpam_handle); for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) { /* Count */ if (i > INT_MAX) - fatal("%s: too many PAM environment strings", __func__); + fatal_f("too many PAM environment strings"); } if ((r = sshbuf_put_u32(buffer, i)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) { if ((r = sshbuf_put_cstring(buffer, env_from_pam[i])) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } #endif /* UNSUPPORTED_POSIX_THREADS_HACK */ @@ -606,7 +606,7 @@ sshpam_thread(void *ctxtp) auth_fail: if ((r = sshbuf_put_cstring(buffer, pam_strerror(sshpam_handle, sshpam_err))) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); /* XXX - can't do much about an error here */ if (sshpam_err == PAM_ACCT_EXPIRED) ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, buffer); @@ -625,7 +625,7 @@ sshpam_thread_cleanup(void) { struct pam_ctxt *ctxt = cleanup_ctxt; - debug3("PAM: %s entering", __func__); + debug3_f("entering"); if (ctxt != NULL && ctxt->pam_thread != 0) { pthread_cancel(ctxt->pam_thread); pthread_join(ctxt->pam_thread, NULL); @@ -640,7 +640,7 @@ static int sshpam_null_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) { - debug3("PAM: %s entering, %d messages", __func__, n); + debug3_f("PAM: entering, %d messages", n); return (PAM_CONV_ERR); } @@ -653,7 +653,7 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg, struct pam_response *reply; int r, i; - debug3("PAM: %s called with %d messages", __func__, n); + debug3_f("PAM: called with %d messages", n); *resp = NULL; if (n <= 0 || n > PAM_MAX_NUM_MSG) @@ -811,7 +811,7 @@ expose_authinfo(const char *caller) auth_info = xstrdup(""); else if ((auth_info = sshbuf_dup_string( sshpam_authctxt->session_info)) == NULL) - fatal("%s: sshbuf_dup_string failed", __func__); + fatal_f("sshbuf_dup_string failed"); debug2("%s: auth information in SSH_AUTH_INFO_0", caller); do_pam_putenv("SSH_AUTH_INFO_0", auth_info); @@ -824,7 +824,7 @@ sshpam_init_ctx(Authctxt *authctxt) struct pam_ctxt *ctxt; int result, socks[2]; - debug3("PAM: %s entering", __func__); + debug3_f("entering"); /* * Refuse to start if we don't have PAM enabled or do_pam_account * has previously failed. @@ -874,9 +874,9 @@ sshpam_query(void *ctx, char **name, char **info, size_t len, mlen, nmesg = 0; int r; - debug3("PAM: %s entering", __func__); + debug3_f("entering"); if ((buffer = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); *name = xstrdup(""); *info = xstrdup(""); *prompts = xmalloc(sizeof(char *)); @@ -888,7 +888,7 @@ sshpam_query(void *ctx, char **name, char **info, fatal_f("too many query messages"); if ((r = sshbuf_get_u8(buffer, &type)) != 0 || (r = sshbuf_get_cstring(buffer, &msg, &mlen)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); switch (type) { case PAM_PROMPT_ECHO_ON: case PAM_PROMPT_ECHO_OFF: @@ -989,7 +989,7 @@ fake_password(const char *wire_password) size_t i, l = wire_password != NULL ? strlen(wire_password) : 0; if (l >= INT_MAX) - fatal("%s: password length too long: %zu", __func__, l); + fatal_f("password length too long: %zu", l); ret = malloc(l + 1); if (ret == NULL) @@ -1009,7 +1009,7 @@ sshpam_respond(void *ctx, u_int num, char **resp) char *fake; int r; - debug2("PAM: %s entering, %u responses", __func__, num); + debug2_f("PAM: entering, %u responses", num); switch (ctxt->pam_done) { case 1: sshpam_authenticated = 1; @@ -1024,16 +1024,16 @@ sshpam_respond(void *ctx, u_int num, char **resp) return (-1); } if ((buffer = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); if (sshpam_authctxt->valid && (sshpam_authctxt->pw->pw_uid != 0 || options.permit_root_login == PERMIT_YES)) { if ((r = sshbuf_put_cstring(buffer, *resp)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } else { fake = fake_password(*resp); if ((r = sshbuf_put_cstring(buffer, fake)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); free(fake); } if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) { @@ -1049,7 +1049,7 @@ sshpam_free_ctx(void *ctxtp) { struct pam_ctxt *ctxt = ctxtp; - debug3("PAM: %s entering", __func__); + debug3_f("entering"); sshpam_thread_cleanup(); free(ctxt); /* @@ -1101,7 +1101,7 @@ finish_pam(void) u_int do_pam_account(void) { - debug("%s: called", __func__); + debug_f("called"); if (sshpam_account_status != -1) return (sshpam_account_status); @@ -1154,7 +1154,7 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, struct pam_response *reply; int i; - debug3("PAM: %s called with %d messages", __func__, n); + debug3_f("PAM: called with %d messages", n); *resp = NULL; @@ -1315,7 +1315,7 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, int r, i; size_t len; - debug3("PAM: %s called with %d messages", __func__, n); + debug3_f("PAM: called with %d messages", n); *resp = NULL; diff --git a/auth-shadow.c b/auth-shadow.c index b1e3aa9fc1b3..81b31b56ecfc 100644 --- a/auth-shadow.c +++ b/auth-shadow.c @@ -74,7 +74,7 @@ auth_shadow_acctexpired(struct spwd *spw) if ((r = sshbuf_putf(loginmsg, "Your account will expire in %lld day%s.\n", daysleft, daysleft == 1 ? "" : "s")) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } return 0; @@ -133,7 +133,7 @@ auth_shadow_pwexpired(Authctxt *ctxt) if ((r = sshbuf_putf(loginmsg, "Your password will expire in %d day%s.\n", daysleft, daysleft == 1 ? "" : "s")) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } return 0; diff --git a/auth2.c b/auth2.c index 82f6e6211259..b9bb46f5943d 100644 --- a/auth2.c +++ b/auth2.c @@ -145,7 +145,7 @@ userauth_send_banner(struct ssh *ssh, const char *msg) (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language, unused */ (r = sshpkt_send(ssh)) != 0) fatal_fr(r, "send packet"); - debug("%s: sent", __func__); + debug_f("sent"); } static void diff --git a/channels.c b/channels.c index 61cc8a008bfd..67ee073879b5 100644 --- a/channels.c +++ b/channels.c @@ -5185,7 +5185,7 @@ is_path_to_xsocket(const char *display, char *path, size_t pathlen) struct stat sbuf; if (strlcpy(path, display, pathlen) >= pathlen) { - error("%s: display path too long", __func__); + error_f("display path too long"); return 0; } if (display[0] != '/') diff --git a/loginrec.c b/loginrec.c index c4a9bd4853e3..953f71d25164 100644 --- a/loginrec.c +++ b/loginrec.c @@ -853,7 +853,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) endttyent(); if (NULL == ty) { - logit("%s: tty not found", __func__); + logit_f("tty not found"); return (0); } #else /* FIXME */ @@ -867,7 +867,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) pos = (off_t)tty * sizeof(struct utmp); if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { - logit("%s: lseek: %s", __func__, strerror(errno)); + logit_f("lseek: %s", strerror(errno)); close(fd); return (0); } @@ -889,7 +889,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { - logit("%s: lseek: %s", __func__, strerror(errno)); + logit_f("lseek: %s", strerror(errno)); close(fd); return (0); } @@ -922,12 +922,12 @@ utmp_perform_login(struct logininfo *li) construct_utmp(li, &ut); # ifdef UTMP_USE_LIBRARY if (!utmp_write_library(li, &ut)) { - logit("%s: utmp_write_library() failed", __func__); + logit_f("utmp_write_library() failed"); return (0); } # else if (!utmp_write_direct(li, &ut)) { - logit("%s: utmp_write_direct() failed", __func__); + logit_f("utmp_write_direct() failed"); return (0); } # endif @@ -943,12 +943,12 @@ utmp_perform_logout(struct logininfo *li) construct_utmp(li, &ut); # ifdef UTMP_USE_LIBRARY if (!utmp_write_library(li, &ut)) { - logit("%s: utmp_write_library() failed", __func__); + logit_f("utmp_write_library() failed"); return (0); } # else if (!utmp_write_direct(li, &ut)) { - logit("%s: utmp_write_direct() failed", __func__); + logit_f("utmp_write_direct() failed"); return (0); } # endif @@ -967,7 +967,7 @@ utmp_write_entry(struct logininfo *li) return (utmp_perform_logout(li)); default: - logit("%s: invalid type field", __func__); + logit_f("invalid type field"); return (0); } } @@ -1008,7 +1008,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx) static int utmpx_write_direct(struct logininfo *li, struct utmpx *utx) { - logit("%s: not implemented!", __func__); + logit_f("not implemented!"); return (0); } # endif /* UTMPX_USE_LIBRARY */ @@ -1021,12 +1021,12 @@ utmpx_perform_login(struct logininfo *li) construct_utmpx(li, &utx); # ifdef UTMPX_USE_LIBRARY if (!utmpx_write_library(li, &utx)) { - logit("%s: utmp_write_library() failed", __func__); + logit_f("utmp_write_library() failed"); return (0); } # else if (!utmpx_write_direct(li, &utx)) { - logit("%s: utmp_write_direct() failed", __func__); + logit_f("utmp_write_direct() failed"); return (0); } # endif @@ -1064,7 +1064,7 @@ utmpx_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return (utmpx_perform_logout(li)); default: - logit("%s: invalid type field", __func__); + logit_f("invalid type field"); return (0); } } @@ -1132,7 +1132,7 @@ wtmp_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return (wtmp_perform_logout(li)); default: - logit("%s: invalid type field", __func__); + logit_f("invalid type field"); return (0); } } @@ -1311,7 +1311,7 @@ wtmpx_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return (wtmpx_perform_logout(li)); default: - logit("%s: invalid type field", __func__); + logit_f("invalid type field"); return (0); } } @@ -1453,7 +1453,7 @@ wtmpdb_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return (wtmpdb_perform_logout(li)); default: - logit("%s: invalid type field", __func__); + logit_f("invalid type field"); return (0); } } @@ -1486,7 +1486,7 @@ syslogin_perform_logout(struct logininfo *li) (void)line_stripname(line, li->line, sizeof(line)); if (!logout(line)) - logit("%s: logout() returned an error", __func__); + logit_f("logout() returned an error"); # ifdef HAVE_LOGWTMP else logwtmp(line, "", ""); @@ -1508,7 +1508,7 @@ syslogin_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return (syslogin_perform_logout(li)); default: - logit("%s: Invalid type field", __func__); + logit_f("Invalid type field"); return (0); } } @@ -1612,7 +1612,7 @@ lastlog_write_entry(struct logininfo *li) close(fd); return (1); default: - logit("%s: Invalid type field", __func__); + logit_f("Invalid type field"); return (0); } } diff --git a/misc.c b/misc.c index ef77a6b7f612..9ed51a97039e 100644 --- a/misc.c +++ b/misc.c @@ -1986,7 +1986,7 @@ sock_set_v6only(int s) #if defined(IPV6_V6ONLY) && !defined(__OpenBSD__) int on = 1; - debug3("%s: set socket %d IPV6_V6ONLY", __func__, s); + debug3_f("set socket %d IPV6_V6ONLY", s); if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1) error("setsockopt IPV6_V6ONLY: %s", strerror(errno)); #endif diff --git a/monitor.c b/monitor.c index 2179553d3401..129ff4ccb9c0 100644 --- a/monitor.c +++ b/monitor.c @@ -1011,7 +1011,6 @@ mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) fatal_fr(r, "assemble PAM"); #endif - debug3("%s: sending result %d", __func__, authenticated); debug3_f("sending result %d", authenticated); mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); @@ -1098,7 +1097,7 @@ int mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m) { if (!options.use_pam) - fatal("UsePAM not set, but ended up in %s anyway", __func__); + fatal_f("UsePAM not set, but ended up in %s anyway", __func__); start_pam(ssh); @@ -1116,13 +1115,13 @@ mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m) int r; if (!options.use_pam) - fatal("%s: PAM not enabled", __func__); + fatal_f("PAM not enabled"); ret = do_pam_account(); if ((r = sshbuf_put_u32(m, ret)) != 0 || (r = sshbuf_put_stringb(m, loginmsg)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); @@ -1138,11 +1137,11 @@ mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m) u_int ok = 0; int r; - debug3("%s", __func__); + debug3_f("entering"); if (!options.kbd_interactive_authentication) - fatal("%s: kbd-int authentication not enabled", __func__); + fatal_f("kbd-int authentication not enabled"); if (sshpam_ctxt != NULL) - fatal("%s: already called", __func__); + fatal_f("already called"); sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); sshpam_authok = NULL; sshbuf_reset(m); @@ -1152,7 +1151,7 @@ mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m) ok = 1; } if ((r = sshbuf_put_u32(m, ok)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); return (0); } @@ -1164,10 +1163,10 @@ mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m) u_int i, num = 0, *echo_on = 0; int r, ret; - debug3("%s", __func__); + debug3_f("entering"); sshpam_authok = NULL; if (sshpam_ctxt == NULL) - fatal("%s: no context", __func__); + fatal_f("no context"); ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, &num, &prompts, &echo_on); if (ret == 0 && num == 0) @@ -1181,13 +1180,13 @@ mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m) (r = sshbuf_put_cstring(m, info)) != 0 || (r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 || (r = sshbuf_put_u32(m, num)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); free(name); free(info); for (i = 0; i < num; ++i) { if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 || (r = sshbuf_put_u32(m, echo_on[i])) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); free(prompts[i]); } free(prompts); @@ -1205,12 +1204,12 @@ mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m) u_int i, num; int r, ret; - debug3("%s", __func__); + debug3_f("entering"); if (sshpam_ctxt == NULL) - fatal("%s: no context", __func__); + fatal_f("no context"); sshpam_authok = NULL; if ((r = sshbuf_get_u32(m, &num)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); if (num > PAM_MAX_NUM_MSG) { fatal_f("Too many PAM messages, got %u, expected <= %u", num, (unsigned)PAM_MAX_NUM_MSG); @@ -1231,7 +1230,7 @@ mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m) } sshbuf_reset(m); if ((r = sshbuf_put_u32(m, ret)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); auth_method = "keyboard-interactive"; auth_submethod = "pam"; @@ -1245,9 +1244,9 @@ mm_answer_pam_free_ctx(struct ssh *ssh, int sock, struct sshbuf *m) { int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; - debug3("%s", __func__); + debug3_f("entering"); if (sshpam_ctxt == NULL) - fatal("%s: no context", __func__); + fatal_f("no context"); (sshpam_device.free_ctx)(sshpam_ctxt); sshpam_ctxt = sshpam_authok = NULL; sshbuf_reset(m); @@ -1778,10 +1777,10 @@ mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m) ssh_audit_event_t event; int r; - debug3("%s entering", __func__); + debug3_f("entering"); if ((r = sshbuf_get_u32(m, &n)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); event = (ssh_audit_event_t)n; switch (event) { case SSH_AUTH_FAIL_PUBKEY: @@ -1806,9 +1805,9 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m) char *cmd; int r; - debug3("%s entering", __func__); + debug3_f("entering"); if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); /* sanity check command, if so how? */ audit_run_command(cmd); free(cmd); diff --git a/monitor_fdpass.c b/monitor_fdpass.c index a07727a8e743..d7bf38979b0c 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c @@ -103,7 +103,7 @@ mm_send_fd(int sock, int fd) } return 0; #else - error("%s: file descriptor passing not supported", __func__); + error_f("file descriptor passing not supported"); return -1; #endif } diff --git a/monitor_wrap.c b/monitor_wrap.c index fea576213993..f9e0ba8f1a33 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -692,11 +692,11 @@ mm_start_pam(struct ssh *ssh) { struct sshbuf *m; - debug3("%s entering", __func__); + debug3_f("entering"); if (!options.use_pam) - fatal("UsePAM=no, but ended up in %s anyway", __func__); + fatal_f("UsePAM=no, but ended up in %s anyway", __func__); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, m); sshbuf_free(m); @@ -711,12 +711,12 @@ mm_do_pam_account(void) size_t msglen; int r; - debug3("%s entering", __func__); + debug3_f("entering"); if (!options.use_pam) - fatal("UsePAM=no, but ended up in %s anyway", __func__); + fatal_f("UsePAM=no, but ended up in %s anyway", __func__); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, m); mm_request_receive_expect(pmonitor->m_recvfd, @@ -724,12 +724,12 @@ mm_do_pam_account(void) if ((r = sshbuf_get_u32(m, &ret)) != 0 || (r = sshbuf_get_cstring(m, &msg, &msglen)) != 0 || (r = sshbuf_put(loginmsg, msg, msglen)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); free(msg); sshbuf_free(m); - debug3("%s returning %d", __func__, ret); + debug3_f("returning %d", ret); return (ret); } @@ -740,17 +740,17 @@ mm_sshpam_init_ctx(Authctxt *authctxt) struct sshbuf *m; int r, success; - debug3("%s", __func__); + debug3_f("entering"); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, m); - debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); + debug3_f("waiting for MONITOR_ANS_PAM_INIT_CTX"); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, m); if ((r = sshbuf_get_u32(m, &success)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); if (success == 0) { - debug3("%s: pam_init_ctx failed", __func__); + debug3_f("pam_init_ctx failed"); sshbuf_free(m); return (NULL); } @@ -766,19 +766,19 @@ mm_sshpam_query(void *ctx, char **name, char **info, u_int i, n; int r, ret; - debug3("%s", __func__); + debug3_f("entering"); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, m); - debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__); + debug3_f("waiting for MONITOR_ANS_PAM_QUERY"); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, m); if ((r = sshbuf_get_u32(m, &ret)) != 0 || (r = sshbuf_get_cstring(m, name, NULL)) != 0 || (r = sshbuf_get_cstring(m, info, NULL)) != 0 || (r = sshbuf_get_u32(m, &n)) != 0 || (r = sshbuf_get_u32(m, num)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - debug3("%s: pam_query returned %d", __func__, ret); + fatal_fr(r, "buffer error"); + debug3_f("pam_query returned %d", ret); sshpam_set_maxtries_reached(n); if (*num > PAM_MAX_NUM_MSG) fatal("%s: received %u PAM messages, expected <= %u", @@ -788,7 +788,7 @@ mm_sshpam_query(void *ctx, char **name, char **info, for (i = 0; i < *num; ++i) { if ((r = sshbuf_get_cstring(m, &((*prompts)[i]), NULL)) != 0 || (r = sshbuf_get_u32(m, &((*echo_on)[i]))) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } sshbuf_free(m); return (ret); @@ -801,23 +801,23 @@ mm_sshpam_respond(void *ctx, u_int num, char **resp) u_int n, i; int r, ret; - debug3("%s", __func__); + debug3_f("entering"); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); if ((r = sshbuf_put_u32(m, num)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); for (i = 0; i < num; ++i) { if ((r = sshbuf_put_cstring(m, resp[i])) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); } mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, m); - debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__); + debug3_f("waiting for MONITOR_ANS_PAM_RESPOND"); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_RESPOND, m); if ((r = sshbuf_get_u32(m, &n)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); ret = (int)n; /* XXX */ - debug3("%s: pam_respond returned %d", __func__, ret); + debug3_f("pam_respond returned %d", ret); sshbuf_free(m); return (ret); } @@ -827,11 +827,11 @@ mm_sshpam_free_ctx(void *ctxtp) { struct sshbuf *m; - debug3("%s", __func__); + debug3_f("entering"); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, m); - debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__); + debug3_f("waiting for MONITOR_ANS_PAM_FREE_CTX"); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_FREE_CTX, m); sshbuf_free(m); @@ -1000,12 +1000,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event) struct sshbuf *m; int r; - debug3("%s entering", __func__); + debug3_f("entering"); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); if ((r = sshbuf_put_u32(m, event)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, m); sshbuf_free(m); @@ -1017,12 +1017,12 @@ mm_audit_run_command(const char *command) struct sshbuf *m; int r; - debug3("%s entering command %s", __func__, command); + debug3_f("entering command %s", command); if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); if ((r = sshbuf_put_cstring(m, command)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m); sshbuf_free(m); diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c index 9c329aa2ec63..ec07a7da94ca 100644 --- a/sandbox-capsicum.c +++ b/sandbox-capsicum.c @@ -54,7 +54,7 @@ ssh_sandbox_init(struct monitor *monitor) { struct ssh_sandbox *box; - debug3("%s: preparing capsicum sandbox", __func__); + debug3_f("preparing capsicum sandbox"); box = xcalloc(1, sizeof(*box)); box->m_recvfd = monitor->m_recvfd; box->m_log_sendfd = monitor->m_log_sendfd; @@ -97,13 +97,13 @@ ssh_sandbox_child(struct ssh_sandbox *box) cap_rights_init(&rights, CAP_READ, CAP_WRITE); if (cap_rights_limit(box->m_recvfd, &rights) < 0 && errno != ENOSYS) - fatal("%s: failed to limit the network socket", __func__); + fatal_f("failed to limit the network socket"); cap_rights_init(&rights, CAP_WRITE); if (cap_rights_limit(box->m_log_sendfd, &rights) < 0 && errno != ENOSYS) - fatal("%s: failed to limit the logging socket", __func__); + fatal_f("failed to limit the logging socket"); if (cap_enter() < 0 && errno != ENOSYS) - fatal("%s: failed to enter capability mode", __func__); + fatal_f("failed to enter capability mode"); } diff --git a/sandbox-darwin.c b/sandbox-darwin.c index 08f4315b035c..98a339e58ef5 100644 --- a/sandbox-darwin.c +++ b/sandbox-darwin.c @@ -49,7 +49,7 @@ ssh_sandbox_init(struct monitor *monitor) * Strictly, we don't need to maintain any state here but we need * to return non-NULL to satisfy the API. */ - debug3("%s: preparing Darwin sandbox", __func__); + debug3_f("preparing Darwin sandbox"); box = xcalloc(1, sizeof(*box)); return box; } @@ -60,10 +60,10 @@ ssh_sandbox_child(struct ssh_sandbox *box) char *errmsg; struct rlimit rl_zero; - debug3("%s: starting Darwin sandbox", __func__); + debug3_f("starting Darwin sandbox"); if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED, &errmsg) == -1) - fatal("%s: sandbox_init: %s", __func__, errmsg); + fatal_f("sandbox_init: %s", errmsg); /* * The kSBXProfilePureComputation still allows sockets, so diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index a8f34a76c995..a0692dd2f5bd 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -486,7 +486,7 @@ ssh_sandbox_init(struct monitor *monitor) * Strictly, we don't need to maintain any state here but we need * to return non-NULL to satisfy the API. */ - debug3("%s: preparing seccomp filter sandbox", __func__); + debug3_f("preparing seccomp filter sandbox"); box = xcalloc(1, sizeof(*box)); return box; } @@ -513,7 +513,7 @@ ssh_sandbox_child_debugging(void) struct sigaction act; sigset_t mask; - debug3("%s: installing SIGSYS handler", __func__); + debug3_f("installing SIGSYS handler"); memset(&act, 0, sizeof(act)); sigemptyset(&mask); sigaddset(&mask, SIGSYS); @@ -521,7 +521,7 @@ ssh_sandbox_child_debugging(void) act.sa_sigaction = &ssh_sandbox_violation; act.sa_flags = SA_SIGINFO; if (sigaction(SIGSYS, &act, NULL) == -1) - fatal("%s: sigaction(SIGSYS): %s", __func__, strerror(errno)); + fatal_f("sigaction(SIGSYS): %s", strerror(errno)); if (sigprocmask(SIG_UNBLOCK, &mask, NULL) == -1) fatal("%s: sigprocmask(SIGSYS): %s", __func__, strerror(errno)); @@ -554,13 +554,13 @@ ssh_sandbox_child(struct ssh_sandbox *box) ssh_sandbox_child_debugging(); #endif /* SANDBOX_SECCOMP_FILTER_DEBUG */ - debug3("%s: setting PR_SET_NO_NEW_PRIVS", __func__); + debug3_f("setting PR_SET_NO_NEW_PRIVS"); if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) { debug("%s: prctl(PR_SET_NO_NEW_PRIVS): %s", __func__, strerror(errno)); nnp_failed = 1; } - debug3("%s: attaching seccomp filter program", __func__); + debug3_f("attaching seccomp filter program"); if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1) debug("%s: prctl(PR_SET_SECCOMP): %s", __func__, strerror(errno)); diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 5b0ce304e925..b2d3cbd80f5d 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -2291,7 +2291,7 @@ pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, int pkcs11_init(int interactive) { - error("%s: dlopen() not supported", __func__); + error_f("dlopen() not supported"); return (-1); } @@ -2299,13 +2299,13 @@ int pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp, char ***labelsp) { - error("%s: dlopen() not supported", __func__); + error_f("dlopen() not supported"); return (-1); } void pkcs11_terminate(void) { - error("%s: dlopen() not supported", __func__); + error_f("dlopen() not supported"); } #endif /* ENABLE_PKCS11 */ diff --git a/sshd-session.c b/sshd-session.c index 5c007563061c..6fc4aa086bba 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -290,7 +290,7 @@ reseed_prngs(void) RAND_seed(rnd, sizeof(rnd)); /* give libcrypto a chance to notice the PID change */ if ((RAND_bytes((u_char *)rnd, 1)) != 1) - fatal("%s: RAND_bytes failed", __func__); + fatal_f("RAND_bytes failed"); #endif explicit_bzero(rnd, sizeof(rnd)); diff --git a/sshd.c b/sshd.c index f77a4a2ec141..86c27c44c9b1 100644 --- a/sshd.c +++ b/sshd.c @@ -1233,7 +1233,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); if ((RAND_bytes((u_char *)rnd, 1)) != 1) - fatal("%s: RAND_bytes failed", __func__); + fatal_f("RAND_bytes failed"); #endif explicit_bzero(rnd, sizeof(rnd)); } diff --git a/sshlogin.c b/sshlogin.c index 06a7b381ade7..fb55cadd677b 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -106,7 +106,7 @@ store_lastlog_message(const char *user, uid_t uid) if (time_string != NULL) { if ((r = sshbuf_put(loginmsg, time_string, strlen(time_string))) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); free(time_string); } # else diff --git a/sshpty.c b/sshpty.c index cae0b977a585..4867e7f5e6d2 100644 --- a/sshpty.c +++ b/sshpty.c @@ -173,7 +173,7 @@ pty_setowner(struct passwd *pw, const char *tty) /* Determine the group to make the owner of the tty. */ grp = getgrnam("tty"); if (grp == NULL) - debug("%s: no tty group", __func__); + debug_f("no tty group"); gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid; mode = (grp != NULL) ? 0620 : 0600; diff --git a/uidswap.c b/uidswap.c index 6ed3024d0180..793688eb5817 100644 --- a/uidswap.c +++ b/uidswap.c @@ -163,9 +163,9 @@ restore_uid(void) * as well. */ if (setuid(getuid()) == -1) - fatal("%s: setuid failed: %s", __func__, strerror(errno)); + fatal_f("setuid failed: %s", strerror(errno)); if (setgid(getgid()) == -1) - fatal("%s: setgid failed: %s", __func__, strerror(errno)); + fatal_f("setgid failed: %s", strerror(errno)); #endif /* SAVED_IDS_WORK_WITH_SETEUID */ if (setgroups(saved_egroupslen, saved_egroups) == -1) @@ -212,7 +212,7 @@ permanently_set_uid(struct passwd *pw) /* Try restoration of GID if changed (test clearing of saved gid) */ if (old_gid != pw->pw_gid && pw->pw_uid != 0 && (setgid(old_gid) != -1 || setegid(old_gid) != -1)) - fatal("%s: was able to restore old [e]gid", __func__); + fatal_f("was able to restore old [e]gid"); #endif /* Verify GID drop was successful */ @@ -226,7 +226,7 @@ permanently_set_uid(struct passwd *pw) /* Try restoration of UID if changed (test clearing of saved uid) */ if (old_uid != pw->pw_uid && (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) - fatal("%s: was able to restore old [e]uid", __func__); + fatal_f("was able to restore old [e]uid"); #endif /* Verify UID drop was successful */ From a0b095fa03d3c08d723a803ce25540fddd955c53 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 09:34:48 +0000 Subject: [PATCH 207/687] upstream: grammar and typos in comments OpenBSD-Commit-ID: de954daffcd0147ce142d55e8a374810cd19d7ed --- log.c | 4 ++-- misc.c | 4 ++-- scp.c | 4 ++-- sftp.c | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/log.c b/log.c index 6617f26726bc..5969c4a16392 100644 --- a/log.c +++ b/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.64 2024/12/07 10:05:36 djm Exp $ */ +/* $OpenBSD: log.c,v 1.65 2025/09/02 09:34:48 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -502,7 +502,7 @@ sshlogdirect(LogLevel level, int forced, const char *fmt, ...) * To prevent flipping in and out of rate-limiting, there is a hysteresis * timer that delays leaving the rate-limited state. * - * While in the rate-limited state, events can be periodically allowed though + * While in the rate-limited state, events can be periodically allowed through * and the number of dropped events since the last log obtained. * * XXX a moving average rate of events might be a better approach here rather diff --git a/misc.c b/misc.c index 9ed51a97039e..5c384c63d673 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.203 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.204 2025/09/02 09:34:48 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -487,7 +487,7 @@ strdelim_internal(char **s, int split_equals) } /* - * Return next token in configuration line; splts on whitespace or a + * Return next token in configuration line; splits on whitespace or a * single '=' character. */ char * diff --git a/scp.c b/scp.c index ab8ab22950ca..3cdbb7bd8283 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.264 2025/05/23 09:26:25 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.265 2025/09/02 09:34:48 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -172,7 +172,7 @@ int throughlocal = 1; /* Non-standard port to use for the ssh connection or -1. */ int sshport = -1; -/* This is the program to execute for the secured connection. ("ssh" or -S) */ +/* This is the program to execute for the secure connection. ("ssh" or -S) */ char *ssh_program = _PATH_SSH_PROGRAM; /* This is used to store the pid of ssh_program */ diff --git a/sftp.c b/sftp.c index bdedd14163ba..6e3cf7054a40 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.240 2025/03/28 06:04:07 dtucker Exp $ */ +/* $OpenBSD: sftp.c,v 1.241 2025/09/02 09:34:48 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1865,7 +1865,7 @@ complete_display(char **list, u_int len) /* * Given a "list" of words that begin with a common prefix of "word", - * attempt to find an autocompletion to extends "word" by the next + * attempt to find an autocompletion that extends "word" by the next * characters common to all entries in "list". */ static char * From d94a9a8c54e9036961c1100c6f445c50ab9b6b40 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 2 Sep 2025 19:38:39 +1000 Subject: [PATCH 208/687] portable-specific comment grammer/spelling fixes --- auth-pam.c | 2 +- loginrec.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 00d30ee9cdc4..5dee7601bf4b 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -378,7 +378,7 @@ import_environments(struct sshbuf *b) /* * XXX this possibly leaks env because it is not documented * what pam_putenv() does with it. Does it copy it? Does it - * take ownweship? We don't know, so it's safest just to leak. + * take ownership? We don't know, so it's safest just to leak. */ } #endif diff --git a/loginrec.c b/loginrec.c index 953f71d25164..ffc3d1bbf95a 100644 --- a/loginrec.c +++ b/loginrec.c @@ -1704,7 +1704,7 @@ utmpx_get_entry(struct logininfo *li) /* * Logs failed login attempts in _PATH_BTMP if that exists. * The most common login failure is to give password instead of username. - * So the _PATH_BTMP file checked for the correct permission, so that only + * So the _PATH_BTMP file is checked for the correct permission, so that only * root can read it. */ void From 6fd93060bb2ec35a7f0bf96d1a74104bab49e017 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 09:40:19 +0000 Subject: [PATCH 209/687] upstream: GssStrictAcceptor was missing from sshd -T output; fix OpenBSD-Commit-ID: 6014049ccfedc48a208e37d5488ade6bdc2d1c44 --- servconf.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/servconf.c b/servconf.c index 415868b32520..bd04336e001b 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.433 2025/09/02 01:03:43 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.434 2025/09/02 09:40:19 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -3258,6 +3258,7 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); + dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, From 2f369d3fd0ff3715c2b32dff5cb35c0330272445 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 09:41:23 +0000 Subject: [PATCH 210/687] upstream: fix comment on sshbuf_froms() - it *returns* an error code, the allocated buffer is passed via argument OpenBSD-Commit-ID: b2b0a76df71328f39c3e2ad941a4d87085d8335d --- sshbuf.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sshbuf.h b/sshbuf.h index f0cc4c5f8e38..0c82f120c422 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.31 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.32 2025/09/02 09:41:23 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -61,7 +61,8 @@ struct sshbuf *sshbuf_fromb(struct sshbuf *buf); * an existing buffer (the string is consumed in the process). * The contents of "buf" must not change in the lifetime of the resultant * buffer. - * Returns pointer to buffer on success, or NULL on allocation failure. + * On success, a pointer to the newly allocated buffer is placed in *bufp. + * Returns 0 on success, or a negative SSH_ERR_* error code on failure. */ int sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp); From 8866d24cdd1d6e73bb3220b753f94e255c49ff96 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 11:04:58 +0000 Subject: [PATCH 211/687] upstream: unit test for xextendf() OpenBSD-Regress-ID: ddb3b4db1a52dda23696b967470882fe2b9c3af7 --- Makefile.in | 3 +- regress/unittests/misc/Makefile | 3 +- regress/unittests/misc/test_xextendf.c | 89 ++++++++++++++++++++++++++ regress/unittests/misc/tests.c | 4 +- 4 files changed, 96 insertions(+), 3 deletions(-) create mode 100644 regress/unittests/misc/test_xextendf.c diff --git a/Makefile.in b/Makefile.in index 19a9e4dcf1df..9bfdc3fd3faf 100644 --- a/Makefile.in +++ b/Makefile.in @@ -695,7 +695,8 @@ UNITTESTS_TEST_MISC_OBJS=\ regress/unittests/misc/test_argv.o \ regress/unittests/misc/test_strdelim.o \ regress/unittests/misc/test_hpdelim.o \ - regress/unittests/misc/test_ptimeout.o + regress/unittests/misc/test_ptimeout.o \ + regress/unittests/misc/test_xextendf.o regress/unittests/misc/test_misc$(EXEEXT): \ ${UNITTESTS_TEST_MISC_OBJS} \ diff --git a/regress/unittests/misc/Makefile b/regress/unittests/misc/Makefile index 7282be13a667..a897b4b458b6 100644 --- a/regress/unittests/misc/Makefile +++ b/regress/unittests/misc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.10 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.11 2025/09/02 11:04:58 djm Exp $ PROG=test_misc SRCS=tests.c @@ -9,6 +9,7 @@ SRCS+= test_argv.c SRCS+= test_strdelim.c SRCS+= test_hpdelim.c SRCS+= test_ptimeout.c +SRCS+= test_xextendf.c # From usr.bin/ssh/Makefile.inc SRCS+= sshbuf.c diff --git a/regress/unittests/misc/test_xextendf.c b/regress/unittests/misc/test_xextendf.c new file mode 100644 index 000000000000..f9562ad6bc73 --- /dev/null +++ b/regress/unittests/misc/test_xextendf.c @@ -0,0 +1,89 @@ +/* $OpenBSD: test_xextendf.c,v 1.1 2025/09/02 11:04:58 djm Exp $ */ +/* + * Regress test for misc xextendf() function. + * + * Placed in the public domain. + */ + +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif +#include +#include + +#include "../test_helper/test_helper.h" + +#include "log.h" +#include "misc.h" +#include "xmalloc.h" + +void test_xextendf(void); + +void +test_xextendf(void) +{ + char *s = NULL; + + TEST_START("xextendf NULL string"); + xextendf(&s, ",", "hello"); + ASSERT_STRING_EQ(s, "hello"); + free(s); + s = NULL; + TEST_DONE(); + + TEST_START("xextendf empty string"); + s = xstrdup(""); + xextendf(&s, ",", "world"); + ASSERT_STRING_EQ(s, "world"); + free(s); + s = NULL; + TEST_DONE(); + + TEST_START("xextendf append to string"); + s = xstrdup("foo"); + xextendf(&s, ",", "bar"); + ASSERT_STRING_EQ(s, "foo,bar"); + free(s); + s = NULL; + TEST_DONE(); + + TEST_START("xextendf append with NULL separator"); + s = xstrdup("foo"); + xextendf(&s, NULL, "bar"); + ASSERT_STRING_EQ(s, "foobar"); + free(s); + s = NULL; + TEST_DONE(); + + TEST_START("xextendf append with empty separator"); + s = xstrdup("foo"); + xextendf(&s, "", "bar"); + ASSERT_STRING_EQ(s, "foobar"); + free(s); + s = NULL; + TEST_DONE(); + + TEST_START("xextendf with format string"); + s = xstrdup("start"); + xextendf(&s, ":", "s=%s,d=%d", "string", 123); + ASSERT_STRING_EQ(s, "start:s=string,d=123"); + free(s); + s = NULL; + TEST_DONE(); + + TEST_START("xextendf multiple appends"); + s = NULL; + xextendf(&s, ",", "one"); + ASSERT_STRING_EQ(s, "one"); + xextendf(&s, ",", "two"); + ASSERT_STRING_EQ(s, "one,two"); + xextendf(&s, ":", "three=%d", 3); + ASSERT_STRING_EQ(s, "one,two:three=3"); + xextendf(&s, NULL, "four"); + ASSERT_STRING_EQ(s, "one,two:three=3four"); + free(s); + s = NULL; + TEST_DONE(); +} diff --git a/regress/unittests/misc/tests.c b/regress/unittests/misc/tests.c index 7611a0d3b645..13588edaae18 100644 --- a/regress/unittests/misc/tests.c +++ b/regress/unittests/misc/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.11 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.12 2025/09/02 11:04:58 djm Exp $ */ /* * Regress test for misc helper functions. * @@ -27,6 +27,7 @@ void test_argv(void); void test_strdelim(void); void test_hpdelim(void); void test_ptimeout(void); +void test_xextendf(void); void tests(void) @@ -38,6 +39,7 @@ tests(void) test_strdelim(); test_hpdelim(); test_ptimeout(); + test_xextendf(); } void From cc4eb3d6943cb57e08ab3abbcf92644deb429e46 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 2 Sep 2025 11:08:34 +0000 Subject: [PATCH 212/687] upstream: simplify algorithm list functions using xextendf(); ok dtucker@ OpenBSD-Commit-ID: ffc5f8d0c25b95705a8a66c8b634f98d23bd92dc --- cipher.c | 17 ++++------------- kex-names.c | 21 ++++++--------------- mac.c | 21 ++++++--------------- sshkey.c | 18 +++++------------- 4 files changed, 21 insertions(+), 56 deletions(-) diff --git a/cipher.c b/cipher.c index 8a18da2df8d1..5e096cebfefa 100644 --- a/cipher.c +++ b/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.124 2025/03/14 09:49:49 tb Exp $ */ +/* $OpenBSD: cipher.c,v 1.125 2025/09/02 11:08:34 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -116,25 +116,16 @@ static const struct sshcipher ciphers[] = { char * cipher_alg_list(char sep, int auth_only) { - char *tmp, *ret = NULL; - size_t nlen, rlen = 0; + char *ret = NULL; const struct sshcipher *c; + char sep_str[2] = {sep, '\0'}; for (c = ciphers; c->name != NULL; c++) { if ((c->flags & CFLAG_INTERNAL) != 0) continue; if (auth_only && c->auth_len == 0) continue; - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(c->name); - if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { - free(ret); - return NULL; - } - ret = tmp; - memcpy(ret + rlen, c->name, nlen + 1); - rlen += nlen; + xextendf(&ret, sep_str, "%s", c->name); } return ret; } diff --git a/kex-names.c b/kex-names.c index 96deb8817dbb..a20ce602ab51 100644 --- a/kex-names.c +++ b/kex-names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex-names.c,v 1.5 2025/08/11 10:55:38 djm Exp $ */ +/* $OpenBSD: kex-names.c,v 1.6 2025/09/02 11:08:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -94,22 +94,13 @@ static const struct kexalg kexalgs[] = { char * kex_alg_list(char sep) { - char *ret = NULL, *tmp; - size_t nlen, rlen = 0; + char *ret = NULL; const struct kexalg *k; + char sep_str[2] = {sep, '\0'}; + + for (k = kexalgs; k->name != NULL; k++) + xextendf(&ret, sep_str, "%s", k->name); - for (k = kexalgs; k->name != NULL; k++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(k->name); - if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { - free(ret); - return NULL; - } - ret = tmp; - memcpy(ret + rlen, k->name, nlen + 1); - rlen += nlen; - } return ret; } diff --git a/mac.c b/mac.c index f3dda6692866..ee2c17d0efa1 100644 --- a/mac.c +++ b/mac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.c,v 1.35 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: mac.c,v 1.36 2025/09/02 11:08:34 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -83,22 +83,13 @@ static const struct macalg macs[] = { char * mac_alg_list(char sep) { - char *ret = NULL, *tmp; - size_t nlen, rlen = 0; + char *ret = NULL; const struct macalg *m; + char sep_str[2] = {sep, '\0'}; + + for (m = macs; m->name != NULL; m++) + xextendf(&ret, sep_str, "%s", m->name); - for (m = macs; m->name != NULL; m++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(m->name); - if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { - free(ret); - return NULL; - } - ret = tmp; - memcpy(ret + rlen, m->name, nlen + 1); - rlen += nlen; - } return ret; } diff --git a/sshkey.c b/sshkey.c index 6b3e24ec44e1..3633c878ae68 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.152 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.153 2025/09/02 11:08:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -308,9 +308,10 @@ sshkey_match_keyname_to_sigalgs(const char *keyname, const char *sigalgs) char * sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) { - char *tmp, *ret = NULL; - size_t i, nlen, rlen = 0; + char *ret = NULL; + size_t i; const struct sshkey_impl *impl; + char sep_str[2] = {sep, '\0'}; for (i = 0; keyimpls[i] != NULL; i++) { impl = keyimpls[i]; @@ -320,16 +321,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) continue; if ((certs_only && !impl->cert) || (plain_only && impl->cert)) continue; - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(impl->name); - if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { - free(ret); - return NULL; - } - ret = tmp; - memcpy(ret + rlen, impl->name, nlen + 1); - rlen += nlen; + xextendf(&ret, sep_str, "%s", impl->name); } return ret; } From f38a552dc71f20df2544338099e3fe2563f1a9ca Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 3 Sep 2025 09:42:39 +1000 Subject: [PATCH 213/687] missing header --- regress/unittests/misc/test_xextendf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/regress/unittests/misc/test_xextendf.c b/regress/unittests/misc/test_xextendf.c index f9562ad6bc73..133633dc6224 100644 --- a/regress/unittests/misc/test_xextendf.c +++ b/regress/unittests/misc/test_xextendf.c @@ -5,6 +5,8 @@ * Placed in the public domain. */ +#include "includes.h" + #include #include #ifdef HAVE_STDINT_H From 35d5917652106aede47621bb3f64044604164043 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 00:29:09 +0000 Subject: [PATCH 214/687] upstream: Improve rules for %-expansion of username. Usernames passed on the commandline will no longer be subject to % expansion. Some tools invoke ssh with connection information (i.e. usernames and host names) supplied from untrusted sources. These may contain % expansion sequences which could yield unexpected results. Since openssh-9.6, all usernames have been subject to validity checking. This change tightens the validity checks by refusing usernames that include control characters (again, these can cause surprises when supplied adversarially). This change also relaxes the validity checks in one small way: usernames supplied via the configuration file as literals (i.e. include no % expansion characters) are not subject to these validity checks. This allows usernames that contain arbitrary characters to be used, but only via configuration files. This is done on the basis that ssh's configuration is trusted. Pointed out by David Leadbeater, ok deraadt@ OpenBSD-Commit-ID: e2f0c871fbe664aba30607321575e7c7fc798362 --- ssh.c | 33 ++++++++++++++++++++++++++------- 1 file changed, 26 insertions(+), 7 deletions(-) diff --git a/ssh.c b/ssh.c index 1eaa5986ed47..6bbb82874e45 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.616 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.617 2025/09/04 00:29:09 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -668,6 +668,8 @@ valid_ruser(const char *s) if (*s == '-') return 0; for (i = 0; s[i] != 0; i++) { + if (iscntrl((u_char)s[i])) + return 0; if (strchr("'`\";&<>|(){}", s[i]) != NULL) return 0; /* Disallow '-' after whitespace */ @@ -689,6 +691,7 @@ main(int ac, char **av) struct ssh *ssh = NULL; int i, r, opt, exit_status, use_syslog, direct, timeout_ms; int was_addr, config_test = 0, opt_terminated = 0, want_final_pass = 0; + int user_on_commandline = 0, user_was_default = 0, user_expanded = 0; char *p, *cp, *line, *argv0, *logfile, *args; char cname[NI_MAXHOST], thishost[NI_MAXHOST]; struct stat st; @@ -1037,8 +1040,10 @@ main(int ac, char **av) } break; case 'l': - if (options.user == NULL) + if (options.user == NULL) { options.user = xstrdup(optarg); + user_on_commandline = 1; + } break; case 'L': @@ -1141,6 +1146,7 @@ main(int ac, char **av) if (options.user == NULL) { options.user = tuser; tuser = NULL; + user_on_commandline = 1; } free(tuser); if (options.port == -1 && tport != -1) @@ -1155,6 +1161,7 @@ main(int ac, char **av) if (options.user == NULL) { options.user = p; p = NULL; + user_on_commandline = 1; } *cp++ = '\0'; host = xstrdup(cp); @@ -1314,8 +1321,10 @@ main(int ac, char **av) if (fill_default_options(&options) != 0) cleanup_exit(255); - if (options.user == NULL) + if (options.user == NULL) { + user_was_default = 1; options.user = xstrdup(pw->pw_name); + } /* * If ProxyJump option specified, then construct a ProxyCommand now. @@ -1464,20 +1473,30 @@ main(int ac, char **av) "" : options.jump_host); /* - * Expand User. It cannot contain %r (itself) or %C since User is + * If the user was specified via a configuration directive then attempt + * to expand it. It cannot contain %r (itself) or %C since User is * a component of the hash. */ - if (options.user != NULL) { + if (!user_on_commandline && !user_was_default) { if ((p = percent_dollar_expand(options.user, DEFAULT_CLIENT_PERCENT_EXPAND_ARGS_NOUSER(cinfo), (char *)NULL)) == NULL) fatal("invalid environment variable expansion"); + user_expanded = strcmp(p, options.user) != 0; free(options.user); options.user = p; - if (!valid_ruser(options.user)) - fatal("remote username contains invalid characters"); } + /* + * Usernames specified on the commandline or expanded from the + * configuration file must be validated. + * Conversely, usernames from getpwnam(3) or specified as literals + * via configuration (i.e. not expanded) are not subject to validation. + */ + if ((user_on_commandline || user_expanded) && + !valid_ruser(options.user)) + fatal("remote username contains invalid characters"); + /* Now User is expanded, store it and calculate hash. */ cinfo->remuser = xstrdup(options.user); cinfo->conn_hash_hex = ssh_connection_hash(cinfo->thishost, From 43b3bff47bb029f2299bacb6a36057981b39fdb0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 00:30:06 +0000 Subject: [PATCH 215/687] upstream: don't allow \0 characters in url-encoded strings. Suggested by David Leadbeater, ok deraadt@ OpenBSD-Commit-ID: c92196cef0f970ceabc1e8007a80b01e9b7cd49c --- misc.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/misc.c b/misc.c index 5c384c63d673..c80f65554a7e 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.204 2025/09/02 09:34:48 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.205 2025/09/04 00:30:06 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -994,7 +994,7 @@ urldecode(const char *src) size_t srclen; if ((srclen = strlen(src)) >= SIZE_MAX) - fatal_f("input too large"); + return NULL; ret = xmalloc(srclen + 1); for (dst = ret; *src != '\0'; src++) { switch (*src) { @@ -1002,9 +1002,10 @@ urldecode(const char *src) *dst++ = ' '; break; case '%': + /* note: don't allow \0 characters */ if (!isxdigit((unsigned char)src[1]) || !isxdigit((unsigned char)src[2]) || - (ch = hexchar(src + 1)) == -1) { + (ch = hexchar(src + 1)) == -1 || ch == 0) { free(ret); return NULL; } From 8e85ad33cfcc71e03594e53f2e19d8ce2e27dcc6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 00:31:49 +0000 Subject: [PATCH 216/687] upstream: fix rtrim() function to not attempt to delete whitespace inside a string, just at the end. ok deraadt@ OpenBSD-Commit-ID: d44deaa43580cd88de978dd5509b14e905b67b84 --- misc.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/misc.c b/misc.c index c80f65554a7e..183332082b5a 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.205 2025/09/04 00:30:06 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.206 2025/09/04 00:31:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -101,10 +101,13 @@ rtrim(char *s) if ((i = strlen(s)) == 0) return; - for (i--; i > 0; i--) { + do { + i--; if (isspace((unsigned char)s[i])) s[i] = '\0'; - } + else + break; + } while (i > 0); } /* From e3699ff47df336f57da2e78188d0057f8368af56 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 00:32:31 +0000 Subject: [PATCH 217/687] upstream: fix sshbuf_dtourlb64() to not choke on empty buffers; previously it incorrectly returned an error in this situation; ok deraadt OpenBSD-Commit-ID: e62773d6e8cb95a19aab54f0af0edbcd47b345c0 --- sshbuf-misc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sshbuf-misc.c b/sshbuf-misc.c index bc92866db60a..431809d906df 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.21 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.22 2025/09/04 00:32:31 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -212,6 +212,9 @@ sshbuf_dtourlb64(const struct sshbuf *d, struct sshbuf *b64, int wrap) struct sshbuf *b = NULL; size_t i, l; + if (sshbuf_len(d) == 0) + return 0; + if ((b = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; /* Encode using regular base64; we'll transform it once done */ From 4be445116f1b56f14254b98d8b132bb25777e160 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 00:34:17 +0000 Subject: [PATCH 218/687] upstream: unit tests for a bunch of misc.c functions; ok deraadt@ OpenBSD-Regress-ID: 886cf142605405e777ee77a96b48694dc2e9235d --- Makefile.in | 3 +- regress/unittests/misc/Makefile | 3 +- regress/unittests/misc/test_misc.c | 436 +++++++++++++++++++++++++++++ regress/unittests/misc/tests.c | 4 +- 4 files changed, 443 insertions(+), 3 deletions(-) create mode 100644 regress/unittests/misc/test_misc.c diff --git a/Makefile.in b/Makefile.in index 9bfdc3fd3faf..769ec17f426b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -696,7 +696,8 @@ UNITTESTS_TEST_MISC_OBJS=\ regress/unittests/misc/test_strdelim.o \ regress/unittests/misc/test_hpdelim.o \ regress/unittests/misc/test_ptimeout.o \ - regress/unittests/misc/test_xextendf.o + regress/unittests/misc/test_xextendf.o \ + regress/unittests/misc/test_misc.o regress/unittests/misc/test_misc$(EXEEXT): \ ${UNITTESTS_TEST_MISC_OBJS} \ diff --git a/regress/unittests/misc/Makefile b/regress/unittests/misc/Makefile index a897b4b458b6..77575061d456 100644 --- a/regress/unittests/misc/Makefile +++ b/regress/unittests/misc/Makefile @@ -1,7 +1,8 @@ -# $OpenBSD: Makefile,v 1.11 2025/09/02 11:04:58 djm Exp $ +# $OpenBSD: Makefile,v 1.12 2025/09/04 00:34:17 djm Exp $ PROG=test_misc SRCS=tests.c +SRCS+= test_misc.c SRCS+= test_convtime.c SRCS+= test_expand.c SRCS+= test_parse.c diff --git a/regress/unittests/misc/test_misc.c b/regress/unittests/misc/test_misc.c new file mode 100644 index 000000000000..d175196b7d47 --- /dev/null +++ b/regress/unittests/misc/test_misc.c @@ -0,0 +1,436 @@ +/* + * Regress test for misc helper functions. + * + * Placed in the public domain. + */ + +#include "includes.h" + +#include +#include +#include +#include +#include + +#include "../test_helper/test_helper.h" + +#include "log.h" +#include "misc.h" +#include "xmalloc.h" + +void test_misc(void); + +static void +test_chop(void) +{ + char *s; + + TEST_START("chop newline"); + s = xstrdup("hello\n"); + ASSERT_STRING_EQ(chop(s), "hello"); + free(s); + TEST_DONE(); + + TEST_START("chop carriage return"); + s = xstrdup("hello\r"); + ASSERT_STRING_EQ(chop(s), "hello"); + free(s); + TEST_DONE(); + + TEST_START("chop CRLF"); + s = xstrdup("hello\r\n"); + ASSERT_STRING_EQ(chop(s), "hello"); + free(s); + TEST_DONE(); + + TEST_START("chop newline in middle"); + s = xstrdup("he\nllo"); + ASSERT_STRING_EQ(chop(s), "he"); + free(s); + TEST_DONE(); + + TEST_START("chop no newline"); + s = xstrdup("hello"); + ASSERT_STRING_EQ(chop(s), "hello"); + free(s); + TEST_DONE(); + + TEST_START("chop empty string"); + s = xstrdup(""); + ASSERT_STRING_EQ(chop(s), ""); + free(s); + TEST_DONE(); + + TEST_START("chop only newline"); + s = xstrdup("\n"); + ASSERT_STRING_EQ(chop(s), ""); + free(s); + TEST_DONE(); + + TEST_START("chop only CR"); + s = xstrdup("\r"); + ASSERT_STRING_EQ(chop(s), ""); + free(s); + TEST_DONE(); + + TEST_START("chop only CRLF"); + s = xstrdup("\r\n"); + ASSERT_STRING_EQ(chop(s), ""); + free(s); + TEST_DONE(); +} + +static void +test_rtrim(void) +{ + char *s; + + TEST_START("rtrim trailing space"); + s = xstrdup("hello "); + rtrim(s); + ASSERT_STRING_EQ(s, "hello"); + free(s); + TEST_DONE(); + + TEST_START("rtrim trailing tab"); + s = xstrdup("hello\t\t"); + rtrim(s); + ASSERT_STRING_EQ(s, "hello"); + free(s); + TEST_DONE(); + + TEST_START("rtrim trailing mixed whitespace"); + s = xstrdup("hello \t "); + rtrim(s); + ASSERT_STRING_EQ(s, "hello"); + free(s); + TEST_DONE(); + + TEST_START("rtrim no trailing whitespace"); + s = xstrdup("hello"); + rtrim(s); + ASSERT_STRING_EQ(s, "hello"); + free(s); + TEST_DONE(); + + TEST_START("rtrim whitespace in middle"); + s = xstrdup("he llo"); + rtrim(s); + ASSERT_STRING_EQ(s, "he llo"); + free(s); + TEST_DONE(); + + TEST_START("rtrim empty string"); + s = xstrdup(""); + rtrim(s); + ASSERT_STRING_EQ(s, ""); + free(s); + TEST_DONE(); + + TEST_START("rtrim only whitespace"); + s = xstrdup(" \t"); + rtrim(s); + ASSERT_STRING_EQ(s, ""); + free(s); + TEST_DONE(); +} + +static void +test_strprefix(void) +{ + const char *s; + + TEST_START("strprefix basic match"); + s = strprefix("hello world", "hello", 0); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, " world"); + TEST_DONE(); + + TEST_START("strprefix no match"); + s = strprefix("hello world", "world", 0); + ASSERT_PTR_EQ(s, NULL); + TEST_DONE(); + + TEST_START("strprefix full match"); + s = strprefix("hello", "hello", 0); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, ""); + TEST_DONE(); + + TEST_START("strprefix empty string"); + s = strprefix("", "hello", 0); + ASSERT_PTR_EQ(s, NULL); + TEST_DONE(); + + TEST_START("strprefix empty prefix"); + s = strprefix("hello", "", 0); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, "hello"); + TEST_DONE(); + + TEST_START("strprefix case sensitive no match"); + s = strprefix("Hello world", "hello", 0); + ASSERT_PTR_EQ(s, NULL); + TEST_DONE(); + + TEST_START("strprefix case insensitive match"); + s = strprefix("Hello world", "hello", 1); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, " world"); + TEST_DONE(); + + TEST_START("strprefix case insensitive full match"); + s = strprefix("HELLO", "hello", 1); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, ""); + TEST_DONE(); +} + +static void +test_fmt_timeframe(void) +{ + TEST_START("fmt_timeframe seconds"); + ASSERT_STRING_EQ(fmt_timeframe(0), "00:00:00"); + ASSERT_STRING_EQ(fmt_timeframe(59), "00:00:59"); + ASSERT_STRING_EQ(fmt_timeframe(60), "00:01:00"); + ASSERT_STRING_EQ(fmt_timeframe(3599), "00:59:59"); + ASSERT_STRING_EQ(fmt_timeframe(3600), "01:00:00"); + ASSERT_STRING_EQ(fmt_timeframe(86399), "23:59:59"); + TEST_DONE(); + + TEST_START("fmt_timeframe days"); + ASSERT_STRING_EQ(fmt_timeframe(86400), "1d00h00m"); + ASSERT_STRING_EQ(fmt_timeframe(90061), "1d01h01m"); + ASSERT_STRING_EQ(fmt_timeframe(604799), "6d23h59m"); + TEST_DONE(); + + TEST_START("fmt_timeframe weeks"); + ASSERT_STRING_EQ(fmt_timeframe(604800), "01w0d00h"); + ASSERT_STRING_EQ(fmt_timeframe(694861), "01w1d01h"); + TEST_DONE(); +} + +static void +test_arglist(void) +{ + arglist args; + u_int i; + + memset(&args, 0, sizeof(args)); + + TEST_START("addargs initial"); + addargs(&args, "one"); + ASSERT_U_INT_EQ(args.num, 1); + ASSERT_U_INT_EQ(args.nalloc, 32); + ASSERT_PTR_NE(args.list, NULL); + ASSERT_STRING_EQ(args.list[0], "one"); + ASSERT_PTR_EQ(args.list[1], NULL); + TEST_DONE(); + + TEST_START("addargs second"); + addargs(&args, "two"); + ASSERT_U_INT_EQ(args.num, 2); + ASSERT_U_INT_EQ(args.nalloc, 32); + ASSERT_PTR_NE(args.list, NULL); + ASSERT_STRING_EQ(args.list[0], "one"); + ASSERT_STRING_EQ(args.list[1], "two"); + ASSERT_PTR_EQ(args.list[2], NULL); + TEST_DONE(); + + TEST_START("addargs with format"); + addargs(&args, "three=%d", 3); + ASSERT_U_INT_EQ(args.num, 3); + ASSERT_U_INT_EQ(args.nalloc, 32); + ASSERT_PTR_NE(args.list, NULL); + ASSERT_STRING_EQ(args.list[0], "one"); + ASSERT_STRING_EQ(args.list[1], "two"); + ASSERT_STRING_EQ(args.list[2], "three=3"); + ASSERT_PTR_EQ(args.list[3], NULL); + TEST_DONE(); + + TEST_START("replacearg middle"); + replacearg(&args, 1, "TWO!"); + ASSERT_U_INT_EQ(args.num, 3); + ASSERT_STRING_EQ(args.list[0], "one"); + ASSERT_STRING_EQ(args.list[1], "TWO!"); + ASSERT_STRING_EQ(args.list[2], "three=3"); + ASSERT_PTR_EQ(args.list[3], NULL); + TEST_DONE(); + + TEST_START("replacearg first"); + replacearg(&args, 0, "ONE!"); + ASSERT_U_INT_EQ(args.num, 3); + ASSERT_STRING_EQ(args.list[0], "ONE!"); + ASSERT_STRING_EQ(args.list[1], "TWO!"); + ASSERT_STRING_EQ(args.list[2], "three=3"); + ASSERT_PTR_EQ(args.list[3], NULL); + TEST_DONE(); + + TEST_START("replacearg last"); + replacearg(&args, 2, "THREE=3!"); + ASSERT_U_INT_EQ(args.num, 3); + ASSERT_STRING_EQ(args.list[0], "ONE!"); + ASSERT_STRING_EQ(args.list[1], "TWO!"); + ASSERT_STRING_EQ(args.list[2], "THREE=3!"); + ASSERT_PTR_EQ(args.list[3], NULL); + TEST_DONE(); + + TEST_START("replacearg with format"); + replacearg(&args, 1, "two=%d", 2); + ASSERT_U_INT_EQ(args.num, 3); + ASSERT_STRING_EQ(args.list[0], "ONE!"); + ASSERT_STRING_EQ(args.list[1], "two=2"); + ASSERT_STRING_EQ(args.list[2], "THREE=3!"); + ASSERT_PTR_EQ(args.list[3], NULL); + TEST_DONE(); + + TEST_START("addargs reallocation"); + for (i = args.num; i < 33; i++) + addargs(&args, "pad-%d", i); + ASSERT_U_INT_EQ(args.num, 33); + ASSERT_U_INT_GE(args.nalloc, 33); + ASSERT_STRING_EQ(args.list[32], "pad-32"); + ASSERT_PTR_EQ(args.list[33], NULL); + TEST_DONE(); + + TEST_START("freeargs"); + freeargs(&args); + ASSERT_U_INT_EQ(args.num, 0); + ASSERT_U_INT_EQ(args.nalloc, 0); + ASSERT_PTR_EQ(args.list, NULL); + TEST_DONE(); + + TEST_START("freeargs on NULL"); + freeargs(NULL); + TEST_DONE(); + + TEST_START("freeargs on empty"); + memset(&args, 0, sizeof(args)); + freeargs(&args); + ASSERT_U_INT_EQ(args.num, 0); + ASSERT_U_INT_EQ(args.nalloc, 0); + ASSERT_PTR_EQ(args.list, NULL); + TEST_DONE(); +} + +static void +test_tohex(void) +{ + char *hex; + + TEST_START("tohex simple"); + hex = tohex("foo", 3); + ASSERT_STRING_EQ(hex, "666f6f"); + free(hex); + TEST_DONE(); + + TEST_START("tohex with null"); + hex = tohex("a\0b", 3); + ASSERT_STRING_EQ(hex, "610062"); + free(hex); + TEST_DONE(); + + TEST_START("tohex empty"); + hex = tohex("", 0); + ASSERT_STRING_EQ(hex, ""); + free(hex); + TEST_DONE(); +} + +static void +test_lowercase(void) +{ + char *s; + + TEST_START("lowercase mixed"); + s = xstrdup("HeLlO WoRlD 123"); + lowercase(s); + ASSERT_STRING_EQ(s, "hello world 123"); + free(s); + TEST_DONE(); + + TEST_START("lowercase empty"); + s = xstrdup(""); + lowercase(s); + ASSERT_STRING_EQ(s, ""); + free(s); + TEST_DONE(); +} + +static void +test_path_absolute(void) +{ + TEST_START("path_absolute absolute"); + ASSERT_INT_EQ(path_absolute("/foo/bar"), 1); + TEST_DONE(); + + TEST_START("path_absolute relative"); + ASSERT_INT_EQ(path_absolute("foo/bar"), 0); + TEST_DONE(); + + TEST_START("path_absolute empty"); + ASSERT_INT_EQ(path_absolute(""), 0); + TEST_DONE(); +} + +static void +test_skip_space(void) +{ + char *s, *p; + + TEST_START("skip_space leading spaces"); + s = p = xstrdup(" hello"); + skip_space(&p); + ASSERT_STRING_EQ(p, "hello"); + free(s); + TEST_DONE(); + + TEST_START("skip_space leading tabs"); + s = p = xstrdup("\t\thello"); + skip_space(&p); + ASSERT_STRING_EQ(p, "hello"); + free(s); + TEST_DONE(); + + TEST_START("skip_space leading mixed whitespace"); + s = p = xstrdup(" \t hello"); + skip_space(&p); + ASSERT_STRING_EQ(p, "hello"); + free(s); + TEST_DONE(); + + TEST_START("skip_space no leading whitespace"); + s = p = xstrdup("hello"); + skip_space(&p); + ASSERT_STRING_EQ(p, "hello"); + free(s); + TEST_DONE(); + + TEST_START("skip_space empty string"); + s = p = xstrdup(""); + skip_space(&p); + ASSERT_STRING_EQ(p, ""); + free(s); + TEST_DONE(); + + TEST_START("skip_space only whitespace"); + s = p = xstrdup(" \t "); + skip_space(&p); + ASSERT_STRING_EQ(p, ""); + free(s); + TEST_DONE(); +} + +void +test_misc(void) +{ + test_chop(); + test_rtrim(); + test_strprefix(); + test_fmt_timeframe(); + test_arglist(); + test_tohex(); + test_lowercase(); + test_path_absolute(); + test_skip_space(); +} diff --git a/regress/unittests/misc/tests.c b/regress/unittests/misc/tests.c index 13588edaae18..578bc1d90fa5 100644 --- a/regress/unittests/misc/tests.c +++ b/regress/unittests/misc/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.12 2025/09/02 11:04:58 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.13 2025/09/04 00:34:17 djm Exp $ */ /* * Regress test for misc helper functions. * @@ -28,6 +28,7 @@ void test_strdelim(void); void test_hpdelim(void); void test_ptimeout(void); void test_xextendf(void); +void test_misc(void); void tests(void) @@ -40,6 +41,7 @@ tests(void) test_hpdelim(); test_ptimeout(); test_xextendf(); + test_misc(); } void From 45698669d49949868b1f3d13dfda1b7cb70060ad Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 00:37:10 +0000 Subject: [PATCH 219/687] upstream: unit tests for sshbuf_equals and sshbuf_dtourlb64; ok deraadt@ OpenBSD-Regress-ID: bab54e2d4caa813036a63ee67e92c93e6712a5b9 --- regress/unittests/sshbuf/test_sshbuf_misc.c | 217 +++++++++++++++++++- 1 file changed, 213 insertions(+), 4 deletions(-) diff --git a/regress/unittests/sshbuf/test_sshbuf_misc.c b/regress/unittests/sshbuf/test_sshbuf_misc.c index 249ecf235764..80081c519f2a 100644 --- a/regress/unittests/sshbuf/test_sshbuf_misc.c +++ b/regress/unittests/sshbuf/test_sshbuf_misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_misc.c,v 1.5 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_sshbuf_misc.c,v 1.6 2025/09/04 00:37:10 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -22,11 +22,11 @@ void sshbuf_misc_tests(void); -void -sshbuf_misc_tests(void) +static void +test_sshbuf_dump(void) { struct sshbuf *p1; - char tmp[512], msg[] = "imploring ping silence ping over", *p; + char tmp[512]; FILE *out; size_t sz; @@ -48,6 +48,13 @@ sshbuf_misc_tests(void) fclose(out); sshbuf_free(p1); TEST_DONE(); +} + +static void +test_sshbuf_dtob16(void) +{ + struct sshbuf *p1; + char *p; TEST_START("sshbuf_dtob16"); p1 = sshbuf_new(); @@ -59,6 +66,13 @@ sshbuf_misc_tests(void) free(p); sshbuf_free(p1); TEST_DONE(); +} + +static void +test_sshbuf_dtob64_string(void) +{ + struct sshbuf *p1; + char *p; TEST_START("sshbuf_dtob64_string len 1"); p1 = sshbuf_new(); @@ -107,6 +121,12 @@ sshbuf_misc_tests(void) free(p); sshbuf_free(p1); TEST_DONE(); +} + +static void +test_sshbuf_b64tod(void) +{ + struct sshbuf *p1; TEST_START("sshbuf_b64tod len 1"); p1 = sshbuf_new(); @@ -134,6 +154,13 @@ sshbuf_misc_tests(void) ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), 0xd00fd00f); sshbuf_free(p1); TEST_DONE(); +} + +static void +test_sshbuf_dup_string(void) +{ + struct sshbuf *p1; + char *p; TEST_START("sshbuf_dup_string"); p1 = sshbuf_new(); @@ -163,6 +190,13 @@ sshbuf_misc_tests(void) ASSERT_PTR_EQ(p, NULL); sshbuf_free(p1); TEST_DONE(); +} + +static void +test_sshbuf_cmp(void) +{ + struct sshbuf *p1; + char msg[] = "imploring ping silence ping over"; TEST_START("sshbuf_cmp"); p1 = sshbuf_from(msg, sizeof(msg) - 1); @@ -183,6 +217,14 @@ sshbuf_misc_tests(void) SSH_ERR_MESSAGE_INCOMPLETE); ASSERT_INT_EQ(sshbuf_cmp(p1, 0, msg, sizeof(msg) - 1), 0); TEST_DONE(); +} + +static void +test_sshbuf_find(void) +{ + struct sshbuf *p1; + char msg[] = "imploring ping silence ping over"; + size_t sz; TEST_START("sshbuf_find"); p1 = sshbuf_from(msg, sizeof(msg) - 1); @@ -215,3 +257,170 @@ sshbuf_misc_tests(void) TEST_DONE(); } +static void +test_sshbuf_equals(void) +{ + struct sshbuf *b1, *b2; + + TEST_START("sshbuf_equals identical"); + b1 = sshbuf_new(); + b2 = sshbuf_new(); + ASSERT_PTR_NE(b1, NULL); + ASSERT_PTR_NE(b2, NULL); + ASSERT_INT_EQ(sshbuf_put(b1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_put(b2, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_equals(b1, b2), 0); + sshbuf_free(b1); + sshbuf_free(b2); + TEST_DONE(); + + TEST_START("sshbuf_equals different content"); + b1 = sshbuf_new(); + b2 = sshbuf_new(); + ASSERT_PTR_NE(b1, NULL); + ASSERT_PTR_NE(b2, NULL); + ASSERT_INT_EQ(sshbuf_put(b1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_put(b2, "world", 5), 0); + ASSERT_INT_EQ(sshbuf_equals(b1, b2), SSH_ERR_INVALID_FORMAT); + sshbuf_free(b1); + sshbuf_free(b2); + TEST_DONE(); + + TEST_START("sshbuf_equals different length"); + b1 = sshbuf_new(); + b2 = sshbuf_new(); + ASSERT_PTR_NE(b1, NULL); + ASSERT_PTR_NE(b2, NULL); + ASSERT_INT_EQ(sshbuf_put(b1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_put(b2, "hell", 4), 0); + ASSERT_INT_EQ(sshbuf_equals(b1, b2), SSH_ERR_MESSAGE_INCOMPLETE); + sshbuf_free(b1); + sshbuf_free(b2); + TEST_DONE(); + + TEST_START("sshbuf_equals empty buffers"); + b1 = sshbuf_new(); + b2 = sshbuf_new(); + ASSERT_PTR_NE(b1, NULL); + ASSERT_PTR_NE(b2, NULL); + ASSERT_INT_EQ(sshbuf_equals(b1, b2), 0); + sshbuf_free(b1); + sshbuf_free(b2); + TEST_DONE(); + + TEST_START("sshbuf_equals one empty buffer"); + b1 = sshbuf_new(); + b2 = sshbuf_new(); + ASSERT_PTR_NE(b1, NULL); + ASSERT_PTR_NE(b2, NULL); + ASSERT_INT_EQ(sshbuf_put(b1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_equals(b1, b2), SSH_ERR_MESSAGE_INCOMPLETE); + sshbuf_free(b1); + sshbuf_free(b2); + TEST_DONE(); + + TEST_START("sshbuf_equals buffer to self"); + b1 = sshbuf_new(); + ASSERT_PTR_NE(b1, NULL); + ASSERT_INT_EQ(sshbuf_put(b1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_equals(b1, b1), 0); + sshbuf_free(b1); + TEST_DONE(); +} + +static void +test_sshbuf_dtourlb64(void) +{ + struct sshbuf *b, *b64; + char *s; + /* From RFC4648 */ + const u_char test_vec1[] = {0x14, 0xfb, 0x9c, 0x03, 0xd9, 0x7e}; + const u_char test_vec2[] = {0xff, 0xff, 0xff}; + const u_char test_vec3[] = {0xfb}; + + TEST_START("sshbuf_dtourlb64 empty"); + b = sshbuf_new(); + b64 = sshbuf_new(); + ASSERT_PTR_NE(b, NULL); + ASSERT_PTR_NE(b64, NULL); + ASSERT_INT_EQ(sshbuf_dtourlb64(b, b64, 0), 0); + ASSERT_SIZE_T_EQ(sshbuf_len(b64), 0); + sshbuf_free(b); + sshbuf_free(b64); + TEST_DONE(); + + TEST_START("sshbuf_dtourlb64 no special chars"); + b = sshbuf_new(); + b64 = sshbuf_new(); + ASSERT_PTR_NE(b, NULL); + ASSERT_PTR_NE(b64, NULL); + ASSERT_INT_EQ(sshbuf_put(b, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_dtourlb64(b, b64, 0), 0); + s = sshbuf_dup_string(b64); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, "aGVsbG8"); + free(s); + sshbuf_free(b); + sshbuf_free(b64); + TEST_DONE(); + + TEST_START("sshbuf_dtourlb64 with '+' char"); + b = sshbuf_new(); + b64 = sshbuf_new(); + ASSERT_PTR_NE(b, NULL); + ASSERT_PTR_NE(b64, NULL); + ASSERT_INT_EQ(sshbuf_put(b, test_vec1, sizeof(test_vec1)), 0); + ASSERT_INT_EQ(sshbuf_dtourlb64(b, b64, 0), 0); + s = sshbuf_dup_string(b64); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, "FPucA9l-"); + free(s); + sshbuf_free(b); + sshbuf_free(b64); + TEST_DONE(); + + TEST_START("sshbuf_dtourlb64 with '/' char"); + b = sshbuf_new(); + b64 = sshbuf_new(); + ASSERT_PTR_NE(b, NULL); + ASSERT_PTR_NE(b64, NULL); + ASSERT_INT_EQ(sshbuf_put(b, test_vec2, sizeof(test_vec2)), 0); + ASSERT_INT_EQ(sshbuf_dtourlb64(b, b64, 0), 0); + s = sshbuf_dup_string(b64); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, "____"); + free(s); + sshbuf_free(b); + sshbuf_free(b64); + TEST_DONE(); + + TEST_START("sshbuf_dtourlb64 with padding removed"); + b = sshbuf_new(); + b64 = sshbuf_new(); + ASSERT_PTR_NE(b, NULL); + ASSERT_PTR_NE(b64, NULL); + ASSERT_INT_EQ(sshbuf_put(b, test_vec3, sizeof(test_vec3)), 0); + ASSERT_INT_EQ(sshbuf_dtourlb64(b, b64, 0), 0); + s = sshbuf_dup_string(b64); + ASSERT_PTR_NE(s, NULL); + ASSERT_STRING_EQ(s, "-w"); + free(s); + sshbuf_free(b); + sshbuf_free(b64); + TEST_DONE(); +} + +void +sshbuf_misc_tests(void) +{ + test_sshbuf_dump(); + test_sshbuf_dtob16(); + test_sshbuf_dtob64_string(); + test_sshbuf_b64tod(); + test_sshbuf_dup_string(); + test_sshbuf_cmp(); + test_sshbuf_find(); + test_sshbuf_equals(); + test_sshbuf_dtourlb64(); +} + From f64701ca25795548a61614d0b13391d6dfa7f38c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Sep 2025 03:04:44 +0000 Subject: [PATCH 220/687] upstream: repair test after changes to percent expansion of usernames on the commandline. Test more cases that should/shouldn't expand and lightly test username validity checks. OpenBSD-Regress-ID: ad4c12c70bdf1f959abfebd1637ecff1b49a484c --- regress/percent.sh | 45 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 37 insertions(+), 8 deletions(-) diff --git a/regress/percent.sh b/regress/percent.sh index 7ce9e8a1dc30..c607c8d23aa0 100644 --- a/regress/percent.sh +++ b/regress/percent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: percent.sh,v 1.21 2025/04/08 23:10:46 djm Exp $ +# $OpenBSD: percent.sh,v 1.22 2025/09/04 03:04:44 djm Exp $ # Placed in the Public Domain. tid="percent expansions" @@ -33,14 +33,14 @@ trial() if [ "$arg" = '%r' ] || [ "$arg" = '%C' ]; then # User does not support %r, ie itself or %C. Skip test. got="$expect" - elif [ "$i" = "user" ]; then + elif [ "$opt" = "user" ]; then got=`${SSH} -F $OBJ/ssh_proxy -o $opt="$arg" -G \ remuser@somehost | awk '$1=="'$opt'"{print $2}'` - elif [ "$i" = "user-l" ]; then + elif [ "$opt" = "user-l" ]; then # Also test ssh -l got=`${SSH} -F $OBJ/ssh_proxy -l "$arg" -G \ somehost | awk '$1=="'user'"{print $2}'` - elif [ "$i" = "user-at" ]; then + elif [ "$opt" = "user-at" ]; then # Also test user@host got=`${SSH} -F $OBJ/ssh_proxy -G "$arg@somehost" | \ awk '$1=="'user'"{print $2}'` @@ -91,7 +91,7 @@ trial() for i in matchexec localcommand remotecommand controlpath identityagent \ forwardagent localforward remoteforward revokedhostkeys \ - user user-l user-at setenv userknownhostsfile; do + user setenv userknownhostsfile; do verbose $tid $i percent case "$i" in localcommand|userknownhostsfile) @@ -137,11 +137,11 @@ done # Subset of above since we don't expand shell-style variables on anything that # runs a command because the shell will expand those. +FOO=bar +export FOO for i in controlpath identityagent forwardagent localforward remoteforward \ - user user-l user-at setenv userknownhostsfile; do + user setenv userknownhostsfile; do verbose $tid $i dollar - FOO=bar - export FOO trial $i '${FOO}' $FOO done @@ -152,3 +152,32 @@ for i in controlpath identityagent forwardagent; do trial $i '~' $HOME/ trial $i '~/.ssh' $HOME/.ssh done + +for i in user-l user-at; do + verbose $tid $i noexpand + trial $i '%u' '%u' +done + +# These should be not be expanded but rejected for containing shell characters. +verbose $tid user-l noenv +${SSH} -F $OBJ/ssh_proxy -l '${FOO}' -G somehost && fail "user-l expanded env" +verbose $tid user-at noenv +${SSH} -F $OBJ/ssh_proxy -G '${FOO}@somehost' && fail "user-at expanded env" + +FOO=`printf 'x\ay'` +export FOO + +# These should be rejected as containing control characters. +verbose $tid user-l badchar +${SSH} -F $OBJ/ssh_proxy -l "${FOO}" -G somehost && fail "user-l expanded env" +verbose $tid user-at badchar +${SSH} -F $OBJ/ssh_proxy -G "${FOO}@somehost" && fail "user-at expanded env" + +# Literal control characters in config is acceptable +verbose $tid user control-literal +trial user "$FOO" "$FOO" + +# Control characters expanded from config aren't. +${SSH} -F $OBJ/ssh_proxy -G '-oUser=${FOO}' somehost && \ + fail "user expanded ctrl" + From 9b2c5a2db0650e394597839ef00d797f57568937 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:06:14 +1000 Subject: [PATCH 221/687] Fill in missing system header files. Create replacement header files inside openbsd-compat for common headers that are missing on a given platform. Usually these are just empty, but in some cases they'll include the equivalent file. This avoids having to wrap those includes in '#ifdef HAVE_FOO_H' and reduces the diff vs OpenBSD. If we create any such headers, add the path to includes. Initially just stdint.h, more to follow. ok djm@ --- auth-options.c | 4 +--- channels.c | 4 +--- configure.ac | 17 ++++++++++++++++- crypto_api.h | 4 +--- kexmlkem768x25519.c | 2 -- misc.c | 4 +--- monitor.c | 4 +--- openbsd-compat/arc4random.c | 2 -- openbsd-compat/arc4random_uniform.c | 4 +--- openbsd-compat/glob.c | 2 -- openbsd-compat/memmem.c | 2 -- openbsd-compat/reallocarray.c | 2 -- openbsd-compat/recallocarray.c | 2 -- poly1305.c | 4 +--- regress/misc/sk-dummy/sk-dummy.c | 2 -- regress/unittests/authopt/tests.c | 2 -- regress/unittests/bitmap/tests.c | 2 -- regress/unittests/conversion/tests.c | 2 -- regress/unittests/hostkeys/test_iterate.c | 2 -- regress/unittests/kex/test_kex.c | 2 -- regress/unittests/kex/test_proposal.c | 2 -- regress/unittests/match/tests.c | 2 -- regress/unittests/misc/test_argv.c | 2 -- regress/unittests/misc/test_convtime.c | 2 -- regress/unittests/misc/test_expand.c | 2 -- regress/unittests/misc/test_hpdelim.c | 2 -- regress/unittests/misc/test_parse.c | 2 -- regress/unittests/misc/test_ptimeout.c | 4 +--- regress/unittests/misc/test_strdelim.c | 2 -- regress/unittests/misc/test_xextendf.c | 2 -- regress/unittests/misc/tests.c | 2 -- regress/unittests/sshbuf/test_sshbuf.c | 4 +--- regress/unittests/sshbuf/test_sshbuf_fixed.c | 4 +--- regress/unittests/sshbuf/test_sshbuf_fuzz.c | 4 +--- .../unittests/sshbuf/test_sshbuf_getput_basic.c | 4 +--- .../sshbuf/test_sshbuf_getput_crypto.c | 4 +--- .../unittests/sshbuf/test_sshbuf_getput_fuzz.c | 4 +--- regress/unittests/sshbuf/test_sshbuf_misc.c | 4 +--- regress/unittests/sshkey/common.c | 2 -- regress/unittests/sshkey/test_file.c | 2 -- regress/unittests/sshkey/test_fuzz.c | 2 -- regress/unittests/sshkey/test_sshkey.c | 2 -- regress/unittests/sshsig/tests.c | 2 -- regress/unittests/test_helper/fuzz.c | 4 +--- regress/unittests/test_helper/test_helper.c | 4 +--- regress/unittests/test_helper/test_helper.h | 4 +--- scp.c | 4 +--- sk-api.h | 2 -- sk-usbhid.c | 4 +--- ssh-keygen.c | 4 +--- ssh-sk.c | 4 +--- sshbuf-getput-basic.c | 4 +--- sshbuf-misc.c | 4 +--- umac.c | 2 -- xmalloc.c | 4 +--- 55 files changed, 41 insertions(+), 134 deletions(-) diff --git a/auth-options.c b/auth-options.c index c89b1ee58c77..785a23990337 100644 --- a/auth-options.c +++ b/auth-options.c @@ -24,9 +24,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/channels.c b/channels.c index 67ee073879b5..5dbf428aa1cd 100644 --- a/channels.c +++ b/channels.c @@ -61,9 +61,7 @@ #include #endif #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/configure.ac b/configure.ac index 71766ba10e06..fffe2f407a72 100644 --- a/configure.ac +++ b/configure.ac @@ -489,7 +489,6 @@ AC_CHECK_HEADERS([ \ sha2.h \ shadow.h \ stddef.h \ - stdint.h \ string.h \ strings.h \ sys/bitypes.h \ @@ -531,6 +530,22 @@ AC_CHECK_HEADERS([ \ wchar.h \ ]) +# Create replacement header files for common headers that are missing on this +# platform. Usually these are just empty, but in some cases they'll include +# the equivalent file. This avoids having to wrap those includes in +# '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. +compatincludes=no +AC_CHECK_HEADERS([stdint.h], [], [ + compatincludes="`pwd`/openbsd-compat/include" + mkdir -p "$compatincludes" + case "$ac_header" in + *) ;; + esac >"$compatincludes/$ac_header" +]) +if test "$compatincludes" != "no"; then + CPPFLAGS="$CPPFLAGS -I$compatincludes" +fi + AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H # include diff --git a/crypto_api.h b/crypto_api.h index 8bbc3a08aaeb..693b67bbc0e7 100644 --- a/crypto_api.h +++ b/crypto_api.h @@ -10,9 +10,7 @@ #include "includes.h" -#ifdef HAVE_STDINT_H -# include -#endif +#include #include typedef int8_t crypto_int8; diff --git a/kexmlkem768x25519.c b/kexmlkem768x25519.c index 2b5d39608238..7ade7a7f904f 100644 --- a/kexmlkem768x25519.c +++ b/kexmlkem768x25519.c @@ -28,9 +28,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/misc.c b/misc.c index 183332082b5a..4e09f2b4b2eb 100644 --- a/misc.c +++ b/misc.c @@ -42,9 +42,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/monitor.c b/monitor.c index 129ff4ccb9c0..d0a2b3f50f21 100644 --- a/monitor.c +++ b/monitor.c @@ -39,9 +39,7 @@ #endif #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c index ffd33734db56..376a893d2110 100644 --- a/openbsd-compat/arc4random.c +++ b/openbsd-compat/arc4random.c @@ -32,9 +32,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/openbsd-compat/arc4random_uniform.c b/openbsd-compat/arc4random_uniform.c index 591f92d150fa..59d516884eb1 100644 --- a/openbsd-compat/arc4random_uniform.c +++ b/openbsd-compat/arc4random_uniform.c @@ -20,9 +20,7 @@ #include "includes.h" -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #ifndef HAVE_ARC4RANDOM_UNIFORM diff --git a/openbsd-compat/glob.c b/openbsd-compat/glob.c index e89151789aa3..330b9c0aa73a 100644 --- a/openbsd-compat/glob.c +++ b/openbsd-compat/glob.c @@ -70,9 +70,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/openbsd-compat/memmem.c b/openbsd-compat/memmem.c index 2637401d7c6e..afc20c669b08 100644 --- a/openbsd-compat/memmem.c +++ b/openbsd-compat/memmem.c @@ -30,9 +30,7 @@ #ifndef HAVE_MEMMEM #include -#ifdef HAVE_STDINT_H #include -#endif static char * twobyte_memmem(const unsigned char *h, size_t k, const unsigned char *n) diff --git a/openbsd-compat/reallocarray.c b/openbsd-compat/reallocarray.c index 1a52acc623fe..cffe9b5efe7b 100644 --- a/openbsd-compat/reallocarray.c +++ b/openbsd-compat/reallocarray.c @@ -22,9 +22,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include /* diff --git a/openbsd-compat/recallocarray.c b/openbsd-compat/recallocarray.c index 3e1156ce2d95..c281f75e94d1 100644 --- a/openbsd-compat/recallocarray.c +++ b/openbsd-compat/recallocarray.c @@ -22,9 +22,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/poly1305.c b/poly1305.c index de4d8877025d..c6747161c97f 100644 --- a/poly1305.c +++ b/poly1305.c @@ -7,9 +7,7 @@ #include "includes.h" #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include "poly1305.h" diff --git a/regress/misc/sk-dummy/sk-dummy.c b/regress/misc/sk-dummy/sk-dummy.c index afa0314da838..4c96e8827c50 100644 --- a/regress/misc/sk-dummy/sk-dummy.c +++ b/regress/misc/sk-dummy/sk-dummy.c @@ -17,9 +17,7 @@ #include "includes.h" -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/regress/unittests/authopt/tests.c b/regress/unittests/authopt/tests.c index 5285f0db5746..a81dffbf7ba3 100644 --- a/regress/unittests/authopt/tests.c +++ b/regress/unittests/authopt/tests.c @@ -10,9 +10,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/bitmap/tests.c b/regress/unittests/bitmap/tests.c index b8eae2313215..6470f983d447 100644 --- a/regress/unittests/bitmap/tests.c +++ b/regress/unittests/bitmap/tests.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/conversion/tests.c b/regress/unittests/conversion/tests.c index d65e6326fd4e..fce4d1ca7001 100644 --- a/regress/unittests/conversion/tests.c +++ b/regress/unittests/conversion/tests.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 0139376f4a78..65d6d1f43557 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index 0c33e80f869d..16c2f2dff975 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -10,9 +10,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/kex/test_proposal.c b/regress/unittests/kex/test_proposal.c index fa4192bb661c..01bf7e589f40 100644 --- a/regress/unittests/kex/test_proposal.c +++ b/regress/unittests/kex/test_proposal.c @@ -10,9 +10,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/match/tests.c b/regress/unittests/match/tests.c index 2ca6c769ae3f..163a3a25569d 100644 --- a/regress/unittests/match/tests.c +++ b/regress/unittests/match/tests.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_argv.c b/regress/unittests/misc/test_argv.c index 682863e73ba9..a20a9e78fcc4 100644 --- a/regress/unittests/misc/test_argv.c +++ b/regress/unittests/misc/test_argv.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_convtime.c b/regress/unittests/misc/test_convtime.c index 4794dbd9daae..4fdcf38127df 100644 --- a/regress/unittests/misc/test_convtime.c +++ b/regress/unittests/misc/test_convtime.c @@ -10,9 +10,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_expand.c b/regress/unittests/misc/test_expand.c index 6f2cd8adbedd..b72a1e9a8424 100644 --- a/regress/unittests/misc/test_expand.c +++ b/regress/unittests/misc/test_expand.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_hpdelim.c b/regress/unittests/misc/test_hpdelim.c index d423023dc3d2..626f1856444d 100644 --- a/regress/unittests/misc/test_hpdelim.c +++ b/regress/unittests/misc/test_hpdelim.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_parse.c b/regress/unittests/misc/test_parse.c index c66028aec5e6..cbffbe0fdb9f 100644 --- a/regress/unittests/misc/test_parse.c +++ b/regress/unittests/misc/test_parse.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_ptimeout.c b/regress/unittests/misc/test_ptimeout.c index cc58ee8547c3..359a460cc81b 100644 --- a/regress/unittests/misc/test_ptimeout.c +++ b/regress/unittests/misc/test_ptimeout.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #ifdef HAVE_POLL_H diff --git a/regress/unittests/misc/test_strdelim.c b/regress/unittests/misc/test_strdelim.c index f7bea4bfe8f7..ae0f71556d07 100644 --- a/regress/unittests/misc/test_strdelim.c +++ b/regress/unittests/misc/test_strdelim.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/test_xextendf.c b/regress/unittests/misc/test_xextendf.c index 133633dc6224..3c1ee8b8b65c 100644 --- a/regress/unittests/misc/test_xextendf.c +++ b/regress/unittests/misc/test_xextendf.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/misc/tests.c b/regress/unittests/misc/tests.c index 578bc1d90fa5..a71dde727a5b 100644 --- a/regress/unittests/misc/tests.c +++ b/regress/unittests/misc/tests.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf.c b/regress/unittests/sshbuf/test_sshbuf.c index e22b390fe33d..dc021ba9087b 100644 --- a/regress/unittests/sshbuf/test_sshbuf.c +++ b/regress/unittests/sshbuf/test_sshbuf.c @@ -10,9 +10,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf_fixed.c b/regress/unittests/sshbuf/test_sshbuf_fixed.c index dff77f042152..cc05025a82af 100644 --- a/regress/unittests/sshbuf/test_sshbuf_fixed.c +++ b/regress/unittests/sshbuf/test_sshbuf_fixed.c @@ -10,9 +10,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_fuzz.c index c0b809dcde1b..51838ee724dd 100644 --- a/regress/unittests/sshbuf/test_sshbuf_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_fuzz.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c index b5aca1fb1f9c..058bf17d474b 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index 46a96fdadb38..97ee853d8875 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c @@ -11,9 +11,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c index 3b4895895ef1..aa345c773a0c 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshbuf/test_sshbuf_misc.c b/regress/unittests/sshbuf/test_sshbuf_misc.c index 80081c519f2a..58f55eee89ae 100644 --- a/regress/unittests/sshbuf/test_sshbuf_misc.c +++ b/regress/unittests/sshbuf/test_sshbuf_misc.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c index edb1d95fa794..fa68e6d5b3ff 100644 --- a/regress/unittests/sshkey/common.c +++ b/regress/unittests/sshkey/common.c @@ -11,9 +11,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c index 49148aca07b2..e412b75d8321 100644 --- a/regress/unittests/sshkey/test_file.c +++ b/regress/unittests/sshkey/test_file.c @@ -11,9 +11,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c index 12d0e12eacef..d0f47d7cfd1d 100644 --- a/regress/unittests/sshkey/test_fuzz.c +++ b/regress/unittests/sshkey/test_fuzz.c @@ -11,9 +11,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 9dbd913066a8..5d5a6bec3843 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -9,9 +9,7 @@ #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c index ef1a46edcbb2..670d06718955 100644 --- a/regress/unittests/sshsig/tests.c +++ b/regress/unittests/sshsig/tests.c @@ -11,9 +11,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include #include diff --git a/regress/unittests/test_helper/fuzz.c b/regress/unittests/test_helper/fuzz.c index edad5e1f5197..c2711c72841f 100644 --- a/regress/unittests/test_helper/fuzz.c +++ b/regress/unittests/test_helper/fuzz.c @@ -25,9 +25,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index 7783d65a4f4a..51b80119bafa 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -29,9 +29,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h index 23338af38882..4f7e2c87f28d 100644 --- a/regress/unittests/test_helper/test_helper.h +++ b/regress/unittests/test_helper/test_helper.h @@ -23,9 +23,7 @@ #include "includes.h" #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #ifdef WITH_OPENSSL #include diff --git a/scp.c b/scp.c index 3cdbb7bd8283..f7328e5b3baa 100644 --- a/scp.c +++ b/scp.c @@ -113,9 +113,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/sk-api.h b/sk-api.h index 08f567a9e271..32d0f118b9b1 100644 --- a/sk-api.h +++ b/sk-api.h @@ -19,9 +19,7 @@ #define _SK_API_H 1 #include -#ifdef HAVE_STDINT_H #include -#endif /* Flags */ #define SSH_SK_USER_PRESENCE_REQD 0x01 diff --git a/sk-usbhid.c b/sk-usbhid.c index c18c40df2db6..cd248811a51c 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -20,9 +20,7 @@ #ifdef ENABLE_SK_INTERNAL -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/ssh-keygen.c b/ssh-keygen.c index 6e62886378c7..6803f310148d 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -24,9 +24,7 @@ #include "openbsd-compat/openssl-compat.h" #endif -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/ssh-sk.c b/ssh-sk.c index a2a7d7206cc7..6bb1edc90b80 100644 --- a/ssh-sk.c +++ b/ssh-sk.c @@ -23,9 +23,7 @@ #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 5c71b0e53563..2cc562b244f2 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -24,9 +24,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include "ssherr.h" #include "sshbuf.h" diff --git a/sshbuf-misc.c b/sshbuf-misc.c index 431809d906df..7b11e4e1760b 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -22,9 +22,7 @@ #include #include #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include diff --git a/umac.c b/umac.c index 94c5e817c76d..078434b8de04 100644 --- a/umac.c +++ b/umac.c @@ -76,9 +76,7 @@ #include #include #include -#ifdef HAVE_STDINT_H #include -#endif #include #include diff --git a/xmalloc.c b/xmalloc.c index bf1da4b89456..a058f085c148 100644 --- a/xmalloc.c +++ b/xmalloc.c @@ -16,9 +16,7 @@ #include "includes.h" #include -#ifdef HAVE_STDINT_H -# include -#endif +#include #include #include #include From d45b17dc5a0598dda2b11dc89598203408d2d59c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:17:52 +1000 Subject: [PATCH 222/687] Create replacement poll.h if needed. Remove #ifdef HAVE_POLL_H wrapper. ok djm@ --- atomicio.c | 6 ------ channels.c | 2 -- clientloop.c | 2 -- configure.ac | 6 ++++-- kex.c | 2 -- misc.c | 2 -- monitor.c | 6 ------ monitor_fdpass.c | 8 +------- mux.c | 6 ------ openbsd-compat/bsd-poll.h | 6 +----- packet.c | 2 -- regress/netcat.c | 6 ------ regress/unittests/misc/test_ptimeout.c | 4 +--- scp.c | 6 ------ serverloop.c | 2 -- sftp-client.c | 6 ------ sftp-server.c | 2 -- ssh-agent.c | 4 +--- ssh-keyscan.c | 2 -- ssh-pkcs11-helper.c | 2 -- sshconnect.c | 2 -- sshd.c | 2 -- 22 files changed, 8 insertions(+), 78 deletions(-) diff --git a/atomicio.c b/atomicio.c index 765073357f67..58a9512d3e4a 100644 --- a/atomicio.c +++ b/atomicio.c @@ -31,13 +31,7 @@ #include #include -#ifdef HAVE_POLL_H #include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif #include #include #include diff --git a/channels.c b/channels.c index 5dbf428aa1cd..b489cb9a9c9a 100644 --- a/channels.c +++ b/channels.c @@ -57,9 +57,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/clientloop.c b/clientloop.c index 577771f06963..38100d18a7cd 100644 --- a/clientloop.c +++ b/clientloop.c @@ -76,9 +76,7 @@ #ifdef HAVE_PATHS_H #include #endif -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/configure.ac b/configure.ac index fffe2f407a72..923a01af1bcc 100644 --- a/configure.ac +++ b/configure.ac @@ -481,7 +481,6 @@ AC_CHECK_HEADERS([ \ netgroup.h \ pam/pam_appl.h \ paths.h \ - poll.h \ pty.h \ readpassphrase.h \ rpc/types.h \ @@ -535,10 +534,13 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([stdint.h], [], [ +AC_CHECK_HEADERS([poll.h stdint.h], [], [ compatincludes="`pwd`/openbsd-compat/include" mkdir -p "$compatincludes" case "$ac_header" in + poll.h) echo '#ifdef HAVE_SYS_POLL_H' + echo '#include ' + echo '#endif' ;; *) ;; esac >"$compatincludes/$ac_header" ]) diff --git a/kex.c b/kex.c index f8eaa8c970c6..6e312985f8c9 100644 --- a/kex.c +++ b/kex.c @@ -33,9 +33,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#endif #ifdef WITH_OPENSSL #include diff --git a/misc.c b/misc.c index 4e09f2b4b2eb..728e80b04b98 100644 --- a/misc.c +++ b/misc.c @@ -33,9 +33,7 @@ #ifdef HAVE_LIBGEN_H # include #endif -#ifdef HAVE_POLL_H #include -#endif #ifdef HAVE_NLIST_H #include #endif diff --git a/monitor.c b/monitor.c index d0a2b3f50f21..166f4d2c4fa2 100644 --- a/monitor.c +++ b/monitor.c @@ -45,13 +45,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif #ifdef WITH_OPENSSL #include diff --git a/monitor_fdpass.c b/monitor_fdpass.c index d7bf38979b0c..5c0523fb33fc 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c @@ -37,13 +37,7 @@ #include #include -#ifdef HAVE_POLL_H -# include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif +#include #include "log.h" #include "monitor_fdpass.h" diff --git a/mux.c b/mux.c index 542024e7a448..103746a902b4 100644 --- a/mux.c +++ b/mux.c @@ -38,13 +38,7 @@ #include #endif -#ifdef HAVE_POLL_H #include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif #ifdef HAVE_UTIL_H # include diff --git a/openbsd-compat/bsd-poll.h b/openbsd-compat/bsd-poll.h index ae865a6e2622..67fd8c66f803 100644 --- a/openbsd-compat/bsd-poll.h +++ b/openbsd-compat/bsd-poll.h @@ -31,11 +31,7 @@ #define _COMPAT_POLL_H_ #include -#ifdef HAVE_POLL_H -# include -#elif HAVE_SYS_POLL_H -# include -#endif +#include #ifndef HAVE_STRUCT_POLLFD_FD typedef struct pollfd { diff --git a/packet.c b/packet.c index 6dfa7ac31a95..6af84ed85d1e 100644 --- a/packet.c +++ b/packet.c @@ -58,9 +58,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#endif #include #include diff --git a/regress/netcat.c b/regress/netcat.c index 1eac0218aaf1..0acedfd82493 100644 --- a/regress/netcat.c +++ b/regress/netcat.c @@ -55,13 +55,7 @@ #include #include "atomicio.h" -#ifdef HAVE_POLL_H #include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif #ifdef HAVE_ERR_H # include #endif diff --git a/regress/unittests/misc/test_ptimeout.c b/regress/unittests/misc/test_ptimeout.c index 359a460cc81b..f56e88996ceb 100644 --- a/regress/unittests/misc/test_ptimeout.c +++ b/regress/unittests/misc/test_ptimeout.c @@ -12,9 +12,7 @@ #include #include #include -#ifdef HAVE_POLL_H -# include -#endif +#include #include #include "../test_helper/test_helper.h" diff --git a/scp.c b/scp.c index f7328e5b3baa..67bd9d28dcae 100644 --- a/scp.c +++ b/scp.c @@ -77,13 +77,7 @@ #ifdef HAVE_SYS_STAT_H # include #endif -#ifdef HAVE_POLL_H #include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif #ifdef HAVE_SYS_TIME_H # include #endif diff --git a/serverloop.c b/serverloop.c index 4beb2a390b6d..ff207721d90d 100644 --- a/serverloop.c +++ b/serverloop.c @@ -50,9 +50,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/sftp-client.c b/sftp-client.c index 3d8bb34961c9..880064c1e1ef 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -37,13 +37,7 @@ #include #include -#ifdef HAVE_POLL_H #include -#else -# ifdef HAVE_SYS_POLL_H -# include -# endif -#endif #include #include #include diff --git a/sftp-server.c b/sftp-server.c index c3baebd86410..0d14521029ca 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -33,9 +33,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/ssh-agent.c b/ssh-agent.c index 2c7b94be55f2..3ea1a4d8d126 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -60,9 +60,7 @@ #ifdef HAVE_PATHS_H # include #endif -#ifdef HAVE_POLL_H -# include -#endif +#include #include #include #include diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 914de1244dd4..46208f117f0c 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -26,9 +26,7 @@ #include #include #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 32111fef6b29..279cd1df1e24 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -24,9 +24,7 @@ #include #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/sshconnect.c b/sshconnect.c index 8ddc531da571..8f8e960ec3d8 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -36,9 +36,7 @@ #include #endif #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include diff --git a/sshd.c b/sshd.c index 86c27c44c9b1..60d0d1ff19fb 100644 --- a/sshd.c +++ b/sshd.c @@ -47,9 +47,7 @@ #include #endif #include -#ifdef HAVE_POLL_H #include -#endif #include #include #include From 5f09983d1e724097bd577097fb0f2c00c2436f21 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:24:50 +1000 Subject: [PATCH 223/687] Create replacement paths.h if needed. Remove #ifdef HAVE_PATHS_H wrapper. ok djm@ --- auth.c | 4 +--- auth2-pubkey.c | 4 +--- clientloop.c | 2 -- configure.ac | 3 +-- loginrec.c | 4 +--- misc.c | 3 +-- monitor.c | 2 -- mux.c | 2 -- readconf.c | 4 +--- readpass.c | 4 +--- session.c | 2 -- sftp.c | 4 +--- ssh-agent.c | 4 +--- ssh-keygen.c | 4 +--- ssh-keysign.c | 2 -- ssh.c | 2 -- sshconnect.c | 2 -- sshd-auth.c | 4 +--- sshd-session.c | 4 +--- sshd.c | 2 -- sshpty.c | 4 +--- 21 files changed, 13 insertions(+), 53 deletions(-) diff --git a/auth.c b/auth.c index 9a6e5a319f75..4f772fafd861 100644 --- a/auth.c +++ b/auth.c @@ -35,9 +35,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #ifdef HAVE_LOGIN_H #include diff --git a/auth2-pubkey.c b/auth2-pubkey.c index d7704e5102ff..15ad3000c6cd 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -30,9 +30,7 @@ #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/clientloop.c b/clientloop.c index 38100d18a7cd..4511ecf102bc 100644 --- a/clientloop.c +++ b/clientloop.c @@ -73,9 +73,7 @@ #include #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/configure.ac b/configure.ac index 923a01af1bcc..44023c33091b 100644 --- a/configure.ac +++ b/configure.ac @@ -480,7 +480,6 @@ AC_CHECK_HEADERS([ \ netdb.h \ netgroup.h \ pam/pam_appl.h \ - paths.h \ pty.h \ readpassphrase.h \ rpc/types.h \ @@ -534,7 +533,7 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([poll.h stdint.h], [], [ +AC_CHECK_HEADERS([paths.h poll.h stdint.h], [], [ compatincludes="`pwd`/openbsd-compat/include" mkdir -p "$compatincludes" case "$ac_header" in diff --git a/loginrec.c b/loginrec.c index ffc3d1bbf95a..fa829fdf4875 100644 --- a/loginrec.c +++ b/loginrec.c @@ -138,9 +138,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/misc.c b/misc.c index 728e80b04b98..a28ca0e75ec6 100644 --- a/misc.c +++ b/misc.c @@ -56,8 +56,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include +#include #include #include #endif diff --git a/monitor.c b/monitor.c index 166f4d2c4fa2..df9bde2e95cf 100644 --- a/monitor.c +++ b/monitor.c @@ -34,9 +34,7 @@ #include #include #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/mux.c b/mux.c index 103746a902b4..8ff29ee2a2ef 100644 --- a/mux.c +++ b/mux.c @@ -34,9 +34,7 @@ #include #include #include -#ifdef HAVE_PATHS_H #include -#endif #include diff --git a/readconf.c b/readconf.c index ba25ba881047..bee3e21c4ba7 100644 --- a/readconf.c +++ b/readconf.c @@ -34,9 +34,7 @@ #endif #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/readpass.c b/readpass.c index 5a88824b4f6c..3c9212c2777b 100644 --- a/readpass.c +++ b/readpass.c @@ -30,9 +30,7 @@ #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/session.c b/session.c index 7b030793ac28..6d16564282c4 100644 --- a/session.c +++ b/session.c @@ -50,9 +50,7 @@ #include #include #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/sftp.c b/sftp.c index 6e3cf7054a40..191b1e348a5d 100644 --- a/sftp.c +++ b/sftp.c @@ -31,9 +31,7 @@ #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #ifdef HAVE_LIBGEN_H #include #endif diff --git a/ssh-agent.c b/ssh-agent.c index 3ea1a4d8d126..e17d8aa9ad2d 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -57,9 +57,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/ssh-keygen.c b/ssh-keygen.c index 6803f310148d..b57f05690264 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -28,9 +28,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/ssh-keysign.c b/ssh-keysign.c index 2410c6cd1b7b..c2d8471ad3e3 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -26,9 +26,7 @@ #include "includes.h" #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/ssh.c b/ssh.c index 6bbb82874e45..93dbd2e5e546 100644 --- a/ssh.c +++ b/ssh.c @@ -56,9 +56,7 @@ #include #include #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/sshconnect.c b/sshconnect.c index 8f8e960ec3d8..79ccbcc6b3aa 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -32,9 +32,7 @@ #include #include #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/sshd-auth.c b/sshd-auth.c index 95520608c433..27db2e14cca8 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -42,9 +42,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/sshd-session.c b/sshd-session.c index 6fc4aa086bba..cd23c0530678 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -45,9 +45,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include diff --git a/sshd.c b/sshd.c index 60d0d1ff19fb..23ca4e4fbd00 100644 --- a/sshd.c +++ b/sshd.c @@ -43,9 +43,7 @@ #include #include #include -#ifdef HAVE_PATHS_H #include -#endif #include #include #include diff --git a/sshpty.c b/sshpty.c index 4867e7f5e6d2..fe01f3b88ec6 100644 --- a/sshpty.c +++ b/sshpty.c @@ -22,9 +22,7 @@ #include #include #include -#ifdef HAVE_PATHS_H -# include -#endif +#include #include #include #include From 53887d8ebc583b51e996cb2bdeb11e054d36343b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:27:43 +1000 Subject: [PATCH 224/687] Create replacement util.h if needed. Remove #ifdef HAVE_UTIL_H wrapper. ok djm@ --- configure.ac | 3 +-- loginrec.c | 2 -- mux.c | 4 +--- openbsd-compat/bsd-openpty.c | 4 +--- readconf.c | 2 -- scp.c | 4 +--- servconf.c | 2 -- sftp-common.c | 2 -- sftp.c | 4 +--- ssh-agent.c | 4 +--- sshkey.c | 2 -- sshpty.c | 4 +--- 12 files changed, 7 insertions(+), 30 deletions(-) diff --git a/configure.ac b/configure.ac index 44023c33091b..4179857519f0 100644 --- a/configure.ac +++ b/configure.ac @@ -520,7 +520,6 @@ AC_CHECK_HEADERS([ \ ucred.h \ unistd.h \ usersec.h \ - util.h \ utime.h \ utmp.h \ utmpx.h \ @@ -533,7 +532,7 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([paths.h poll.h stdint.h], [], [ +AC_CHECK_HEADERS([paths.h poll.h stdint.h util.h], [], [ compatincludes="`pwd`/openbsd-compat/include" mkdir -p "$compatincludes" case "$ac_header" in diff --git a/loginrec.c b/loginrec.c index fa829fdf4875..e50964de3601 100644 --- a/loginrec.c +++ b/loginrec.c @@ -160,9 +160,7 @@ #include "ssherr.h" #include "misc.h" -#ifdef HAVE_UTIL_H # include -#endif #ifdef USE_WTMPDB # include diff --git a/mux.c b/mux.c index 8ff29ee2a2ef..6b1d463afba0 100644 --- a/mux.c +++ b/mux.c @@ -38,9 +38,7 @@ #include -#ifdef HAVE_UTIL_H -# include -#endif +#include #include "openbsd-compat/sys-queue.h" #include "xmalloc.h" diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index f5507000a5cb..3e58ace2604f 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c @@ -50,9 +50,7 @@ # include #endif -#ifdef HAVE_UTIL_H -# include -#endif /* HAVE_UTIL_H */ +#include #ifdef HAVE_PTY_H # include diff --git a/readconf.c b/readconf.c index bee3e21c4ba7..0acc08ca1d5b 100644 --- a/readconf.c +++ b/readconf.c @@ -46,9 +46,7 @@ #else # include "openbsd-compat/glob.h" #endif -#ifdef HAVE_UTIL_H #include -#endif #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) # include #endif diff --git a/scp.c b/scp.c index 67bd9d28dcae..be0acc3f5bd7 100644 --- a/scp.c +++ b/scp.c @@ -100,9 +100,7 @@ #include #endif #include -#ifdef HAVE_UTIL_H -# include -#endif +#include #include #include #include diff --git a/servconf.c b/servconf.c index bd04336e001b..532c095536b5 100644 --- a/servconf.c +++ b/servconf.c @@ -37,9 +37,7 @@ #include #include #include -#ifdef HAVE_UTIL_H #include -#endif #ifdef USE_SYSTEM_GLOB # include #else diff --git a/sftp-common.c b/sftp-common.c index 5d72498256e8..4abd54a07a1a 100644 --- a/sftp-common.c +++ b/sftp-common.c @@ -37,9 +37,7 @@ #include #include #include -#ifdef HAVE_UTIL_H #include -#endif #include "xmalloc.h" #include "ssherr.h" diff --git a/sftp.c b/sftp.c index 191b1e348a5d..9cb654a0e194 100644 --- a/sftp.c +++ b/sftp.c @@ -51,9 +51,7 @@ typedef void EditLine; #include #include -#ifdef HAVE_UTIL_H -# include -#endif +#include #include "xmalloc.h" #include "log.h" diff --git a/ssh-agent.c b/ssh-agent.c index e17d8aa9ad2d..10b19296c20f 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -66,9 +66,7 @@ #include #include #include -#ifdef HAVE_UTIL_H -# include -#endif +#include #include "xmalloc.h" #include "ssh.h" diff --git a/sshkey.c b/sshkey.c index 3633c878ae68..ab69d474d08c 100644 --- a/sshkey.c +++ b/sshkey.c @@ -46,9 +46,7 @@ #include #include #include -#ifdef HAVE_UTIL_H #include -#endif /* HAVE_UTIL_H */ #include "ssh2.h" #include "ssherr.h" diff --git a/sshpty.c b/sshpty.c index fe01f3b88ec6..968df5a63a0b 100644 --- a/sshpty.c +++ b/sshpty.c @@ -28,9 +28,7 @@ #include #include #include -#ifdef HAVE_UTIL_H -# include -#endif +#include #include #include "sshpty.h" From 82fed5110fe09e9af258a8f5a2f92ffb397fff5b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:31:15 +1000 Subject: [PATCH 225/687] Create replacement ifaddrs.h if needed. Remove #ifdef HAVE_IFADDRS_H wrapper. ok djm@ --- configure.ac | 3 +-- readconf.c | 4 +--- sshconnect.c | 4 +--- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac index 4179857519f0..6f48e5508026 100644 --- a/configure.ac +++ b/configure.ac @@ -468,7 +468,6 @@ AC_CHECK_HEADERS([ \ glob.h \ ia.h \ iaf.h \ - ifaddrs.h \ inttypes.h \ langinfo.h \ limits.h \ @@ -532,7 +531,7 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([paths.h poll.h stdint.h util.h], [], [ +AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h util.h], [], [ compatincludes="`pwd`/openbsd-compat/include" mkdir -p "$compatincludes" case "$ac_header" in diff --git a/readconf.c b/readconf.c index 0acc08ca1d5b..d99205944ecb 100644 --- a/readconf.c +++ b/readconf.c @@ -29,9 +29,7 @@ #include #include #include -#ifdef HAVE_IFADDRS_H -# include -#endif +#include #include #include #include diff --git a/sshconnect.c b/sshconnect.c index 79ccbcc6b3aa..97f65edc7e4a 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -41,9 +41,7 @@ #include #include #include -#ifdef HAVE_IFADDRS_H -# include -#endif +#include #include "xmalloc.h" #include "hostfile.h" From 59b80707c6cf45230597a800e7d2ce6b00ce35b5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:44:07 +1000 Subject: [PATCH 226/687] Create replacement sys/time.h if needed. Remove #ifdef HAVE_SYS_TIME_H wrapper. ok djm@ --- channels.c | 4 +--- clientloop.c | 4 +--- configure.ac | 9 +++++---- loginrec.c | 4 +--- openbsd-compat/bsd-misc.c | 4 +--- packet.c | 4 +--- scp.c | 4 +--- serverloop.c | 4 +--- sftp-client.c | 4 +--- sftp-server.c | 4 +--- ssh-agent.c | 4 +--- ssh-keyscan.c | 4 +--- ssh-pkcs11-client.c | 4 +--- ssh-pkcs11-helper.c | 4 +--- ssh-pkcs11.c | 4 +--- sshconnect.c | 4 +--- sshd-session.c | 4 +--- sshd.c | 4 +--- 18 files changed, 22 insertions(+), 55 deletions(-) diff --git a/channels.c b/channels.c index b489cb9a9c9a..2a4cb0e3134b 100644 --- a/channels.c +++ b/channels.c @@ -46,9 +46,7 @@ #include #include #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/clientloop.c b/clientloop.c index 4511ecf102bc..cf51897d6651 100644 --- a/clientloop.c +++ b/clientloop.c @@ -66,9 +66,7 @@ #ifdef HAVE_SYS_STAT_H # include #endif -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/configure.ac b/configure.ac index 6f48e5508026..4c2a2b7ec131 100644 --- a/configure.ac +++ b/configure.ac @@ -510,7 +510,6 @@ AC_CHECK_HEADERS([ \ sys/strtio.h \ sys/statvfs.h \ sys/sysmacros.h \ - sys/time.h \ sys/timers.h \ sys/vfs.h \ time.h \ @@ -531,15 +530,17 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h util.h], [], [ +AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h sys/time.h util.h], [], [ compatincludes="`pwd`/openbsd-compat/include" - mkdir -p "$compatincludes" + header="$compatincludes/$ac_header" + dir=`dirname "$header"` + mkdir -p "$dir" case "$ac_header" in poll.h) echo '#ifdef HAVE_SYS_POLL_H' echo '#include ' echo '#endif' ;; *) ;; - esac >"$compatincludes/$ac_header" + esac >"$header" ]) if test "$compatincludes" != "no"; then CPPFLAGS="$CPPFLAGS -I$compatincludes" diff --git a/loginrec.c b/loginrec.c index e50964de3601..7d1c9dd43de9 100644 --- a/loginrec.c +++ b/loginrec.c @@ -129,9 +129,7 @@ #include #include #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 669d2bb7e273..aea2ba67f07d 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -21,9 +21,7 @@ #ifdef HAVE_SYS_SELECT_H # include #endif -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/packet.c b/packet.c index 6af84ed85d1e..be16fd42988d 100644 --- a/packet.c +++ b/packet.c @@ -42,9 +42,7 @@ #include #include "openbsd-compat/sys-queue.h" #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/scp.c b/scp.c index be0acc3f5bd7..f44470d763a7 100644 --- a/scp.c +++ b/scp.c @@ -78,9 +78,7 @@ # include #endif #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/serverloop.c b/serverloop.c index ff207721d90d..c8b1fd6db738 100644 --- a/serverloop.c +++ b/serverloop.c @@ -40,9 +40,7 @@ #include #include #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include diff --git a/sftp-client.c b/sftp-client.c index 880064c1e1ef..6ff0db7f9901 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -30,9 +30,7 @@ #ifdef HAVE_SYS_STAT_H # include #endif -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/sftp-server.c b/sftp-server.c index 0d14521029ca..777821acd521 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -20,9 +20,7 @@ #include #include #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #ifdef HAVE_SYS_MOUNT_H #include #endif diff --git a/ssh-agent.c b/ssh-agent.c index 10b19296c20f..36243f1989cd 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -41,9 +41,7 @@ #include #include #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #ifdef HAVE_SYS_UN_H # include #endif diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 46208f117f0c..28451fc59929 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -12,9 +12,7 @@ #include #include "openbsd-compat/sys-queue.h" #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index 8be0d8aecff0..85afb62ac6f4 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -19,9 +19,7 @@ #include "includes.h" #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 279cd1df1e24..7ed4bdb76841 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -18,9 +18,7 @@ #include "includes.h" #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index b2d3cbd80f5d..5167f89b8115 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -20,9 +20,7 @@ #ifdef ENABLE_PKCS11 -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/sshconnect.c b/sshconnect.c index 97f65edc7e4a..bef9f9bc3f0e 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -19,9 +19,7 @@ #include #include #include -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include #include diff --git a/sshd-session.c b/sshd-session.c index cd23c0530678..b737e5911749 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -35,9 +35,7 @@ #ifdef HAVE_SYS_STAT_H # include #endif -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include "openbsd-compat/sys-tree.h" #include "openbsd-compat/sys-queue.h" #include diff --git a/sshd.c b/sshd.c index 23ca4e4fbd00..87601740b17f 100644 --- a/sshd.c +++ b/sshd.c @@ -32,9 +32,7 @@ #ifdef HAVE_SYS_STAT_H # include #endif -#ifdef HAVE_SYS_TIME_H -# include -#endif +#include #include "openbsd-compat/sys-tree.h" #include "openbsd-compat/sys-queue.h" #include From ea586edbcbec7089f768ed682a79a399eaa1e5b1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:50:18 +1000 Subject: [PATCH 227/687] Create replacement sys/stat.h if needed. Remove #ifdef HAVE_SYS_STAT_H wrapper. ok djm@ --- clientloop.c | 4 +--- configure.ac | 2 +- openbsd-compat/bsd-openpty.c | 4 +--- openbsd-compat/daemon.c | 4 +--- scp.c | 4 +--- session.c | 4 +--- sftp-client.c | 4 +--- sftp-glob.c | 4 +--- sftp.c | 4 +--- ssh.c | 4 +--- sshd-session.c | 4 +--- sshd.c | 4 +--- 12 files changed, 12 insertions(+), 34 deletions(-) diff --git a/clientloop.c b/clientloop.c index cf51897d6651..cc6f64a2b8b5 100644 --- a/clientloop.c +++ b/clientloop.c @@ -63,9 +63,7 @@ #include #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include diff --git a/configure.ac b/configure.ac index 4c2a2b7ec131..05a302e12d2d 100644 --- a/configure.ac +++ b/configure.ac @@ -530,7 +530,7 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h sys/time.h util.h], [], [ +AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h sys/stat.h sys/time.h util.h], [], [ compatincludes="`pwd`/openbsd-compat/include" header="$compatincludes/$ac_header" dir=`dirname "$header"` diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index 3e58ace2604f..f08d6156d284 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c @@ -39,9 +39,7 @@ #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #ifdef HAVE_SYS_IOCTL_H # include #endif diff --git a/openbsd-compat/daemon.c b/openbsd-compat/daemon.c index 3efe14c68c41..256466959621 100644 --- a/openbsd-compat/daemon.c +++ b/openbsd-compat/daemon.c @@ -36,9 +36,7 @@ #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #ifdef HAVE_FCNTL_H # include diff --git a/scp.c b/scp.c index f44470d763a7..3d045bc6bcf0 100644 --- a/scp.c +++ b/scp.c @@ -74,9 +74,7 @@ #include "includes.h" #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include #include diff --git a/session.c b/session.c index 6d16564282c4..e78c85cfdfea 100644 --- a/session.c +++ b/session.c @@ -36,9 +36,7 @@ #include "includes.h" #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include #include diff --git a/sftp-client.c b/sftp-client.c index 6ff0db7f9901..0702abd5eb3e 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -27,9 +27,7 @@ #include #endif #include "openbsd-compat/sys-queue.h" -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include diff --git a/sftp-glob.c b/sftp-glob.c index 1b82759b04d6..e054e75e80af 100644 --- a/sftp-glob.c +++ b/sftp-glob.c @@ -18,9 +18,7 @@ #include "includes.h" #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include diff --git a/sftp.c b/sftp.c index 9cb654a0e194..5d6d782f4c25 100644 --- a/sftp.c +++ b/sftp.c @@ -19,9 +19,7 @@ #include #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include #ifdef HAVE_SYS_STATVFS_H diff --git a/ssh.c b/ssh.c index 93dbd2e5e546..58cfedf6d969 100644 --- a/ssh.c +++ b/ssh.c @@ -43,9 +43,7 @@ #include "includes.h" #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include #include diff --git a/sshd-session.c b/sshd-session.c index b737e5911749..7abc2b4a5013 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -32,9 +32,7 @@ #include #include #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include "openbsd-compat/sys-tree.h" #include "openbsd-compat/sys-queue.h" diff --git a/sshd.c b/sshd.c index 87601740b17f..3c76b60b0f03 100644 --- a/sshd.c +++ b/sshd.c @@ -29,9 +29,7 @@ #include #include #include -#ifdef HAVE_SYS_STAT_H -# include -#endif +#include #include #include "openbsd-compat/sys-tree.h" #include "openbsd-compat/sys-queue.h" From cd9ba068e36b0f37374d2eba2d19dacc7ea9a167 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 17:55:33 +1000 Subject: [PATCH 228/687] Create replacement time.h if needed. Remove #ifdef HAVE_TIME_H wrapper. ok djm@ --- configure.ac | 3 +-- logintest.c | 2 -- misc-agent.c | 4 +--- 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index 05a302e12d2d..0d35f5d75070 100644 --- a/configure.ac +++ b/configure.ac @@ -512,7 +512,6 @@ AC_CHECK_HEADERS([ \ sys/sysmacros.h \ sys/timers.h \ sys/vfs.h \ - time.h \ tmpdir.h \ ttyent.h \ ucred.h \ @@ -530,7 +529,7 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h sys/stat.h sys/time.h util.h], [], [ +AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h sys/stat.h sys/time.h time.h util.h], [], [ compatincludes="`pwd`/openbsd-compat/include" header="$compatincludes/$ac_header" dir=`dirname "$header"` diff --git a/logintest.c b/logintest.c index 6ee1cdc23645..1056bba0e73a 100644 --- a/logintest.c +++ b/logintest.c @@ -41,9 +41,7 @@ #include #include #include -#ifdef HAVE_TIME_H #include -#endif #include "loginrec.h" diff --git a/misc-agent.c b/misc-agent.c index 5ea91ebe3fbc..07c8fb136ec4 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -28,9 +28,7 @@ #include #include #include -#ifdef HAVE_TIME_H -# include -#endif +#include #include #include "digest.h" From 60334af5a908ac3b263d2ec696f9977e20b739cb Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 18:03:55 +1000 Subject: [PATCH 229/687] Reformat replacement header check one per line. --- configure.ac | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/configure.ac b/configure.ac index 0d35f5d75070..f165794a54c6 100644 --- a/configure.ac +++ b/configure.ac @@ -529,17 +529,25 @@ AC_CHECK_HEADERS([ \ # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no -AC_CHECK_HEADERS([ifaddrs.h paths.h poll.h stdint.h sys/stat.h sys/time.h time.h util.h], [], [ - compatincludes="`pwd`/openbsd-compat/include" - header="$compatincludes/$ac_header" - dir=`dirname "$header"` - mkdir -p "$dir" - case "$ac_header" in - poll.h) echo '#ifdef HAVE_SYS_POLL_H' - echo '#include ' - echo '#endif' ;; - *) ;; - esac >"$header" +AC_CHECK_HEADERS([ \ + ifaddrs.h \ + paths.h \ + poll.h \ + stdint.h \ + sys/stat.h \ + sys/time.h \ + time.h \ + util.h], [], [ + compatincludes="`pwd`/openbsd-compat/include" + header="$compatincludes/$ac_header" + dir=`dirname "$header"` + mkdir -p "$dir" + case "$ac_header" in + poll.h) echo '#ifdef HAVE_SYS_POLL_H' + echo '#include ' + echo '#endif' ;; + *) ;; + esac >"$header" ]) if test "$compatincludes" != "no"; then CPPFLAGS="$CPPFLAGS -I$compatincludes" From 65dcdb56f5daee519ec824ae17e64412d2492f90 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 18:05:15 +1000 Subject: [PATCH 230/687] Create replacement sys/un.h if needed. Remove #ifdef HAVE_SYS_UN_H wrapper. ok djm@ --- configure.ac | 1 + monitor_fdpass.c | 2 -- openbsd-compat/port-prngd.c | 4 +--- ssh-agent.c | 4 +--- 4 files changed, 3 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac index f165794a54c6..c75a90abe7e0 100644 --- a/configure.ac +++ b/configure.ac @@ -536,6 +536,7 @@ AC_CHECK_HEADERS([ \ stdint.h \ sys/stat.h \ sys/time.h \ + sys/un.h \ time.h \ util.h], [], [ compatincludes="`pwd`/openbsd-compat/include" diff --git a/monitor_fdpass.c b/monitor_fdpass.c index 5c0523fb33fc..21697ca88937 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c @@ -29,9 +29,7 @@ #include #include #include -#ifdef HAVE_SYS_UN_H #include -#endif #include #include diff --git a/openbsd-compat/port-prngd.c b/openbsd-compat/port-prngd.c index 6afa8f913ae3..ac4f27082b74 100644 --- a/openbsd-compat/port-prngd.c +++ b/openbsd-compat/port-prngd.c @@ -26,9 +26,7 @@ #include #include -#ifdef HAVE_SYS_UN_H -# include -#endif +#include #include #include diff --git a/ssh-agent.c b/ssh-agent.c index 36243f1989cd..df241379c0b1 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -42,9 +42,7 @@ #include #include #include -#ifdef HAVE_SYS_UN_H -# include -#endif +#include #include "openbsd-compat/sys-queue.h" #ifdef WITH_OPENSSL From 4911f2600fdbb1959311bb1886bfe51f7dd4a74e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 18:08:51 +1000 Subject: [PATCH 231/687] Create replacement libgen.h if needed. Remove #ifdef HAVE_LIBGEN_H wrapper. ok djm@ --- configure.ac | 1 + misc.c | 4 +--- scp.c | 2 -- sftp.c | 2 -- 4 files changed, 2 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index c75a90abe7e0..98e472d8a255 100644 --- a/configure.ac +++ b/configure.ac @@ -531,6 +531,7 @@ AC_CHECK_HEADERS([ \ compatincludes=no AC_CHECK_HEADERS([ \ ifaddrs.h \ + libgen.h \ paths.h \ poll.h \ stdint.h \ diff --git a/misc.c b/misc.c index a28ca0e75ec6..47247c15bcd3 100644 --- a/misc.c +++ b/misc.c @@ -30,9 +30,7 @@ #include #include -#ifdef HAVE_LIBGEN_H -# include -#endif +#include #include #ifdef HAVE_NLIST_H #include diff --git a/scp.c b/scp.c index 3d045bc6bcf0..e831a50f3bbd 100644 --- a/scp.c +++ b/scp.c @@ -92,9 +92,7 @@ #else # include "openbsd-compat/glob.h" #endif -#ifdef HAVE_LIBGEN_H #include -#endif #include #include #include diff --git a/sftp.c b/sftp.c index 5d6d782f4c25..c27926b37899 100644 --- a/sftp.c +++ b/sftp.c @@ -30,9 +30,7 @@ #include #include -#ifdef HAVE_LIBGEN_H #include -#endif #ifdef HAVE_LOCALE_H # include #endif From 7d30526b7df14d960a5de63d6af823ffdab86518 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 18:24:59 +1000 Subject: [PATCH 232/687] Remove stray #endif left from previous. --- misc.c | 1 - 1 file changed, 1 deletion(-) diff --git a/misc.c b/misc.c index 47247c15bcd3..072f8d68fe90 100644 --- a/misc.c +++ b/misc.c @@ -57,7 +57,6 @@ #include #include #include -#endif #ifdef SSH_TUN_OPENBSD #include #endif From caa973dd06a7be43c29353b256c9a473f5ad9882 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 19:13:52 +1000 Subject: [PATCH 233/687] Create replacement netgroup.h if needed. Remove #ifdef HAVE_NETGROUP_H wrapper. ok djm@ --- auth-rhosts.c | 4 +--- configure.ac | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/auth-rhosts.c b/auth-rhosts.c index d5d2c7a12988..031186f24719 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -21,9 +21,7 @@ #include #include -#ifdef HAVE_NETGROUP_H -# include -#endif +#include #include #include #include diff --git a/configure.ac b/configure.ac index 98e472d8a255..b174f5cc8025 100644 --- a/configure.ac +++ b/configure.ac @@ -477,7 +477,6 @@ AC_CHECK_HEADERS([ \ ndir.h \ net/if_tun.h \ netdb.h \ - netgroup.h \ pam/pam_appl.h \ pty.h \ readpassphrase.h \ @@ -533,6 +532,7 @@ AC_CHECK_HEADERS([ \ ifaddrs.h \ libgen.h \ paths.h \ + netgroup.h \ poll.h \ stdint.h \ sys/stat.h \ From c729a833298d9d55ffb22771cf1400dfdc640164 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 19:22:37 +1000 Subject: [PATCH 234/687] Move sys/time.h include to match upstream. --- clientloop.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clientloop.c b/clientloop.c index cc6f64a2b8b5..a2f757867901 100644 --- a/clientloop.c +++ b/clientloop.c @@ -64,8 +64,8 @@ #include #include #include -#include #include +#include #include #include From a60721c894f0a2ce973876d0f55617e187e6fab1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 19:52:48 +1000 Subject: [PATCH 235/687] Add /* WITH_OPENSSL */ comments. Removes diffs vs upstream. --- kexgen.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kexgen.c b/kexgen.c index 40d688d62fda..494d4b233561 100644 --- a/kexgen.c +++ b/kexgen.c @@ -113,7 +113,7 @@ kex_gen_client(struct ssh *ssh) case KEX_ECDH_SHA2: r = kex_ecdh_keypair(kex); break; -#endif +#endif /* WITH_OPENSSL */ case KEX_C25519_SHA256: r = kex_c25519_keypair(kex); break; @@ -187,7 +187,7 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) case KEX_ECDH_SHA2: r = kex_ecdh_dec(kex, server_blob, &shared_secret); break; -#endif +#endif /* WITH_OPENSSL */ case KEX_C25519_SHA256: r = kex_c25519_dec(kex, server_blob, &shared_secret); break; @@ -310,7 +310,7 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, &shared_secret); break; -#endif +#endif /* WITH_OPENSSL */ case KEX_C25519_SHA256: r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, &shared_secret); From 6aac2beaa53467e83f6a137376b6dcf423ab6f6c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 19:55:20 +1000 Subject: [PATCH 236/687] Create replacement endian.h if needed. Remove #ifdef HAVE_ENDIAN_H wrapper. ok djm@ --- configure.ac | 2 +- kexmlkem768x25519.c | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index b174f5cc8025..bc18f8ee9eef 100644 --- a/configure.ac +++ b/configure.ac @@ -457,7 +457,6 @@ AC_CHECK_HEADERS([ \ crypt.h \ crypto/sha2.h \ dirent.h \ - endian.h \ elf.h \ err.h \ features.h \ @@ -529,6 +528,7 @@ AC_CHECK_HEADERS([ \ # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. compatincludes=no AC_CHECK_HEADERS([ \ + endian.h \ ifaddrs.h \ libgen.h \ paths.h \ diff --git a/kexmlkem768x25519.c b/kexmlkem768x25519.c index 7ade7a7f904f..2585d1db3935 100644 --- a/kexmlkem768x25519.c +++ b/kexmlkem768x25519.c @@ -32,9 +32,7 @@ #include #include #include -#ifdef HAVE_ENDIAN_H -# include -#endif +#include #include "sshkey.h" #include "kex.h" From f93de828b9b0f29bff51d38ea92d0759595ec30b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 20:07:16 +1000 Subject: [PATCH 237/687] Create replacement nlist.h if needed. Remove #ifdef HAVE_NLIST_H wrapper. ok djm@ --- configure.ac | 1 + misc.c | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index bc18f8ee9eef..c6cc57f252ce 100644 --- a/configure.ac +++ b/configure.ac @@ -533,6 +533,7 @@ AC_CHECK_HEADERS([ \ libgen.h \ paths.h \ netgroup.h \ + nlist.h \ poll.h \ stdint.h \ sys/stat.h \ diff --git a/misc.c b/misc.c index 072f8d68fe90..cb061d4e1ba8 100644 --- a/misc.c +++ b/misc.c @@ -32,9 +32,7 @@ #include #include #include -#ifdef HAVE_NLIST_H #include -#endif #include #include #include From 932e9f200bd48b7568eb21ec456c67ec92d517e2 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 09:31:31 +0000 Subject: [PATCH 238/687] upstream: Remove unused rmd160.h header. ripemd160 support was removed in 2017. OpenBSD-Commit-ID: 937fca21498b921adf6e04bac120f4a2e7975b3c --- digest-libc.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/digest-libc.c b/digest-libc.c index 6e77a4492dd4..b187bc9faf2c 100644 --- a/digest-libc.c +++ b/digest-libc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-libc.c,v 1.7 2020/02/26 13:40:09 jsg Exp $ */ +/* $OpenBSD: digest-libc.c,v 1.8 2025/09/05 09:31:31 dtucker Exp $ */ /* * Copyright (c) 2013 Damien Miller * Copyright (c) 2014 Markus Friedl. All rights reserved. @@ -27,7 +27,6 @@ #if 0 #include -#include #endif #ifdef HAVE_SHA1_H #include From 19d6a7afb256c4afc571dbf56a013ef91cd9596f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 09:49:26 +0000 Subject: [PATCH 239/687] upstream: Order headers as per KNF. Also removes diff vs -portable. OpenBSD-Commit-ID: 2061307dc938712e524bc9da48a52f545e43670e --- hmac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hmac.c b/hmac.c index 7b588019e74b..8641edf4a6b3 100644 --- a/hmac.c +++ b/hmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.c,v 1.14 2020/02/26 13:40:09 jsg Exp $ */ +/* $OpenBSD: hmac.c,v 1.15 2025/09/05 09:49:26 dtucker Exp $ */ /* * Copyright (c) 2014 Markus Friedl. All rights reserved. * From 441a8fa9a0178704bce497bff92ca43fcf04bf7a Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 09:58:08 +0000 Subject: [PATCH 240/687] upstream: Order headers as per KNF. Removes diff vs portable. OpenBSD-Commit-ID: db72be57429418f6a4319bbe34c98fc103e11ce0 --- krl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krl.c b/krl.c index 0d0f69534182..708eb9813078 100644 --- a/krl.c +++ b/krl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: krl.c,v 1.60 2025/02/18 08:02:48 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.61 2025/09/05 09:58:08 dtucker Exp $ */ /* * Copyright (c) 2012 Damien Miller * From b34c16bc4cac2962cc6a7517efbc4fed2c8a2d9a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 20:20:27 +1000 Subject: [PATCH 241/687] Reorder includes to match upstream. --- session.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/session.c b/session.c index e78c85cfdfea..43eebd6c2717 100644 --- a/session.c +++ b/session.c @@ -71,9 +71,7 @@ #include "channels.h" #include "sshkey.h" #include "cipher.h" -#ifdef GSSAPI -#include "ssh-gss.h" -#endif +#include "kex.h" #include "hostfile.h" #include "auth.h" #include "auth-options.h" @@ -86,7 +84,9 @@ #include "serverloop.h" #include "canohost.h" #include "session.h" -#include "kex.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" #include "sftp.h" #include "atomicio.h" From 22cfd2dd32f34f0cea218dd651f3aa9544b6e3b5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 20:26:14 +1000 Subject: [PATCH 242/687] Move ssh-pkcs11.h include to match upstream. --- ssh-keygen.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index b57f05690264..94323479e850 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -52,7 +52,6 @@ #include "ssh.h" #include "ssh2.h" #include "ssherr.h" -#include "ssh-pkcs11.h" #include "atomicio.h" #include "krl.h" #include "digest.h" @@ -63,6 +62,10 @@ #include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */ #include "cipher.h" +#ifdef ENABLE_PKCS11 +#include "ssh-pkcs11.h" +#endif + #define DEFAULT_KEY_TYPE_NAME "ed25519" /* From aed6a958bc108faab64bc2855d6ed93894cfc6ff Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 20:30:20 +1000 Subject: [PATCH 243/687] Sync includes with upstream. --- umac.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/umac.c b/umac.c index 078434b8de04..b51d524d9e2b 100644 --- a/umac.c +++ b/umac.c @@ -72,7 +72,9 @@ /* ---------------------------------------------------------------------- */ #include "includes.h" + #include +#include #include #include #include From 024b694249482698b0c73d24da0eaec696fca8c8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 20:37:04 +1000 Subject: [PATCH 244/687] Resync header order with upstream. --- sshpty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sshpty.c b/sshpty.c index 968df5a63a0b..0a82b7d3bea9 100644 --- a/sshpty.c +++ b/sshpty.c @@ -28,8 +28,8 @@ #include #include #include -#include #include +#include #include "sshpty.h" #include "log.h" From bb8ac0515e68cab63db2d026eb60127185a3d2b8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 20:39:16 +1000 Subject: [PATCH 245/687] Resync header order with upstream. --- ssh-keyscan.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 28451fc59929..f9788114df8d 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -21,13 +21,13 @@ #include #endif +#include #include #include -#include -#include #include #include #include +#include #include #include #include From e80322284f3ee70b6b760a9f83179470d675e5ba Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 10:01:35 +0000 Subject: [PATCH 246/687] upstream: Order headers as per KNF. OpenBSD-Commit-ID: 7156b69b0364c68e181e0f6fa17c0f05c72e8670 --- mac.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mac.c b/mac.c index ee2c17d0efa1..c95f5ea06856 100644 --- a/mac.c +++ b/mac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.c,v 1.36 2025/09/02 11:08:34 djm Exp $ */ +/* $OpenBSD: mac.c,v 1.37 2025/09/05 10:01:35 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -27,9 +27,9 @@ #include +#include #include #include -#include #include "digest.h" #include "hmac.h" From 0ac179c9540e2b05b4c1194db69ce01306c253d3 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 10:17:21 +0000 Subject: [PATCH 247/687] upstream: Order headers as per KNF. Removes diff vs portable. OpenBSD-Commit-ID: 4df519fd9fa13ce9653adf7a3d1076e20591d886 --- monitor_wrap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monitor_wrap.c b/monitor_wrap.c index f9e0ba8f1a33..7a5ac6a9d164 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.140 2025/07/04 07:47:35 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.141 2025/09/05 10:17:21 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl From ee32a36c62424f13907023595bfa8b23a528ced1 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 10:23:55 +0000 Subject: [PATCH 248/687] upstream: Order includes as per KNF and add time.h. Removes diff vs portable. OpenBSD-Commit-ID: 38043f0bfa17c48ef6d1a744c2834b4405bc9311 --- sshkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sshkey.c b/sshkey.c index ab69d474d08c..fa883b084442 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.153 2025/09/02 11:08:34 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.154 2025/09/05 10:23:55 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. From 3ca274e44cb2c2351376fc14e4c3e92ba4a8f87b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Sep 2025 21:32:30 +1000 Subject: [PATCH 249/687] Check for nlist function. Check for nlist function presence before attenmpting to use it instead of relying on the presence of the nlist.h header. Mac OS X, in particular has the header, but only has the function in the 32bit libraries. --- configure.ac | 1 + misc.c | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index c6cc57f252ce..df3869324bbd 100644 --- a/configure.ac +++ b/configure.ac @@ -2104,6 +2104,7 @@ AC_CHECK_FUNCS([ \ memset_s \ mkdtemp \ ngetaddrinfo \ + nlist \ nsleep \ ogetaddrinfo \ openlog_r \ diff --git a/misc.c b/misc.c index cb061d4e1ba8..922f04606038 100644 --- a/misc.c +++ b/misc.c @@ -3063,7 +3063,7 @@ ptimeout_isset(struct timespec *pt) int lib_contains_symbol(const char *path, const char *s) { -#ifdef HAVE_NLIST_H +#ifdef HAVE_NLIST struct nlist nl[2]; int ret = -1, r; @@ -3083,7 +3083,7 @@ lib_contains_symbol(const char *path, const char *s) out: free(nl[0].n_name); return ret; -#else /* HAVE_NLIST_H */ +#else /* HAVE_NLIST */ int fd, ret = -1; struct stat st; void *m = NULL; @@ -3125,7 +3125,7 @@ lib_contains_symbol(const char *path, const char *s) munmap(m, sz); close(fd); return ret; -#endif /* HAVE_NLIST_H */ +#endif /* HAVE_NLIST */ } int From 67a8bf4e4057597170bfa923fe2ce5bf90c43974 Mon Sep 17 00:00:00 2001 From: Maxim Khon Date: Mon, 18 Aug 2025 12:05:42 +0000 Subject: [PATCH 250/687] Use SSH_TUN_COMPAT_AF on FreeBSD. Otherwise tun forwarding from other OSes fails as soon as the first IPv6 message is sent by the other side (which is usually a Router Solicitation ICMPv6 message which is sent as soon as the interface is up): all other OS'es use SSH_TUN_COMPAT_AF or SSH_TUN_PREPEND_AF which effectively uses OpenBSD AF_INET/AF_INET6 values. --- configure.ac | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configure.ac b/configure.ac index df3869324bbd..530875e85fe8 100644 --- a/configure.ac +++ b/configure.ac @@ -1120,6 +1120,8 @@ mips-sony-bsd|mips-sony-newsos4) *-*-freebsd*) AC_DEFINE([LOCKED_PASSWD_PREFIX], ["*LOCKED*"], [Account locked with pw(1)]) AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) + AC_DEFINE([SSH_TUN_COMPAT_AF], [1], + [Use tunnel device compatibility to OpenBSD]) AC_CHECK_HEADER([net/if_tap.h], , AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) AC_DEFINE([BROKEN_GLOB], [1], [FreeBSD glob does not do what we need]) From 54abadd3f286efea0dbbdbfea8011d5e1e30c074 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 7 Sep 2025 13:35:22 +1000 Subject: [PATCH 251/687] Accept OpenSSL 4.0.0-dev versions. They seem to work, at least for now. --- configure.ac | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 530875e85fe8..819e8368949b 100644 --- a/configure.ac +++ b/configure.ac @@ -3057,8 +3057,8 @@ if test "x$openssl" = "xyes" ; then *) ;; # Assume all other versions are good. esac ;; - 30*) - # OpenSSL 3; we use the 1.1x API + 30*|40*) + # OpenSSL 3 & 4; we use the 1.1x API # https://openssl.org/policies/general/versioning-policy.html CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" ;; From 3d8ae7f235b96da604b08c44ae83420e367eeab4 Mon Sep 17 00:00:00 2001 From: Tim Rice Date: Mon, 8 Sep 2025 12:53:10 -0700 Subject: [PATCH 252/687] modified: regress/rekey.sh Fix for when building out of tree. --- regress/rekey.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/rekey.sh b/regress/rekey.sh index 3f5e1d55260d..88430309d2fe 100644 --- a/regress/rekey.sh +++ b/regress/rekey.sh @@ -11,7 +11,7 @@ cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak echo "Compression no" >> $OBJ/ssh_proxy echo "RekeyLimit 256k" >> $OBJ/ssh_proxy -echo "KexAlgorithms curve25519-sha256" >> ssh_proxy +echo "KexAlgorithms curve25519-sha256" >> $OBJ/ssh_proxy # Test rekeying based on data volume only. # Arguments: rekeylimit, kex method, optional remaining opts are passed to ssh. From d16b1b484a024ee6b35094e7d9d55bf96b96253b Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Sep 2025 10:34:35 +0000 Subject: [PATCH 253/687] upstream: Tabs->spaces. Removes diff vs portable. OpenBSD-Commit-ID: 06598021a9f08188dab29ac956b2baa002a0ff85 --- umac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/umac.c b/umac.c index b51d524d9e2b..8d6e1641521c 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.26 2025/05/24 02:33:33 dtucker Exp $ */ +/* $OpenBSD: umac.c,v 1.27 2025/09/05 10:34:35 dtucker Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication From e9dcccc3541b0ae1c43581ed26215d5cc82e4be0 Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Mon, 8 Sep 2025 00:31:54 +0000 Subject: [PATCH 254/687] upstream: remove unused 0-sized files; ok deraadt@ OpenBSD-Commit-ID: 7e8178786157e863f6ff63c5d55200d7b6b04f9e --- .skipped-commit-ids | 1 + 1 file changed, 1 insertion(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 46271b34a830..138ca3d019f9 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -45,6 +45,7 @@ c7246a6b519ac390ca550719f91acfdaef1fa0f0 Makefile relink change ef7ecdb6dd2542f42fa7236d17ac0b144851f0b5 ssh-keygen, fixup'ed into 21682417 da414a364c25b187fc686da7aacec2c35d29238a ssh-keygen, fixup'ed into 21682417 a05e13a7e2c0b65bb4b47184fef731243431c6ff Makefile.inc +7e8178786157e863f6ff63c5d55200d7b6b04f9e remove old sandbox files Old upstream tree: From 0c719c6aabc061f02a907fc96c390d0449b49f26 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 11 Sep 2025 02:54:42 +0000 Subject: [PATCH 255/687] upstream: When adding certificates to an agent, set the expiry to the certificate expiry time plus a short (5 min) grace period. This will cause the agent to automtically remove certificates shortly after they expire. A new ssh-add -N option disables this behaviour. Feedback/ok deraadt@ OpenBSD-Commit-ID: 92fed1bba1025069ad45deebb534be7530e181df --- ssh-add.1 | 13 +++++++--- ssh-add.c | 71 +++++++++++++++++++++++++++++++++++++++---------------- 2 files changed, 60 insertions(+), 24 deletions(-) diff --git a/ssh-add.1 b/ssh-add.1 index c31de4dd9daf..babe78040f3d 100644 --- a/ssh-add.1 +++ b/ssh-add.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.87 2024/06/17 08:30:29 djm Exp $ +.\" $OpenBSD: ssh-add.1,v 1.88 2025/09/11 02:54:42 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 17 2024 $ +.Dd $Mdocdate: September 11 2025 $ .Dt SSH-ADD 1 .Os .Sh NAME @@ -43,7 +43,7 @@ .Nd adds private key identities to the OpenSSH authentication agent .Sh SYNOPSIS .Nm ssh-add -.Op Fl CcDdKkLlqvXx +.Op Fl CcDdKkLlNqvXx .Op Fl E Ar fingerprint_hash .Op Fl H Ar hostkey_file .Op Fl h Ar destination_constraint @@ -223,6 +223,13 @@ Lists public key parameters of all identities currently represented by the agent. .It Fl l Lists fingerprints of all identities currently represented by the agent. +.It Fl N +When adding certificates, by default +.Nm +will request that the agent automatically delete the certificate shortly +after the certificate's expiry date. +This flag suppresses this behaviour and does not specify a lifetime for +certificates added to an agent. .It Fl q Be quiet after a successful operation. .It Fl S Ar provider diff --git a/ssh-add.c b/ssh-add.c index 2e41bc26a363..1154006805a5 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.175 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.176 2025/09/11 02:54:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -70,6 +70,8 @@ #include "sk-api.h" #include "hostfile.h" +#define CERT_EXPIRY_GRACE (5*60) + /* argv0 */ extern char *__progname; @@ -234,16 +236,36 @@ delete_all(int agent_fd, int qflag) return ret; } +static int +check_cert_lifetime(const struct sshkey *cert, int cert_lifetime) +{ + time_t now; + uint64_t n; + + if (cert == NULL || cert->cert == NULL || !sshkey_is_cert(cert) || + cert->cert->valid_before == 0xFFFFFFFFFFFFFFFFULL) + return cert_lifetime; + if ((now = time(NULL)) <= 0) + fatal_f("system time is at/before epoch"); + if ((uint64_t)now > (cert->cert->valid_before + CERT_EXPIRY_GRACE)) + return -1; /* certificate already expired */ + n = (CERT_EXPIRY_GRACE + cert->cert->valid_before) - (uint64_t)now; + n = MINIMUM(n, INT_MAX); + if (cert_lifetime <= 0) + return (int)n; + return MINIMUM(cert_lifetime, (int)n); +} + static int add_file(int agent_fd, const char *filename, int key_only, int cert_only, - int qflag, const char *skprovider, + int qflag, int Nflag, const char *skprovider, struct dest_constraint **dest_constraints, size_t ndest_constraints) { - struct sshkey *private, *cert; + struct sshkey *private = NULL, *cert = NULL; char *comment = NULL; char msg[1024], *certpath = NULL; - int r, fd, ret = -1; + int cert_lifetime, r, fd, ret = -1; struct sshbuf *keyblob; if (strcmp(filename, "-") == 0) { @@ -340,8 +362,8 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); if (lifetime != 0) { - fprintf(stderr, - "Lifetime set to %d seconds\n", lifetime); + fprintf(stderr, "Lifetime set to %s\n", + fmt_timeframe((time_t)lifetime)); } if (confirm != 0) { fprintf(stderr, "The user must confirm " @@ -369,25 +391,28 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, if (!sshkey_equal_public(cert, private)) { error("Certificate %s does not match private key %s", certpath, filename); - sshkey_free(cert); + goto out; + } + + cert_lifetime = lifetime; + if (!Nflag && + (cert_lifetime = check_cert_lifetime(cert, cert_lifetime)) == -1) { + logit("Certificate %s has already expired; ignored", certpath); goto out; } /* Graft with private bits */ if ((r = sshkey_to_certified(private)) != 0) { error_fr(r, "sshkey_to_certified"); - sshkey_free(cert); goto out; } if ((r = sshkey_cert_copy(cert, private)) != 0) { error_fr(r, "sshkey_cert_copy"); - sshkey_free(cert); goto out; } - sshkey_free(cert); - + /* send to agent */ if ((r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm, skprovider, + cert_lifetime, confirm, skprovider, dest_constraints, ndest_constraints)) != 0) { error_r(r, "Certificate %s (%s) add failed", certpath, private->cert->key_id); @@ -397,9 +422,9 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, if (!qflag) { fprintf(stderr, "Certificate added: %s (%s)\n", certpath, private->cert->key_id); - if (lifetime != 0) { - fprintf(stderr, "Lifetime set to %d seconds\n", - lifetime); + if (cert_lifetime != 0) { + fprintf(stderr, "Lifetime set to %s\n", + fmt_timeframe((time_t)cert_lifetime)); } if (confirm != 0) { fprintf(stderr, "The user must confirm each use " @@ -410,6 +435,7 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, out: free(certpath); free(comment); + sshkey_free(cert); sshkey_free(private); return ret; @@ -606,7 +632,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag, static int do_file(int agent_fd, int deleting, int key_only, int cert_only, - char *file, int qflag, const char *skprovider, + char *file, int qflag, int Nflag, const char *skprovider, struct dest_constraint **dest_constraints, size_t ndest_constraints) { if (deleting) { @@ -614,7 +640,7 @@ do_file(int agent_fd, int deleting, int key_only, int cert_only, cert_only, qflag) == -1) return -1; } else { - if (add_file(agent_fd, file, key_only, cert_only, qflag, + if (add_file(agent_fd, file, key_only, cert_only, qflag, Nflag, skprovider, dest_constraints, ndest_constraints) == -1) return -1; } @@ -762,7 +788,7 @@ main(int argc, char **argv) char **dest_constraint_strings = NULL, **hostkey_files = NULL; int r, i, ch, deleting = 0, ret = 0, key_only = 0, cert_only = 0; int do_download = 0, xflag = 0, lflag = 0, Dflag = 0; - int qflag = 0, Tflag = 0; + int qflag = 0, Tflag = 0, Nflag = 0; SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; LogLevel log_level = SYSLOG_LEVEL_INFO; struct sshkey *k, **certs = NULL; @@ -794,7 +820,7 @@ main(int argc, char **argv) skprovider = getenv("SSH_SK_PROVIDER"); - while ((ch = getopt(argc, argv, "vkKlLCcdDTxXE:e:h:H:M:m:qs:S:t:")) != -1) { + while ((ch = getopt(argc, argv, "vVkKlLCcdDTxXE:e:h:H:M:m:qs:S:t:")) != -1) { switch (ch) { case 'v': if (log_level == SYSLOG_LEVEL_INFO) @@ -802,6 +828,9 @@ main(int argc, char **argv) else if (log_level < SYSLOG_LEVEL_DEBUG3) log_level++; break; + case 'V': + Nflag = 1; + break; case 'E': fingerprint_hash = ssh_digest_alg_by_name(optarg); if (fingerprint_hash == -1) @@ -968,7 +997,7 @@ main(int argc, char **argv) if (stat(buf, &st) == -1) continue; if (do_file(agent_fd, deleting, key_only, cert_only, - buf, qflag, skprovider, + buf, qflag, Nflag, skprovider, dest_constraints, ndest_constraints) == -1) ret = 1; else @@ -979,7 +1008,7 @@ main(int argc, char **argv) } else { for (i = 0; i < argc; i++) { if (do_file(agent_fd, deleting, key_only, cert_only, - argv[i], qflag, skprovider, + argv[i], qflag, Nflag, skprovider, dest_constraints, ndest_constraints) == -1) ret = 1; } From 7a4738af45201c115a9e20f830f30ed38ce6be76 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 11 Sep 2025 03:29:58 +0000 Subject: [PATCH 256/687] upstream: need time.h for time(3) OpenBSD-Commit-ID: 530964039cccab679432b6c5b28d2b0aa9760b00 --- ssh-add.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssh-add.c b/ssh-add.c index 1154006805a5..e2ecf17535b4 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.176 2025/09/11 02:54:42 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.177 2025/09/11 03:29:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -54,6 +54,7 @@ #include #include #include +#include #include "xmalloc.h" #include "ssh.h" From c60153e4878f3a6700af69adbdd1863003e78abf Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 11 Sep 2025 07:22:37 +0000 Subject: [PATCH 257/687] upstream: correct getopt() string OpenBSD-Commit-ID: 05ef9581a3dab32ec93aa5b9c3349ed1e7da9ec8 --- ssh-add.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-add.c b/ssh-add.c index e2ecf17535b4..152f7f2031a4 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.177 2025/09/11 03:29:58 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.178 2025/09/11 07:22:37 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -821,7 +821,7 @@ main(int argc, char **argv) skprovider = getenv("SSH_SK_PROVIDER"); - while ((ch = getopt(argc, argv, "vVkKlLCcdDTxXE:e:h:H:M:m:qs:S:t:")) != -1) { + while ((ch = getopt(argc, argv, "vkKlLNCcdDTxXE:e:h:H:M:m:qs:S:t:")) != -1) { switch (ch) { case 'v': if (log_level == SYSLOG_LEVEL_INFO) @@ -829,7 +829,7 @@ main(int argc, char **argv) else if (log_level < SYSLOG_LEVEL_DEBUG3) log_level++; break; - case 'V': + case 'N': Nflag = 1; break; case 'E': From edc601707b583a2c900e49621e048c26574edd3a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 11 Sep 2025 07:23:32 +0000 Subject: [PATCH 258/687] upstream: disable ssh-add autoexpiry of certificates when testing expired certificates OpenBSD-Regress-ID: 64aadd23d37fd0b3a06498151f2cf83be7ac342c --- regress/sshsig.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/sshsig.sh b/regress/sshsig.sh index dae03706d8f0..fe0958ad27bc 100644 --- a/regress/sshsig.sh +++ b/regress/sshsig.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sshsig.sh,v 1.15 2023/10/12 03:51:08 djm Exp $ +# $OpenBSD: sshsig.sh,v 1.16 2025/09/11 07:23:32 djm Exp $ # Placed in the Public Domain. tid="sshsig" @@ -255,7 +255,7 @@ for t in $SIGNKEYS; do # Check signing keys using ssh-agent. trace "$tid: key type $t prepare agent" ${SSHADD} -D >/dev/null 2>&1 # Remove all previously-loaded keys. - ${SSHADD} ${privkey} > /dev/null 2>&1 || fail "ssh-add failed" + ${SSHADD} -N ${privkey} > /dev/null 2>&1 || fail "ssh-add failed" # Move private key to ensure agent key is used mv ${privkey} ${privkey}.tmp From efed5da4ced88170cf474246eff771dd16c7092f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:38:00 +0000 Subject: [PATCH 259/687] upstream: fix memleak when applying certificate options; ok dtucker OpenBSD-Commit-ID: 36c219dcc05f4df82a0f9c500bdf5dbfea925289 --- auth-options.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/auth-options.c b/auth-options.c index 785a23990337..90be7b02d49d 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.101 2023/07/14 07:44:21 dtucker Exp $ */ +/* $OpenBSD: auth-options.c,v 1.102 2025/09/15 04:38:00 djm Exp $ */ /* * Copyright (c) 2018 Damien Miller * @@ -155,6 +155,7 @@ cert_option_list(struct sshauthopt *opts, struct sshbuf *oblob, if (addr_match_cidr_list(NULL, allowed) == -1) { error("Certificate source-address " "contents invalid"); + free(allowed); goto out; } opts->required_from_host_cert = allowed; From 03872018c14ed943bc01a4e88be59195a742f106 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:39:15 +0000 Subject: [PATCH 260/687] upstream: when merging auth options into the active set, don't leak the old struct sshauthopt; ok dtucker@ OpenBSD-Commit-ID: c6bfd7bc2932e37f811b3c53272c3b919d33e75b --- auth.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/auth.c b/auth.c index 4f772fafd861..8d94047439be 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.162 2024/09/15 01:18:26 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.163 2025/09/15 04:39:15 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -756,6 +756,7 @@ auth_activate_options(struct ssh *ssh, struct sshauthopt *opts) error("Inconsistent authentication options: %s", emsg); return -1; } + sshauthopt_free(old); return 0; } From fae8e41741d23298c94a1ea3ef8704a1cc186cb5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:39:58 +0000 Subject: [PATCH 261/687] upstream: fix memleak of channel forwarding permissions; ok dtucker@ OpenBSD-Commit-ID: 069745547109bc8fcc09fab5b19c53599cae99fd --- channels.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/channels.c b/channels.c index 2a4cb0e3134b..aeb0d41d6c22 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.448 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.449 2025/09/15 04:39:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -4588,10 +4588,13 @@ void channel_clear_permission(struct ssh *ssh, int who, int where) { struct permission **permp; - u_int *npermp; + u_int i, *npermp; permission_set_get_array(ssh, who, where, &permp, &npermp); - *permp = xrecallocarray(*permp, *npermp, 0, sizeof(**permp)); + for (i = 0; i < *npermp; i++) + fwd_perm_clear((*permp) + i); + free(*permp); + *permp = NULL; *npermp = 0; } From 67940cc2f329427d3acb64d4893faf4527e58d5c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:40:34 +0000 Subject: [PATCH 262/687] upstream: memleak of kex->server_sig_algs; ok dtucker@ OpenBSD-Commit-ID: 41a3f64edd2c9b8addb2e445514ae25c24819e2c --- kex.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kex.c b/kex.c index 6e312985f8c9..814fad9476c2 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.188 2025/08/11 10:55:38 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.189 2025/09/15 04:40:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -740,6 +740,7 @@ kex_free(struct kex *kex) free(kex->failed_choice); free(kex->hostkey_alg); free(kex->name); + free(kex->server_sig_algs); free(kex); } From d68451a25808c4eee74b898873cd4761f73651ed Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:41:20 +0000 Subject: [PATCH 263/687] upstream: memleak of KRL revoked certs struct; ok dtucker OpenBSD-Commit-ID: f319868e0b2de49c41c735e75b87c403f009f5f9 --- krl.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/krl.c b/krl.c index 708eb9813078..bea5b1b98c43 100644 --- a/krl.c +++ b/krl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: krl.c,v 1.61 2025/09/05 09:58:08 dtucker Exp $ */ +/* $OpenBSD: krl.c,v 1.62 2025/09/15 04:41:20 djm Exp $ */ /* * Copyright (c) 2012 Damien Miller * @@ -149,6 +149,8 @@ revoked_certs_free(struct revoked_certs *rc) struct revoked_serial *rs, *trs; struct revoked_key_id *rki, *trki; + if (rc == NULL) + return; RB_FOREACH_SAFE(rs, revoked_serial_tree, &rc->revoked_serials, trs) { RB_REMOVE(revoked_serial_tree, &rc->revoked_serials, rs); free(rs); @@ -159,6 +161,7 @@ revoked_certs_free(struct revoked_certs *rc) free(rki); } sshkey_free(rc->ca_key); + freezero(rc, sizeof(*rc)); } void From 0088b3f0ab2c615ae95b9f374963abaa0ab837ec Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:47:49 +0000 Subject: [PATCH 264/687] upstream: memleaks of request packet and hostkeys blob; ok dtucker@ OpenBSD-Commit-ID: 313b13a8e36b4ca8e064ee56792e67e0670a386a --- monitor.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/monitor.c b/monitor.c index df9bde2e95cf..563a0f0cb59a 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.247 2024/12/03 22:30:03 jsg Exp $ */ +/* $OpenBSD: monitor.c,v 1.248 2025/09/15 04:47:49 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -567,16 +567,14 @@ monitor_reset_key_state(void) } int -mm_answer_state(struct ssh *ssh, int sock, struct sshbuf *m) +mm_answer_state(struct ssh *ssh, int sock, struct sshbuf *unused) { - struct sshbuf *inc = NULL, *hostkeys = NULL; + struct sshbuf *m = NULL, *inc = NULL, *hostkeys = NULL; struct sshbuf *opts = NULL, *confdata = NULL; struct include_item *item = NULL; int postauth; int r; - sshbuf_reset(m); - debug_f("config len %zu", sshbuf_len(cfg)); if ((m = sshbuf_new()) == NULL || @@ -634,9 +632,10 @@ mm_answer_state(struct ssh *ssh, int sock, struct sshbuf *m) sshbuf_free(inc); sshbuf_free(opts); sshbuf_free(confdata); + sshbuf_free(hostkeys); mm_request_send(sock, MONITOR_ANS_STATE, m); - + sshbuf_free(m); debug3_f("done"); return (0); From ee77ab9b2ca2d70daf8d4352f5daffa8036ece64 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:48:29 +0000 Subject: [PATCH 265/687] upstream: memleak of rfwd callback context; ok dtucker@ OpenBSD-Commit-ID: 70b2aafeaace90703dd16a44a2a0b723d9155f33 --- mux.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mux.c b/mux.c index 6b1d463afba0..7dd1309faf72 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.105 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.106 2025/09/15 04:48:29 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -668,6 +668,7 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) if (c->mux_pause <= 0) fatal_f("mux_pause %d", c->mux_pause); c->mux_pause = 0; /* start processing messages again */ + free(fctx); } static int From bc60bd55cbc1f8139c840668733b51475cbefd93 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:49:00 +0000 Subject: [PATCH 266/687] upstream: memleak of editline history; ok dtucker@ OpenBSD-Commit-ID: a244c54eb074cf7fbe28f7ac4f03ace270f7a999 --- sftp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sftp.c b/sftp.c index c27926b37899..ff85ab507695 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.241 2025/09/02 09:34:48 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.242 2025/09/15 04:49:00 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2343,6 +2343,8 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) free(conn); #ifdef USE_LIBEDIT + if (hl != NULL) + history_end(hl); if (el != NULL) el_end(el); #endif /* USE_LIBEDIT */ From 42fc6b6f9fbf58293b070f4de377c7695c275a8a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:49:41 +0000 Subject: [PATCH 267/687] upstream: memleak of hostkey when downgrading host cert->key; ok dtucker OpenBSD-Commit-ID: f6f1f38a8ec144fb615434f6877066cf4610b826 --- sshconnect.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sshconnect.c b/sshconnect.c index bef9f9bc3f0e..0f260a2cd14b 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.374 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.375 2025/09/15 04:49:41 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1426,6 +1426,7 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo, options.update_hostkeys = 0; } + sshkey_free(raw_key); free(ip); free(host); if (host_hostkeys != NULL) From ee99f6e93e0ee90eedbd27ffb9b7f9fef7b98010 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:50:42 +0000 Subject: [PATCH 268/687] upstream: memleak of certificate path; ok dtucker@ OpenBSD-Commit-ID: 90dc5390f2756ba339e2e6df54d4b8651d64c1e7 --- ssh.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssh.c b/ssh.c index 58cfedf6d969..f4524e384544 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.617 2025/09/04 00:29:09 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.618 2025/09/15 04:50:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2468,6 +2468,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) free(cp); continue; } + free(cp); /* NB. leave filename pointing to private key */ identity_files[n_ids] = xstrdup(filename); identity_keys[n_ids] = public; From 0bb37080c86674de7cdfb56c80add3cd316c68a8 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:51:35 +0000 Subject: [PATCH 269/687] upstream: memleak of keys not used for authentication; ok dtucker@ OpenBSD-Commit-ID: ddfda79d243150fbd382d8f2cd75a90a072b3669 --- sshconnect2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshconnect2.c b/sshconnect2.c index 1ee6000ab0cc..b3679c9d7f3c 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.377 2025/02/18 08:02:48 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.378 2025/09/15 04:51:35 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1815,7 +1815,7 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) TAILQ_REMOVE(preferred, id, next); sshkey_free(id->key); free(id->filename); - memset(id, 0, sizeof(*id)); + freezero(id, sizeof(*id)); } /* List the keys we plan on using */ TAILQ_FOREACH_SAFE(id, preferred, next, id2) { From b9464cee0fd084d89d91696a17b3621b4cf512bf Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:52:12 +0000 Subject: [PATCH 270/687] upstream: leak of authentication options at exit; ok dtucker@ OpenBSD-Commit-ID: ba559799c2ff9b10afc3abefb1797c0843a6ff24 --- sshd-auth.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sshd-auth.c b/sshd-auth.c index 27db2e14cca8..9c31515de18f 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.8 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.9 2025/09/15 04:52:12 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -773,6 +773,7 @@ main(int ac, char **av) * The unprivileged child now transfers the current keystate and exits. */ mm_send_keystate(ssh, pmonitor); + sshauthopt_free(auth_opts); ssh_packet_clear_keys(ssh); exit(0); } From 52f38c76fcb38dfe619d8caa3bb4bb782c785026 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 04:52:41 +0000 Subject: [PATCH 271/687] upstream: leak of principals file lines; ok dtucker@ OpenBSD-Commit-ID: 918bf1b70e5a969059300f3c23d45911690d9015 --- sshsig.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sshsig.c b/sshsig.c index 3da005d621f9..d84004ca961f 100644 --- a/sshsig.c +++ b/sshsig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshsig.c,v 1.38 2025/02/18 08:02:48 djm Exp $ */ +/* $OpenBSD: sshsig.c,v 1.39 2025/09/15 04:52:41 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -1123,6 +1123,7 @@ sshsig_match_principals(const char *path, const char *principal, linesize = 0; } fclose(f); + free(line); if (ret == 0) { if (nprincipals == 0) From 6f5942454ad6756355f3b4983ab882cf15e44440 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 05:17:37 +0000 Subject: [PATCH 272/687] upstream: fix leaks of struct sftp_conn in scp; ok dtucker@ OpenBSD-Commit-ID: 76bea50b5b87b750c3771bf80feb6067d994a9d2 --- scp.c | 12 ++++++++---- sftp-client.c | 10 +++++++++- sftp-client.h | 3 ++- 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/scp.c b/scp.c index e831a50f3bbd..0d3e1d4c1bcd 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.265 2025/09/02 09:34:48 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.266 2025/09/15 05:17:37 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -1072,6 +1072,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) if (mode == MODE_SFTP) { if (remin == -1 || conn == NULL) { /* Connect to dest now */ + sftp_free(conn); conn = do_sftp_connect(thost, tuser, tport, sftp_direct, &remin, &remout, &do_cmd_pid); @@ -1089,6 +1090,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) * scp -3 hosta:/foo hosta:/bar hostb: */ /* Connect to origin now */ + sftp_free(conn2); conn2 = do_sftp_connect(host, suser, sport, sftp_direct, &remin2, &remout2, &do_cmd_pid2); @@ -1178,6 +1180,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) } if (remin == -1) { /* Connect to remote now */ + sftp_free(conn); conn = do_sftp_connect(thost, tuser, tport, sftp_direct, &remin, &remout, &do_cmd_pid); @@ -1206,8 +1209,6 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) } } out: - if (mode == MODE_SFTP) - free(conn); freeargs(&alist); free(tuser); free(thost); @@ -1215,6 +1216,8 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) free(suser); free(host); free(src); + sftp_free(conn); + sftp_free(conn2); } void @@ -1260,6 +1263,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) } /* Remote to local. */ if (mode == MODE_SFTP) { + sftp_free(conn); conn = do_sftp_connect(host, suser, sport, sftp_direct, &remin, &remout, &do_cmd_pid); if (conn == NULL) { @@ -1271,7 +1275,6 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) /* The protocol */ sink_sftp(1, argv[argc - 1], src, conn); - free(conn); (void) close(remin); (void) close(remout); remin = remout = -1; @@ -1295,6 +1298,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) free(suser); free(host); free(src); + sftp_free(conn); } /* Prepare remote path, handling ~ by assuming cwd is the homedir */ diff --git a/sftp-client.c b/sftp-client.c index 0702abd5eb3e..911fbfee90a6 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.178 2025/09/02 09:26:21 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.179 2025/09/15 05:17:37 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -601,6 +601,14 @@ sftp_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, return ret; } +void +sftp_free(struct sftp_conn *conn) +{ + if (conn == NULL) + return; + freezero(conn, sizeof(*conn)); +} + u_int sftp_proto_version(struct sftp_conn *conn) { diff --git a/sftp-client.h b/sftp-client.h index 74cdae7dc687..873ad3849f5b 100644 --- a/sftp-client.h +++ b/sftp-client.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.h,v 1.39 2023/09/08 05:56:13 djm Exp $ */ +/* $OpenBSD: sftp-client.h,v 1.40 2025/09/15 05:17:37 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller @@ -71,6 +71,7 @@ struct sftp_limits { * a pointer to a initialized sftp_conn struct on success. */ struct sftp_conn *sftp_init(int, int, u_int, u_int, u_int64_t); +void sftp_free(struct sftp_conn *); u_int sftp_proto_version(struct sftp_conn *); From a4aa090a3d40dddb07d5ebebc501f6457541a501 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 15 Sep 2025 03:00:22 +0000 Subject: [PATCH 273/687] upstream: memory leaks in unit tests OpenBSD-Regress-ID: af11ac7b8034b99ca324af4dae1ef5cd7700b273 --- regress/unittests/misc/test_expand.c | 29 ++++++++++++------- .../sshbuf/test_sshbuf_getput_basic.c | 6 +++- regress/unittests/sshbuf/test_sshbuf_misc.c | 4 ++- 3 files changed, 27 insertions(+), 12 deletions(-) diff --git a/regress/unittests/misc/test_expand.c b/regress/unittests/misc/test_expand.c index b72a1e9a8424..a8be8d9f488e 100644 --- a/regress/unittests/misc/test_expand.c +++ b/regress/unittests/misc/test_expand.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_expand.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_expand.c,v 1.4 2025/09/15 03:00:22 djm Exp $ */ /* * Regress test for misc string expansion functions. * @@ -71,17 +71,26 @@ test_expand(void) TEST_DONE(); TEST_START("percent_expand"); - ASSERT_STRING_EQ(percent_expand("%%", "%h", "foo", NULL), "%"); - ASSERT_STRING_EQ(percent_expand("%h", "h", "foo", NULL), "foo"); - ASSERT_STRING_EQ(percent_expand("%h ", "h", "foo", NULL), "foo "); - ASSERT_STRING_EQ(percent_expand(" %h", "h", "foo", NULL), " foo"); - ASSERT_STRING_EQ(percent_expand(" %h ", "h", "foo", NULL), " foo "); - ASSERT_STRING_EQ(percent_expand(" %a%b ", "a", "foo", "b", "bar", NULL), - " foobar "); +#define CHECK_ONE(val, expect) \ + ASSERT_STRING_EQ(val, expect); \ + free(val); + ret = percent_expand("%%", "%h", "foo", NULL); + CHECK_ONE(ret, "%"); + ret = percent_expand("%h", "h", "foo", NULL); + CHECK_ONE(ret, "foo"); + ret = percent_expand("%h ", "h", "foo", NULL); + CHECK_ONE(ret, "foo "); + ret = percent_expand(" %h", "h", "foo", NULL); + CHECK_ONE(ret, " foo"); + ret = percent_expand(" %h ", "h", "foo", NULL); + CHECK_ONE(ret, " foo "); + ret = percent_expand(" %a%b ", "a", "foo", "b", "bar", NULL); + CHECK_ONE(ret, " foobar "); TEST_DONE(); TEST_START("percent_dollar_expand"); - ASSERT_STRING_EQ(percent_dollar_expand("%h${FOO}", "h", "foo", NULL), - "foobar"); + ret = percent_dollar_expand("%h${FOO}", "h", "foo", NULL); + CHECK_ONE(ret, "foobar"); +#undef CHECK_ONE TEST_DONE(); } diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c index 058bf17d474b..bfe61a8773bc 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.4 2025/06/13 07:35:14 dtucker Exp $ */ +/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.5 2025/09/15 03:00:22 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -609,6 +609,7 @@ sshbuf_getput_basic_tests(void) ASSERT_PTR_NE(s2, NULL); ASSERT_STRING_EQ(s2, "00000000000000000000"); sshbuf_free(p1); + free(s2); TEST_DONE(); TEST_START("sshbuf_poke_u16"); @@ -643,6 +644,7 @@ sshbuf_getput_basic_tests(void) ASSERT_PTR_NE(s2, NULL); ASSERT_STRING_EQ(s2, "00000000000000000000"); sshbuf_free(p1); + free(s2); TEST_DONE(); TEST_START("sshbuf_poke_u8"); @@ -673,6 +675,7 @@ sshbuf_getput_basic_tests(void) ASSERT_PTR_NE(s2, NULL); ASSERT_STRING_EQ(s2, "00000000000000000000"); sshbuf_free(p1); + free(s2); TEST_DONE(); TEST_START("sshbuf_poke"); @@ -707,5 +710,6 @@ sshbuf_getput_basic_tests(void) ASSERT_PTR_NE(s2, NULL); ASSERT_STRING_EQ(s2, "00000000000000000000"); sshbuf_free(p1); + free(s2); TEST_DONE(); } diff --git a/regress/unittests/sshbuf/test_sshbuf_misc.c b/regress/unittests/sshbuf/test_sshbuf_misc.c index 58f55eee89ae..6b5b380d8524 100644 --- a/regress/unittests/sshbuf/test_sshbuf_misc.c +++ b/regress/unittests/sshbuf/test_sshbuf_misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_misc.c,v 1.6 2025/09/04 00:37:10 djm Exp $ */ +/* $OpenBSD: test_sshbuf_misc.c,v 1.7 2025/09/15 03:00:22 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -214,6 +214,7 @@ test_sshbuf_cmp(void) ASSERT_INT_EQ(sshbuf_cmp(p1, 1000, "silence", 7), SSH_ERR_MESSAGE_INCOMPLETE); ASSERT_INT_EQ(sshbuf_cmp(p1, 0, msg, sizeof(msg) - 1), 0); + sshbuf_free(p1); TEST_DONE(); } @@ -252,6 +253,7 @@ test_sshbuf_find(void) SSH_ERR_MESSAGE_INCOMPLETE); ASSERT_INT_EQ(sshbuf_find(p1, 0, msg + 1, sizeof(msg) - 2, &sz), 0); ASSERT_SIZE_T_EQ(sz, 1); + sshbuf_free(p1); TEST_DONE(); } From 7c32e09ea3e5c7e1fa0b7e2d4ddc83f8beadafed Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 15 Sep 2025 17:21:15 +1000 Subject: [PATCH 274/687] Add VM test targets via vmaction on Github. --- .github/ci-status.md | 6 ++ .github/workflows/vm-dragonflybsd.yml | 78 +++++++++++++++++++++++++ .github/workflows/vm-freebsd.yml | 80 ++++++++++++++++++++++++++ .github/workflows/vm-netbsd.yml | 81 ++++++++++++++++++++++++++ .github/workflows/vm-omnios.yml | 70 +++++++++++++++++++++++ .github/workflows/vm-openbsd.yml | 66 +++++++++++++++++++++ .github/workflows/vm-solaris.yml | 82 +++++++++++++++++++++++++++ 7 files changed, 463 insertions(+) create mode 100644 .github/workflows/vm-dragonflybsd.yml create mode 100644 .github/workflows/vm-freebsd.yml create mode 100644 .github/workflows/vm-netbsd.yml create mode 100644 .github/workflows/vm-omnios.yml create mode 100644 .github/workflows/vm-openbsd.yml create mode 100644 .github/workflows/vm-solaris.yml diff --git a/.github/ci-status.md b/.github/ci-status.md index 971011db96fa..9169765ab547 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -1,5 +1,11 @@ master : [![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:master) +[![VM DragonFlyBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-dragonflybsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-dragonflybsd.yml?query=branch:master) +[![VM FreeBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-freebsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-freebsd.yml?query=branch:master) +[![VM OmniOS](https://github.com/openssh/openssh-portable/actions/workflows/vm-omnios.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-omnios.yml?query=branch:master) +[![VM OpenBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-openbsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-openbsd.yml?query=branch:master) +[![VM NetBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-netbsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-netbsd.yml?query=branch:master) +[![VM Solaris](https://github.com/openssh/openssh-portable/actions/workflows/vm-solaris.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-solaris.yml?query=branch:master) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master) [![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master) [![CIFuzz](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml) diff --git a/.github/workflows/vm-dragonflybsd.yml b/.github/workflows/vm-dragonflybsd.yml new file mode 100644 index 000000000000..2fc337072cf2 --- /dev/null +++ b/.github/workflows/vm-dragonflybsd.yml @@ -0,0 +1,78 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. + +name: VM DragonFlyBSD CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-dragonflybsd.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-dragonflybsd.yml' ] + +jobs: + ci: + name: "dragonflybsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "6.4.2" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start DragonFlyBSD ${{ matrix.target }} VM + uses: vmactions/dragonflybsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + pkg install -y sudo + pw useradd builder -m + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-ssl-dir=/usr/local + - name: make clean + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: dragonflybsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + - name: "PAM: configure" + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-ssl-dir=/usr/local --with-pam + - name: "PAM: make clean" + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: "PAM: make tests" + shell: dragonflybsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests diff --git a/.github/workflows/vm-freebsd.yml b/.github/workflows/vm-freebsd.yml new file mode 100644 index 000000000000..1d2b994cacf9 --- /dev/null +++ b/.github/workflows/vm-freebsd.yml @@ -0,0 +1,80 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. + +name: VM FreeBSD CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-freebsd.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-freebsd.yml' ] + +jobs: + ci: + name: "freebsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "13.5" + - "14.3" + # - "15.0" # "pkg" breaks with a libutil.so error... + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start FreeBSD ${{ matrix.target }} VM + uses: vmactions/freebsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + pkg install -y sudo + pw useradd builder -m + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: freebsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + - name: "PAM: configure" + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + - name: "PAM: make clean" + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: "PAM: make tests" + shell: freebsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests diff --git a/.github/workflows/vm-netbsd.yml b/.github/workflows/vm-netbsd.yml new file mode 100644 index 000000000000..111d6d55ccf5 --- /dev/null +++ b/.github/workflows/vm-netbsd.yml @@ -0,0 +1,81 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. + +name: VM NetBSD CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-netbsd.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-netbsd.yml' ] + +jobs: + ci: + name: "netbsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "9.0" + - "9.4" + - "10.0" + - "10.1" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start NetBSD ${{ matrix.target }} VM + uses: vmactions/netbsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + /usr/sbin/pkg_add sudo + /usr/sbin/useradd -m builder + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/pkg/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && /sbin/chown -R builder . + - name: configure + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: netbsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + - name: "PAM: configure" + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + - name: "PAM: make clean" + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: "PAM: make tests" + shell: netbsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests diff --git a/.github/workflows/vm-omnios.yml b/.github/workflows/vm-omnios.yml new file mode 100644 index 000000000000..473bad3954d9 --- /dev/null +++ b/.github/workflows/vm-omnios.yml @@ -0,0 +1,70 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. +# +# TODO: fix build --with-pam +# TODO: get tests working with SUDO=sudo SSHD_CONFOPTS="UsePam yes" + +name: VM OmniOS CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-omnios.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-omnios.yml' ] + +jobs: + ci: + name: "omnios-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "r151054" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start OmniOS ${{ matrix.target }} VM + uses: vmactions/omnios-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + set -x + pfexec pkg refresh + pfexec pkg install build-essential + useradd -m builder + sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers + mv /tmp/sudoers /etc/sudoers + echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: make tests + shell: omnios {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make tests diff --git a/.github/workflows/vm-openbsd.yml b/.github/workflows/vm-openbsd.yml new file mode 100644 index 000000000000..389f35026c4e --- /dev/null +++ b/.github/workflows/vm-openbsd.yml @@ -0,0 +1,66 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. + +name: VM OpenBSD CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-openbsd.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-openbsd.yml' ] + +jobs: + ci: + name: "openbsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "7.3" + - "7.5" + - "7.6" + - "7.7" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start OpenBSD ${{ matrix.target }} VM + uses: vmactions/openbsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + env PKG_PATH=https://ftp.openbsd.org/pub/OpenBSD/${{matrix.target}}/packages/amd64 pkg_add sudo-- + useradd -m builder + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: openbsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests diff --git a/.github/workflows/vm-solaris.yml b/.github/workflows/vm-solaris.yml new file mode 100644 index 000000000000..d500f7dea465 --- /dev/null +++ b/.github/workflows/vm-solaris.yml @@ -0,0 +1,82 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run. +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. +# +# TODO: get tests working with SUDO=sudo SSHD_CONFOPTS="UsePam yes" + +name: VM Solaris CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-solaris.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-solaris.yml' ] + +jobs: + ci: + name: "solaris-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "11.4-gcc" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start Solaris ${{ matrix.target }} VM + uses: vmactions/solaris-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + set -x + useradd -m builder + sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers + mv /tmp/sudoers /etc/sudoers + echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: make tests + shell: solaris {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make tests + + - name: "PAM: configure" + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + - name: "PAM: make clean" + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: "PAM: make tests" + shell: solaris {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make tests From 2202e5f9008003044cac01ed70d83deec42ad4e0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 16 Sep 2025 23:00:14 +1000 Subject: [PATCH 275/687] Use relative URLs for status --- .github/ci-status.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/ci-status.md b/.github/ci-status.md index 9169765ab547..b3167c681da5 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -1,25 +1,25 @@ master : -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:master) -[![VM DragonFlyBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-dragonflybsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-dragonflybsd.yml?query=branch:master) -[![VM FreeBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-freebsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-freebsd.yml?query=branch:master) -[![VM OmniOS](https://github.com/openssh/openssh-portable/actions/workflows/vm-omnios.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-omnios.yml?query=branch:master) -[![VM OpenBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-openbsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-openbsd.yml?query=branch:master) -[![VM NetBSD](https://github.com/openssh/openssh-portable/actions/workflows/vm-netbsd.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-netbsd.yml?query=branch:master) -[![VM Solaris](https://github.com/openssh/openssh-portable/actions/workflows/vm-solaris.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/vm-solaris.yml?query=branch:master) +[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg)](../../../actions/workflows/c-cpp.yml?query=branch:master) +[![VM DragonFlyBSD](../../../actions/workflows/vm-dragonflybsd.yml/badge.svg)](../../../actions/workflows/vm-dragonflybsd.yml?query=branch:master) +[![VM FreeBSD](../../../actions/workflows/vm-freebsd.yml/badge.svg)](../../../actions/workflows/vm-freebsd.yml?query=branch:master) +[![VM OmniOS](../../../actions/workflows/vm-omnios.yml/badge.svg)](../../../actions/workflows/vm-omnios.yml?query=branch:master) +[![VM OpenBSD](../../../actions/workflows/vm-openbsd.yml/badge.svg)](../../../actions/workflows/vm-openbsd.yml?query=branch:master) +[![VM NetBSD](../../../actions/workflows/vm-netbsd.yml/badge.svg)](../../../actions/workflows/vm-netbsd.yml?query=branch:master) +[![VM Solaris](../../../actions/workflows/vm-solaris.yml/badge.svg)](../../../actions/workflows/vm-solaris.yml?query=branch:master) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master) [![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master) -[![CIFuzz](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml) +[![CIFuzz](../../../actions/workflows/cifuzz.yml/badge.svg)](../../../actions/workflows/cifuzz.yml) [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) 10.0 : -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_10_0)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_10_0) +[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_0)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_0) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_10_0)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_10_0) 9.9 : -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_9)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_9) +[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_9_9)](../../../actions/workflows/c-cpp.yml?query=branch:V_9_9) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_9)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_9) 9.8 : -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_8)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_8) +[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_9_8)](../../../actions/workflows/c-cpp.yml?query=branch:V_9_8) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_8)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_8) From fc704057ce6b75637645a4b9c917565b3563e21b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 17 Sep 2025 17:33:25 +1000 Subject: [PATCH 276/687] Move Gihub VMs to their own status line. --- .github/ci-status.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/ci-status.md b/.github/ci-status.md index b3167c681da5..49a06940745d 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -1,16 +1,17 @@ master : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg)](../../../actions/workflows/c-cpp.yml?query=branch:master) +[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master) +[![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master) +[![CIFuzz](../../../actions/workflows/cifuzz.yml/badge.svg)](../../../actions/workflows/cifuzz.yml) +[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) +[![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) +
[![VM DragonFlyBSD](../../../actions/workflows/vm-dragonflybsd.yml/badge.svg)](../../../actions/workflows/vm-dragonflybsd.yml?query=branch:master) [![VM FreeBSD](../../../actions/workflows/vm-freebsd.yml/badge.svg)](../../../actions/workflows/vm-freebsd.yml?query=branch:master) [![VM OmniOS](../../../actions/workflows/vm-omnios.yml/badge.svg)](../../../actions/workflows/vm-omnios.yml?query=branch:master) [![VM OpenBSD](../../../actions/workflows/vm-openbsd.yml/badge.svg)](../../../actions/workflows/vm-openbsd.yml?query=branch:master) [![VM NetBSD](../../../actions/workflows/vm-netbsd.yml/badge.svg)](../../../actions/workflows/vm-netbsd.yml?query=branch:master) [![VM Solaris](../../../actions/workflows/vm-solaris.yml/badge.svg)](../../../actions/workflows/vm-solaris.yml?query=branch:master) -[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master) -[![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master) -[![CIFuzz](../../../actions/workflows/cifuzz.yml/badge.svg)](../../../actions/workflows/cifuzz.yml) -[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) -[![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) 10.0 : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_0)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_0) From 80993390bed15bbd1c348f3352e55d0db01ca0fd Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 17 Sep 2025 17:41:41 +1000 Subject: [PATCH 277/687] Whitespace. --- .github/workflows/vm-dragonflybsd.yml | 4 ++-- .github/workflows/vm-freebsd.yml | 2 +- .github/workflows/vm-netbsd.yml | 2 +- .github/workflows/vm-omnios.yml | 2 +- .github/workflows/vm-openbsd.yml | 2 +- .github/workflows/vm-solaris.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/vm-dragonflybsd.yml b/.github/workflows/vm-dragonflybsd.yml index 2fc337072cf2..bf626b3bb66e 100644 --- a/.github/workflows/vm-dragonflybsd.yml +++ b/.github/workflows/vm-dragonflybsd.yml @@ -1,6 +1,6 @@ # For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: +# Security -> Actions -> Variables) to restrict the tests that are run +# The supported variables are: # # RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, # separated by spaces, eg "ubuntu-latest default". All other tests will diff --git a/.github/workflows/vm-freebsd.yml b/.github/workflows/vm-freebsd.yml index 1d2b994cacf9..fa2d532f6df5 100644 --- a/.github/workflows/vm-freebsd.yml +++ b/.github/workflows/vm-freebsd.yml @@ -1,6 +1,6 @@ # For testing, you can set variables in your repo (Repo -> Settings -> # Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: +# The supported variables are: # # RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, # separated by spaces, eg "ubuntu-latest default". All other tests will diff --git a/.github/workflows/vm-netbsd.yml b/.github/workflows/vm-netbsd.yml index 111d6d55ccf5..324ed83bf181 100644 --- a/.github/workflows/vm-netbsd.yml +++ b/.github/workflows/vm-netbsd.yml @@ -1,6 +1,6 @@ # For testing, you can set variables in your repo (Repo -> Settings -> # Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: +# The supported variables are: # # RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, # separated by spaces, eg "ubuntu-latest default". All other tests will diff --git a/.github/workflows/vm-omnios.yml b/.github/workflows/vm-omnios.yml index 473bad3954d9..b60630657db1 100644 --- a/.github/workflows/vm-omnios.yml +++ b/.github/workflows/vm-omnios.yml @@ -1,6 +1,6 @@ # For testing, you can set variables in your repo (Repo -> Settings -> # Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: +# The supported variables are: # # RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, # separated by spaces, eg "ubuntu-latest default". All other tests will diff --git a/.github/workflows/vm-openbsd.yml b/.github/workflows/vm-openbsd.yml index 389f35026c4e..402ab899f841 100644 --- a/.github/workflows/vm-openbsd.yml +++ b/.github/workflows/vm-openbsd.yml @@ -1,6 +1,6 @@ # For testing, you can set variables in your repo (Repo -> Settings -> # Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: +# The supported variables are: # # RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, # separated by spaces, eg "ubuntu-latest default". All other tests will diff --git a/.github/workflows/vm-solaris.yml b/.github/workflows/vm-solaris.yml index d500f7dea465..87778233ff49 100644 --- a/.github/workflows/vm-solaris.yml +++ b/.github/workflows/vm-solaris.yml @@ -1,6 +1,6 @@ # For testing, you can set variables in your repo (Repo -> Settings -> # Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: +# The supported variables are: # # RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, # separated by spaces, eg "ubuntu-latest default". All other tests will From bc328144f149af07139a0f2c1329018cd85b86b7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Sep 2025 01:32:45 +0000 Subject: [PATCH 278/687] upstream: log at level INFO when PerSourcePenalties actually blocks access to a source address range. Previously this was logged at level VERBOSE, which hid enforcement actions under default config settings. ok dtucker, markus OpenBSD-Commit-ID: ea2b0d7c2253ff5205719d74b526cf2870df894d --- srclimit.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/srclimit.c b/srclimit.c index 8a47588e4f5b..c62763724b53 100644 --- a/srclimit.c +++ b/srclimit.c @@ -427,7 +427,9 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) penalty->active = 1; if (RB_INSERT(penalties_by_expiry, by_expiry, penalty) != NULL) fatal_f("internal error: %s penalty tables corrupt", t); - verbose_f("%s: new %s %s penalty of %d seconds for %s", t, + do_log2_f(penalty->active ? + SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE, + "%s: new %s %s penalty of %d seconds for %s", t, addrnetmask, penalty->active ? "active" : "deferred", penalty_secs, reason); if (++(*npenaltiesp) > (size_t)max_sources) @@ -446,7 +448,7 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) existing->expiry = now + penalty_cfg.penalty_max; if (existing->expiry - now > penalty_cfg.penalty_min && !existing->active) { - verbose_f("%s: activating %s penalty of %lld seconds for %s", + logit_f("%s: activating %s penalty of %lld seconds for %s", addrnetmask, t, (long long)(existing->expiry - now), reason); existing->active = 1; From ca9ac1109e2c875ea33da6818c1841aa2181e962 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 20 Sep 2025 15:16:30 +1000 Subject: [PATCH 279/687] Rerun tests if run_tests.sh changes. --- .github/workflows/c-cpp.yml | 4 ++-- .github/workflows/selfhosted.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index ccf6a7822dd4..eea1ac98a4e6 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -12,9 +12,9 @@ name: C/C++ CI on: push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/c-cpp.yml' ] + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/c-cpp.yml' ] pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/c-cpp.yml' ] + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/c-cpp.yml' ] jobs: ci: diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index 3bc54d64b1ed..d717ca4c540c 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -2,7 +2,7 @@ name: C/C++ CI self-hosted on: push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/selfhosted.yml' ] + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/selfhosted.yml' ] jobs: selfhosted: From 1659d0ac095608b809fd3173d2c48b7b39d40b02 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 20 Sep 2025 15:53:04 +1000 Subject: [PATCH 280/687] Build OpenSSL with -j4 to speed it up. --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 8ed1d178325f..ff1de0bcae86 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -231,7 +231,7 @@ if [ ! -z "${INSTALL_OPENSSL}" ]; then git checkout ${INSTALL_OPENSSL} && ./config no-threads shared ${SSLCONFOPTS} \ --prefix=/opt/openssl && - make && sudo make install_sw) + make -j4 && sudo make install_sw) fi if [ ! -z "${INSTALL_LIBRESSL}" ]; then From c682c9f45a10ee0dc37fd716cfccd42271f92ddc Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 20 Sep 2025 15:05:19 +1000 Subject: [PATCH 281/687] Add tests for OpenSSL 3.4 and 3.5 versions. --- .github/workflows/c-cpp.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index eea1ac98a4e6..c3684f9a5f4d 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -92,11 +92,16 @@ jobs: - { target: ubuntu-latest, config: openssl-3.2.3 } - { target: ubuntu-latest, config: openssl-3.3.2 } - { target: ubuntu-latest, config: openssl-3.4.0 } + - { target: ubuntu-latest, config: openssl-3.4.2 } + - { target: ubuntu-latest, config: openssl-3.5.0 } + - { target: ubuntu-latest, config: openssl-3.5.3 } - { target: ubuntu-latest, config: openssl-1.1.1_stable } - { target: ubuntu-latest, config: openssl-3.0 } # stable branch - { target: ubuntu-latest, config: openssl-3.1 } # stable branch - { target: ubuntu-latest, config: openssl-3.2 } # stable branch - { target: ubuntu-latest, config: openssl-3.3 } # stable branch + - { target: ubuntu-latest, config: openssl-3.4 } # stable branch + - { target: ubuntu-latest, config: openssl-3.5 } # stable branch - { target: ubuntu-latest, config: putty-0.71 } - { target: ubuntu-latest, config: putty-0.72 } - { target: ubuntu-latest, config: putty-0.73 } From 67b3ed101a18348b564507f55e3ed4b7e0d23ff9 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 20 Sep 2025 15:07:36 +1000 Subject: [PATCH 282/687] Add OpenSSL 3.x ABI cross-compatibility test. --- .github/run_test.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/run_test.sh b/.github/run_test.sh index bd6fb7b7b3e1..bf3f3c9514a9 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -41,6 +41,17 @@ else ${env} make ${TEST_TARGET} SKIP_LTESTS="${SKIP_LTESTS}" LTESTS="${LTESTS}" fi +# Replace our self-built with the distro-provided one before running the tests +# again. +case "$1" in + openssl-3.*) + ${SUDO} cp /lib/x86_64-linux-gnu/libcrypto.so.3 /opt/openssl/lib64/libcrypto.so.3 + if [ -z "${TEST_SSH_SSHD_CONFOPTS}" ]; then + SSHD_CONFOPTS=AcceptEnv=OpenSSL3_ABI_Test + fi + ;; +esac + if [ ! -z "${SSHD_CONFOPTS}" ]; then echo "rerunning t-exec with TEST_SSH_SSHD_CONFOPTS='${SSHD_CONFOPTS}'" if [ -z "${LTESTS}" ]; then From 2c1d38f7ffc8b8ec244bfe17ec8a85b3d737dcab Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 22 Sep 2025 16:55:49 +1000 Subject: [PATCH 283/687] Exclude generated openbsd-compat/include directory. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 7707a18e6137..a017df851006 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,7 @@ config.log config.status openbsd-compat/Makefile openbsd-compat/regress/Makefile +openbsd-compat/include openssh.xml opensshd.init survey.sh From 83853aa5e35f3da0690bccd2983764d4e749a670 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 22 Sep 2025 15:26:17 +1000 Subject: [PATCH 284/687] Factor out OpenSSL install and test more versions. Move OpenSSL installation into its own script with a "-a" option to install the "next" version to test for ABI compatibility. --- .github/install_libcrypto.sh | 71 ++++++++++++++++++++++++++++++++++++ .github/run_test.sh | 11 ------ .github/setup_ci.sh | 9 +---- .github/workflows/c-cpp.yml | 5 +++ 4 files changed, 78 insertions(+), 18 deletions(-) create mode 100755 .github/install_libcrypto.sh diff --git a/.github/install_libcrypto.sh b/.github/install_libcrypto.sh new file mode 100755 index 000000000000..c2e4380f9888 --- /dev/null +++ b/.github/install_libcrypto.sh @@ -0,0 +1,71 @@ +#!/bin/sh +# +# Install specified libcrypto. +# -a : install version for ABI compatibility test. +# -n : dry run, don't actually build and install. +# +# Usage: $0 [-a] [-n] openssl-$branch/tag destdir [config options] + +set -e + +bincompat_test="" +dryrun="" +while [ "$1" = "-a" ] || [ "$1" = "-n" ]; do + if [ "$1" = "-a" ]; then + abi_compat_test=y + elif [ "$1" = "-n" ]; then + dryrun="echo dryrun:" + fi + shift +done + +ver="$1" +destdir="$2" +opts="$3" + +if [ -z "${ver}" ] || [ -z "${destdir}" ]; then + echo tag/branch and destdir required + exit 1 +fi + +set -x + +cd ${HOME} +[ -d ${HOME}/openssl ] || git clone https://github.com/openssl/openssl.git +cd ${HOME}/openssl +git fetch --all + +if [ "${abi_compat_test}" = "y" ]; then + echo selecting ABI test release/branch for ${ver} + case "${ver}" in + openssl-3.6) + ver=openssl-3.0.0 + echo "selecting older release ${ver}" + ;; + openssl-3.[012345]) + major=$(echo ${ver} | cut -f1 -d.) + minor=$(echo ${ver} | cut -f2 -d.) + ver="${major}.$((${minor} + 1))" + echo selecting next release branch ${ver} + ;; + openssl-3.*.*) + major=$(echo ${ver} | cut -f1 -d.) + minor=$(echo ${ver} | cut -f2 -d.) + patch=$(echo ${ver} | cut -f3 -d.) + ver="${major}.${minor}.$((${patch} + 1))" + echo checking for release tag ${ver} + if git tag | grep -q "^${ver}\$"; then + echo selected next patch release ${ver} + else + ver="${major}.${minor}" + echo not found, selecting release branch ${ver} + fi + ;; + esac +fi + +git checkout ${ver} +make clean >/dev/null 2>&1 || true +${dryrun} ./config no-threads shared ${opts} --prefix=${destdir} +${dryrun} make -j4 +${dryrun} sudo make install_sw diff --git a/.github/run_test.sh b/.github/run_test.sh index bf3f3c9514a9..bd6fb7b7b3e1 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -41,17 +41,6 @@ else ${env} make ${TEST_TARGET} SKIP_LTESTS="${SKIP_LTESTS}" LTESTS="${LTESTS}" fi -# Replace our self-built with the distro-provided one before running the tests -# again. -case "$1" in - openssl-3.*) - ${SUDO} cp /lib/x86_64-linux-gnu/libcrypto.so.3 /opt/openssl/lib64/libcrypto.so.3 - if [ -z "${TEST_SSH_SSHD_CONFOPTS}" ]; then - SSHD_CONFOPTS=AcceptEnv=OpenSSL3_ABI_Test - fi - ;; -esac - if [ ! -z "${SSHD_CONFOPTS}" ]; then echo "rerunning t-exec with TEST_SSH_SSHD_CONFOPTS='${SSHD_CONFOPTS}'" if [ -z "${LTESTS}" ]; then diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index ff1de0bcae86..10ff77badbef 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -225,13 +225,8 @@ if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then fi if [ ! -z "${INSTALL_OPENSSL}" ]; then - (cd ${HOME} && - git clone https://github.com/openssl/openssl.git && - cd ${HOME}/openssl && - git checkout ${INSTALL_OPENSSL} && - ./config no-threads shared ${SSLCONFOPTS} \ - --prefix=/opt/openssl && - make -j4 && sudo make install_sw) + .github/install_libcrypto.sh \ + "${INSTALL_OPENSSL}" /opt/openssl "${SSLCONFOPTS}" fi if [ ! -z "${INSTALL_LIBRESSL}" ]; then diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index c3684f9a5f4d..7bda9d5b3edf 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -164,6 +164,11 @@ jobs: TEST_SSH_UNSAFE_PERMISSIONS: 1 TEST_SSH_HOSTBASED_AUTH: yes LTESTS: ${{ vars.LTESTS }} + - name: test OpenSSL3 ABI compatibility + if: ${{ startsWith(matrix.config, 'openssl-3') }} + run: | + sh .github/install_libcrypto.sh -a ${{ matrix.config }} /opt/openssl + sh .github/run_test.sh ${{ matrix.config }} - name: show logs if: failure() run: for i in regress/failed*.log; do echo ====; echo logfile $i; echo =====; cat $i; done From b94e7251a17a497669e825cb70ac79c96bdc3472 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 23 Sep 2025 11:32:57 +1000 Subject: [PATCH 285/687] Specify rpath when building OpenSSL. --- .github/install_libcrypto.sh | 12 ++++++++---- .github/workflows/c-cpp.yml | 4 ++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/install_libcrypto.sh b/.github/install_libcrypto.sh index c2e4380f9888..d1aa23450679 100755 --- a/.github/install_libcrypto.sh +++ b/.github/install_libcrypto.sh @@ -30,10 +30,13 @@ fi set -x -cd ${HOME} -[ -d ${HOME}/openssl ] || git clone https://github.com/openssl/openssl.git +if [ ! -d ${HOME}/openssl ]; then + cd ${HOME} + git clone https://github.com/openssl/openssl.git + cd ${HOME}/openssl + git fetch --all +fi cd ${HOME}/openssl -git fetch --all if [ "${abi_compat_test}" = "y" ]; then echo selecting ABI test release/branch for ${ver} @@ -66,6 +69,7 @@ fi git checkout ${ver} make clean >/dev/null 2>&1 || true -${dryrun} ./config no-threads shared ${opts} --prefix=${destdir} +${dryrun} ./config no-threads shared ${opts} --prefix=${destdir} \ + -Wl,-rpath,${destdir}/lib64 ${dryrun} make -j4 ${dryrun} sudo make install_sw diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 7bda9d5b3edf..293d0d99c005 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -12,9 +12,9 @@ name: C/C++ CI on: push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/c-cpp.yml' ] + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/*.sh', '.github/workflows/c-cpp.yml' ] pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/c-cpp.yml' ] + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/*.sh', '.github/workflows/c-cpp.yml' ] jobs: ci: From 31fce4fc5aaf79b9a4bccf09467e86c56b482bde Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 23 Sep 2025 15:51:14 +1000 Subject: [PATCH 286/687] Test openssl-3.6.0-beta1. --- .github/workflows/c-cpp.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 293d0d99c005..6c8fbb57f680 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -95,6 +95,7 @@ jobs: - { target: ubuntu-latest, config: openssl-3.4.2 } - { target: ubuntu-latest, config: openssl-3.5.0 } - { target: ubuntu-latest, config: openssl-3.5.3 } + - { target: ubuntu-latest, config: openssl-3.6.0-beta1 } - { target: ubuntu-latest, config: openssl-1.1.1_stable } - { target: ubuntu-latest, config: openssl-3.0 } # stable branch - { target: ubuntu-latest, config: openssl-3.1 } # stable branch From d00015d21190517a1f505eb8120f716b1c2e4055 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 23 Sep 2025 16:38:45 +1000 Subject: [PATCH 287/687] Test openssl-3.6 branch not beta1. --- .github/workflows/c-cpp.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 6c8fbb57f680..0ae83ccdb44b 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -95,7 +95,6 @@ jobs: - { target: ubuntu-latest, config: openssl-3.4.2 } - { target: ubuntu-latest, config: openssl-3.5.0 } - { target: ubuntu-latest, config: openssl-3.5.3 } - - { target: ubuntu-latest, config: openssl-3.6.0-beta1 } - { target: ubuntu-latest, config: openssl-1.1.1_stable } - { target: ubuntu-latest, config: openssl-3.0 } # stable branch - { target: ubuntu-latest, config: openssl-3.1 } # stable branch @@ -103,6 +102,7 @@ jobs: - { target: ubuntu-latest, config: openssl-3.3 } # stable branch - { target: ubuntu-latest, config: openssl-3.4 } # stable branch - { target: ubuntu-latest, config: openssl-3.5 } # stable branch + - { target: ubuntu-latest, config: openssl-3.6 } # stable branch - { target: ubuntu-latest, config: putty-0.71 } - { target: ubuntu-latest, config: putty-0.72 } - { target: ubuntu-latest, config: putty-0.73 } From eff358890a7cab1e7c2fec62e5b9914d2c1c8703 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 23 Sep 2025 16:51:34 +1000 Subject: [PATCH 288/687] Merge VM tests into a single workflow file. Should make it easier to manage, although it may cause a few extra runs. --- .github/ci-status.md | 7 +- .github/workflows/vm-dragonflybsd.yml | 78 ------ .github/workflows/vm-freebsd.yml | 80 ------ .github/workflows/vm-netbsd.yml | 81 ------ .github/workflows/vm-omnios.yml | 70 ----- .github/workflows/vm-openbsd.yml | 66 ----- .github/workflows/vm-solaris.yml | 82 ------ .github/workflows/vm.yml | 371 ++++++++++++++++++++++++++ 8 files changed, 372 insertions(+), 463 deletions(-) delete mode 100644 .github/workflows/vm-dragonflybsd.yml delete mode 100644 .github/workflows/vm-freebsd.yml delete mode 100644 .github/workflows/vm-netbsd.yml delete mode 100644 .github/workflows/vm-omnios.yml delete mode 100644 .github/workflows/vm-openbsd.yml delete mode 100644 .github/workflows/vm-solaris.yml create mode 100644 .github/workflows/vm.yml diff --git a/.github/ci-status.md b/.github/ci-status.md index 49a06940745d..d5e2aad23ca4 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -1,17 +1,12 @@ master : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg)](../../../actions/workflows/c-cpp.yml?query=branch:master) +[![VM CI](../../../actions/workflows/vm.yml/badge.svg)](../../../actions/workflows/vm.yml?query=branch:master) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master) [![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master) [![CIFuzz](../../../actions/workflows/cifuzz.yml/badge.svg)](../../../actions/workflows/cifuzz.yml) [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable)
-[![VM DragonFlyBSD](../../../actions/workflows/vm-dragonflybsd.yml/badge.svg)](../../../actions/workflows/vm-dragonflybsd.yml?query=branch:master) -[![VM FreeBSD](../../../actions/workflows/vm-freebsd.yml/badge.svg)](../../../actions/workflows/vm-freebsd.yml?query=branch:master) -[![VM OmniOS](../../../actions/workflows/vm-omnios.yml/badge.svg)](../../../actions/workflows/vm-omnios.yml?query=branch:master) -[![VM OpenBSD](../../../actions/workflows/vm-openbsd.yml/badge.svg)](../../../actions/workflows/vm-openbsd.yml?query=branch:master) -[![VM NetBSD](../../../actions/workflows/vm-netbsd.yml/badge.svg)](../../../actions/workflows/vm-netbsd.yml?query=branch:master) -[![VM Solaris](../../../actions/workflows/vm-solaris.yml/badge.svg)](../../../actions/workflows/vm-solaris.yml?query=branch:master) 10.0 : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_0)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_0) diff --git a/.github/workflows/vm-dragonflybsd.yml b/.github/workflows/vm-dragonflybsd.yml deleted file mode 100644 index bf626b3bb66e..000000000000 --- a/.github/workflows/vm-dragonflybsd.yml +++ /dev/null @@ -1,78 +0,0 @@ -# For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run -# The supported variables are: -# -# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, -# separated by spaces, eg "ubuntu-latest default". All other tests will -# fail immediately. -# -# LTESTS: Override the set of tests run. - -name: VM DragonFlyBSD CI -on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-dragonflybsd.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-dragonflybsd.yml' ] - -jobs: - ci: - name: "dragonflybsd-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - # First we test all OSes in the default configuration. - target: - - "6.4.2" - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start DragonFlyBSD ${{ matrix.target }} VM - uses: vmactions/dragonflybsd-vm@v1 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - pkg install -y sudo - pw useradd builder -m - echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && chown -R builder . - - name: configure - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-ssl-dir=/usr/local - - name: make clean - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: make tests - shell: dragonflybsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo make tests - - - name: "PAM: configure" - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-ssl-dir=/usr/local --with-pam - - name: "PAM: make clean" - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: "PAM: make" - shell: dragonflybsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: "PAM: make tests" - shell: dragonflybsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests diff --git a/.github/workflows/vm-freebsd.yml b/.github/workflows/vm-freebsd.yml deleted file mode 100644 index fa2d532f6df5..000000000000 --- a/.github/workflows/vm-freebsd.yml +++ /dev/null @@ -1,80 +0,0 @@ -# For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: -# -# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, -# separated by spaces, eg "ubuntu-latest default". All other tests will -# fail immediately. -# -# LTESTS: Override the set of tests run. - -name: VM FreeBSD CI -on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-freebsd.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-freebsd.yml' ] - -jobs: - ci: - name: "freebsd-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - # First we test all OSes in the default configuration. - target: - - "13.5" - - "14.3" - # - "15.0" # "pkg" breaks with a libutil.so error... - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start FreeBSD ${{ matrix.target }} VM - uses: vmactions/freebsd-vm@v1 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - pkg install -y sudo - pw useradd builder -m - echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && chown -R builder . - - name: configure - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure - - name: make clean - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: make tests - shell: freebsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo make tests - - - name: "PAM: configure" - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam - - name: "PAM: make clean" - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: "PAM: make" - shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: "PAM: make tests" - shell: freebsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests diff --git a/.github/workflows/vm-netbsd.yml b/.github/workflows/vm-netbsd.yml deleted file mode 100644 index 324ed83bf181..000000000000 --- a/.github/workflows/vm-netbsd.yml +++ /dev/null @@ -1,81 +0,0 @@ -# For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: -# -# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, -# separated by spaces, eg "ubuntu-latest default". All other tests will -# fail immediately. -# -# LTESTS: Override the set of tests run. - -name: VM NetBSD CI -on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-netbsd.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-netbsd.yml' ] - -jobs: - ci: - name: "netbsd-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - # First we test all OSes in the default configuration. - target: - - "9.0" - - "9.4" - - "10.0" - - "10.1" - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start NetBSD ${{ matrix.target }} VM - uses: vmactions/netbsd-vm@v1 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - /usr/sbin/pkg_add sudo - /usr/sbin/useradd -m builder - echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/pkg/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && /sbin/chown -R builder . - - name: configure - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure - - name: make clean - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: make tests - shell: netbsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo make tests - - - name: "PAM: configure" - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam - - name: "PAM: make clean" - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: "PAM: make" - shell: netbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: "PAM: make tests" - shell: netbsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests diff --git a/.github/workflows/vm-omnios.yml b/.github/workflows/vm-omnios.yml deleted file mode 100644 index b60630657db1..000000000000 --- a/.github/workflows/vm-omnios.yml +++ /dev/null @@ -1,70 +0,0 @@ -# For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: -# -# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, -# separated by spaces, eg "ubuntu-latest default". All other tests will -# fail immediately. -# -# LTESTS: Override the set of tests run. -# -# TODO: fix build --with-pam -# TODO: get tests working with SUDO=sudo SSHD_CONFOPTS="UsePam yes" - -name: VM OmniOS CI -on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-omnios.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-omnios.yml' ] - -jobs: - ci: - name: "omnios-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - # First we test all OSes in the default configuration. - target: - - "r151054" - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start OmniOS ${{ matrix.target }} VM - uses: vmactions/omnios-vm@v1 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - set -x - pfexec pkg refresh - pfexec pkg install build-essential - useradd -m builder - sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers - mv /tmp/sudoers /etc/sudoers - echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: omnios {0} - run: cd $GITHUB_WORKSPACE && chown -R builder . - - name: configure - shell: omnios {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure - - name: make clean - shell: omnios {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: omnios {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make - - name: make tests - shell: omnios {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder make tests diff --git a/.github/workflows/vm-openbsd.yml b/.github/workflows/vm-openbsd.yml deleted file mode 100644 index 402ab899f841..000000000000 --- a/.github/workflows/vm-openbsd.yml +++ /dev/null @@ -1,66 +0,0 @@ -# For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: -# -# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, -# separated by spaces, eg "ubuntu-latest default". All other tests will -# fail immediately. -# -# LTESTS: Override the set of tests run. - -name: VM OpenBSD CI -on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-openbsd.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-openbsd.yml' ] - -jobs: - ci: - name: "openbsd-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - # First we test all OSes in the default configuration. - target: - - "7.3" - - "7.5" - - "7.6" - - "7.7" - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start OpenBSD ${{ matrix.target }} VM - uses: vmactions/openbsd-vm@v1 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - env PKG_PATH=https://ftp.openbsd.org/pub/OpenBSD/${{matrix.target}}/packages/amd64 pkg_add sudo-- - useradd -m builder - echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && chown -R builder . - - name: configure - shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure - - name: make clean - shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 - - name: make tests - shell: openbsd {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo make tests diff --git a/.github/workflows/vm-solaris.yml b/.github/workflows/vm-solaris.yml deleted file mode 100644 index 87778233ff49..000000000000 --- a/.github/workflows/vm-solaris.yml +++ /dev/null @@ -1,82 +0,0 @@ -# For testing, you can set variables in your repo (Repo -> Settings -> -# Security -> Actions -> Variables) to restrict the tests that are run. -# The supported variables are: -# -# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, -# separated by spaces, eg "ubuntu-latest default". All other tests will -# fail immediately. -# -# LTESTS: Override the set of tests run. -# -# TODO: get tests working with SUDO=sudo SSHD_CONFOPTS="UsePam yes" - -name: VM Solaris CI -on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-solaris.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm-solaris.yml' ] - -jobs: - ci: - name: "solaris-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - # First we test all OSes in the default configuration. - target: - - "11.4-gcc" - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start Solaris ${{ matrix.target }} VM - uses: vmactions/solaris-vm@v1 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - set -x - useradd -m builder - sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers - mv /tmp/sudoers /etc/sudoers - echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && chown -R builder . - - name: configure - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure - - name: make clean - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make - - name: make tests - shell: solaris {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder make tests - - - name: "PAM: configure" - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam - - name: "PAM: make clean" - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: "PAM: make" - shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make - - name: "PAM: make tests" - shell: solaris {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder make tests diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml new file mode 100644 index 000000000000..90cf8aaf0108 --- /dev/null +++ b/.github/workflows/vm.yml @@ -0,0 +1,371 @@ +# For testing, you can set variables in your repo (Repo -> Settings -> +# Security -> Actions -> Variables) to restrict the tests that are run +# The supported variables are: +# +# RUN_ONLY_TARGET_CONFIG: Run only the single matching target and config, +# separated by spaces, eg "ubuntu-latest default". All other tests will +# fail immediately. +# +# LTESTS: Override the set of tests run. + +name: VM CI +on: + push: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] + pull_request: + paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] + +jobs: + dragonflybsd: + name: "dragonflybsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "6.4.2" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start DragonFlyBSD ${{ matrix.target }} VM + uses: vmactions/dragonflybsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + pkg install -y sudo + pw useradd builder -m + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-ssl-dir=/usr/local + - name: make clean + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: dragonflybsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + - name: "PAM: configure" + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-ssl-dir=/usr/local --with-pam + - name: "PAM: make clean" + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: dragonflybsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: "PAM: make tests" + shell: dragonflybsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests + + freebsd: + name: "freebsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "13.5" + - "14.3" + # - "15.0" # "pkg" breaks with a libutil.so error... + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start FreeBSD ${{ matrix.target }} VM + uses: vmactions/freebsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + pkg install -y sudo + pw useradd builder -m + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: freebsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + - name: "PAM: configure" + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + - name: "PAM: make clean" + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: freebsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: "PAM: make tests" + shell: freebsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests + + + netbsd: + name: "netbsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "9.0" + - "9.4" + - "10.0" + - "10.1" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start NetBSD ${{ matrix.target }} VM + uses: vmactions/netbsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + /usr/sbin/pkg_add sudo + /usr/sbin/useradd -m builder + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/usr/pkg/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && /sbin/chown -R builder . + - name: configure + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: netbsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + - name: "PAM: configure" + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + - name: "PAM: make clean" + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: netbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: "PAM: make tests" + shell: netbsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests + + + ominios: + name: "omnios-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "r151054" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start OmniOS ${{ matrix.target }} VM + uses: vmactions/omnios-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + set -x + pfexec pkg refresh + pfexec pkg install build-essential + useradd -m builder + sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers + mv /tmp/sudoers /etc/sudoers + echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: omnios {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: make tests + shell: omnios {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make tests + + + openbsd: + name: "openbsd-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "7.3" + - "7.5" + - "7.6" + - "7.7" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start OpenBSD ${{ matrix.target }} VM + uses: vmactions/openbsd-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + env PKG_PATH=https://ftp.openbsd.org/pub/OpenBSD/${{matrix.target}}/packages/amd64 pkg_add sudo-- + useradd -m builder + echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: openbsd {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + - name: make tests + shell: openbsd {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder env SUDO=sudo make tests + + + solaris: + name: "solaris-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "11.4-gcc" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start Solaris ${{ matrix.target }} VM + uses: vmactions/solaris-vm@v1 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + set -x + useradd -m builder + sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers + mv /tmp/sudoers /etc/sudoers + echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + - name: make clean + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: make tests + shell: solaris {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make tests + + - name: "PAM: configure" + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + - name: "PAM: make clean" + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: "PAM: make" + shell: solaris {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: "PAM: make tests" + shell: solaris {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make tests From d8588478850463f8945aa18d0358b2b227f8b57a Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Wed, 24 Sep 2025 00:51:28 +0000 Subject: [PATCH 289/687] upstream: spelling; ok dtucker@ OpenBSD-Commit-ID: 93870117b0153859dd8baa80b97e44d4558c786b --- misc.c | 4 ++-- scp.c | 4 ++-- ssh-pkcs11.c | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/misc.c b/misc.c index 922f04606038..70da3348f36b 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.206 2025/09/04 00:31:49 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.207 2025/09/24 00:51:28 jsg Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -490,7 +490,7 @@ strdelim(char **s) } /* - * Return next token in configuration line; splts on whitespace only. + * Return next token in configuration line; splits on whitespace only. */ char * strdelimw(char **s) diff --git a/scp.c b/scp.c index 0d3e1d4c1bcd..c19f57c69168 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.266 2025/09/15 05:17:37 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.267 2025/09/24 00:51:28 jsg Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -1880,7 +1880,7 @@ bad: run_err("%s: %s", np, strerror(errno)); /* * NB. do not use run_err() unless immediately followed by * exit() below as it may send a spurious reply that might - * desyncronise us from the peer. Use note_err() instead. + * desynchronise us from the peer. Use note_err() instead. */ statbytes = 0; if (showprogress) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 5167f89b8115..809910e97f01 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.69 2025/07/30 04:27:42 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.70 2025/09/24 00:51:28 jsg Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -1067,7 +1067,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, key->type = KEY_RSA; key->flags |= SSHKEY_FLAG_EXT; if (EVP_PKEY_bits(key->pkey) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - error_f("RSA key too small %d < minumum %d", + error_f("RSA key too small %d < minimum %d", EVP_PKEY_bits(key->pkey), SSH_RSA_MINIMUM_MODULUS_SIZE); goto fail; } @@ -1306,7 +1306,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, key->type = KEY_RSA; key->flags |= SSHKEY_FLAG_EXT; if (EVP_PKEY_bits(key->pkey) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - error_f("RSA key too small %d < minumum %d", + error_f("RSA key too small %d < minimum %d", EVP_PKEY_bits(key->pkey), SSH_RSA_MINIMUM_MODULUS_SIZE); goto out; From ae62a16118bb96a8e449ef25f5e55ef86a52cefb Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Thu, 25 Sep 2025 02:12:16 +0000 Subject: [PATCH 290/687] upstream: remove prototype for removed ssh_packet_set_tos() ok djm@ OpenBSD-Commit-ID: 396f82995074ef4d7b9ce44168266ef4640d9985 --- packet.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packet.h b/packet.h index ade3c0f9df6e..c0cbd8a7c520 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.101 2025/08/18 09:16:36 job Exp $ */ +/* $OpenBSD: packet.h,v 1.102 2025/09/25 02:12:16 jsg Exp $ */ /* * Author: Tatu Ylonen @@ -110,7 +110,6 @@ int ssh_packet_is_rekeying(struct ssh *); int ssh_packet_check_rekey(struct ssh *); void ssh_packet_set_protocol_flags(struct ssh *, u_int); u_int ssh_packet_get_protocol_flags(struct ssh *); -void ssh_packet_set_tos(struct ssh *, int); void ssh_packet_set_interactive(struct ssh *, int); void ssh_packet_set_qos(struct ssh *, int, int); void ssh_packet_set_server(struct ssh *); From 0af7e5b690e2cfe8824f04f154b0e543509dbefd Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Thu, 25 Sep 2025 02:15:39 +0000 Subject: [PATCH 291/687] upstream: remove unneeded externs ok djm@ OpenBSD-Commit-ID: fe553193e910a122505142a4e1db7358cc1ae653 --- session.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/session.c b/session.c index 43eebd6c2717..f265fdc3ed3b 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.343 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: session.c,v 1.344 2025/09/25 02:15:39 jsg Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -139,9 +139,6 @@ static int session_pty_req(struct ssh *, Session *); extern ServerOptions options; extern char *__progname; extern int debug_flag; -extern u_int utmp_len; -extern int startup_pipe; -extern void destroy_sensitive_data(void); extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; extern char *tun_fwd_ifnames; /* serverloop.c */ From 6f28a935cc7d073e6647643e81d98b5831df204f Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Thu, 25 Sep 2025 06:23:19 +0000 Subject: [PATCH 292/687] upstream: consistently use NULL for null pointer constants found with sparse, ok djm@ OpenBSD-Commit-ID: 1067504b63732d809d0d57ad4bc626818d112772 --- channels.c | 4 ++-- clientloop.c | 4 ++-- scp.c | 8 ++++---- serverloop.c | 4 ++-- sftp.c | 4 ++-- ssh-pkcs11.c | 8 ++++---- sshconnect.c | 4 ++-- sshsig.c | 4 ++-- 8 files changed, 20 insertions(+), 20 deletions(-) diff --git a/channels.c b/channels.c index aeb0d41d6c22..ed852beb09cc 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.449 2025/09/15 04:39:58 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.450 2025/09/25 06:23:19 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -4565,7 +4565,7 @@ channel_add_permission(struct ssh *ssh, int who, int where, * host/port_to_connect. */ permission_set_add(ssh, who, where, - local ? host : 0, local ? port : 0, + local ? host : NULL, local ? port : 0, local ? NULL : host, NULL, local ? 0 : port, NULL); pset->all_permitted = 0; } diff --git a/clientloop.c b/clientloop.c index a2f757867901..49d048d85a4f 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.414 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.415 2025/09/25 06:23:19 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1868,7 +1868,7 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode, char *ifname = NULL; if (tun_mode == SSH_TUNMODE_NO) - return 0; + return NULL; debug("Requesting tun unit %d in mode %d", local_tun, tun_mode); diff --git a/scp.c b/scp.c index c19f57c69168..c5f573cc1fde 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.267 2025/09/24 00:51:28 jsg Exp $ */ +/* $OpenBSD: scp.c,v 1.268 2025/09/25 06:23:19 jsg Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -1572,7 +1572,7 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn) } /* Did we actually get any matches back from the glob? */ - if (g.gl_matchc == 0 && g.gl_pathc == 1 && g.gl_pathv[0] != 0) { + if (g.gl_matchc == 0 && g.gl_pathc == 1 && g.gl_pathv[0] != NULL) { /* * If nothing matched but a path returned, then it's probably * a GLOB_NOCHECK result. Check whether the unglobbed path @@ -2013,7 +2013,7 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to, } /* Did we actually get any matches back from the glob? */ - if (g.gl_matchc == 0 && g.gl_pathc == 1 && g.gl_pathv[0] != 0) { + if (g.gl_matchc == 0 && g.gl_pathc == 1 && g.gl_pathv[0] != NULL) { /* * If nothing matched but a path returned, then it's probably * a GLOB_NOCHECK result. Check whether the unglobbed path @@ -2223,7 +2223,7 @@ allocbuf(BUF *bp, int fd, int blksize) if (fstat(fd, &stb) == -1) { run_err("fstat: %s", strerror(errno)); - return (0); + return (NULL); } size = ROUNDUP(stb.st_blksize, blksize); if (size == 0) diff --git a/serverloop.c b/serverloop.c index c8b1fd6db738..5d3b194d128f 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.243 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.244 2025/09/25 06:23:19 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -672,7 +672,7 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) int r, ndx, success = 0; const u_char *blob; const char *sigalg, *kex_rsa_sigalg = NULL; - u_char *sig = 0; + u_char *sig = NULL; size_t blen, slen; if ((resp = sshbuf_new()) == NULL || (sigbuf = sshbuf_new()) == NULL) diff --git a/sftp.c b/sftp.c index ff85ab507695..c77a608a8e54 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.242 2025/09/15 04:49:00 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.243 2025/09/25 06:23:19 jsg Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2656,7 +2656,7 @@ main(int argc, char **argv) } else { if ((r = argv_split(sftp_direct, &tmp, &cpp, 1)) != 0) fatal_r(r, "Parse -D arguments"); - if (cpp[0] == 0) + if (cpp[0] == NULL) fatal("No sftp server specified via -D"); connect_to_server(cpp[0], cpp, &in, &out); argv_free(cpp, tmp); diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 809910e97f01..36b428223f36 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.70 2025/09/24 00:51:28 jsg Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.71 2025/09/25 06:23:19 jsg Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -552,7 +552,7 @@ pkcs11_sign_rsa(struct sshkey *key, const u_char *oid; if (sigp != NULL) - *sigp = 0; + *sigp = NULL; if (lenp != NULL) *lenp = 0; @@ -642,7 +642,7 @@ pkcs11_sign_ecdsa(struct sshkey *key, int hashalg, ret = -1, r, siglen; if (sigp != NULL) - *sigp = 0; + *sigp = NULL; if (lenp != NULL) *lenp = 0; @@ -727,7 +727,7 @@ pkcs11_sign_ed25519(struct sshkey *key, int ret = -1; if (sigp != NULL) - *sigp = 0; + *sigp = NULL; if (lenp != NULL) *lenp = 0; diff --git a/sshconnect.c b/sshconnect.c index 0f260a2cd14b..912a520c51bf 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.375 2025/09/15 04:49:41 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.376 2025/09/25 06:23:19 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -789,7 +789,7 @@ hostkeys_find_by_key(const char *host, const char *ip, const struct sshkey *key, char **system_hostfiles, u_int num_system_hostfiles, char ***names, u_int *nnames) { - struct find_by_key_ctx ctx = {0, 0, 0, 0, 0}; + struct find_by_key_ctx ctx = {NULL, NULL, NULL, NULL, 0}; u_int i; *names = NULL; diff --git a/sshsig.c b/sshsig.c index d84004ca961f..3789c437baa0 100644 --- a/sshsig.c +++ b/sshsig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshsig.c,v 1.39 2025/09/15 04:52:41 djm Exp $ */ +/* $OpenBSD: sshsig.c,v 1.40 2025/09/25 06:23:19 jsg Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -1128,7 +1128,7 @@ sshsig_match_principals(const char *path, const char *principal, if (ret == 0) { if (nprincipals == 0) ret = SSH_ERR_KEY_NOT_FOUND; - if (nprincipalsp != 0) + if (nprincipalsp != NULL) *nprincipalsp = nprincipals; if (principalsp != NULL) { *principalsp = principals; From b62aa85dcbc8f03bf91d26d14fbf8fd5e172d882 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 06:25:38 +0000 Subject: [PATCH 293/687] upstream: clarify intent and avoid (harmess, defined behaviour) unsigned underflow. ok tb@ OpenBSD-Commit-ID: b73bf5f1f381c3e4561a6cc706fb1cd77c939cd8 --- ssh-keysign.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/ssh-keysign.c b/ssh-keysign.c index c2d8471ad3e3..8d6bcda10919 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.77 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.78 2025/09/25 06:25:38 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -129,8 +129,10 @@ valid_request(struct passwd *pw, char *host, struct sshkey **ret, char **pkalgp, /* client host name, handle trailing dot */ if ((r = sshbuf_get_cstring(b, &p, &len)) != 0) fatal_fr(r, "parse hostname"); - debug2_f("check expect chost %s got %s", host, p); - if (strlen(host) != len - 1) + debug2_f("check expect chost \"%s\" got \"%s\"", host, p); + if (len == 0) + fail++; + else if (strlen(host) != len - 1) fail++; else if (p[len - 1] != '.') fail++; From d0c1e73d408a24b2db18c0aa1a0108bea0f24210 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 06:31:42 +0000 Subject: [PATCH 294/687] upstream: fix leaks of config objects in mm_decode_activate_server_options ok dtucker@ tb@ OpenBSD-Commit-ID: 211f4d7d02e847bd1bcb460f6beb11658809a742 --- monitor_wrap.c | 13 ++++++++++++- servconf.c | 4 ++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/monitor_wrap.c b/monitor_wrap.c index 7a5ac6a9d164..33494b73fa94 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.141 2025/09/05 10:17:21 dtucker Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.142 2025/09/25 06:31:42 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -319,6 +319,17 @@ mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m) log_verbose_reset(); for (i = 0; i < options.num_log_verbose; i++) log_verbose_add(options.log_verbose[i]); + + /* use the macro hell to clean up too */ +#define M_CP_STROPT(x) free(newopts->x) +#define M_CP_STRARRAYOPT(x, nx) do { \ + for (i = 0; i < newopts->nx; i++) \ + free(newopts->x[i]); \ + free(newopts->x); \ + } while (0) + COPY_MATCH_STRING_OPTS(); +#undef M_CP_STROPT +#undef M_CP_STRARRAYOPT free(newopts); } diff --git a/servconf.c b/servconf.c index 532c095536b5..48ec8c4ecd43 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.434 2025/09/02 09:40:19 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.435 2025/09/25 06:31:42 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2966,7 +2966,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) #define M_CP_STROPT(n) do {\ if (src->n != NULL && dst->n != src->n) { \ free(dst->n); \ - dst->n = src->n; \ + dst->n = xstrdup(src->n); \ } \ } while(0) #define M_CP_STRARRAYOPT(s, num_s) do {\ From 4fddebe7f524b3403c876c3b399d5ce7ce3390a6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 06:33:19 +0000 Subject: [PATCH 295/687] upstream: add some functions to free various structs, including channels data and packet state; ok dtucker@ tb@ OpenBSD-Commit-ID: a8b3705309d632cdae370d4147a03e703087b0d1 --- channels.c | 23 ++++++++++++++++++++++- channels.h | 5 +++-- misc.c | 17 ++++++++++++++++- misc.h | 3 ++- packet.c | 15 ++++++++++++++- packet.h | 3 ++- 6 files changed, 59 insertions(+), 7 deletions(-) diff --git a/channels.c b/channels.c index ed852beb09cc..f1d7bcf345b1 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.450 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: channels.c,v 1.451 2025/09/25 06:33:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -855,6 +855,27 @@ channel_free_all(struct ssh *ssh) sc->x11_fake_data_len = 0; } +void +channel_free_channels(struct ssh *ssh) +{ + struct ssh_channels *sc; + + if (ssh == NULL || ssh->chanctxt == NULL) + return; + channel_free_all(ssh); + channel_clear_permission(ssh, FORWARD_USER, FORWARD_LOCAL); + channel_clear_permission(ssh, FORWARD_USER, FORWARD_REMOTE); + channel_clear_permission(ssh, FORWARD_ADM, FORWARD_LOCAL); + channel_clear_permission(ssh, FORWARD_ADM, FORWARD_REMOTE); + sc = ssh->chanctxt; + free(sc->bulk_classifier_tty); + free(sc->bulk_classifier_notty); + free(sc->channel_pre); + free(sc->channel_post); + freezero(sc, sizeof(*sc)); + ssh->chanctxt = NULL; +} + /* * Closes the sockets/fds of all channels. This is used to close extra file * descriptors after a fork. diff --git a/channels.h b/channels.h index 145ea2f69445..df7c7f364d22 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.160 2025/08/18 03:43:01 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.161 2025/09/25 06:33:19 djm Exp $ */ /* * Author: Tatu Ylonen @@ -282,8 +282,9 @@ struct Channel { c->efd != -1 && (!(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD)) || \ sshbuf_len(c->extended) > 0)) -/* Add channel management structures to SSH transport instance */ +/* Add/remove channel management structures to/from SSH transport instance */ void channel_init_channels(struct ssh *ssh); +void channel_free_channels(struct ssh *ssh); /* channel management */ diff --git a/misc.c b/misc.c index 70da3348f36b..a7a8f5b1bb98 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.207 2025/09/24 00:51:28 jsg Exp $ */ +/* $OpenBSD: misc.c,v 1.208 2025/09/25 06:33:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -524,6 +524,21 @@ pwcopy(struct passwd *pw) return copy; } +void +pwfree(struct passwd *pw) +{ + if (pw == NULL) + return; + free(pw->pw_name); + freezero(pw->pw_passwd, + pw->pw_passwd == NULL ? 0 : strlen(pw->pw_passwd)); + free(pw->pw_gecos); + free(pw->pw_class); + free(pw->pw_dir); + free(pw->pw_shell); + freezero(pw, sizeof(*pw)); +} + /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. diff --git a/misc.h b/misc.h index a7afa23e8e92..f3c5a18c6249 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.111 2025/05/05 02:48:06 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.112 2025/09/25 06:33:19 djm Exp $ */ /* * Author: Tatu Ylonen @@ -113,6 +113,7 @@ char *get_homedir(void); void sock_set_v6only(int); struct passwd *pwcopy(struct passwd *); +void pwfree(struct passwd *); /* NB. only use with pwcopy */ const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); diff --git a/packet.c b/packet.c index be16fd42988d..5dd8269c218a 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.322 2025/08/18 09:16:36 job Exp $ */ +/* $OpenBSD: packet.c,v 1.323 2025/09/25 06:33:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -682,6 +682,7 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) { struct session_state *state = ssh->state; u_int mode; + struct packet *p; if (!state->initialized) return; @@ -698,6 +699,11 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) sshbuf_free(state->output); sshbuf_free(state->outgoing_packet); sshbuf_free(state->incoming_packet); + while ((p = TAILQ_FIRST(&state->outgoing))) { + sshbuf_free(p->payload); + TAILQ_REMOVE(&state->outgoing, p, next); + free(p); + } for (mode = 0; mode < MODE_MAX; mode++) { kex_free_newkeys(state->newkeys[mode]); /* current keys */ state->newkeys[mode] = NULL; @@ -746,6 +752,13 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) } } +void +ssh_packet_free(struct ssh *ssh) +{ + ssh_packet_close_internal(ssh, 1); + freezero(ssh, sizeof(*ssh)); +} + void ssh_packet_close(struct ssh *ssh) { diff --git a/packet.h b/packet.h index c0cbd8a7c520..072f274259ee 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.102 2025/09/25 02:12:16 jsg Exp $ */ +/* $OpenBSD: packet.h,v 1.103 2025/09/25 06:33:19 djm Exp $ */ /* * Author: Tatu Ylonen @@ -101,6 +101,7 @@ int ssh_packet_connection_af(struct ssh *); void ssh_packet_set_nonblocking(struct ssh *); int ssh_packet_get_connection_in(struct ssh *); int ssh_packet_get_connection_out(struct ssh *); +void ssh_packet_free(struct ssh *); void ssh_packet_close(struct ssh *); void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *); void ssh_packet_clear_keys(struct ssh *); From a071af0682d686de85cf471f5e04deaee4d90adb Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 06:45:50 +0000 Subject: [PATCH 296/687] upstream: wait for the unprivileged sshd-auth process to exit before closing the fd it uses to report log messages This avoids a race where the child process notices the fd was closed before exiting and spams the logs. ok dtucker@ OpenBSD-Commit-ID: 7cddaa41be3b955e6bed570900db7ab8817b1e76 --- monitor.c | 22 ++++++++++++++++++++-- sshd-session.c | 20 ++------------------ 2 files changed, 22 insertions(+), 20 deletions(-) diff --git a/monitor.c b/monitor.c index 563a0f0cb59a..a9e854bec831 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.248 2025/09/15 04:47:49 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.249 2025/09/25 06:45:50 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -262,7 +262,7 @@ void monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) { struct mon_table *ent; - int authenticated = 0, partial = 0; + int status, authenticated = 0, partial = 0; debug3("preauth child monitor started"); @@ -365,11 +365,29 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) ; + /* Wait for the child's exit status */ + while (waitpid(pmonitor->m_pid, &status, 0) == -1) { + if (errno == EINTR) + continue; + fatal_f("waitpid: %s", strerror(errno)); + } + if (WIFEXITED(status)) { + if (WEXITSTATUS(status) != 0) + fatal_f("preauth child %ld exited with status %d", + (long)pmonitor->m_pid, WEXITSTATUS(status)); + } else if (WIFSIGNALED(status)) { + fatal_f("preauth child %ld terminated by signal %d", + (long)pmonitor->m_pid, WTERMSIG(status)); + } + debug3_f("preauth child %ld terminated successfully", + (long)pmonitor->m_pid); + if (pmonitor->m_recvfd >= 0) close(pmonitor->m_recvfd); if (pmonitor->m_log_sendfd >= 0) close(pmonitor->m_log_sendfd); pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1; + pmonitor->m_pid = -1; } static void diff --git a/sshd-session.c b/sshd-session.c index 7abc2b4a5013..8979f743bfdf 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.15 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.16 2025/09/25 06:45:50 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -330,7 +330,7 @@ pack_hostkeys(void) static int privsep_preauth(struct ssh *ssh) { - int status, r; + int r; pid_t pid; /* Set up unprivileged child process to deal with network data */ @@ -352,23 +352,7 @@ privsep_preauth(struct ssh *ssh) } } monitor_child_preauth(ssh, pmonitor); - - /* Wait for the child's exit status */ - while (waitpid(pid, &status, 0) == -1) { - if (errno == EINTR) - continue; - pmonitor->m_pid = -1; - fatal_f("waitpid: %s", strerror(errno)); - } privsep_is_preauth = 0; - pmonitor->m_pid = -1; - if (WIFEXITED(status)) { - if (WEXITSTATUS(status) != 0) - fatal_f("preauth child exited with status %d", - WEXITSTATUS(status)); - } else if (WIFSIGNALED(status)) - fatal_f("preauth child terminated by signal %d", - WTERMSIG(status)); return 1; } else { /* child */ From a8a2702bcd9e81a086e6d2c278f1b62f9d8bf3a1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 06:57:54 +0000 Subject: [PATCH 297/687] upstream: fix some leaks; feedback/ok dtucker@ OpenBSD-Commit-ID: 05bdbc2e494b87a4a79e509020bd8249c86a4ff0 --- ssh-add.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/ssh-add.c b/ssh-add.c index 152f7f2031a4..026acab8cb74 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.178 2025/09/11 07:22:37 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.179 2025/09/25 06:57:54 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -664,6 +664,47 @@ stringlist_append(char ***listp, const char *s) (*listp)[i] = xstrdup(s); } +static void +stringlist_free(char **list) +{ + size_t i = 0; + + if (list == NULL) + return; + for (i = 0; list[i] != NULL; i++) + free(list[i]); + free(list); +} + +static void +free_dest_constraint_hop(struct dest_constraint_hop *dch) +{ + u_int i; + + if (dch == NULL) + return; + free(dch->user); + free(dch->hostname); + for (i = 0; i < dch->nkeys; i++) + sshkey_free(dch->keys[i]); + free(dch->keys); + free(dch->key_is_ca); +} + +static void +free_dest_constraints(struct dest_constraint **dcs, size_t ndcs) +{ + size_t i; + + for (i = 0; i < ndcs; i++) { + free_dest_constraint_hop(&dcs[i]->from); + free_dest_constraint_hop(&dcs[i]->to); + free(dcs[i]); + } + free(dcs); +} + + static void parse_dest_constraint_hop(const char *s, struct dest_constraint_hop *dch, char **hostkey_files) @@ -794,7 +835,7 @@ main(int argc, char **argv) LogLevel log_level = SYSLOG_LEVEL_INFO; struct sshkey *k, **certs = NULL; struct dest_constraint **dest_constraints = NULL; - size_t ndest_constraints = 0, ncerts = 0; + size_t n, ndest_constraints = 0, ncerts = 0; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -969,6 +1010,9 @@ main(int argc, char **argv) dest_constraints, ndest_constraints, certs, ncerts) == -1) ret = 1; + for (n = 0; n < ncerts; n++) + sshkey_free(certs[n]); + free(certs); goto done; } if (do_download) { @@ -1016,6 +1060,9 @@ main(int argc, char **argv) } done: clear_pass(); + stringlist_free(hostkey_files); + stringlist_free(dest_constraint_strings); + free_dest_constraints(dest_constraints, ndest_constraints); ssh_close_authentication_socket(agent_fd); return ret; } From a1a7df8b3694fdd7b55ad6bb8fa7b3d5d7f5b89a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 07:00:43 +0000 Subject: [PATCH 298/687] upstream: fix some leaks in ssh-add; feedback/ok dtucker@ OpenBSD-Commit-ID: 441302917de31a128c1d6d63acccc67042fcf349 --- ssh-add.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh-add.c b/ssh-add.c index 026acab8cb74..67dd8797d122 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.179 2025/09/25 06:57:54 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.180 2025/09/25 07:00:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland From 846987d1233f24bbe87ebed347e328f45525388a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 07:04:38 +0000 Subject: [PATCH 299/687] upstream: fix some one-off leaks in ssh-keygen; ok dtucker@ OpenBSD-Commit-ID: 32f51289c93246474659aa49067926fcab9e02e8 --- ssh-keygen.c | 63 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 36 insertions(+), 27 deletions(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index 94323479e850..110d07fc1506 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.482 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.483 2025/09/25 07:04:38 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -348,7 +348,6 @@ do_convert_to_ssh2(struct passwd *pw, struct sshkey *k) fprintf(stdout, "Comment: \"%s\"\n%s", comment, b64); fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); free(b64); - exit(0); } static void @@ -370,7 +369,6 @@ do_convert_to_pkcs8(struct sshkey *k) default: fatal_f("unsupported key type %s", sshkey_type(k)); } - exit(0); } static void @@ -392,7 +390,6 @@ do_convert_to_pem(struct sshkey *k) default: fatal_f("unsupported key type %s", sshkey_type(k)); } - exit(0); } static void @@ -421,7 +418,6 @@ do_convert_to(struct passwd *pw) default: fatal_f("unknown key format %d", convert_format); } - exit(0); } /* @@ -533,6 +529,7 @@ do_convert_private_ssh2(struct sshbuf *b) if ((r = ssh_rsa_complete_crt_parameters(rsa_d, rsa_p, rsa_q, rsa_iqmp, &rsa_dmp1, &rsa_dmq1)) != 0) fatal_fr(r, "generate RSA CRT parameters"); + EVP_PKEY_free(key->pkey); if ((key->pkey = EVP_PKEY_new()) == NULL) fatal_f("EVP_PKEY_new failed"); if ((rsa = RSA_new()) == NULL) @@ -687,7 +684,6 @@ do_convert_from_pkcs8(struct sshkey **k, int *private) EVP_PKEY_base_id(pubkey)); } EVP_PKEY_free(pubkey); - return; } static void @@ -766,7 +762,6 @@ do_convert_from(struct passwd *pw) if (!ok) fatal("key write failed"); sshkey_free(k); - exit(0); } #endif @@ -1864,16 +1859,17 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, sshkey_free(public); free(out); + free(comment); if (cert_serial_autoinc) cert_serial++; } if (pin != NULL) freezero(pin, strlen(pin)); + sshkey_free(ca); free(ca_fp); #ifdef ENABLE_PKCS11 pkcs11_terminate(); #endif - exit(0); } static u_int64_t @@ -2321,9 +2317,10 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, cp += 5; cp = cp + strspn(cp, " \t"); hash_to_blob(cp, &blob, &blen, file, lnum); - r = ssh_krl_revoke_key_sha256(krl, blob, blen); - if (r != 0) + if ((r = ssh_krl_revoke_key_sha256(krl, + blob, blen)) != 0) fatal_fr(r, "revoke key failed"); + free(blob); } else { if (strncasecmp(cp, "key:", 4) == 0) { cp += 4; @@ -3288,9 +3285,9 @@ main(int argc, char **argv) { char comment[1024], *passphrase = NULL; char *rr_hostname = NULL, *ep, *fp, *ra; - struct sshkey *private, *public; + struct sshkey *private = NULL, *public = NULL; struct passwd *pw; - int r, opt, type; + int ret = 0, r, opt, type; int change_passphrase = 0, change_comment = 0, show_cert = 0; int find_host = 0, delete_host = 0, hash_hosts = 0; int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; @@ -3551,8 +3548,9 @@ main(int argc, char **argv) "missing allowed keys file"); exit(1); } - return sig_find_principals(ca_key_path, identity_file, + ret = sig_find_principals(ca_key_path, identity_file, opts, nopts); + goto done; } else if (strprefix(sign_op, "match-principals", 0) != NULL) { if (!have_identity) { error("Too few arguments for match-principals:" @@ -3564,8 +3562,9 @@ main(int argc, char **argv) "missing principal ID"); exit(1); } - return sig_match_principals(identity_file, cert_key_id, + ret = sig_match_principals(identity_file, cert_key_id, opts, nopts); + goto done; } else if (strprefix(sign_op, "sign", 0) != NULL) { /* NB. cert_principals is actually namespace, via -n */ if (cert_principals == NULL || @@ -3579,8 +3578,9 @@ main(int argc, char **argv) "missing key"); exit(1); } - return sig_sign(identity_file, cert_principals, + ret = sig_sign(identity_file, cert_principals, prefer_agent, argc, argv, opts, nopts); + goto done; } else if (strprefix(sign_op, "check-novalidate", 0) != NULL) { /* NB. cert_principals is actually namespace, via -n */ if (cert_principals == NULL || @@ -3594,8 +3594,9 @@ main(int argc, char **argv) "missing signature file"); exit(1); } - return sig_verify(ca_key_path, cert_principals, + ret = sig_verify(ca_key_path, cert_principals, NULL, NULL, NULL, opts, nopts); + goto done; } else if (strprefix(sign_op, "verify", 0) != NULL) { /* NB. cert_principals is actually namespace, via -n */ if (cert_principals == NULL || @@ -3619,9 +3620,10 @@ main(int argc, char **argv) "missing principal identity"); exit(1); } - return sig_verify(ca_key_path, cert_principals, + ret = sig_verify(ca_key_path, cert_principals, cert_key_id, identity_file, rr_hostname, opts, nopts); + goto done; } error("Unsupported operation for -Y: \"%s\"", sign_op); usage(); @@ -3649,11 +3651,11 @@ main(int argc, char **argv) if (gen_krl) { do_gen_krl(pw, update_krl, ca_key_path, cert_serial, identity_comment, argc, argv); - return (0); + goto done; } if (check_krl) { do_check_krl(pw, print_fingerprint, argc, argv); - return (0); + goto done; } if (ca_key_path != NULL) { if (cert_key_id == NULL) @@ -3662,6 +3664,7 @@ main(int argc, char **argv) add_cert_option(opts[i]); do_ca_sign(pw, ca_key_path, prefer_agent, cert_serial, cert_serial_autoinc, argc, argv); + goto done; } if (show_cert) do_show_cert(pw); @@ -3680,7 +3683,8 @@ main(int argc, char **argv) "FIDO authenticator download", opts[i]); } } - return do_download_sk(sk_provider, sk_device); + ret = do_download_sk(sk_provider, sk_device); + goto done; } if (print_fingerprint || print_bubblebabble) do_fingerprint(pw); @@ -3689,10 +3693,14 @@ main(int argc, char **argv) if (change_comment) do_change_comment(pw, identity_comment); #ifdef WITH_OPENSSL - if (convert_to) + if (convert_to) { do_convert_to(pw); - if (convert_from) + goto done; + } + if (convert_from) { do_convert_from(pw); + goto done; + } #else /* WITH_OPENSSL */ if (convert_to || convert_from) fatal("key conversion disabled at compile time"); @@ -3733,16 +3741,16 @@ main(int argc, char **argv) } if (do_gen_candidates) { do_moduli_gen(argv[0], opts, nopts); - return 0; + goto done; } if (do_screen_candidates) { do_moduli_screen(argv[0], opts, nopts); - return 0; + goto done; } if (gen_all_hostkeys) { do_gen_all_hostkeys(pw); - return (0); + goto done; } if (key_type_name == NULL) @@ -3899,8 +3907,9 @@ main(int argc, char **argv) if (sk_attestation_path != NULL) save_attestation(attest, sk_attestation_path); + done: sshbuf_free(attest); sshkey_free(public); - - exit(0); + pwfree(pw); + exit(ret); } From 8235dc3d82c0ac347a3600df0907c6573720fbaa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 25 Sep 2025 07:05:11 +0000 Subject: [PATCH 300/687] upstream: fix some one-off leaks in ssh.c; ok dtucker@ OpenBSD-Commit-ID: bf3c27ffe4b3cccb6553b554ec4c04929065a2bc --- ssh.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ssh.c b/ssh.c index f4524e384544..3b03108db156 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.618 2025/09/15 04:50:42 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.619 2025/09/25 07:05:11 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1725,8 +1725,6 @@ main(int ac, char **av) &timeout_ms, options.tcp_keep_alive) != 0) exit(255); - if (addrs != NULL) - freeaddrinfo(addrs); ssh_packet_set_timeout(ssh, options.server_alive_interval, options.server_alive_count_max); @@ -1867,9 +1865,13 @@ main(int ac, char **av) #endif skip_connect: + if (addrs != NULL) + freeaddrinfo(addrs); exit_status = ssh_session2(ssh, cinfo); ssh_conn_info_free(cinfo); - ssh_packet_close(ssh); + channel_free_channels(ssh); + ssh_packet_free(ssh); + pwfree(pw); if (options.control_path != NULL && muxserver_sock != -1) unlink(options.control_path); From 1362f6c0f4ca3306a201a6572bb9ec0d47d8edb3 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 25 Sep 2025 18:20:53 +1000 Subject: [PATCH 301/687] Add #ifdefs in pwfree to match those in pwcopy. Fixes build on many platforms. --- misc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/misc.c b/misc.c index a7a8f5b1bb98..239ed12384cd 100644 --- a/misc.c +++ b/misc.c @@ -532,8 +532,12 @@ pwfree(struct passwd *pw) free(pw->pw_name); freezero(pw->pw_passwd, pw->pw_passwd == NULL ? 0 : strlen(pw->pw_passwd)); +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS free(pw->pw_gecos); +#endif +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS free(pw->pw_class); +#endif free(pw->pw_dir); free(pw->pw_shell); freezero(pw, sizeof(*pw)); From 7ce3823547578a3b083085744c1fea39237197a2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 23 Sep 2025 22:12:19 +1000 Subject: [PATCH 302/687] Merge all putty tests into a single test. The lets us reuse the built OpenSSH binaries and replaces 12*4min of tests with a single 14min one. --- .github/install_putty.sh | 37 +++++++++++++++++++++++++++++++++++++ .github/run_test.sh | 11 +++++++++++ .github/setup_ci.sh | 22 ++-------------------- .github/workflows/c-cpp.yml | 15 +-------------- 4 files changed, 51 insertions(+), 34 deletions(-) create mode 100755 .github/install_putty.sh diff --git a/.github/install_putty.sh b/.github/install_putty.sh new file mode 100755 index 000000000000..6d6d0ad49f41 --- /dev/null +++ b/.github/install_putty.sh @@ -0,0 +1,37 @@ +#!/bin/sh + +ver="$1" + +echo +echo -------------------------------------- +echo Installing PuTTY version ${ver} +echo -------------------------------------- + +cd /tmp + +case "${ver}" in +snapshot) + tarball=putty.tar.gz + url=https://tartarus.org/~simon/putty-snapshots/${tarball} + ;; +*) + tarball=putty-${ver}.tar.gz + url=https://the.earth.li/~sgtatham/putty/${ver}/${tarball} + ;; +esac + +if [ ! -f ${tarball} ]; then + wget -q ${url} +fi + +mkdir -p /tmp/puttybuild +cd /tmp/puttybuild + +tar xfz /tmp/${tarball} && cd putty-* +if [ -f CMakeLists.txt ]; then + cmake . && cmake --build . -j4 && sudo cmake --build . --target install +else + ./configure && make -j4 && sudo make install +fi +sudo rm -rf /tmp/puttybuild +/usr/local/bin/plink -V diff --git a/.github/run_test.sh b/.github/run_test.sh index bd6fb7b7b3e1..aac9ce57942e 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -35,6 +35,17 @@ if [ ! -z "${env}" ]; then env="env${env}" fi +if [ "$1" = "putty-versions" ]; then + for ver in 0.71 0.72 0.73 0.74 0.75 0.76 0.77 0.78 0.79 0.80 \ + 0.81 0.82 0.83 snapshot; do + .github/install_putty.sh "${ver}" + ${env} make ${TEST_TARGET} \ + SKIP_LTESTS="${SKIP_LTESTS}" LTESTS="${LTESTS}" + done + + exit 0 +fi + if [ -z "${LTESTS}" ]; then ${env} make ${TEST_TARGET} SKIP_LTESTS="${SKIP_LTESTS}" else diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 10ff77badbef..c90969627022 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -164,7 +164,7 @@ for TARGET in $TARGETS; do PACKAGES="${PACKAGES} cmake ninja-build" ;; putty-*) - INSTALL_PUTTY=$(echo "${TARGET}" | cut -f2 -d-) + INSTALL_PUTTY=0.83 PACKAGES="${PACKAGES} cmake" ;; valgrind*) @@ -273,25 +273,7 @@ if [ ! -z "${INSTALL_ZLIB}" ]; then fi if [ ! -z "${INSTALL_PUTTY}" ]; then - ver="${INSTALL_PUTTY}" - case "${INSTALL_PUTTY}" in - snapshot) - tarball=putty.tar.gz - (cd /tmp && wget https://tartarus.org/~simon/putty-snapshots/${tarball}) - ;; - *) - tarball=putty-${ver}.tar.gz - (cd /tmp && wget https://the.earth.li/~sgtatham/putty/${ver}/${tarball}) - ;; - esac - (cd ${HOME} && tar xfz /tmp/${tarball} && cd putty-* - if [ -f CMakeLists.txt ]; then - cmake . && cmake --build . && sudo cmake --build . --target install - else - ./configure && make && sudo make install - fi - ) - /usr/local/bin/plink -V + .github/install_putty.sh "${INSTALL_PUTTY}" fi # If we're running on an ephemeral VM, set a random password and set diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 0ae83ccdb44b..a479fd2f130c 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -103,20 +103,7 @@ jobs: - { target: ubuntu-latest, config: openssl-3.4 } # stable branch - { target: ubuntu-latest, config: openssl-3.5 } # stable branch - { target: ubuntu-latest, config: openssl-3.6 } # stable branch - - { target: ubuntu-latest, config: putty-0.71 } - - { target: ubuntu-latest, config: putty-0.72 } - - { target: ubuntu-latest, config: putty-0.73 } - - { target: ubuntu-latest, config: putty-0.74 } - - { target: ubuntu-latest, config: putty-0.75 } - - { target: ubuntu-latest, config: putty-0.76 } - - { target: ubuntu-latest, config: putty-0.77 } - - { target: ubuntu-latest, config: putty-0.78 } - - { target: ubuntu-latest, config: putty-0.79 } - - { target: ubuntu-latest, config: putty-0.80 } - - { target: ubuntu-latest, config: putty-0.81 } - - { target: ubuntu-latest, config: putty-0.82 } - - { target: ubuntu-latest, config: putty-0.83 } - - { target: ubuntu-latest, config: putty-snapshot } + - { target: ubuntu-latest, config: putty-versions } - { target: ubuntu-latest, config: zlib-develop } - { target: ubuntu-latest, config: tcmalloc } - { target: ubuntu-latest, config: musl } From 35f3e2a41c2afe7a68a8a4efb3eb385e7f8d247d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 25 Sep 2025 18:06:55 +1000 Subject: [PATCH 303/687] Update pledge() interface to match current OpenBSD. ok djm@ --- openbsd-compat/bsd-misc.c | 2 +- openbsd-compat/bsd-misc.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index aea2ba67f07d..983cd3fe6216 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -403,7 +403,7 @@ getpgid(pid_t pid) #ifndef HAVE_PLEDGE int -pledge(const char *promises, const char *paths[]) +pledge(const char *promises, const char *execpromises) { return 0; } diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index d237256d45fc..2ad89cd83b59 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -156,7 +156,7 @@ int pselect(int, fd_set *, fd_set *, fd_set *, const struct timespec *, #endif #ifndef HAVE_PLEDGE -int pledge(const char *promises, const char *paths[]); +int pledge(const char *promises, const char *execpromises); #endif /* bsd-err.h */ From e914e61eb88e22e5b725c399698256c54589ca32 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 25 Sep 2025 17:50:07 +1000 Subject: [PATCH 304/687] Remove status bits from OpenSSL >=3 version check. OpenSSL traditionally did not guarantee ABI compatibility across release (and development) versions. Because of this, OpenSSH checked the lower 4 "status" bits returned by OpenSSL_version_num(), which were originally set to 0 for development versions and 0xf for release versions and, if they did not match, would report the discrepancy and exit. OpenSSL (unintentionally) changed these bits in the 3.0.0 and subsequent 3.x releases, setting them to zero in the release versions (which happened to also match the documentation), then changed them back in the 3.5.3 release. If OpenSSL was upgraded to (or from) this version without recompiling OpenSSH, it would cause OpenSSH flag it as potentially incompatible and refuse to use it. Ultimately OpenSSL rolled this back, but the check now has no value so is being removed for OpenSSL versions >=3. bz#3865 and https://github.com/openssl/openssl/issues/28575, ok djm@ --- openbsd-compat/openssl-compat.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index 14865077e469..48938920cda7 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -32,7 +32,8 @@ #include "openssl-compat.h" /* - * OpenSSL version numbers: MNNFFPPS: major minor fix patch status + * OpenSSL version numbers: MNNFFPPS: major minor fix patch status. + * See the OpenSSL_version_num(3ssl) man page. * Versions >=3 require only major versions to match. * For versions <3, we accept compatible fix versions (so we allow 1.0.1 * to work with 1.0.0). Going backwards is only allowed within a patch series. @@ -49,10 +50,10 @@ ssh_compatible_openssl(long headerver, long libver) return 1; /* - * For versions >= 3.0, only the major and status must match. + * For versions >= 3.0, only the major must match. */ - if (headerver >= 0x3000000f) { - mask = 0xf000000fL; /* major,status */ + if (headerver >= 0x30000000) { + mask = 0xf0000000L; /* major only */ return (headerver & mask) == (libver & mask); } From 6c3c9f03c3c2cc4e40decbb49b8486abfb9e57df Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 26 Sep 2025 08:23:21 +1000 Subject: [PATCH 305/687] Replace hand-rolled modulo with arc4random_uniform. Fixes potential modulo-by-zero UB flagged by Coverity CID 405068 --- regress/netcat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/netcat.c b/regress/netcat.c index 0acedfd82493..c62111780636 100644 --- a/regress/netcat.c +++ b/regress/netcat.c @@ -1134,7 +1134,7 @@ build_ports(char *p) char *c; for (x = 0; x <= (hi - lo); x++) { - y = (arc4random() & 0xFFFF) % (hi - lo); + y = arc4random_uniform(hi - lo); c = portlist[x]; portlist[x] = portlist[y]; portlist[y] = c; From 37d996bd0537837f15fc540d5aebb1ef2faf2268 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 25 Sep 2025 22:17:29 +0000 Subject: [PATCH 306/687] upstream: Check return codes of sshbuf functions. Fixes Coverity CIDs 405059 and 405061. OpenBSD-Regress-ID: defa55d32892172251bbd5efd15731ce55888247 --- regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c index aa345c773a0c..cd712c62be29 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.5 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.6 2025/09/25 22:17:29 dtucker Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -47,22 +47,22 @@ attempt_parse_blob(u_char *blob, size_t len) p1 = sshbuf_new(); ASSERT_PTR_NE(p1, NULL); ASSERT_INT_EQ(sshbuf_put(p1, blob, len), 0); - sshbuf_get_u8(p1, &u8); - sshbuf_get_u16(p1, &u16); - sshbuf_get_u32(p1, &u32); - sshbuf_get_u64(p1, &u64); + ASSERT_INT_EQ(sshbuf_get_u8(p1, &u8), 0); + ASSERT_INT_EQ(sshbuf_get_u16(p1, &u16), 0); + ASSERT_INT_EQ(sshbuf_get_u32(p1, &u32), 0); + ASSERT_INT_EQ(sshbuf_get_u64(p1, &u64), 0); if (sshbuf_get_string(p1, &s, &l) == 0) { bzero(s, l); free(s); } #ifdef WITH_OPENSSL bn = NULL; - sshbuf_get_bignum2(p1, &bn); + ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn), 0); BN_clear_free(bn); #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); ASSERT_PTR_NE(eck, NULL); - sshbuf_get_eckey(p1, eck); + ASSERT_INT_EQ(sshbuf_get_eckey(p1, eck), 0); EC_KEY_free(eck); #endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */ #endif /* WITH_OPENSSL */ From 9824ec515ed6256c1a98d66049471053f965b75e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 26 Sep 2025 22:26:33 +1000 Subject: [PATCH 307/687] Update link to oss-fuzz bug tracker. Remove 9.8 branch. --- .github/ci-status.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/ci-status.md b/.github/ci-status.md index d5e2aad23ca4..5b1f77f2369c 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -4,7 +4,7 @@ master : [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master) [![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master) [![CIFuzz](../../../actions/workflows/cifuzz.yml/badge.svg)](../../../actions/workflows/cifuzz.yml) -[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) +[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://issues.oss-fuzz.com/issues?q="Project:+openssh"+is:open) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable)
@@ -15,7 +15,3 @@ master : 9.9 : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_9_9)](../../../actions/workflows/c-cpp.yml?query=branch:V_9_9) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_9)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_9) - -9.8 : -[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_9_8)](../../../actions/workflows/c-cpp.yml?query=branch:V_9_8) -[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_8)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_8) From b4ceca952b85752958d849508294afdc56dfcb9f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 26 Sep 2025 22:28:13 +1000 Subject: [PATCH 308/687] Shorten workflow names to fit in a single line. --- .github/workflows/c-cpp.yml | 2 +- .github/workflows/selfhosted.yml | 2 +- .github/workflows/upstream.yml | 2 +- .github/workflows/vm.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index a479fd2f130c..7e5151ddfd47 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -1,4 +1,4 @@ -name: C/C++ CI +name: CI # For testing, you can set variables in your repo (Repo -> Settings -> # Security -> Actions -> Variables) to restrict the tests that are run. diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index d717ca4c540c..a46d8a451aa7 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -1,4 +1,4 @@ -name: C/C++ CI self-hosted +name: CI self-hosted on: push: diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index e9e431373a39..49c595c7cbe9 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -1,4 +1,4 @@ -name: Upstream self-hosted +name: OpenBSD on: push: diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 90cf8aaf0108..9dcf5fcca764 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -8,7 +8,7 @@ # # LTESTS: Override the set of tests run. -name: VM CI +name: CI VM on: push: paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] From 97b32fa2af25c16aec4de85c5cbb63fd038b4dfa Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 26 Sep 2025 04:40:45 +0000 Subject: [PATCH 309/687] upstream: Use $OBJ for temp file in maxstartups idempotence test. Fixes test in -portable when run out-of-tree. OpenBSD-Regress-ID: 8578be08238af4abe2dc91af1c199f7f71f1a7a2 --- regress/cfgparse.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/cfgparse.sh b/regress/cfgparse.sh index fc0afb0ce3cb..d618e3664a79 100644 --- a/regress/cfgparse.sh +++ b/regress/cfgparse.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgparse.sh,v 1.8 2025/09/01 23:55:29 djm Exp $ +# $OpenBSD: cfgparse.sh,v 1.9 2025/09/26 04:40:45 dtucker Exp $ # Placed in the Public Domain. tid="sshd config parse" @@ -73,7 +73,7 @@ EOD # Check idempotence of MaxStartups verbose "maxstartups idempotent" -echo "maxstartups 1:2:3" > sshd_config.0 +echo "maxstartups 1:2:3" > $OBJ/sshd_config.0 cat > $OBJ/sshd_config.1 < Date: Sat, 27 Sep 2025 20:20:34 +1000 Subject: [PATCH 310/687] Stop testing OpenBSD ubsan until fixed upstream. --- .github/workflows/upstream.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 49c595c7cbe9..6cb08fd41032 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -22,11 +22,11 @@ jobs: host: - libvirt target: [ obsdsnap, obsdsnap-i386 ] - config: [ default, without-openssl, ubsan ] + config: [ default, without-openssl ] # TODO: restore 'ubsan' once fixed include: - { host: libvirt-arm64, target: obsdsnap-arm64, config: default } - { host: libvirt-arm64, target: obsdsnap-arm64, config: without-openssl } - - { host: libvirt-arm64, target: obsdsnap-arm64, config: ubsan } + # - { host: libvirt-arm64, target: obsdsnap-arm64, config: ubsan } steps: - name: unmount stale workspace run: fusermount -u ${GITHUB_WORKSPACE} || true From b1c4bf5c2f1c2b30698dbaadc5d823862213f1fc Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Thu, 25 Sep 2025 12:52:21 +0000 Subject: [PATCH 311/687] upstream: avoid use-after-free in update_krl_from_file() found with clang scan-build, ok dtucker@ OpenBSD-Commit-ID: 8ec86eca573740c94d5bc7e252959174555f4eb8 --- ssh-keygen.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index 110d07fc1506..d450f3e41f94 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.483 2025/09/25 07:04:38 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.484 2025/09/25 12:52:21 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2321,6 +2321,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, blob, blen)) != 0) fatal_fr(r, "revoke key failed"); free(blob); + blob = NULL; + blen = 0; } else { if (strncasecmp(cp, "key:", 4) == 0) { cp += 4; From bcd88ded2fff97652d4236405a3354ca66f90f7e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 29 Sep 2025 02:32:15 +0000 Subject: [PATCH 312/687] upstream: kbd-interactive device names should be matched against the full device name, not a prefix. Doesn't matter in practice as there is only one kbd-int device supported (PAM xor BSD auth), and an attacker would still need to successfully authenticate against an incorrectly-selected device. reported by ashamedbit, NobleMathews; ok deraadt@ OpenBSD-Commit-ID: cf75d4f99405fbb41354c4ae724a3b39a3b58f82 --- auth2-chall.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/auth2-chall.c b/auth2-chall.c index 021df8291736..5af8b0945d59 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.54 2020/10/18 11:32:01 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.55 2025/09/29 02:32:15 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -154,7 +154,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) { size_t len; char *t; - int i; + size_t i; if (kbdintctxt->device) kbdint_reset_device(kbdintctxt); @@ -165,11 +165,14 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) if (len == 0) break; for (i = 0; devices[i]; i++) { + if (i >= sizeof(kbdintctxt->devices_done) * 8) + fatal_f("internal error: too may devices"); if ((kbdintctxt->devices_done & (1 << i)) != 0 || !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, + if (strlen(devices[i]->name) == len && + memcmp(kbdintctxt->devices, devices[i]->name, len) == 0) { kbdintctxt->device = devices[i]; kbdintctxt->devices_done |= 1 << i; From fda31e1e5179b4e70c27094ebb303ee47c11a5a7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 29 Sep 2025 03:17:54 +0000 Subject: [PATCH 313/687] upstream: avoid spurious error message when loading certificates only bz3869 OpenBSD-Commit-ID: e7848fec50d15cc142fed946aa8f79abef3c5be7 --- ssh-add.c | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/ssh-add.c b/ssh-add.c index 67dd8797d122..2d5bec89cec5 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.180 2025/09/25 07:00:43 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.181 2025/09/29 03:17:54 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -354,26 +354,27 @@ add_file(int agent_fd, const char *filename, int key_only, int cert_only, skprovider = NULL; } - if (!cert_only && - (r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm, skprovider, - dest_constraints, ndest_constraints)) == 0) { - ret = 0; - if (!qflag) { - fprintf(stderr, "Identity added: %s (%s)\n", - filename, comment); - if (lifetime != 0) { - fprintf(stderr, "Lifetime set to %s\n", - fmt_timeframe((time_t)lifetime)); - } - if (confirm != 0) { - fprintf(stderr, "The user must confirm " - "each use of the key\n"); + if (!cert_only) { + if ((r = ssh_add_identity_constrained(agent_fd, private, + comment, lifetime, confirm, skprovider, + dest_constraints, ndest_constraints)) == 0) { + ret = 0; + if (!qflag) { + fprintf(stderr, "Identity added: %s (%s)\n", + filename, comment); + if (lifetime != 0) { + fprintf(stderr, "Lifetime set to %s\n", + fmt_timeframe((time_t)lifetime)); + } + if (confirm != 0) { + fprintf(stderr, "The user must confirm " + "each use of the key\n"); + } } + } else { + fprintf(stderr, "Could not add identity \"%s\": %s\n", + filename, ssh_err(r)); } - } else { - fprintf(stderr, "Could not add identity \"%s\": %s\n", - filename, ssh_err(r)); } /* Skip trying to load the cert if requested */ From c82f4dd6b723a8365b4c538d7c99fe8e46985ed0 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 29 Sep 2025 07:40:55 +0000 Subject: [PATCH 314/687] upstream: Null out keys after freeing in tests in the case where we potentially reuse the variable. Fixes Coverity CID 405057. OpenBSD-Regress-ID: c52e86502b33bfa6e448448a74a0217dd519dd58 --- regress/unittests/sshkey/test_sshkey.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 5d5a6bec3843..bfaa3f66d592 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.30 2025/05/24 06:50:28 dtucker Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.31 2025/09/29 07:40:55 dtucker Exp $ */ /* * Regress test for sshkey.h key management API * @@ -258,6 +258,7 @@ sshkey_tests(void) k1 = sshkey_new(KEY_UNSPEC); ASSERT_PTR_NE(k1, NULL); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -266,6 +267,7 @@ sshkey_tests(void) ASSERT_PTR_NE(k1, NULL); ASSERT_PTR_NE(k1->pkey, NULL); sshkey_free(k1); + k1 = NULL; TEST_DONE(); @@ -275,6 +277,7 @@ sshkey_tests(void) ASSERT_PTR_NE(k1, NULL); ASSERT_PTR_EQ(k1->pkey, NULL); /* Can't allocate without NID */ sshkey_free(k1); + k1 = NULL; TEST_DONE(); #endif @@ -285,6 +288,7 @@ sshkey_tests(void) ASSERT_PTR_EQ(k1->ed25519_sk, NULL); ASSERT_PTR_EQ(k1->ed25519_pk, NULL); sshkey_free(k1); + k1 = NULL; TEST_DONE(); TEST_START("generate KEY_RSA too small modulus"); @@ -306,6 +310,7 @@ sshkey_tests(void) SSH_ERR_KEY_LENGTH); ASSERT_PTR_EQ(k1, NULL); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #endif From dfb991bdd826517bbce1cf62ce07bcb3e48a2f27 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 29 Sep 2025 21:28:33 +0000 Subject: [PATCH 315/687] upstream: Sort headers as per KNF. Removes diff vs portable. OpenBSD-Commit-ID: 55f5b9eaeb826a25cfb506a78136094275a71bcb --- gss-genr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gss-genr.c b/gss-genr.c index aa34b71c5558..8f1f54afb4be 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.29 2024/02/01 02:37:33 djm Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.30 2025/09/29 21:28:33 dtucker Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. From 2f71b44d48dc8da7fb743d6ffe609aea5a645edb Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 29 Sep 2025 21:29:22 +0000 Subject: [PATCH 316/687] upstream: Include misc.h. Removes diff vs portable. OpenBSD-Commit-ID: 8aa48451fe5c37f04a339450c4ed9cfb8f4c288f --- auth-krb5.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth-krb5.c b/auth-krb5.c index c99e4e430e73..9d2f1f0ea2a0 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-krb5.c,v 1.24 2021/04/03 06:18:40 djm Exp $ */ +/* $OpenBSD: auth-krb5.c,v 1.25 2025/09/29 21:29:22 dtucker Exp $ */ /* * Kerberos v5 authentication and ticket-passing routines. * From 90f49a185ac1a786d9f7e9a710b369afb3692a65 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 29 Sep 2025 21:30:15 +0000 Subject: [PATCH 317/687] upstream: Move ifdef to start of file. Removes diff vs portable. OpenBSD-Commit-ID: 55058ac3d477e4c696575039f5b275522b99ffea --- gss-serv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gss-serv.c b/gss-serv.c index 025a118f886b..b0e9c3b49fe0 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.33 2025/09/29 21:30:15 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. From 893a579e4b37e6bd89d206dc8e7ac2a906ccf114 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 29 Sep 2025 21:37:52 +0000 Subject: [PATCH 318/687] upstream: Add explicit check for array overflow. The array is bounded by a NULL sentinel which already prevents this, however since we check the bit vector for overflow Coverity assumes that check is for the devices array and flags it as a potential overflow. Adding this additional check on the array placates CID 896018. ok djm@ deraadt@ OpenBSD-Commit-ID: e92fff41341b38e4206a70655cc9acaaa032ebee --- auth2-chall.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/auth2-chall.c b/auth2-chall.c index 5af8b0945d59..bc2482a03a64 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.55 2025/09/29 02:32:15 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.56 2025/09/29 21:37:52 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -165,7 +165,8 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) if (len == 0) break; for (i = 0; devices[i]; i++) { - if (i >= sizeof(kbdintctxt->devices_done) * 8) + if (i >= sizeof(kbdintctxt->devices_done) * 8 || + i >= sizeof(devices) / sizeof(devices[0]) - 1) fatal_f("internal error: too may devices"); if ((kbdintctxt->devices_done & (1 << i)) != 0 || !auth2_method_allowed(authctxt, From d343df4019b4369ce7f87e9bf6bbc80b81cd263d Mon Sep 17 00:00:00 2001 From: zhangjun Date: Fri, 22 Aug 2025 16:49:07 +0800 Subject: [PATCH 319/687] ensure struct passwd fields are non-NULL in pwcopy Android libc can return NULL pw_gecos, for example. --- misc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/misc.c b/misc.c index 239ed12384cd..ce77ec943067 100644 --- a/misc.c +++ b/misc.c @@ -506,7 +506,7 @@ pwcopy(struct passwd *pw) copy->pw_name = xstrdup(pw->pw_name); copy->pw_passwd = xstrdup(pw->pw_passwd == NULL ? "*" : pw->pw_passwd); #ifdef HAVE_STRUCT_PASSWD_PW_GECOS - copy->pw_gecos = xstrdup(pw->pw_gecos); + copy->pw_gecos = xstrdup(pw->pw_gecos == NULL ? "" : pw->pw_gecos); #endif copy->pw_uid = pw->pw_uid; copy->pw_gid = pw->pw_gid; @@ -517,10 +517,10 @@ pwcopy(struct passwd *pw) copy->pw_change = pw->pw_change; #endif #ifdef HAVE_STRUCT_PASSWD_PW_CLASS - copy->pw_class = xstrdup(pw->pw_class); + copy->pw_class = xstrdup(pw->pw_class == NULL ? "" : pw->pw_class); #endif - copy->pw_dir = xstrdup(pw->pw_dir); - copy->pw_shell = xstrdup(pw->pw_shell); + copy->pw_dir = xstrdup(pw->pw_dir == NULL ? "" : pw->pw_dir); + copy->pw_shell = xstrdup(pw->pw_shell == NULL ? "" : pw->pw_shell); return copy; } From e5055ef26abcffd3f99669e411ea6b35ca166111 Mon Sep 17 00:00:00 2001 From: Allison Karlitskaya Date: Wed, 3 Sep 2025 20:07:55 +0200 Subject: [PATCH 320/687] Don't log audit messages with UNKNOWN hostname The `host` parameter to audit_log_acct_message() is documented as follows: host - The hostname if known. If not available pass a NULL. but we pass the string "UNKNOWN" in case we don't know the hostname. Make sure we pass NULL instead. This avoids having the audit system attempt to perform a DNS lookup on the hostname "UNKNOWN", which tends to result in long delays when attempting to login. --- audit-linux.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/audit-linux.c b/audit-linux.c index 8b9854f7352a..954eabe27807 100644 --- a/audit-linux.c +++ b/audit-linux.c @@ -51,6 +51,8 @@ linux_audit_record_event(int uid, const char *username, const char *hostname, else return 0; /* Must prevent login */ } + if (hostname != NULL && strcmp(hostname, "UNKNOWN") == 0) + hostname = NULL; rc = audit_log_acct_message(audit_fd, AUDIT_USER_LOGIN, NULL, "login", username ? username : "(unknown)", username == NULL ? uid : -1, hostname, ip, ttyn, success); From 42b14ff1e06fd683c7d15a6b2816c16108873a5a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Sep 2025 00:03:09 +0000 Subject: [PATCH 321/687] upstream: fix memory leak in mux_client_request_stdio_fwd GHPR#575 by Boris Tonofa; ok dtucker OpenBSD-Commit-ID: 410cdd05242304bd0196b9172ce5fcaf89d2d8ce --- mux.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mux.c b/mux.c index 7dd1309faf72..37bcb91037ef 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.106 2025/09/15 04:48:29 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.107 2025/09/30 00:03:09 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -2195,8 +2195,10 @@ mux_client_request_stdio_fwd(int fd) sshbuf_reset(m); if (mux_client_read_packet(fd, m) != 0) { if (errno == EPIPE || - (errno == EINTR && muxclient_terminate != 0)) + (errno == EINTR && muxclient_terminate != 0)) { + sshbuf_free(m); return 0; + } fatal_f("mux_client_read_packet: %s", strerror(errno)); } fatal_f("master returned unexpected message %u", type); From 1f7556753869654ba5e2bf61e384c5da2db5ca6a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Sep 2025 00:06:06 +0000 Subject: [PATCH 322/687] upstream: avoid a fatal() when sftp tab-completes filenames that share common utf-8 characters that don't encode to a complete codepoint from menthu.zhou via GHPR#587; ok dtucker@ OpenBSD-Commit-ID: e07e4d8a8cac032ab536570b8214e6ef6839b585 --- sftp.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sftp.c b/sftp.c index c77a608a8e54..bdcf977080f2 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.243 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: sftp.c,v 1.244 2025/09/30 00:06:06 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1868,6 +1868,7 @@ complete_ambiguous(const char *word, char **list, size_t count) if (count > 0) { u_int y, matchlen = strlen(list[0]); + u_int itemlen = matchlen, wordlen = strlen(word); /* Find length of common stem */ for (y = 1; list[y]; y++) { @@ -1880,6 +1881,10 @@ complete_ambiguous(const char *word, char **list, size_t count) matchlen = x; } + for (; matchlen > wordlen; matchlen--) + if (mblen(list[0] + matchlen, itemlen - matchlen) >= 0) + break; + if (matchlen > strlen(word)) { char *tmp = xstrdup(list[0]); From 2c504a74ed81d13c8198a89ed1040d0fc5f73129 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Sep 2025 00:10:42 +0000 Subject: [PATCH 323/687] upstream: during sftp uploads, avoid a condition where a failed write could be ignored if a subsequent write succeeded. This is unlikely but technically possible because sftp servers are allowed to reorder requests. Reported by Graziano Stefani, ok tb@ OpenBSD-Commit-ID: 03904bce2c7f787223d01d7e1179fde15753eca3 --- sftp-client.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/sftp-client.c b/sftp-client.c index 911fbfee90a6..840170ab63e3 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.179 2025/09/15 05:17:37 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.180 2025/09/30 00:10:42 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2032,7 +2032,7 @@ sftp_upload(struct sftp_conn *conn, const char *local_path, int fsync_flag, int inplace_flag) { int r, local_fd; - u_int openmode, id, status = SSH2_FX_OK, reordered = 0; + u_int openmode, id, status = SSH2_FX_OK, status2, reordered = 0; off_t offset, progress_counter; u_char type, *handle, *data; struct sshbuf *msg; @@ -2170,9 +2170,11 @@ sftp_upload(struct sftp_conn *conn, const char *local_path, fatal("Expected SSH2_FXP_STATUS(%d) packet, " "got %d", SSH2_FXP_STATUS, type); - if ((r = sshbuf_get_u32(msg, &status)) != 0) + if ((r = sshbuf_get_u32(msg, &status2)) != 0) fatal_fr(r, "parse status"); - debug3("SSH2_FXP_STATUS %u", status); + debug3("SSH2_FXP_STATUS %u", status2); + if (status2 != SSH2_FX_OK) + status = status2; /* remember errors */ /* Find the request in our queue */ if ((ack = request_find(&acks, rid)) == NULL) From d478e250230e917eeb5032238df0b9af357404ee Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 1 Oct 2025 12:17:54 +1000 Subject: [PATCH 324/687] Update OpenSSL & LibreSSL versions we test against. --- .github/workflows/c-cpp.yml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 7e5151ddfd47..f64803b55ef6 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -71,30 +71,32 @@ jobs: - { target: ubuntu-latest, config: boringssl } - { target: ubuntu-latest, config: aws-lc } - { target: ubuntu-latest, config: libressl-master } - - { target: ubuntu-latest, config: libressl-3.2.6 } + - { target: ubuntu-latest, config: libressl-3.2.7 } - { target: ubuntu-latest, config: libressl-3.3.6 } - { target: ubuntu-latest, config: libressl-3.4.3 } - - { target: ubuntu-latest, config: libressl-3.5.3 } - - { target: ubuntu-latest, config: libressl-3.6.1 } - - { target: ubuntu-latest, config: libressl-3.7.2 } + - { target: ubuntu-latest, config: libressl-3.5.4 } + - { target: ubuntu-latest, config: libressl-3.6.3 } + - { target: ubuntu-latest, config: libressl-3.7.3 } - { target: ubuntu-latest, config: libressl-3.8.4 } - { target: ubuntu-latest, config: libressl-3.9.2 } - { target: ubuntu-latest, config: libressl-4.0.0 } + - { target: ubuntu-latest, config: libressl-4.1.0 } - { target: ubuntu-latest, config: openssl-master } - { target: ubuntu-latest, config: openssl-noec } - { target: ubuntu-latest, config: openssl-1.1.1 } - { target: ubuntu-latest, config: openssl-1.1.1t } - { target: ubuntu-latest, config: openssl-1.1.1w } - { target: ubuntu-latest, config: openssl-3.0.0 } - - { target: ubuntu-latest, config: openssl-3.0.15 } + - { target: ubuntu-latest, config: openssl-3.0.18 } - { target: ubuntu-latest, config: openssl-3.1.0 } - - { target: ubuntu-latest, config: openssl-3.1.7 } - - { target: ubuntu-latest, config: openssl-3.2.3 } - - { target: ubuntu-latest, config: openssl-3.3.2 } + - { target: ubuntu-latest, config: openssl-3.1.8 } + - { target: ubuntu-latest, config: openssl-3.2.6 } + - { target: ubuntu-latest, config: openssl-3.3.5 } - { target: ubuntu-latest, config: openssl-3.4.0 } - - { target: ubuntu-latest, config: openssl-3.4.2 } + - { target: ubuntu-latest, config: openssl-3.4.3 } - { target: ubuntu-latest, config: openssl-3.5.0 } - - { target: ubuntu-latest, config: openssl-3.5.3 } + - { target: ubuntu-latest, config: openssl-3.5.3 } # keep + - { target: ubuntu-latest, config: openssl-3.5.4 } - { target: ubuntu-latest, config: openssl-1.1.1_stable } - { target: ubuntu-latest, config: openssl-3.0 } # stable branch - { target: ubuntu-latest, config: openssl-3.1 } # stable branch From eb30a0d1493a97b5c14728846576dc6af5d442da Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 1 Oct 2025 00:30:19 +0000 Subject: [PATCH 325/687] upstream: Get rid of utf8 droppings in commment since it confuses older shells. From Sevan Janiyan via openssh-unix-dev. OpenBSD-Regress-ID: 67c11a5cff6ef23538c77e9b29d538e175e6cfe3 --- regress/keygen-comment.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh index af571d39035f..56dde0e94f0b 100644 --- a/regress/keygen-comment.sh +++ b/regress/keygen-comment.sh @@ -1,4 +1,5 @@ -#    Placed in the Public Domain. +# $OpenBSD: keygen-comment.sh,v 1.3 2025/10/01 00:30:19 dtucker Exp $ +# Placed in the Public Domain. tid="Comment extraction from private key" From aceabd62ce5833716dd2e99d4be4fcb603d263cc Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 1 Oct 2025 00:33:37 +0000 Subject: [PATCH 326/687] upstream: Set keys to NULL after freeing in tests where the variables will be used again. Should prevent Coverity "potential use after free" warnings. OpenBSD-Regress-ID: 24d141657d25977e41dfb0c58e9b74ab093972bf --- regress/unittests/sshkey/test_sshkey.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index bfaa3f66d592..d0c46a90beb7 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.31 2025/09/29 07:40:55 dtucker Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.32 2025/10/01 00:33:37 dtucker Exp $ */ /* * Regress test for sshkey.h key management API * @@ -363,6 +363,7 @@ sshkey_tests(void) TEST_START("equal KEY_RSA/demoted KEY_RSA"); ASSERT_INT_EQ(sshkey_equal(kr, k1), 1); sshkey_free(k1); + k1 = NULL; TEST_DONE(); @@ -383,6 +384,7 @@ sshkey_tests(void) TEST_START("equal KEY_ECDSA/demoted KEY_ECDSA"); ASSERT_INT_EQ(sshkey_equal(ke, k1), 1); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -399,6 +401,7 @@ sshkey_tests(void) TEST_START("equal KEY_ED25519/demoted KEY_ED25519"); ASSERT_INT_EQ(sshkey_equal(kf, k1), 1); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -418,15 +421,18 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0); ASSERT_INT_EQ(sshkey_equal(kr, k1), 0); sshkey_free(k1); + k1 = NULL; #ifdef OPENSSL_HAS_ECC ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0); ASSERT_INT_EQ(sshkey_equal(ke, k1), 0); sshkey_free(k1); + k1 = NULL; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0); ASSERT_INT_EQ(sshkey_equal(kf, k1), 0); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -481,6 +487,7 @@ sshkey_tests(void) sshkey_free(k1); sshkey_free(k2); sshkey_free(k3); + k1 = k2 = k3 = NULL; sshbuf_reset(b); TEST_DONE(); @@ -492,6 +499,7 @@ sshkey_tests(void) signature_tests(k1, k2, "ssh-rsa"); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); TEST_START("sign and verify RSA-SHA256"); @@ -501,6 +509,7 @@ sshkey_tests(void) signature_tests(k1, k2, "rsa-sha2-256"); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); TEST_START("sign and verify RSA-SHA512"); @@ -510,6 +519,7 @@ sshkey_tests(void) signature_tests(k1, k2, "rsa-sha2-512"); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); @@ -521,6 +531,7 @@ sshkey_tests(void) signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -532,6 +543,7 @@ sshkey_tests(void) signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -547,6 +559,7 @@ sshkey_tests(void) sshkey_free(k1); sshkey_free(k2); sshkey_free(k3); + k1 = k2 = k3 = NULL; sshbuf_free(b); TEST_DONE(); #endif /* WITH_OPENSSL */ From 5c50ddbe4deac83995edc1d014e9ba0d5efa18a6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 1 Oct 2025 13:37:35 +1000 Subject: [PATCH 327/687] Remove compat "include" dir during distclean. --- openbsd-compat/Makefile.in | 1 + 1 file changed, 1 insertion(+) diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index 1d549954f9d6..5bce2b38bc05 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in @@ -120,3 +120,4 @@ clean: distclean: clean rm -f Makefile *~ + rm -rf include From 047e0221eaf9815775e8ea78c6d6add5ab0f68c7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 1 Oct 2025 14:34:02 +1000 Subject: [PATCH 328/687] Pass new "compat includes" path via AC_SUBST. This fixes the build when the directory path containing a space. Found by Sevan Janiyan, tested by Job Snijders. This doesn't fix "make tests", however that is a different, pre-existing problem that needs to be addressed separately. --- Makefile.in | 3 ++- configure.ac | 10 ++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/Makefile.in b/Makefile.in index 769ec17f426b..760fbaa5b997 100644 --- a/Makefile.in +++ b/Makefile.in @@ -33,6 +33,7 @@ STRIP_OPT=@STRIP_OPT@ TEST_SHELL=@TEST_SHELL@ BUILDDIR=@abs_top_builddir@ SK_STANDALONE=@SK_STANDALONE@ +COMPATINCLUDES="$(BUILDDIR)/@COMPATINCLUDES@" PATHS= -DSSHDIR=\"$(sysconfdir)\" \ -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ @@ -50,7 +51,7 @@ CC=@CC@ LD=@LD@ CFLAGS=@CFLAGS@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ -CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ +CPPFLAGS=-I. -I$(srcdir) -I$(COMPATINCLUDES) @CPPFLAGS@ $(PATHS) @DEFS@ PICFLAG=@PICFLAG@ LIBS=@LIBS@ CHANNELLIBS=@CHANNELLIBS@ diff --git a/configure.ac b/configure.ac index 819e8368949b..3eb6d4697f98 100644 --- a/configure.ac +++ b/configure.ac @@ -526,7 +526,7 @@ AC_CHECK_HEADERS([ \ # platform. Usually these are just empty, but in some cases they'll include # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. -compatincludes=no +COMPATINCLUDES="" AC_CHECK_HEADERS([ \ endian.h \ ifaddrs.h \ @@ -541,8 +541,8 @@ AC_CHECK_HEADERS([ \ sys/un.h \ time.h \ util.h], [], [ - compatincludes="`pwd`/openbsd-compat/include" - header="$compatincludes/$ac_header" + COMPATINCLUDES="openbsd-compat/include" + header="$COMPATINCLUDES/$ac_header" dir=`dirname "$header"` mkdir -p "$dir" case "$ac_header" in @@ -552,9 +552,7 @@ AC_CHECK_HEADERS([ \ *) ;; esac >"$header" ]) -if test "$compatincludes" != "no"; then - CPPFLAGS="$CPPFLAGS -I$compatincludes" -fi +AC_SUBST([COMPATINCLUDES]) AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H From b9f6a84ea383d811216de38219472214963c10b2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 2 Oct 2025 10:48:04 +1000 Subject: [PATCH 329/687] Pass COMPATINCLUDES down to openbsd-compat too. Fixes build on Solaris, AIX and probably others. --- openbsd-compat/Makefile.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index 5bce2b38bc05..53c87db6d01e 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in @@ -3,12 +3,14 @@ piddir=@piddir@ srcdir=@srcdir@ top_srcdir=@top_srcdir@ +BUILDDIR=@abs_top_builddir@ VPATH=@srcdir@ CC=@CC@ LD=@LD@ CFLAGS=@CFLAGS@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ -CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@ +COMPATINCLUDES="$(BUILDDIR)/@COMPATINCLUDES@" +CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. -I$(COMPATINCLUDES) @CPPFLAGS@ @DEFS@ PICFLAG=@PICFLAG@ LIBS=@LIBS@ AR=@AR@ From 6a239b057be2897d7a597daaf5394f2e7312dc65 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Oct 2025 04:23:11 +0000 Subject: [PATCH 330/687] upstream: backout r1.243 (fix for fatal during tab-completion with some multibyte sequences) as it breaks the common case for tab completion. Will deal with it properly after release. OpenBSD-Commit-ID: 196d00f5ff19579214de45357f16a1fb2d624be1 --- sftp.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/sftp.c b/sftp.c index bdcf977080f2..3b505eea23db 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.244 2025/09/30 00:06:06 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.245 2025/10/02 04:23:11 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1868,7 +1868,6 @@ complete_ambiguous(const char *word, char **list, size_t count) if (count > 0) { u_int y, matchlen = strlen(list[0]); - u_int itemlen = matchlen, wordlen = strlen(word); /* Find length of common stem */ for (y = 1; list[y]; y++) { @@ -1881,10 +1880,6 @@ complete_ambiguous(const char *word, char **list, size_t count) matchlen = x; } - for (; matchlen > wordlen; matchlen--) - if (mblen(list[0] + matchlen, itemlen - matchlen) >= 0) - break; - if (matchlen > strlen(word)) { char *tmp = xstrdup(list[0]); From 3957cc2914cdc88932c972413853f8b68c1ffba5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 2 Oct 2025 08:38:43 +0000 Subject: [PATCH 331/687] upstream: Relax array check slightly. Prevents compiler warnings in -portable when there are no kbdint devices present. ok djm@ OpenBSD-Commit-ID: c1c050cecd642d6073c792201908fd225191df93 --- auth2-chall.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth2-chall.c b/auth2-chall.c index bc2482a03a64..a6d916598263 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.56 2025/09/29 21:37:52 dtucker Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.57 2025/10/02 08:38:43 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -166,7 +166,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) break; for (i = 0; devices[i]; i++) { if (i >= sizeof(kbdintctxt->devices_done) * 8 || - i >= sizeof(devices) / sizeof(devices[0]) - 1) + i >= sizeof(devices) / sizeof(devices[0])) fatal_f("internal error: too may devices"); if ((kbdintctxt->devices_done & (1 << i)) != 0 || !auth2_method_allowed(authctxt, From a9cbe10da2be5be76755af0cea029db0f9c1f263 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 3 Oct 2025 00:08:02 +0000 Subject: [PATCH 332/687] upstream: include openssl/bn.h explicitly in files where we use BN_* makes things simpler for portable; from Mike Frysinger OpenBSD-Commit-ID: 717e93403fd1108e175afd7451b5a4ab46a598fe --- kexdh.c | 3 ++- kexecdh.c | 3 ++- kexgexc.c | 6 +++--- kexgexs.c | 6 +++--- openbsd-compat/openssl-compat.h | 1 + ssh-keygen.c | 5 +++-- ssh-pkcs11.c | 4 +++- ssh-rsa.c | 6 +++--- sshkey.c | 3 ++- 9 files changed, 22 insertions(+), 15 deletions(-) diff --git a/kexdh.c b/kexdh.c index c1084f2146e1..191bdced09c7 100644 --- a/kexdh.c +++ b/kexdh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdh.c,v 1.34 2020/12/04 02:29:25 djm Exp $ */ +/* $OpenBSD: kexdh.c,v 1.35 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * @@ -34,6 +34,7 @@ #include #include "openbsd-compat/openssl-compat.h" +#include #include #include "sshkey.h" diff --git a/kexecdh.c b/kexecdh.c index efb2e55a6d42..500ec5725edd 100644 --- a/kexecdh.c +++ b/kexecdh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdh.c,v 1.10 2019/01/21 10:40:11 djm Exp $ */ +/* $OpenBSD: kexecdh.c,v 1.11 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2010 Damien Miller. All rights reserved. * Copyright (c) 2019 Markus Friedl. All rights reserved. @@ -34,6 +34,7 @@ #include #include +#include #include #include "sshkey.h" diff --git a/kexgexc.c b/kexgexc.c index e99e0cf216e7..097d83f3072a 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.38 2021/12/19 22:08:06 djm Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.39 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -30,6 +30,8 @@ #include +#include "openbsd-compat/openssl-compat.h" +#include #include #include @@ -37,8 +39,6 @@ #include #include -#include "openbsd-compat/openssl-compat.h" - #include "sshkey.h" #include "cipher.h" #include "digest.h" diff --git a/kexgexs.c b/kexgexs.c index 100be0316d5a..344c3cd817a0 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.47 2024/05/17 00:30:23 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.48 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -34,9 +34,9 @@ #include #include -#include - #include "openbsd-compat/openssl-compat.h" +#include +#include #include "sshkey.h" #include "cipher.h" diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 4539d8d50002..d07928b17b6d 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -23,6 +23,7 @@ #include #include #include +#include #include #ifdef OPENSSL_HAS_ECC #include diff --git a/ssh-keygen.c b/ssh-keygen.c index d450f3e41f94..3c582a83ac9b 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.484 2025/09/25 12:52:21 jsg Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.485 2025/10/03 00:08:02 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -19,9 +19,10 @@ #include #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" +#include #include #include -#include "openbsd-compat/openssl-compat.h" #endif #include diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 36b428223f36..0a94fcd97adb 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.71 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.72 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -34,6 +34,8 @@ #include "openbsd-compat/openssl-compat.h" #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" +#include #include #include #include diff --git a/ssh-rsa.c b/ssh-rsa.c index abc5b17fbeb7..fe1518984849 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.c,v 1.81 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: ssh-rsa.c,v 1.82 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl * @@ -21,6 +21,8 @@ #include +#include "openbsd-compat/openssl-compat.h" +#include #include #include @@ -34,8 +36,6 @@ #include "digest.h" #include "log.h" -#include "openbsd-compat/openssl-compat.h" - static u_int ssh_rsa_size(const struct sshkey *k) { diff --git a/sshkey.c b/sshkey.c index fa883b084442..e17e929e0258 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.154 2025/09/05 10:23:55 dtucker Exp $ */ +/* $OpenBSD: sshkey.c,v 1.155 2025/10/03 00:08:02 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -32,6 +32,7 @@ #include #ifdef WITH_OPENSSL +#include #include #include #include From ade92f53c3bd4ad7dcd95334a194add57ec9ff71 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 3 Oct 2025 00:09:26 +0000 Subject: [PATCH 333/687] upstream: stray newline OpenBSD-Commit-ID: b47ed4fa93b781c7ec8ae2936526a290f4e17e1f --- kexgexs.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/kexgexs.c b/kexgexs.c index 344c3cd817a0..d02cca6dcf82 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.48 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.49 2025/10/03 00:09:26 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -28,7 +28,6 @@ #ifdef WITH_OPENSSL - #include #include #include From a0e5446ac85aca5a3ef9844eeedf787300fdb8b3 Mon Sep 17 00:00:00 2001 From: "naddy@openbsd.org" Date: Sat, 4 Oct 2025 21:41:35 +0000 Subject: [PATCH 334/687] upstream: typos: a ssh* -> an ssh* ok dtucker@ OpenBSD-Commit-ID: a70fd2e1b23089260e8f5a7921b0debc06b011cb --- scp.1 | 6 +++--- ssh-agent.1 | 8 ++++---- ssh-keygen.1 | 10 +++++----- ssh-keyscan.1 | 6 +++--- ssh_config.5 | 12 ++++++------ sshd.8 | 6 +++--- sshd_config.5 | 10 +++++----- 7 files changed, 29 insertions(+), 29 deletions(-) diff --git a/scp.1 b/scp.1 index ff739e8b8304..7bce0fe6f90a 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.114 2025/04/14 05:41:42 jmc Exp $ +.\" $OpenBSD: scp.1,v 1.115 2025/10/04 21:41:35 naddy Exp $ .\" -.Dd $Mdocdate: April 14 2025 $ +.Dd $Mdocdate: October 4 2025 $ .Dt SCP 1 .Os .Sh NAME @@ -35,7 +35,7 @@ copies files between hosts on a network. .Pp .Nm -uses the SFTP protocol over a +uses the SFTP protocol over an .Xr ssh 1 connection for data transfer, and uses the same authentication and provides the same security as a login session. diff --git a/ssh-agent.1 b/ssh-agent.1 index 58258be49b4e..f77a6cdd58f0 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.85 2025/05/21 12:12:20 djm Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.86 2025/10/04 21:41:35 naddy Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 21 2025 $ +.Dd $Mdocdate: October 4 2025 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -139,9 +139,9 @@ By default, refuses signature requests for FIDO keys where the key application string does not start with .Dq ssh: -and when the data to be signed does not appear to be a +and when the data to be signed does not appear to be an .Xr ssh 1 -user authentication request or a +user authentication request or an .Xr ssh-keygen 1 signature. The default behaviour prevents forwarded access to a FIDO key from also diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 3caf097129c3..7ceb1db959fb 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.235 2025/05/24 03:40:54 dtucker Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.236 2025/10/04 21:41:35 naddy Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 24 2025 $ +.Dd $Mdocdate: October 4 2025 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -600,7 +600,7 @@ When used in combination with .Fl s or .Fl Y Cm sign , -this option indicates that a CA key resides in a +this option indicates that a CA key resides in an .Xr ssh-agent 1 . See the .Sx CERTIFICATES @@ -924,7 +924,7 @@ to .Pp .Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub .Pp -Similarly, it is possible for the CA key to be hosted in a +Similarly, it is possible for the CA key to be hosted in an .Xr ssh-agent 1 . This is indicated by the .Fl U @@ -1186,7 +1186,7 @@ Revokes the specified key by including its SHA256 hash in the KRL. KRLs that revoke keys by SHA256 hash are not supported by OpenSSH versions prior to 7.9. .It Cm hash : Ar fingerprint -Revokes a key using a fingerprint hash, as obtained from a +Revokes a key using a fingerprint hash, as obtained from an .Xr sshd 8 authentication log message or the .Nm diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index 79cef300dda9..e17957367367 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.52 2024/06/17 08:30:29 djm Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.53 2025/10/04 21:41:35 naddy Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -6,7 +6,7 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" -.Dd $Mdocdate: June 17 2024 $ +.Dd $Mdocdate: October 4 2025 $ .Dt SSH-KEYSCAN 1 .Os .Sh NAME @@ -64,7 +64,7 @@ to use IPv6 addresses only. Request certificates from target hosts instead of plain keys. .It Fl D Print keys found as SSHFP DNS records. -The default is to print keys in a format usable as a +The default is to print keys in a format usable as an .Xr ssh 1 .Pa known_hosts file. diff --git a/ssh_config.5 b/ssh_config.5 index d24e92f73f0a..f7066cbaab78 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.419 2025/08/18 18:39:33 caspar Exp $ -.Dd $Mdocdate: August 18 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.420 2025/10/04 21:41:35 naddy Exp $ +.Dd $Mdocdate: October 4 2025 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -532,7 +532,7 @@ Open connections to .Xr ssh-agent 1 . .It Cm direct-tcpip , Cm direct-streamlocal@openssh.com Open TCP or Unix socket (respectively) connections that have -been established from a +been established from an .Xr ssh 1 local forwarding, i.e.\& .Cm LocalForward @@ -540,9 +540,9 @@ or .Cm DynamicForward . .It Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com Open TCP or Unix socket (respectively) connections that have been -established to a +established to an .Xr sshd 8 -listening on behalf of a +listening on behalf of an .Xr ssh 1 remote forwarding, i.e.\& .Cm RemoteForward . @@ -1638,7 +1638,7 @@ Multiple proxies may be separated by comma characters and will be visited sequentially. Setting this option will cause .Xr ssh 1 -to connect to the target host by first making a +to connect to the target host by first making an .Xr ssh 1 connection to the specified .Cm ProxyJump diff --git a/sshd.8 b/sshd.8 index 08ebf53a1281..7fbca776aa22 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.327 2024/09/15 01:19:56 djm Exp $ -.Dd $Mdocdate: September 15 2024 $ +.\" $OpenBSD: sshd.8,v 1.328 2025/10/04 21:41:35 naddy Exp $ +.Dd $Mdocdate: October 4 2025 $ .Dt SSHD 8 .Os .Sh NAME @@ -530,7 +530,7 @@ The command originally supplied by the client is available in the .Ev SSH_ORIGINAL_COMMAND environment variable. Note that this option applies to shell, command or subsystem execution. -Also note that this command may be superseded by a +Also note that this command may be superseded by an .Xr sshd_config 5 .Cm ForceCommand directive. diff --git a/sshd_config.5 b/sshd_config.5 index 4536286b750d..6ae606f1e04f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.384 2025/08/05 09:08:16 job Exp $ -.Dd $Mdocdate: August 5 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.385 2025/10/04 21:41:35 naddy Exp $ +.Dd $Mdocdate: October 4 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -440,7 +440,7 @@ Open connections to .Xr ssh-agent 1 . .It Cm direct-tcpip , Cm direct-streamlocal@openssh.com Open TCP or Unix socket (respectively) connections that have -been established from a +been established from an .Xr ssh 1 local forwarding, i.e.\& .Cm LocalForward @@ -448,9 +448,9 @@ or .Cm DynamicForward . .It Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com Open TCP or Unix socket (respectively) connections that have been -established to a +established to an .Xr sshd 8 -listening on behalf of a +listening on behalf of an .Xr ssh 1 remote forwarding, i.e.\& .Cm RemoteForward . From b9a640a1a0dccfb56be684cc7ade402f57cf7ebd Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 3 Oct 2025 01:03:45 +0000 Subject: [PATCH 335/687] upstream: If write() returned short, the subsequent write would restart from the beginning of the buffer not the end of what was written. Fix, since we want modpipe to corrupt data for testing purposes deliberately not accidentally. ok djm@ OpenBSD-Regress-ID: 50ca74d287445c58944f070bb92dc13b1d054b43 --- regress/modpipe.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/modpipe.c b/regress/modpipe.c index 5f4824b51d02..5ef2f12ed1f6 100644 --- a/regress/modpipe.c +++ b/regress/modpipe.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: modpipe.c,v 1.6 2013/11/21 03:16:47 djm Exp $ */ +/* $OpenBSD: modpipe.c,v 1.7 2025/10/03 01:03:45 dtucker Exp $ */ #include "includes.h" @@ -127,7 +127,7 @@ main(int argc, char **argv) } } for (o = 0; o < s; o += r) { - r = write(STDOUT_FILENO, buf, s - o); + r = write(STDOUT_FILENO, buf + o, s - o); if (r == 0) break; if (r < 0) { From 981bb32bc6062fa5d6f11de7ffb732967463bf57 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 6 Oct 2025 01:45:22 +0000 Subject: [PATCH 336/687] upstream: openssh-10.1 OpenBSD-Commit-ID: 2a232c2d2fc05a23519f69bc29e6d8c076b97d97 --- version.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/version.h b/version.h index 1b417bfce916..5dcdcca3fc93 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.105 2025/04/09 07:00:21 djm Exp $ */ +/* $OpenBSD: version.h,v 1.106 2025/10/06 01:45:22 djm Exp $ */ -#define SSH_VERSION "OpenSSH_10.0" +#define SSH_VERSION "OpenSSH_10.1" -#define SSH_PORTABLE "p2" +#define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE From 2fd0945913a30fbbe7c02503347961df03f28e66 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 6 Oct 2025 12:48:16 +1100 Subject: [PATCH 337/687] sync ssh-copy-id to upstream version 527be673f4d --- contrib/ssh-copy-id | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id index dcf579843a74..afb9beca497d 100644 --- a/contrib/ssh-copy-id +++ b/contrib/ssh-copy-id @@ -1,12 +1,14 @@ #!/bin/sh -# Copyright (c) 1999-2024 Philip Hands +# Copyright (c) 1999-2025 Philip Hands +# 2025 Denis Ovsienko +# 2024 Frank Fischer # 2021 Carlos Rodríguez Gili # 2020 Matthias Blümel # 2017 Sebastien Boyron # 2013 Martin Kletzander # 2010 Adeodato =?iso-8859-1?Q?Sim=F3?= -# 2010 Eric Moret +# 2010 Eric Moret # 2009 Xr # 2007 Justin Pryzby # 2004 Reini Urban @@ -284,14 +286,17 @@ installkeys_sh() { # the -z `tail ...` checks for a trailing newline. The echo adds one if was missing # the cat adds the keys we're getting via STDIN # and if available restorecon is used to restore the SELinux context - # OpenWrt has a special case for root only. - INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF + # OpenWrt has a special case for root/UID:0. Haiku is also special. + INSTALLKEYS_SH=$(tr -s '\t\n' ' ' <<-EOF $SET_X cd; umask 077; AUTH_KEY_FILE="${TARGET_PATH}"; - [ -f /etc/openwrt_release ] && [ "\$LOGNAME" = "root" ] && + [ -f /etc/openwrt_release ] && + { [ "\$LOGNAME" = "root" ] || [ "\$(id -u)" = "0" ]; } && AUTH_KEY_FILE=/etc/dropbear/authorized_keys; + [ "\`uname -s\`" = "Haiku" ] && + AUTH_KEY_FILE=config/settings/ssh/authorized_keys; AUTH_KEY_DIR=\`dirname "\${AUTH_KEY_FILE}"\`; mkdir -p "\${AUTH_KEY_DIR}" && { [ -z "\`tail -1c "\${AUTH_KEY_FILE}" 2>/dev/null\`" ] || From af956575eba6bf6b6d6bc817e1aa6ed73a365984 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 6 Oct 2025 12:51:13 +1100 Subject: [PATCH 338/687] update versions --- README | 2 +- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README b/README index 0ea77da1c1dd..e19b021e4fbc 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See https://www.openssh.com/releasenotes.html#10.0p1 for the release +See https://www.openssh.com/releasenotes.html#10.1p1 for the release notes. Please read https://www.openssh.com/report.html for bug reporting diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 0ba34ee8a152..a8fe2ecd0620 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%global ver 10.0p1 +%global ver 10.1p1 %global rel 1%{?dist} # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 6b95d73064b5..63ea57064d10 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 10.0p1 +Version: 10.1p1 URL: https://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz From 476bab6259d5a6ea0402ec79bc47ed61e2c15e86 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 6 Oct 2025 12:52:25 +1100 Subject: [PATCH 339/687] depend --- .depend | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.depend b/.depend index 365db15a8cec..93e4d864eb52 100644 --- a/.depend +++ b/.depend @@ -114,8 +114,8 @@ servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp servconf.o: mac.h crypto_api.h match.h channels.h groupaccess.h canohost.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h version.h serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h sshbuf.h log.h ssherr.h misc.h servconf.h canohost.h sshpty.h channels.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h serverloop.o: rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h -session.o: hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h crypto_api.h monitor_wrap.h sftp.h atomicio.h session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h +session.o: kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h monitor_wrap.h sftp.h atomicio.h sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h @@ -133,8 +133,8 @@ ssh-ecdsa-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd- ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-ed25519-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h digest.h ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h -ssh-keygen.o: cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h -ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h sshbuf.h pathnames.h log.h ssherr.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h sshsig.h ssh-sk.h sk-api.h cipher.h +ssh-keygen.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h +ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h sshbuf.h pathnames.h log.h ssherr.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h atomicio.h krl.h digest.h utf8.h authfd.h sshsig.h ssh-sk.h sk-api.h cipher.h cipher-chachapoly.h ssh-keyscan.o: dispatch.h log.h ssherr.h atomicio.h misc.h hostfile.h ssh_api.h ssh2.h dns.h addr.h ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h From beae06f56e0d0a66ca535896149d5fb0b2e8a1b4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 7 Oct 2025 08:02:32 +0000 Subject: [PATCH 340/687] upstream: don't reuse c->isatty for signalling that the remote channel has a tty attached as this causes side effects, e.g. in channel_handle_rfd(). bz3872 ok markus@ OpenBSD-Commit-ID: 4cd8a9f641498ca6089442e59bad0fd3dcbe85f8 --- channels.c | 9 +++++---- channels.h | 3 ++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/channels.c b/channels.c index f1d7bcf345b1..80014ff341fa 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.451 2025/09/25 06:33:19 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.452 2025/10/07 08:02:32 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -362,7 +362,7 @@ channel_classify(struct ssh *ssh, Channel *c) { struct ssh_channels *sc = ssh->chanctxt; const char *type = c->xctype == NULL ? c->ctype : c->xctype; - const char *classifier = c->isatty ? + const char *classifier = (c->isatty || c->remote_has_tty) ? sc->bulk_classifier_tty : sc->bulk_classifier_notty; c->bulk = type != NULL && match_pattern_list(type, classifier, 0) == 1; @@ -566,7 +566,7 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd, void channel_set_tty(struct ssh *ssh, Channel *c) { - c->isatty = 1; + c->remote_has_tty = 1; channel_classify(ssh, c); } @@ -1078,7 +1078,8 @@ channel_format_status(const Channel *c) c->rfd, c->wfd, c->efd, c->sock, c->ctl_chan, c->have_ctl_child_id ? "c" : "nc", c->ctl_child_id, c->io_want, c->io_ready, - c->isatty ? "T" : "", c->bulk ? "B" : "I"); + c->isatty ? "T" : (c->remote_has_tty ? "RT" : ""), + c->bulk ? "B" : "I"); return ret; } diff --git a/channels.h b/channels.h index df7c7f364d22..7456541f8ce3 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.161 2025/09/25 06:33:19 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.162 2025/10/07 08:02:32 djm Exp $ */ /* * Author: Tatu Ylonen @@ -145,6 +145,7 @@ struct Channel { int ctl_chan; /* control channel (multiplexed connections) */ uint32_t ctl_child_id; /* child session for mux controllers */ int have_ctl_child_id;/* non-zero if ctl_child_id is valid */ + int remote_has_tty; /* remote side has a tty */ int isatty; /* rfd is a tty */ #ifdef _AIX int wfd_isatty; /* wfd is a tty */ From 52411f15353257e9ec883fc044b7a56b6fca242d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Oct 2025 20:04:40 +1100 Subject: [PATCH 341/687] Add clock_gettime compat shim. This fixes the build on macOS prior to 10.12 Sierra, since it does not have it. Found and tested by Sevan Janiyan. --- openbsd-compat/bsd-misc.c | 24 ++++++++++++++++++++++++ openbsd-compat/bsd-misc.h | 8 ++++++++ 2 files changed, 32 insertions(+) diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 983cd3fe6216..2c196ec23eee 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -494,6 +494,30 @@ localtime_r(const time_t *timep, struct tm *result) } #endif +#ifndef HAVE_CLOCK_GETTIME +int +clock_gettime(clockid_t clockid, struct timespec *ts) +{ + struct timeval tv; + + if (clockid != CLOCK_REALTIME) { + errno = ENOSYS; + return -1; + } + if (ts == NULL) { + errno = EFAULT; + return -1; + } + + if (gettimeofday(&tv, NULL) == -1) + return -1; + + ts->tv_sec = tv.tv_sec; + ts->tv_nsec = (long)tv.tv_usec * 1000; + return 0; +} +#endif + #ifdef ASAN_OPTIONS const char *__asan_default_options(void) { return ASAN_OPTIONS; diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 2ad89cd83b59..8495f471c285 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -202,6 +202,14 @@ int flock(int, int); struct tm *localtime_r(const time_t *, struct tm *); #endif +#ifndef HAVE_CLOCK_GETTIME +typedef int clockid_t; +#ifndef CLOCK_REALTIME +# define CLOCK_REALTIME 0 +#endif +int clock_gettime(clockid_t, struct timespec *); +#endif + #ifndef HAVE_REALPATH #define realpath(x, y) (sftp_realpath((x), (y))) #endif From 33b63718d40ccc555b8c7a24331a3790b2efc6c5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Oct 2025 20:10:07 +1100 Subject: [PATCH 342/687] Add 10.1 branch to ci-status page. --- .github/ci-status.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/ci-status.md b/.github/ci-status.md index 5b1f77f2369c..82ea40a840b4 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -8,6 +8,11 @@ master : [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable)
+10.1 : +[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_1)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_1) +[![VM CI](../../../actions/workflows/vm.yml/badge.svg?branch=V_10_1)](../../../actions/workflows/vm.yml?query=branch:V_10_1) +[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_10_1)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_10_1) + 10.0 : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_0)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_0) [![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_10_0)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_10_0) From 0bd6649ea80ead0cd6404dbc25b64937421b556e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Oct 2025 20:10:56 +1100 Subject: [PATCH 343/687] Don't copy native host keys for hostbased test. Some github runners (notably macos-14) seem to have host keys where public and private do not match, so generate our own keys for testing purposes. --- .github/run_test.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/run_test.sh b/.github/run_test.sh index aac9ce57942e..33c90ac291c2 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -13,7 +13,6 @@ if [ ! -z "$SUDO" ] && [ ! -z "$TEST_SSH_HOSTBASED_AUTH" ]; then hostname | $SUDO tee $sshconf/shosts.equiv >/dev/null echo "EnableSSHKeysign yes" | $SUDO tee $sshconf/ssh_config >/dev/null $SUDO mkdir -p $sshconf - $SUDO cp -p /etc/ssh/ssh_host*key* $sshconf $SUDO make install for key in $sshconf/ssh_host*key*.pub; do echo `hostname` `cat $key` | \ From 8aa13832315e52c4404c993a59c6139b44ac6114 Mon Sep 17 00:00:00 2001 From: Daan De Meyer Date: Mon, 20 Mar 2023 20:22:14 +0100 Subject: [PATCH 344/687] Only set PAM_RHOST if the remote host is not "UNKNOWN" When using sshd's -i option with stdio that is not a AF_INET/AF_INET6 socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then set as the value of PAM_RHOST, causing pam to try to do a reverse DNS query of "UNKNOWN", which times out multiple times, causing a substantial slowdown when logging in. To fix this, let's only set PAM_RHOST if the hostname is not "UNKNOWN". --- auth-pam.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth-pam.c b/auth-pam.c index 5dee7601bf4b..5591f094ece3 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -758,7 +758,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) sshpam_laddr = get_local_ipaddr( ssh_packet_get_connection_in(ssh)); } - if (sshpam_rhost != NULL) { + if (sshpam_rhost != NULL && strcmp(sshpam_rhost, "UNKNOWN") != 0) { debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, sshpam_rhost); From c97b931bffa481c72ff4bfddd9d59a2110899289 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Oct 2025 20:25:07 +1100 Subject: [PATCH 345/687] Add fcntl.h to includes. From FreeBSD via bz#3874: "This was previously included due to nested includes in Heimdal's headers. Without this, the build fails with an error due to redefining AT_FDCWD." --- includes.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/includes.h b/includes.h index 8f933568d337..96cddbc26089 100644 --- a/includes.h +++ b/includes.h @@ -34,6 +34,9 @@ #ifdef HAVE_ENDIAN_H # include #endif +#ifdef HAVE_FCNTL_H +# include +#endif #ifdef HAVE_TTYENT_H # include #endif From 8d57083c062f03098c9f767ec8d6278dc549a2f6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Oct 2025 21:07:05 +1100 Subject: [PATCH 346/687] Use calloc for sshkeys if mmap is not supported. Based on Github PR#597 from Mike Frysinger, any bugs added by me. --- configure.ac | 2 ++ sshkey.c | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/configure.ac b/configure.ac index 3eb6d4697f98..98f2e3e1c5ab 100644 --- a/configure.ac +++ b/configure.ac @@ -536,6 +536,7 @@ AC_CHECK_HEADERS([ \ nlist.h \ poll.h \ stdint.h \ + sys/mmap.h \ sys/stat.h \ sys/time.h \ sys/un.h \ @@ -2103,6 +2104,7 @@ AC_CHECK_FUNCS([ \ memmove \ memset_s \ mkdtemp \ + mmap \ ngetaddrinfo \ nlist \ nsleep \ diff --git a/sshkey.c b/sshkey.c index e17e929e0258..206b72921358 100644 --- a/sshkey.c +++ b/sshkey.c @@ -723,6 +723,7 @@ sshkey_sk_cleanup(struct sshkey *k) static int sshkey_prekey_alloc(u_char **prekeyp, size_t len) { +#if defined(HAVE_MMAP) && defined(MAP_ANON) && defined(MAP_PRIVATE) u_char *prekey; *prekeyp = NULL; @@ -734,14 +735,21 @@ sshkey_prekey_alloc(u_char **prekeyp, size_t len) #endif *prekeyp = prekey; return 0; +#else + *prekeyp = calloc(1, len); +#endif /* HAVE_MMAP et al */ } static void sshkey_prekey_free(void *prekey, size_t len) { +#if defined(HAVE_MMAP) && defined(MAP_ANON) && defined(MAP_PRIVATE) if (prekey == NULL) return; munmap(prekey, len); +#else + free(prekey); +#endif /* HAVE_MMAP et al */ } static void From b937061fe4922caced7b91442b3233c0bd763492 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Oct 2025 21:10:33 +1100 Subject: [PATCH 347/687] Check HAVE_MMAP too now that configure sets it. --- openbsd-compat/arc4random.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openbsd-compat/arc4random.h b/openbsd-compat/arc4random.h index af2d5c172a28..8f6842874b29 100644 --- a/openbsd-compat/arc4random.h +++ b/openbsd-compat/arc4random.h @@ -65,7 +65,7 @@ _rs_forkdetect(void) static inline int _rs_allocate(struct _rs **rsp, struct _rsx **rsxp) { -#if defined(MAP_ANON) && defined(MAP_PRIVATE) +#if defined(HAVE_MMAP) && defined(MAP_ANON) && defined(MAP_PRIVATE) if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) return (-1); @@ -84,7 +84,7 @@ _rs_allocate(struct _rs **rsp, struct _rsx **rsxp) *rsp = NULL; return (-1); } -#endif +#endif /* HAVE_MMAP et al */ _ARC4_ATFORK(_rs_forkhandler); return (0); From bcf7c05a473f92a35f4f3b561fd7a1e339e0a30f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 8 Oct 2025 11:26:52 +1100 Subject: [PATCH 348/687] Fix header name and move return outside of ifdef. Fixes from Mike Frysinger via Github PR#597. --- configure.ac | 2 +- sshkey.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 98f2e3e1c5ab..db5211013f43 100644 --- a/configure.ac +++ b/configure.ac @@ -536,7 +536,7 @@ AC_CHECK_HEADERS([ \ nlist.h \ poll.h \ stdint.h \ - sys/mmap.h \ + sys/mman.h \ sys/stat.h \ sys/time.h \ sys/un.h \ diff --git a/sshkey.c b/sshkey.c index 206b72921358..afd7822c4f41 100644 --- a/sshkey.c +++ b/sshkey.c @@ -734,10 +734,10 @@ sshkey_prekey_alloc(u_char **prekeyp, size_t len) (void)madvise(prekey, len, MADV_DONTDUMP); #endif *prekeyp = prekey; - return 0; #else *prekeyp = calloc(1, len); #endif /* HAVE_MMAP et al */ + return 0; } static void From 64ea9e95256203f30f98a6896f4721fd223106aa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 8 Oct 2025 00:32:52 +0000 Subject: [PATCH 349/687] upstream: openssh-10.2 The only change since 10.1 is the channels.c fix OpenBSD-Commit-ID: 5eebeb0db14c694efd4ee96b5f16112e3e5d5ba9 --- version.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/version.h b/version.h index 5dcdcca3fc93..086cdba98516 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.106 2025/10/06 01:45:22 djm Exp $ */ +/* $OpenBSD: version.h,v 1.107 2025/10/08 00:32:52 djm Exp $ */ -#define SSH_VERSION "OpenSSH_10.1" +#define SSH_VERSION "OpenSSH_10.2" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE From 0118c30acaff308deb089fc25fe98ef59a149ca5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 8 Oct 2025 21:02:16 +0000 Subject: [PATCH 350/687] upstream: fix crash at exit (visible via ssh-keygen -D) when multiple keys loaded. ok markus deraadt dtucker OpenBSD-Commit-ID: baa9763ec69d162108dafd962792ec5610ff45c9 --- ssh-pkcs11.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 0a94fcd97adb..f68617f47e35 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.72 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.73 2025/10/08 21:02:16 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -2029,8 +2029,10 @@ pkcs11_terminate(void) debug3_f("called"); - while ((k11 = TAILQ_FIRST(&pkcs11_keys)) != NULL) + while ((k11 = TAILQ_FIRST(&pkcs11_keys)) != NULL) { + TAILQ_REMOVE(&pkcs11_keys, k11, next); pkcs11_k11_free(k11); + } while ((p = TAILQ_FIRST(&pkcs11_providers)) != NULL) { TAILQ_REMOVE(&pkcs11_providers, p, next); pkcs11_provider_finalize(p); From 0f3b8fd68a29766697d7a709bae8b0a61da6cff2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 8 Oct 2025 21:48:40 +0000 Subject: [PATCH 351/687] upstream: When tab-completing a filename, ensure that the completed string does not end up mid-way through a multibyte character, as this will cause a fatal() later on. based on GHPR#587 from @TaoistBrickscarrier; feedback tb@ kevlo@ ok dtucker@ OpenBSD-Commit-ID: efb977164b4e20d61204a66201a7592ba8291362 --- sftp.c | 54 +++++++++++++++++++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 19 deletions(-) diff --git a/sftp.c b/sftp.c index 3b505eea23db..57516a73a683 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.245 2025/10/02 04:23:11 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.246 2025/10/08 21:48:40 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1863,29 +1863,44 @@ complete_display(char **list, u_int len) static char * complete_ambiguous(const char *word, char **list, size_t count) { + size_t i, j, matchlen; + char *tmp; + int len; + if (word == NULL) return NULL; - if (count > 0) { - u_int y, matchlen = strlen(list[0]); - - /* Find length of common stem */ - for (y = 1; list[y]; y++) { - u_int x; - - for (x = 0; x < matchlen; x++) - if (list[0][x] != list[y][x]) - break; - - matchlen = x; - } + if (count == 0) + return xstrdup(word); /* no options to complete */ - if (matchlen > strlen(word)) { - char *tmp = xstrdup(list[0]); + /* Find length of common stem across list */ + matchlen = strlen(list[0]); + for (i = 1; i < count && list[i] != NULL; i++) { + for (j = 0; j < matchlen; j++) + if (list[0][j] != list[i][j]) + break; + matchlen = j; + } - tmp[matchlen] = '\0'; - return tmp; - } + /* + * Now check that the common stem doesn't finish in the middle of + * a multibyte character. + */ + mblen(NULL, 0); + for (i = 0; i < matchlen;) { + len = mblen(list[0] + i, matchlen - i); + if (len <= 0 || i + (size_t)len > matchlen) + break; + i += (size_t)len; + } + /* If so, truncate */ + if (i < matchlen) + matchlen = i; + + if (matchlen > strlen(word)) { + tmp = xstrdup(list[0]); + tmp[matchlen] = '\0'; + return tmp; } return xstrdup(word); @@ -2065,6 +2080,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, tmp2 = tmp + filelen - cesc; len = strlen(tmp2); /* quote argument on way out */ + mblen(NULL, 0); for (i = 0; i < len; i += clen) { if ((clen = mblen(tmp2 + i, len - i)) < 0 || (size_t)clen > sizeof(ins) - 2) From 3470f465c6f5c7c371e73927ebb403dd7ba05893 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 9 Oct 2025 10:07:40 +1100 Subject: [PATCH 352/687] link ssh-keygen directly against ssh-pkcs11.c Matches what OpenBSD does and fixes ssh-keygen regression in certifying keys using a CA key hosted via ssh-agent (bz3877) --- Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 760fbaa5b997..ba17a79f0d3d 100644 --- a/Makefile.in +++ b/Makefile.in @@ -158,7 +158,7 @@ SSHADD_OBJS= ssh-add.o $(P11OBJS) $(SKOBJS) SSHAGENT_OBJS= ssh-agent.o $(P11OBJS) $(SKOBJS) -SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(P11OBJS) $(SKOBJS) +SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o ssh-pkcs11.o $(SKOBJS) SSHKEYSIGN_OBJS=ssh-keysign.o readconf.o uidswap.o $(P11OBJS) $(SKOBJS) From ac4457787900c99ada9cc3768249291b002fa16e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 9 Oct 2025 13:10:27 +1100 Subject: [PATCH 353/687] some fixes to p11_setup 1. Use the ssh-keygen under test and not the one in $PATH 2. Include a test PKCS#11 operation to ensure that the P11 stack is working correctly. Previously, it was possible for p11_setup to return success on configurations with PKCS#11 support disabled. --- regress/test-exec.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index c5270042e6a9..34fb58fda0f8 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -964,7 +964,7 @@ EOF softhsm2-util --slot "$slot" --label 01 --id 01 --pin "$TEST_SSH_PIN" \ --import $RSAP8 >/dev/null || fatal "softhsm import RSA fail" chmod 600 $RSA - ssh-keygen -y -f $RSA > ${RSA}.pub + ${SSHKEYGEN} -y -f $RSA > ${RSA}.pub # ECDSA key ECPARAM=${SSH_SOFTHSM_DIR}/ECPARAM EC=${SSH_SOFTHSM_DIR}/EC @@ -978,7 +978,7 @@ EOF softhsm2-util --slot "$slot" --label 02 --id 02 --pin "$TEST_SSH_PIN" \ --import $ECP8 >/dev/null || fatal "softhsm import EC fail" chmod 600 $EC - ssh-keygen -y -f $EC > ${EC}.pub + ${SSHKEYGEN} -y -f $EC > ${EC}.pub # Ed25519 key ED25519=${SSH_SOFTHSM_DIR}/ED25519 ED25519P8=${SSH_SOFTHSM_DIR}/ED25519P8 @@ -990,7 +990,7 @@ EOF --import $ED25519P8 >/dev/null || \ fatal "softhsm import ed25519 fail" chmod 600 $ED25519 - ssh-keygen -y -f $ED25519 > ${ED25519}.pub + ${SSHKEYGEN} -y -f $ED25519 > ${ED25519}.pub # Prepare askpass script to load PIN. PIN_SH=$SSH_SOFTHSM_DIR/pin.sh cat > $PIN_SH << EOF @@ -999,7 +999,11 @@ echo "${TEST_SSH_PIN}" EOF chmod 0700 "$PIN_SH" PKCS11_OK=yes - return 0 + if env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force \ + ${SSHKEYGEN} -D ${TEST_SSH_PKCS11} >/dev/null 2>&1 ; then + return 0 + fi + return 1 } # Peforms ssh-add with the right token PIN. From 081b8dbbe90d81a43b5e0f1995fe59a0e319aa15 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 9 Oct 2025 13:12:15 +1100 Subject: [PATCH 354/687] complete PKCS#11 stubs and move to ssh-pkcs11.c Should unbreak --disable-pkcs11 builds --- ssh-pkcs11-helper.c | 16 ---------------- ssh-pkcs11.c | 25 ++++++++++++++++++++++--- 2 files changed, 22 insertions(+), 19 deletions(-) diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 7ed4bdb76841..aeb5b7a8a924 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -310,22 +310,6 @@ main(int argc, char **argv) } } #else /* ENABLE_PKCS11 */ -/* stubs */ -int -pkcs11_sign(struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, - const char *sk_pin, u_int compat) -{ - return SSH_ERR_INTERNAL_ERROR; -} - -void -pkcs11_key_free(struct sshkey *key) -{ -} - int main(int argc, char **argv) { diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index f68617f47e35..c8817947395a 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -2289,11 +2289,13 @@ pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, #include "log.h" #include "sshkey.h" +#include "ssherr.h" +#include "ssh-pkcs11.h" int pkcs11_init(int interactive) { - error_f("dlopen() not supported"); + error_f("PKCS#11 not supported"); return (-1); } @@ -2301,13 +2303,30 @@ int pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp, char ***labelsp) { - error_f("dlopen() not supported"); + error_f("PKCS#11 not supported"); return (-1); } +void +pkcs11_key_free(struct sshkey *key) +{ + error_f("PKCS#11 not supported"); +} + +int +pkcs11_sign(struct sshkey *key, + u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, + const char *sk_pin, u_int compat) +{ + error_f("PKCS#11 not supported"); + return SSH_ERR_FEATURE_UNSUPPORTED; +} + void pkcs11_terminate(void) { - error_f("dlopen() not supported"); + error_f("PKCS#11 not supported"); } #endif /* ENABLE_PKCS11 */ From fb0bf236b0237aa83a0c5b666af7bdc0423ac457 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 9 Oct 2025 17:57:17 +1100 Subject: [PATCH 355/687] Add tracking for 10.2 branch. --- .github/ci-status.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/ci-status.md b/.github/ci-status.md index 82ea40a840b4..00a1db0df76a 100644 --- a/.github/ci-status.md +++ b/.github/ci-status.md @@ -8,6 +8,11 @@ master : [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable)
+10.2 : +[![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_2)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_2) +[![VM CI](../../../actions/workflows/vm.yml/badge.svg?branch=V_10_2)](../../../actions/workflows/vm.yml?query=branch:V_10_2) +[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_10_2)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_10_2) + 10.1 : [![C/C++ CI](../../../actions/workflows/c-cpp.yml/badge.svg?branch=V_10_1)](../../../actions/workflows/c-cpp.yml?query=branch:V_10_1) [![VM CI](../../../actions/workflows/vm.yml/badge.svg?branch=V_10_1)](../../../actions/workflows/vm.yml?query=branch:V_10_1) From 649c9994e7d1995a03d8621f1412cfee90a430af Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 9 Oct 2025 03:23:33 +0000 Subject: [PATCH 356/687] upstream: silence "mm_log_handler: write: Broken pipe" logspam OpenBSD-Commit-ID: bcf7c6ea509e755bd5a7cd567ff7cad725111a14 --- monitor_wrap.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/monitor_wrap.c b/monitor_wrap.c index 33494b73fa94..e5b620d9cb35 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.142 2025/09/25 06:31:42 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.143 2025/10/09 03:23:33 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -106,8 +106,13 @@ mm_log_handler(LogLevel level, int forced, const char *msg, void *ctx) fatal_f("bad length %zu", len); POKE_U32(sshbuf_mutable_ptr(log_msg), len - 4); if (atomicio(vwrite, mon->m_log_sendfd, - sshbuf_mutable_ptr(log_msg), len) != len) + sshbuf_mutable_ptr(log_msg), len) != len) { + if (errno == EPIPE) { + debug_f("write: %s", strerror(errno)); + cleanup_exit(255); + } fatal_f("write: %s", strerror(errno)); + } sshbuf_free(log_msg); } From 59a336cfd1283f512f067e01bc91bda5af253f80 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 9 Oct 2025 23:25:23 +0000 Subject: [PATCH 357/687] upstream: downgrade a useless error() -> debug() OpenBSD-Commit-ID: 5b0c9bcddb324f8bed2c8e8ffe9c92d263adc2d9 --- ssh-pkcs11.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c8817947395a..5e956208bb72 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.73 2025/10/08 21:02:16 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.74 2025/10/09 23:25:23 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -1486,7 +1486,7 @@ pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, case CKC_X_509: if (pkcs11_fetch_x509_pubkey(p, slotidx, &obj, &key, &label) != 0) { - error("failed to fetch key"); + debug_f("failed to fetch key"); continue; } break; @@ -1613,7 +1613,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, } if (key == NULL) { - error("failed to fetch key"); + debug_f("failed to fetch key"); continue; } note_key(p, slotidx, __func__, key); From e7b4b3f153713c15e3888aa50df039b2445492dd Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 9 Oct 2025 23:26:47 +0000 Subject: [PATCH 358/687] upstream: don't abuse SSHKEY_FLAG_EXT to signal that a key is in the agent, as that triggers special handling on sshkey_free() OpenBSD-Commit-ID: 2ae2247babd2db167a30cf7a4f7eae4f26c000a8 --- ssh-keygen.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index 3c582a83ac9b..2f21e42671df 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.485 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.486 2025/10/09 23:26:47 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -1713,7 +1713,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, unsigned long long cert_serial, int cert_serial_autoinc, int argc, char **argv) { - int r, i, found, agent_fd = -1; + int r, i, key_in_agent = 0, agent_fd = -1; u_int n; struct sshkey *ca, *public; char valid[64], *otmp, *tmp, *cp, *out, *comment; @@ -1742,17 +1742,19 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, fatal_r(r, "Cannot use public key for CA signature"); if ((r = ssh_fetch_identitylist(agent_fd, &agent_ids)) != 0) fatal_r(r, "Retrieve agent key list"); - found = 0; for (j = 0; j < agent_ids->nkeys; j++) { if (sshkey_equal(ca, agent_ids->keys[j])) { - found = 1; + key_in_agent = 1; + /* Replace the CA key with the agent one */ + sshkey_free(ca); + ca = agent_ids->keys[j]; + agent_ids->keys[j] = NULL; break; } } - if (!found) + if (!key_in_agent) fatal("CA key %s not found in agent", tmp); ssh_free_identitylist(agent_ids); - ca->flags |= SSHKEY_FLAG_EXT; } else { /* CA key is assumed to be a private key on the filesystem */ ca = load_identity(tmp, NULL); @@ -1817,7 +1819,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, &public->cert->signature_key)) != 0) fatal_r(r, "sshkey_from_private (ca key)"); - if (agent_fd != -1 && (ca->flags & SSHKEY_FLAG_EXT) != 0) { + if (key_in_agent) { if ((r = sshkey_certify_custom(public, ca, key_type_name, sk_provider, NULL, agent_signer, &agent_fd)) != 0) From 9525aa3ecc6b27643fb83d8be4d61e831e357134 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 9 Oct 2025 23:58:27 +0000 Subject: [PATCH 359/687] upstream: simplify OpenBSD-Regress-ID: 8e91a2a5c1eb50128de3be72118b544d73a86673 --- regress/sftp-cmds.sh | 138 +++++++++++++++++++++---------------------- 1 file changed, 67 insertions(+), 71 deletions(-) diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh index 56404713a9fd..40cb16c31ee1 100644 --- a/regress/sftp-cmds.sh +++ b/regress/sftp-cmds.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-cmds.sh,v 1.20 2024/07/01 03:10:19 djm Exp $ +# $OpenBSD: sftp-cmds.sh,v 1.21 2025/10/09 23:58:27 djm Exp $ # Placed in the Public Domain. # XXX - TODO: @@ -7,6 +7,12 @@ tid="sftp commands" +DIFFOPT="-rN" +# Figure out if diff does not understand "-N" +if ! diff -N ${SRC}/sftp-cmds.sh ${SRC}/sftp-cmds.sh 2>/dev/null; then + DIFFOPT="-r" +fi + # test that these files are readable! for i in `(cd /bin;echo l*)` do @@ -24,207 +30,197 @@ SPACECOPY_ARG="${COPY}\ this\ has\ spaces.txt" # File with glob metacharacters GLOBMETACOPY="${COPY} [metachar].txt" +sftpserver() { + ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 +} + +sftpserver_with_stdout() { + ${SFTP} -D ${SFTPSERVER} 2>&1 +} + +forest() { + rm -rf ${COPY}.dd/* + rm -rf ${COPY}.dd2 + mkdir -p ${COPY}.dd/a ${COPY}.dd/b ${COPY}.dd/c ${COPY}.dd/a/d + echo 'A' > ${COPY}.dd/a/A + echo 'B' > ${COPY}.dd/a/B + echo 'C' > ${COPY}.dd/a/C + echo 'D' > ${COPY}.dd/a/D +} + rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2 mkdir ${COPY}.dd verbose "$tid: lls" -printf "lcd ${OBJ}\nlls\n" | ${SFTP} -D ${SFTPSERVER} 2>&1 | \ +printf "lcd ${OBJ}\nlls\n" | sftpserver_with_stdout | \ grep copy.dd >/dev/null || fail "lls failed" verbose "$tid: lls w/path" -echo "lls ${OBJ}" | ${SFTP} -D ${SFTPSERVER} 2>&1 | \ +echo "lls ${OBJ}" | sftpserver_with_stdout | \ grep copy.dd >/dev/null || fail "lls w/path failed" verbose "$tid: ls" -echo "ls ${OBJ}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "ls failed" +echo "ls ${OBJ}" | sftpserver || fail "ls failed" # XXX always successful verbose "$tid: shell" -echo "!echo hi there" | ${SFTP} -D ${SFTPSERVER} 2>&1 | \ +echo "!echo hi there" | sftpserver_with_stdout | \ egrep '^hi there$' >/dev/null || fail "shell failed" verbose "$tid: pwd" -echo "pwd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "pwd failed" +echo "pwd" | sftpserver || fail "pwd failed" # XXX always successful verbose "$tid: lpwd" -echo "lpwd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "lpwd failed" +echo "lpwd" | sftpserver || fail "lpwd failed" # XXX always successful verbose "$tid: quit" -echo "quit" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "quit failed" +echo "quit" | sftpserver || fail "quit failed" # XXX always successful verbose "$tid: help" -echo "help" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "help failed" +echo "help" | sftpserver || fail "help failed" # XXX always successful rm -f ${COPY} verbose "$tid: get" -echo "get $DATA $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +echo "get $DATA $COPY" | sftpserver || fail "get failed" cmp $DATA ${COPY} || fail "corrupted copy after get" rm -f ${COPY} verbose "$tid: get quoted" -echo "get \"$DATA\" $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +echo "get \"$DATA\" $COPY" | sftpserver || fail "get failed" cmp $DATA ${COPY} || fail "corrupted copy after get" rm -f ${QUOTECOPY} cp $DATA ${QUOTECOPY} verbose "$tid: get filename with quotes" -echo "get \"$QUOTECOPY_ARG\" ${COPY}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +echo "get \"$QUOTECOPY_ARG\" ${COPY}" | sftpserver || fail "get failed" cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes" rm -f ${QUOTECOPY} ${COPY} rm -f "$SPACECOPY" ${COPY} cp $DATA "$SPACECOPY" verbose "$tid: get filename with spaces" -echo "get ${SPACECOPY_ARG} ${COPY}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +echo "get ${SPACECOPY_ARG} ${COPY}" | sftpserver || fail "get failed" cmp ${COPY} "$SPACECOPY" || fail "corrupted copy after get with spaces" rm -f "$GLOBMETACOPY" ${COPY} cp $DATA "$GLOBMETACOPY" verbose "$tid: get filename with glob metacharacters" -echo "get \"${GLOBMETACOPY}\" ${COPY}" | \ - ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "get failed" +echo "get \"${GLOBMETACOPY}\" ${COPY}" | sftpserver || fail "get failed" cmp ${COPY} "$GLOBMETACOPY" || \ fail "corrupted copy after get with glob metacharacters" -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: get to directory" -echo "get $DATA ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +echo "get $DATA ${COPY}.dd" | sftpserver || fail "get failed" cmp $DATA ${COPY}.dd/${DATANAME} || fail "corrupted copy after get" -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: glob get to directory" -echo "get /bin/l* ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +echo "get /bin/l* ${COPY}.dd" | sftpserver || fail "get failed" for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get" done -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: get to local dir" -printf "lcd ${COPY}.dd\nget $DATA\n" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +printf "lcd ${COPY}.dd\nget $DATA\n" | sftpserver || fail "get failed" cmp $DATA ${COPY}.dd/${DATANAME} || fail "corrupted copy after get" -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: glob get to local dir" -printf "lcd ${COPY}.dd\nget /bin/l*\n" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "get failed" +printf "lcd ${COPY}.dd\nget /bin/l*\n" | sftpserver || fail "get failed" for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get" done rm -f ${COPY} verbose "$tid: put" -echo "put $DATA $COPY" | \ - ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" +echo "put $DATA $COPY" | sftpserver || fail "put failed" cmp $DATA ${COPY} || fail "corrupted copy after put" rm -f ${QUOTECOPY} verbose "$tid: put filename with quotes" -echo "put $DATA \"$QUOTECOPY_ARG\"" | \ - ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" +echo "put $DATA \"$QUOTECOPY_ARG\"" | sftpserver || fail "put failed" cmp $DATA ${QUOTECOPY} || fail "corrupted copy after put with quotes" rm -f "$SPACECOPY" verbose "$tid: put filename with spaces" -echo "put $DATA ${SPACECOPY_ARG}" | \ - ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" +echo "put $DATA ${SPACECOPY_ARG}" | sftpserver || fail "put failed" cmp $DATA "$SPACECOPY" || fail "corrupted copy after put with spaces" -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: put to directory" -echo "put $DATA ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "put failed" +echo "put $DATA ${COPY}.dd" | sftpserver || fail "put failed" cmp $DATA ${COPY}.dd/${DATANAME} || fail "corrupted copy after put" -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: glob put to directory" -echo "put /bin/l? ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "put failed" +echo "put /bin/l? ${COPY}.dd" | sftpserver || fail "put failed" for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put" done -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: put to local dir" -printf "cd ${COPY}.dd\nput $DATA\n" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "put failed" +printf "cd ${COPY}.dd\nput $DATA\n" | sftpserver || fail "put failed" cmp $DATA ${COPY}.dd/${DATANAME} || fail "corrupted copy after put" -rm -f ${COPY}.dd/* +rm -rf ${COPY}.dd/* verbose "$tid: glob put to local dir" -printf "cd ${COPY}.dd\nput /bin/l*\n" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "put failed" +printf "cd ${COPY}.dd\nput /bin/l*\n" | sftpserver || fail "put failed" for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put" done verbose "$tid: rename" -echo "rename $COPY ${COPY}.1" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "rename failed" +echo "rename $COPY ${COPY}.1" | sftpserver || fail "rename failed" test -f ${COPY}.1 || fail "missing file after rename" cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename" verbose "$tid: rename directory" -echo "rename ${COPY}.dd ${COPY}.dd2" | \ - ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || \ +echo "rename ${COPY}.dd ${COPY}.dd2" | sftpserver || \ fail "rename directory failed" test -d ${COPY}.dd && fail "oldname exists after rename directory" test -d ${COPY}.dd2 || fail "missing newname after rename directory" verbose "$tid: ln" -echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed" +echo "ln ${COPY}.1 ${COPY}.2" | sftpserver || fail "ln failed" test -f ${COPY}.2 || fail "missing file after ln" cmp ${COPY}.1 ${COPY}.2 || fail "created file is not equal after ln" verbose "$tid: ln -s" rm -f ${COPY}.2 -echo "ln -s ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "ln -s failed" +echo "ln -s ${COPY}.1 ${COPY}.2" | sftpserver || fail "ln -s failed" test -h ${COPY}.2 || fail "missing file after ln -s" verbose "$tid: cp" rm -f ${COPY}.2 -echo "cp ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "cp failed" +echo "cp ${COPY}.1 ${COPY}.2" | sftpserver || fail "cp failed" cmp ${COPY}.1 ${COPY}.2 || fail "created file is not equal after cp" verbose "$tid: mkdir" -echo "mkdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "mkdir failed" +echo "mkdir ${COPY}.dd" | sftpserver || fail "mkdir failed" test -d ${COPY}.dd || fail "missing directory after mkdir" # XXX do more here verbose "$tid: chdir" -echo "chdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "chdir failed" +echo "chdir ${COPY}.dd" | sftpserver || fail "chdir failed" verbose "$tid: rmdir" -echo "rmdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "rmdir failed" +echo "rmdir ${COPY}.dd" | sftpserver || fail "rmdir failed" test -d ${COPY}.1 && fail "present directory after rmdir" verbose "$tid: lmkdir" -echo "lmkdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "lmkdir failed" +echo "lmkdir ${COPY}.dd" | sftpserver || fail "lmkdir failed" test -d ${COPY}.dd || fail "missing directory after lmkdir" # XXX do more here verbose "$tid: lchdir" -echo "lchdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ - || fail "lchdir failed" +echo "lchdir ${COPY}.dd" | sftpserver || fail "lchdir failed" rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2 rm -rf ${QUOTECOPY} "$SPACECOPY" "$GLOBMETACOPY" From d6212b0b89241e96d2fea9619b2d66ea668bceaa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 10 Oct 2025 00:31:53 +0000 Subject: [PATCH 360/687] upstream: clean up more thoroughly between tests OpenBSD-Regress-ID: c8394eae7547374a8fc43d03d865539e2917ea50 --- regress/sftp-cmds.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh index 40cb16c31ee1..6c21e911374d 100644 --- a/regress/sftp-cmds.sh +++ b/regress/sftp-cmds.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-cmds.sh,v 1.21 2025/10/09 23:58:27 djm Exp $ +# $OpenBSD: sftp-cmds.sh,v 1.22 2025/10/10 00:31:53 djm Exp $ # Placed in the Public Domain. # XXX - TODO: From b6fd0e6d085ef519982c968b57fbaa9e509e1a3a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 10 Oct 2025 15:23:59 +1100 Subject: [PATCH 361/687] depend --- .depend | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.depend b/.depend index 93e4d864eb52..660f515caf54 100644 --- a/.depend +++ b/.depend @@ -140,7 +140,7 @@ ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h pathnames.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h atomicio.h ssh-pkcs11.h ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h ssh-pkcs11.h -ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshkey.h +ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshkey.h ssh-pkcs11.h ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h digest.h pathnames.h ssh-sk.h misc.h ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h ssh-pkcs11.h From 30c20c901d8f665fb28edd006f6f8c1e46413051 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 11 Oct 2025 23:39:14 +0000 Subject: [PATCH 362/687] upstream: Import regenerate moduli. OpenBSD-Commit-ID: 8512e01cf917dca6455be561d66db8eeb49f3f0b --- moduli | 1011 ++++++++++++++++++++++++++++++++------------------------ 1 file changed, 585 insertions(+), 426 deletions(-) diff --git a/moduli b/moduli index 2fe04ab76032..f5e0bba07354 100644 --- a/moduli +++ b/moduli @@ -1,427 +1,586 @@ -# $OpenBSD: moduli,v 1.40 2025/05/23 01:14:35 dtucker Exp $ +# $OpenBSD: moduli,v 1.41 2025/10/11 23:39:14 dtucker Exp $ # Time Type Tests Tries Size Generator Modulus -20241129001801 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E329A8EFF -20241129001804 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E32AA678F -20241129001808 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E32C4EBAB -20241129001813 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E32EB8EAB -20241129001817 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3308D17B -20241129001819 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E330EB1EF -20241129001825 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E333E0923 -20241129001832 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3370EFD3 -20241129001904 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3471A693 -20241129001908 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E348736C3 -20241129001923 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E35021F83 -20241129001930 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E352FB613 -20241129001942 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3591257B -20241129001946 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E35AB042B -20241129001947 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E35B082CB -20241129002012 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E36777D7B -20241129002017 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3697886B -20241129002030 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E36F5B2EB -20241129002036 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37249BD3 -20241129002045 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3769C1B3 -20241129002059 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37D6FDAF -20241129002102 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37EDB2E3 -20241129002105 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E37FA449F -20241129002109 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E381694E7 -20241129002127 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E38A56437 -20241129002141 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E391852F3 -20241129002144 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3927ECD7 -20241129002150 2 6 100 2047 5 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3952495F -20241129002154 2 6 100 2047 2 CAA48956B64FC48DD5A4823E073002797519479815F1B8D4AAAB1748CB28F30774053A901B0A52BB700F0AFB1C23E06C63EEC4326CFA484724954492B3703B50C706447754E091B6F69DEF32413B230FBC521D3912A2A030258ED841F28BD56BF27A3543756DEA1BBD62A44E66D80B22D9B41045E6DB0AFA700156862E4D24F682327787A9E10BC63D2E5F303F19109E1E3BA661635E34BBDC98BA711DFF7F7710CF632D3DDAD5B3B2539B61A309AD1BA93A60A03F1ACF9F89A6B166EDBBBA0B8160993BEF2FE072E278CDACBA5BBE44D9D5F353158DC4AECABC6EF9E16CC7DB9E5D697D3B42E02B675FB800D91F7CE79F553C6B610320EEA13FC56E3971FEDB -20241129002226 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C8F34FC6B -20241129002249 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C8FE809EF -20241129002253 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9008BDF3 -20241129002312 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9099D883 -20241129002320 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C90D2E5BB -20241129002328 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9111A1E7 -20241129002329 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9113E88F -20241129002336 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9148164B -20241129002339 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C915E0DCB -20241129002340 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C915EB103 -20241129002420 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C92A19C97 -20241129002428 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C92E090AF -20241129002433 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C93040BCB -20241129002434 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C930B22CB -20241129002436 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C931188B3 -20241129002446 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C935DB5F7 -20241129002507 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9408C96B -20241129002510 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C941D429B -20241129002527 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94A15E73 -20241129002528 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94AA3DAF -20241129002531 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94BA0ED7 -20241129002538 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C94ECC017 -20241129002543 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9511A1BF -20241129002558 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C95871257 -20241129002602 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C95A7B2AB -20241129002617 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C961AFC4B -20241129002644 2 6 100 2047 2 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C96F5DDA3 -20241129002646 2 6 100 2047 5 D62BDAF38E54FDFF0C708C3A9D5A49ADD950102DDCE4017B0B90CB32FE8736EE054C70F834E7196596829647330A22260674F15C124DFD61BD6304ED8DAA2BAF03E37A43714575DC4E50D30EB36E31B994DA55D6CCE62E854F087F56587D5C04E2907BF39AE275B9B5E0353A50453DA96E714E11E5A00F72680903B482731C04A0791B018B4FDB5D2EA1DE235C20CF300B0C1CED91A218390A09DF78C1877BB35E0D92D22ED647E32EA5C9F877B589B4A8F7F6685715AC5E0E5F93DB5671E028A9DFE1C66662C94A47C19FE0ED1B9C9BCBEA281F705C358F792091DE4A2F110B6B68E4AB15D6B30C59C8850D1E436BDDABADF17ED1E8881271CD1E7C9701A557 -20241129003212 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD31A6F92F -20241129003232 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD31E1E02B -20241129003238 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD31F02307 -20241129003247 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD32089003 -20241129003331 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD328EF3EB -20241129003450 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3388738F -20241129003549 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD344433C7 -20241129003558 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD345EB43B -20241129003708 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD353F77AB -20241129003723 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD356DF4FF -20241129003747 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD35B352CB -20241129003812 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD36020023 -20241129003842 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3660A2C7 -20241129003859 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD368F747B -20241129003902 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3695A29B -20241129003921 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD36C9F673 -20241129004005 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3753CA0F -20241129004008 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3758F683 -20241129004208 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD38E3CD3B -20241129004221 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD390C377B -20241129004322 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD39CE5ACB -20241129004335 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD39EC486B -20241129004341 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD39F7B37F -20241129004348 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3A089907 -20241129004413 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3A5136DB -20241129004447 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3ABE89AB -20241129004614 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3BD9A0DB -20241129004627 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3BFC1AC3 -20241129004630 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3BFE5DDB -20241129004648 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3C3863FB -20241129004754 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3D09984F -20241129004835 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3D875973 -20241129004842 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3D958953 -20241129004906 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3DDF57FB -20241129005005 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3E9E3063 -20241129005036 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3EFEEAC3 -20241129005052 2 6 100 3071 2 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD3F2A5E03 -20241129005537 2 6 100 3071 5 C94F41FDB4E54DBDD1C7A49F586104E6D74F4CD07A2B9730A4FB5D40C24AB929C55B955144ADC62AEF2DF80D151E4F20E946F69C9B7AC7F01D1A916F3C1D23984DAF12A5CF18C5FDD9922AE0DBFFB31E9EAC765DCF315EBB0524E8B9246BC97169BE71440DF64D5884F63D9ECC8C96E312169E71BC1D25DCE1AE142F6C4D265BA36CBAAC0860E6C83C26B287461F4FE90C5D2CAF4A87937E12407CC632618086D75FB5A17ED87F8EEE71893A6890E74AA378BD6B91CD4CF264F0826110494D2492F6A45567AB8FF4C28142582D3E66E9D3961881DFA1877E2EC993E31A35017C8291B0C74BCF285F94BC6E8B5D0EDEE7F571BEDDEB32184688CB221D1E42A74657FE9AC83679E51B925D617069FF259975C40D370D0D51F18D1C17358B9C197B00893AEE90BA06517787E8C4884E783F2A4B7633C62E7843B743688FA6296F11A6F4D584C2905EADA2076D289449F5DB07E2788F021D435DD188563CDAA1C89B0E7E87017788634AF18CAD9ADB8BA18E80C5BD0BE1424FF9135B07DD42DD9C2F -20241129005637 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB14E5B5E8F -20241129005819 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB14FA714FB -20241129010001 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB150F56483 -20241129010010 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1510A25CB -20241129010049 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15189B8EB -20241129010057 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1519DABAB -20241129010104 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB151AE01C3 -20241129010114 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB151C91AA7 -20241129010216 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1528CD42F -20241129010239 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB152D65F33 -20241129010312 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1533E97D7 -20241129010433 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1544811A7 -20241129010523 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB154E65E7F -20241129010605 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB1556C058B -20241129010625 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB155A73F37 -20241129010718 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB156533A8F -20241129010827 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15733560B -20241129010830 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15735A50B -20241129011308 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15AD92877 -20241129011325 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15B0BC97F -20241129011417 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15BB2F9E3 -20241129011431 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15BDC12E3 -20241129011445 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C01B8F3 -20241129011511 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C508C4F -20241129011527 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C8110EB -20241129011531 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15C85C703 -20241129011741 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15E32BC9B -20241129011800 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15E6A8F93 -20241129011821 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15EACC9EF -20241129011823 2 6 100 3071 5 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15EAE50DF -20241129011852 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F060CCB -20241129011901 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F1D181B -20241129011909 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F313CBB -20241129011934 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15F7E3BAB -20241129011958 2 6 100 3071 2 F72B9D5B478FC38253834B862A5C515BA6212BAD106C43D243A9D021FF22434E6A1EA03FBACFA23A6FC66FE5C68B40013BA6D15844D35AA2127408DE731CCA98380661EE30E2480E9DB14A8EB484BF564838B45678ECB78800E41E499307253A0E4462C7E119ECAA096D496FF72C5CB823C5C38CC165B9EE0B5307005F9FE72FE34EF3C2EF456A3A4561245680205533E2C2DC31816DDFFB036922109B985F291F7ADDCA11FADD48E7D20C9F8D0E8AE073C4DD7269B1EF46ACC81BE52A053EFE3BEAB1BFA3822A10ABF2C95B27D406BF960FAA48A79D332A7138AAAB8828B1BD11BCE47ACFE934887A2B2DC6C7061EF8412B4912925FD5A9CE787C434B3FD5B39FA863EDA542574E22331F98E74F69283A9A8F9330FE597B1EE96E37C8DEBB0E861213F3BF5281F3753CC16B2AF1EAB12540517E0482FDF47C92B66C4CD5FA5C8725956DB4C5F435EFC44D2ABD17A078687DD7716CAC4683729BD6211E0CBADA144F28932906724F3B96501D1A897C088607B522F8C7586DAFC64CB15FCAB1D3 -20241129012819 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61ABEADA7 -20241129013011 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61B67DAEB -20241129013110 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61BBE4D2B -20241129013508 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61D3A05EF -20241129013753 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE61E425677 -20241129014404 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6208D8717 -20241129014416 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6209BD93B -20241129014459 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE620D787FF -20241129015136 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6235DF3D7 -20241129015320 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6240443EF -20241129015547 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE624F1AF5F -20241129015908 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE626346E0B -20241129020133 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6271DA71B -20241129020353 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE627F5147B -20241129020617 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE628DC3E63 -20241129021223 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62B25B8A3 -20241129021913 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62DC6E86F -20241129021949 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62DFA5673 -20241129022203 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62ED03D1F -20241129022443 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE62FC9341F -20241129022708 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE630ACA413 -20241129023102 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE6322B2317 -20241129023226 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE632AFA783 -20241129023234 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE632B59A57 -20241129023429 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE633681547 -20241129023526 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE633BFD83B -20241129023744 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE634998373 -20241129023820 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE634CA05CF -20241129023919 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE635285DD3 -20241129024116 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE635E04407 -20241129024436 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE637222687 -20241129024611 2 6 100 4095 5 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE637B833A7 -20241129024935 2 6 100 4095 2 D14DC7A20FAA787E8E505E1CCA5C3EC8C5344CE26B9E5E776858C7048EECCB2CE278073BA42E21E4512A91D9A94F6460E86A914FC8D560A29DDC6B3E45CA1F9E8C5C52057BAF6A992E0C04192CEDF05010493D9CED8F97D3891C7DB13865BCD4BC19EA746AFB39E7AC2D60A32D9B77EECFFA53E7022137B7587E5D18E2B100845108104A79B878405B8900A0837BE74494F45DF726B88990607580414CEA1358A78BF832447919460F37395E69BC30E81983D60BB71D4E86164317138B99B545416467AA1F8592A16CEA1B050D2554487A749408A8339FFCA98A5F23D4EEF7A4254C6E56BFD6B95AD3C822B83324BEC5DD85A7064C6233899F7C6D00749D9DEDBAD9ED72CCC9CF154EF3989752DF907B24E587CD6B29A22846CD1B9623A3AEF69D191E8C048046FBCA2BC2C2A0883C8738F72D612745419080B7D72D8EC2E696CF5CB5EB6F23A9BBFF4BDD129970E881DBAA81E2F1A1445C773D4445ED516D1D954C64593DF72B7B31810B7493B8334F57E79FB26554EE1B4E7B7BDAA2C707D8E4798549DB60AE0A064CA8C6AA36021EB1657E72810E676D0F312325F2FAF956DC336D6B8E1496553362292D98225D61A74827C43FD4B4E0242B19FECBA7C102940C24AC56BB287C739608441EAA2EAA6DE0D1323E6D45204A1FF07BC3D3A48F954597EE865531D8A32C1DC2A3A48C8A0D47BE16919C3DF9E0514CE63905717B -20241129025344 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD87AD5A3B -20241129025405 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD87C61B07 -20241129025445 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD88010893 -20241129025701 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD88DA8ABB -20241129025807 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD893E4473 -20241129025930 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD89BD17B7 -20241129025947 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD89D220C3 -20241129030824 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD8D22E89B -20241129031329 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD8F0BC07B -20241129031515 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD8FB3CF27 -20241129031807 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD90C1CCE7 -20241129032416 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9313280B -20241129032613 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD93CCA2C7 -20241129032705 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD941819BF -20241129033035 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9564B557 -20241129033357 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD96B187EB -20241129033421 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD96CEF60B -20241129033539 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD974904EB -20241129033708 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD97D1728B -20241129033818 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD983ADCCF -20241129033844 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD985DB957 -20241129033919 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9890287F -20241129034126 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9958DADF -20241129034406 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9A557F5B -20241129034820 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9BEF30FF -20241129035154 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9D4E229B -20241129035209 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9D5EE0CF -20241129035316 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9DC2D03F -20241129035349 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9DF64ABB -20241129035856 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FD9FE86E1F -20241129040054 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA0A085D3 -20241129040234 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA13D2323 -20241129040334 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA19957FB -20241129040452 2 6 100 4095 5 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA2168307 -20241129040614 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA29615EB -20241129040924 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA3C1BBEB -20241129041726 2 6 100 4095 2 F32300D8DFCB79ECFB80E433E6CFA1923915D80120F52648A7AE7E8058B5DB869F2B3A9DD940E53B7D74E3214FA03234F8B026AFF16B646B39F003882F1DC17D3F6DBB89283A01B4C22168A354D6D2FDBDE3F2B0C91E9472AF1DB386DD34477F47CB24D4AFB71BB283A9760CF4EC582F1401A4F259D4AADE2BC7648A6920207DFB149BB7A4483D5E22D9DC627A8A4954C18AAAEF921CE0C597C11C95EC7C8888050124D01C43E6A33A02DACDB2EEE70920BAF2A296EB38CEADCB98CC7789BA309A5AD7916B9F7F86B0D808346E28447C4E3F31C5BC319D29A0D338EE8FC88BC9288C75004CC278BB218AA86929360079EAA71628FEFB796FFFBAD3764F677FECC0F274582ED2E371ACB500F35F378DDEDB0FA32B1B55699E41EBE958E6614811999433D934CCD54A03CC4BF359798F90EC809CFA6E58C1CE68B5AF397E8E35951F9CC4BCD0EC8655486543B4CF7605CE15969A2D88E8CD6BCA82671A06FC54397840BBA9DB2750B0F1FBC61ECF6E514450A7E06C6E6BBBB2CFA5E045335F04A5C407EC6467D471226ED2CB3AE9FBA9E956F8F3D05A911F9CD131BC3D95A10792097AC1C4339F8C12E40ABD274A25CF26EF286187E91261273E39856C471D861056EC3F6F5E58EB727134F9BFB870C8DD6978F247EAF67C1368BCB0BA105CDDC2BA067EBAC9C00DC15F1667664AA2A688D45E843F62467892EE9348FDA6CBD37B -20241129044525 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DDF12A47 -20241129045351 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DEF75143 -20241129045821 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DF7D9E33 -20241129045943 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33DFA1A9DF -20241129050501 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E044C313 -20241129051930 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E20AE0AF -20241129052029 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E221299B -20241129052420 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E294985B -20241129053040 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E35A621F -20241129053505 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E3E2DAAB -20241129054958 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E5C2C407 -20241129060731 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E7EF06DB -20241129060801 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33E7F7359B -20241129063045 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33EAD325DB -20241129065049 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33ED529283 -20241129065931 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33EE615997 -20241129070906 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33EF8D1D07 -20241129072522 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F19250B7 -20241129080348 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F6682AF3 -20241129082342 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F8DD796F -20241129082407 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F8E28AB3 -20241129082555 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F917C303 -20241129082910 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33F97B2DB3 -20241129083433 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FA1DB177 -20241129090902 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FE76C9B3 -20241129090942 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FE840CCF -20241129091044 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FE9F0AB3 -20241129091214 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F33FEC8962B -20241129100858 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3405C51773 -20241129101114 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3405F7D2BB -20241129101614 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F34068F4943 -20241129103634 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F340916E6EB -20241129103953 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F34097696F3 -20241129104959 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F340AAE5B3B -20241129112051 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F340E9853AF -20241129124108 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3418BD011B -20241129125049 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3419E8F797 -20241129125233 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341A1B7937 -20241129130334 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341B7BA49B -20241129130855 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341C2258EB -20241129130953 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341C3B9397 -20241129131555 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341CF54C93 -20241129131844 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341D474B9F -20241129132228 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F341DB5BA4F -20241129134604 2 6 100 6143 2 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F3420A2EA6B -20241129135907 2 6 100 6143 5 DCBE8A152DD5DE612BFCCD18CAB2BDE17391AF9DA865DCC59A1B454144ADE2EB8BE3CDBA7948CD1236CFC25D66DDC0E91095FB7E17715247413BBFD5435223F46488AD93808AF9FAF7D473C7CCE55DAA83B417FC6C09BFF7E332BD4B3BC59CBA4FE035A6C416D32BDCF8C3B9AFC5E1120CFD420023FD8EB207DB965509E2D362B0EB3D8CBD191D2750EBEB05F32C4BE08154D991F08DE4914BC40FAA7172440F2FEFB0FBF604DDA9C18BA9FD55F34218FD5D7CA2AC491CEDC3C5743D143BAF6C06CCAB7E5B22AB4E46CD51962CC7931F4D35581D5DD3047B946044BF7E71955EB63DD546644D7D2A19777DA39A48B4CF5A011A5C41F1BFF7C463F057F2F7AF6F910E7E06398B0AF7EF38CD5BBAE4C5FF42572CFFFCA6A8E9D34F64A7BECDC93216B55C20FAECAF04A8956C4D26DEE34493510BC49144A32A1B0AAE64B50DCA0C27361692242FE3145A6B36B830DEBF9E8A07A886E8DA6F38F3E99906F6AC9317ADF73222C4C75ABD153F1112E01E7CBB49665F213A1C1470CDC442D7CDC72EE2DD80D37251333C34FFDC5C38ADA3F5E52F5A5B2A1224B0CA60211B430E9554F0C4CA672476562C4A182B6707EBE80DFA6247A1F870F74EC81D03558F2718409EBF8E7F2FD2C6AB1F246F7E3FE0D919DB4016A7D76F6378D05EA74766CBB93340F2CBDDF18073F39242F3E9EC88020D1E8F801183C00F0239B2F2B4E8F6B46DBC17F469A857C291C985D8AC2099A6FEDC462B5EAEF737831EA2B6C9D787DC5AC8DA2C2E8F7F676FDA4CDD79E400EED959882C78C279C4D0A5918A0F5FC3B695E0034F7C2665D52D94106744D6B0CD6A66AB3275324EFDC06ECCF431D446446A00818ECDBE77B845699FB4F699825702D00F71373D80452039ECA1237AD2A0DF9112BA1EC90FB9FB87CF4E46BD0319B64F2EFD4B9640469707DB549468781D0BA6F3C49AF035D441173786BB1F2F5DCCE07BBF5536A0EB5B976814ABFDB44B90E55455972701A8F0D8EFB860A082ABA960E704754F61C2E3956922833F3D7E1656476DEE3C4F09244AC15697EA4A73041F03EEDE1F30BF899098A70F34223A233F -20241129143314 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C7A9949CB -20241129150941 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C7F2EAC9B -20241129152304 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C80D59DCB -20241129153351 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C82259357 -20241129153442 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8239CBD7 -20241129154346 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C835408BB -20241129154536 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8387126F -20241129161648 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C87770FCF -20241129162459 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C887B826F -20241129162918 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C89023DAB -20241129165526 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8C3FAA43 -20241129170725 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8DB7E57F -20241129171144 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C8E389D1F -20241129172847 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C90533393 -20241129173154 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C90AFE143 -20241129174539 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C92621483 -20241129180732 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C951D8D97 -20241129181538 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C961A0AFB -20241129182310 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C97054E47 -20241129183550 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C989CFDEF -20241129184809 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C9A2A2BAB -20241129185633 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C9B335EE3 -20241129190213 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708C9BDDE8CF -20241129203945 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CA834CF13 -20241129204138 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CA86A90F7 -20241129205210 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CA9BFC2E7 -20241129210035 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CAAC70D2B -20241129210423 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CAB389E37 -20241129213344 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CAEE209F7 -20241129215808 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CB1F2A1D3 -20241129221635 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CB440830B -20241129222503 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CB545F1FF -20241129233015 2 6 100 6143 5 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CBD76AB7F -20241129234110 2 6 100 6143 2 D530FFAD12BC56C29F02BEFEC6CFD700AE6DA852D7256FC0A8978C13FABF9851425A26917CD40A9919A06A5B17FA05456642891442CCBBBD9BB5B74068213AA6F029B3419F6B2CCB828CF9F6F0069F43A2496921ED8133BF2D9C598486282EB38B3B6E849B7D80B33869CDE1D71379C694BB9C229B5CCE5E96692F81DA73EC38942CE60A81657F34A6B1B536ADEADD76144A209815A88E081E0B96438B11A34E4F8082ACC6DD77D787EEA90E1764F7393D3869707FCFCD4BFEEA3582BBD39C17E2CE70B6A193700A055A50D2F5ED473DD9B4401C2138BAD8FA3331BDD4FF79E230C10B13FFE7CCDB3210F8DB42147BB8349CAEA97EBCBC708B9CE16360D573D3327BBCAA6387234E9A4DCB2E67784408ADB72B2E05643520211C581EBB38E57C2F69C9034143DBAB4C13221D501B892918779C6E9AC5B39F2F412E31EF7F7F0610C2AFE150FA56A5E3CF9DACA6C96F3BC6B57D56B2869019C5114247C080752E4D42B1A0E34302B69B8516E8FB93BE58CC45F6E5ADB47A89A00050A12D560BEEA8997F5A0FA526C107BA34ECB0C678079C6DD4C1F4666BBD45733E019C292A17661B79E6AEED002EF4F6E7F4D569690E140C8BA1BA47E626499E01DA1EACDA4B917507A472DDB03A86734994C4B16551C5DFED3C8C976D15B5BF68CC6C982355930E37F096629E6F3BDC8027C722C12EF76854F1C607341E48FBF8C9064EB48EFDA87E1D111B557FBE7A15A580EDD87AC2CEC0EB25BE057FC20D578DF34632977F4698D58B2025C50AD4AD77D16D32E6157F89F58C692A83279A2EB58F8E448A13AA32B8C3DF07A58100EC4BB319F824446ECDD643C4A7F959CBA4E356A9E5DB7332107B2EB478703BF44383DDF80CA297F5E52A4424AF64B50CAB4E9C95C7288B96F8E77CDC63D07C6394853DF32F926652A12122B5531F90CFDFDAAC5D0642F84CF3901717B652122E8622CF31C06D134AD921EC80D175BBFC45B855EB9ABF001686BC52730F754DBFAE781BB629F1E530632D813AA256D0063202AEEE0AB64C7829C1A6C4702E27C88219FF31500D8F76BEFE4AEF726D6E3B708CBED26FD3 -20241130004028 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6132BC003 -20241130023838 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61B09AE47 -20241130030155 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61C91151B -20241130032532 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61E1854B3 -20241130035131 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C61FD56C8B -20241130035951 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6205D0C3F -20241130040156 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6207AF313 -20241130042927 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6224FB4F3 -20241130043039 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6225C64C7 -20241130054524 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62750439B -20241130063335 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62A7BB5C7 -20241130074248 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62F113613 -20241130074437 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C62F28387B -20241130083311 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C6325DE613 -20241130093434 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C636728027 -20241130105425 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C63BCFA3E3 -20241130105534 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C63BDA41EF -20241130105809 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C63BFFF55B -20241130123724 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C642A90F43 -20241130131041 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C644DFE51F -20241130150424 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C64C717C8B -20241130162824 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C65210D3FB -20241130172212 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C655A47F4F -20241130174557 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C657367ECB -20241130215425 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C66800A377 -20241130230337 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C66C9D27F7 -20241201025521 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C67C131CEF -20241201034250 2 6 100 7679 5 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C67F375247 -20241201035354 2 6 100 7679 2 C4FD13B23C1EF3F1B888E9E24F6E6F0D1E538D5C17287A04247451367BAAC3EB0FF3633A10C1B2BEA19F91DA18C0C52A465FA0F0371A2189AC36BFEA58F33B013352F321A0B71BF61553330EC7735E66BF920F0AB9C918AC6796F3B2C5CC7B0E9F6695400B692026845D93807363115D8E1EF92072B84941DE896DC222F2493FA43169DC5C94E9F7C645CDDC38AC8C8F8790A2078B755BF65EB099CA5682E186E7DE95CBCF7036B0BFC761137EB0B297A140C1683E9A14E78F31935D873DFB2CC33563980FD7C6EB609427A9A63D9A7ECE43889783FAF17D129A4F00A7DBA8FAFCBDD57FA7599C944D03297B7106E02A82D695E8BC0ACC860295F357FD2F60CC4A09E49450CF735A8756174A8E1458E3BE2BEA10F38D2C30E6AD7DBFA6835328A64BDFCA2318E1753C922D3AA467BB770C03BE0D3381E31655F4969009A35E4CF90B1EF5CB71A7BE424E952AEF1368142BB6E5AEECB9F7EC2034179009B7E57DF234CDDC3818BE6E637DAC7F44B109BCAA519CA77B27E4A119712A325ACC29E82C5A3E43CDED00A550ABF99495C802578A6ACB7DBCCCECD3A3857F01A9582671D87C9407409355199D627D316938076334BCDEC6635E0D6696A53E2475AAF9412167245779FA0C89CC3C08BF90313C68710D0153A3B8FA06862B6670E9498296D2C1840812D51FFEADDAE3D714A6EA7D0DAF18C134A0E26AAA99AB8B605E5FAC1814D13F5BCA134DBCF40B5C21F39EF9B4089A759876E5F22DEAF3C64DAA159B9AFEB76109429E3E42FF8DB74EF84954405C4D7B826CFBE041FF996CB053ED44BD32742681CCC843CBD031CD9DDF299EF150378F87B5F67768C77A69F779AABC032BCC3031DDAD83701E475D16040D1E064208D99313C4047BA2AA44E15CF631E4337A47318F34060DAE2ED3FB2F77F26CAF51805D86F82786B8CED61C0A0A7A8CBECD9AE3FDD266BDA632E6F6095A8E2C82A709EF2ACE20D66CC6709A5EF4EBFBA3B020BD15A5451673CA3780A459C277EEA72A1C9EF8502281BF903B2409971DC1F215C899CBBDED194CAB8A5EBB2273E3B67AEEE9A18CD03A1CC46312AAE59AEA0EFB0E5EAC8A62D6C49DC5B5D5CAC7B12CC2B293ED1D258149C6E8ADFB311328C1D5ACD4A92DFC71E9575A62920166893D715358DAE87159E39267079FA5D2EF41D756E01E0D9701BE7F715E4DCEF5667576A883DC034E36022AB62707C4E9FF9C7400BD29770FC07C66BB041F17204A63B6A52177F32B1E8AF15A818E946421552673488AA76253A5CCAEF2368C6464A36DEA011A56FFACF5F592099BADEFA4B7A72059FF1869864BDDBD14B4D32460CFD30E78C4F057F011C67FEC05DB -20241201043654 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0D77EFCE3 -20241201045113 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0D867EE3B -20241201061048 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0DDAE0C8F -20241201072458 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E29A61DF -20241201073945 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E39422AB -20241201081137 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E5B1C16B -20241201084445 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E7E0CB7B -20241201085943 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0E8D1F5CB -20241201092406 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EA661BD3 -20241201094424 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EBB93913 -20241201104106 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EF85D8F7 -20241201104452 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0EFBC6D8F -20241201115450 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F464B243 -20241201120212 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F4DBBAFF -20241201123240 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F6DA27E3 -20241201130824 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED0F939BADF -20241201171234 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED109A1419B -20241201182756 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED10EB1D8A3 -20241201190812 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED11163FE8F -20241201191642 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED111F0947B -20241201195706 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED11498BEA3 -20241201200433 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED115134B17 -20241201200527 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1151A85B7 -20241201205110 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1181F734F -20241201205604 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1186965DF -20241201232404 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1224C1B97 -20241202014307 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED12B98711F -20241202022245 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED12E394097 -20241202032328 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1324BD55B -20241202042741 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1368D4BB7 -20241202043950 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1375589FB -20241202051314 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1398AB80B -20241202054231 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED13B77C653 -20241202054750 2 6 100 7679 5 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED13BCC7297 -20241202061721 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED13DC0C9B3 -20241202074137 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1435661B3 -20241202074315 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED14369BF1B -20241202081741 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED145AABB1B -20241202082834 2 6 100 7679 2 F02D40B37C40876939E4D2A62AF7EC21A676D8E2B04081BA98E23F464A47514FB40DC99F7B8046B48CD3052C7AC080E4B496C16ED18695CA27493A129088F5829BBEAD02DFD521829FFD8B1120330E2BBA10C55A1EAD0641006827DA4725BFD2A2559C363C33BC78C2D83B4A075099EC57634D0AD4AEDA3302441B7005C728C0371B51877A97B442C5E3C3D53C244EFF3B65CDCCB0C017723F1EBD0B91E220116ACF14703268A11B7FC7564F7BEDBFFB3CE046261DD9D83E6078CD7AB5AC97595EF53D6C4C56D24588C6D130C0CD2C967AB90C31497186A06A93FB9338D4F30E0104BC8EFF2518D0644174BD1FF1FD7BAC2AAFF151D733A14F456A189ECA2D5F11D7C3AF1DA06192D36251B050E1AC576E3C369678D12823870FFC6E5809903382F9FBE36156F294C94FF5369E8D24D085A326870A998A10683495CEF15EFF0A45C781B5156B82D9AA07852040A96A0D5ACDF094B9DD91EA893382F95A6B72F0A2090F036A1B23CF9CF544753EA5B9ED86FA52EBB4C5421C5B485AE932F5837822C91257EC4953ACA79F2D94261DC40B3D44CB44056D4025EC459563865000B8C5F5D7724ED27CA4A8ADE299E5C898F4BD09F430781A68C261E4FA0BA2FEE567434B057C5D5F2899A1547B780B91315CC631C0552DB403DF53A6059BE895242FDA4AE1F6C5129E3643DF1A20C28BBF4328B4E623DCBC1149CE838BBC4A9944A6B6ACB4AA29B50FC7AFFAB0075BB4CC190F15B2C17847560F1B4C591EFE90D5AAA307A3FCC091DF44E3B219F7EE86EA01704D652983CE0D475896C1EB94E09314D386233D706FE0F5415BAF51746F3E8A6AC74E6F68CCF665CCEC4BE0B9CE19308C0423491F5914EA8ABE6081F38282D4994A4B640DCE56F4D616CED59B80938E4E7C486AB64E7C740FCD6ADB5494906520FD66A02069D3C11085157142CDDBFB004023C5CDFCCEAC5296636A77C127DEC4182A36D6A34D980F778452271C80CABAFE15A629302EFE9CD9105353B719581D4DD2E1BCF9411A4CCB0D010B5954291453E761A3B9EAF533119EEF1C30C4E53FEFAF2D2300162786963D54ECE0376CC797CBBDD757B596FAB26716ECEA7C47FB6C6DC6A80FC435D5CADB36D5ACB6760CAC6272B61E64A920EC7D4E5FBD680B2B906F1CF78EFD380A47692E1DC6C06AC21255E65C3757E32C301B5ACD8BA136FEE7C19B858D8B60595946BF1D0520912ACD17E397C9FC156C741AD1104F403B363B4E6B4AD06E8C60928CCD6AB3FE6AEFECBC57DB5CFF431A2D44533D9A92C483B56AE56698F02622D3A65E09B6EBFDFD5DCAF34E09DEDA100B40DD4C40ADCEF30787E527C4F613A08BDED1465C7B4B -20241202090408 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474B4AD895B -20241202092818 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474B5FD49CB -20241202101356 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474B8749EB7 -20241202105709 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BACEBBE3 -20241202110503 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BB359FFB -20241202111809 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BBDFE367 -20241202113338 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BCAC42D7 -20241202114109 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474BD0F195B -20241202140045 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474C4C2C8C3 -20241202145509 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474C7B5B2B3 -20241202180737 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D23791E7 -20241202190603 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D562B49F -20241202192303 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D64A0887 -20241202194604 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D788F30B -20241202202723 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474D9CE5387 -20241202210310 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474DBCBA17F -20241202232141 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474E3833667 -20241202234441 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474E4C55853 -20241202234813 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474E4ED7847 -20241203020245 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474EC649497 -20241203022338 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474ED8847BF -20241203022652 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474EDAC6223 -20241203031204 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F0205823 -20241203043100 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F484158B -20241203044332 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F537BA23 -20241203051425 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F6E6415B -20241203055801 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474F953468F -20241203062624 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474FAD661D7 -20241203075312 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F474FFA46B5B -20241203095857 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4750696836B -20241203111915 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4750B055A7B -20241203151709 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4751817A103 -20241203162310 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4751BBFB51F -20241203173052 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4751F72906F -20241203182303 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F475224CDDDB -20241203194121 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F47526993A97 -20241203203340 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F475298312DB -20241203203518 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F475299334C7 -20241203220054 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4752E4DBDDF -20241203220341 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4752E6D1DC3 -20241203221452 2 6 100 8191 2 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4752F062A3B -20241203224318 2 6 100 8191 5 C3301F39F3E2DCD097FBF5454401BF52BF4745AFD35F3DEBDFB34DE2518B0F7BB10DE2FDBE6C35E1B63AA67E9FC179EB3DB8A0FA7E01618BB625B3EC326A001A253FB737B2461999BAB5A5FBCA4AFAD88A8BCBEB5990D4E25225F203B2CE75A3A1C23BFFD78E697275BDB6B6153AA3C21D2063047D44EDDF0483220CD672280D4D67C4726EA476A5C094B7E8DBE62B760EBA6B62C200D456A99E87875B4B2FFF4AA87661D89CAF8CA36D9CE00E0C3BDA443B7CCC3EA892F524AD10DD6960196EC4497E1DDC9F5C13BAED9A8F240196633AB9EC597D0A2FFEEE9320147E73FB295039605EA79376C00D1C60EB421D1BF2BD36A9B68A32E5F5003F0C984E1A57B3C8A261E451D912FCBF27924078BAB0879F85B78D097B2651A17AD9266B39E7AF73DAE54319B2902E0A0D11653B38EDA14B9DE8431E9382AC7EF5F1705C05239DDEA7F533234FA640D2E1EE392D23BF46D57D6FD0E167174E6242F5455DC299BB03BF2EBAEDB14539E9025B84BF66C185AD45C6B1FBF47E3C17D4A1F2C99DCA7151039D71DB7BD2E025E67C2ABB9A2DE6D9C5150651385B270511AA50E8728707B1E0920F3A83DEC0F733090CE96DCACDB93CD756AB1F572DA2BBF4908C17E905848C09CF31424833D1D4894FCB6BD93162EC74E836A523E97F35152EBA28AF63DEC47A32C09E0F0451A4D60949C8CDB07642F5A705075F4A1380B327596C319A135C9C43BBAF2D25C90030BA43FC55701B2854ABFEA710D98AFB8341E46778616A9E9B31CF11652B47A76A99F096BDB35C9CFA78E47CFC980E5E8683E1E13AA3FCA5171C07B5E27C1A5002C02643DC760431C2750A29E838F6ED5A892146D8015F5879DA988DF030BB2FA4D501FB7F0AD9A82ED3C48B70979428C39DB04116DCC8337567B6DB4A0DFE0C704B3F46983BBF092847AED87699EE88AEB27756850D008583CD37FC8521968EB1D17FC42D742B7E6756303412A3AD011DD5CE2BA1A4E3B0B2EBB68736C76B02164C41204734B731DF4C00C937CFB49D4648A7808A34E6162526240AB221071C6C2669DB4787AF7D516F4E72EF81C7D907A37634E8CEC5BF4B3502A6A05224B269B29A8E44603DB2A890F9B64BC94AEC7D2923DC52985CC18E123C7D6CC3DEF885725E0BD2D3EC0466DBE2E94350368068E5FC1CFB6BAC40F47600EB8520A8E29E855D96B556002207CA234BE3620189767ED74ABA3D1A1CF3F66864312B7502C37C9543A36F24FD38A25137128FFE4C6CC7C078AEF1F799DA7F3E3BA0E19F21A707E66EE95189BDD74EDF32E0F18052384A2A180D90545EF1B9F2710074BC8AED5F7625C0851C34E9F3AE5C57BE65862CEE2891052CC442574EBFAAE1BEC7AB63F25C80951AD65A41089DE526946D858146E446FCAD6915BD59B0D112255083A711279990F87453A6D8F7D057055217F4753098A4FF -20241204023709 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4569DF3BDB -20241204025228 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C456AB453E7 -20241204030908 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C456B95242F -20241204033647 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C456D1E7FC7 -20241204055147 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45749787B7 -20241204060833 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45757D2FFB -20241204064719 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45779594EB -20241204075858 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C457B89C8B3 -20241204095845 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4582223CAF -20241204102632 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4583A5E7A3 -20241204133310 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C458E07A8DF -20241204134006 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C458E603BF3 -20241204153923 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C459507D47F -20241204154043 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45951265E3 -20241204161206 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4596CC6423 -20241204161425 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C4596E4BA93 -20241204172055 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C459A8DA68B -20241204192705 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45A16C53A7 -20241204212358 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45A7E3BB4F -20241204213330 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45A86569BB -20241204221629 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45AAC0BC23 -20241205021404 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45B80CC4F7 -20241205023328 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45B9166F1B -20241205040105 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45BE03F83F -20241205055343 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45C44A5013 -20241205065151 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45C77D34CB -20241205065416 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45C79803AB -20241205074544 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45CA71FBC7 -20241205081641 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45CC1BDF6B -20241205092757 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45CFFBAE8B -20241205110223 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45D53D4193 -20241205112040 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45D6362177 -20241205112359 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45D65CAD37 -20241205134041 2 6 100 8191 5 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45DDF2FF47 -20241205135041 2 6 100 8191 2 DC5E734609D91DA7E5180C89891C148715345D3A56F96DDFF41EE0B90992E9901E55850A78D9DF296A83F5AAF22675720E58E1F6D01F3B45315B818EF9CE880CE92F022763911796D4F86361BEB151ACB400BA017186C1DDCDE5F1853260ECF1082E072C2B7E2FD33E51B5076675269EC247AAE3DF3C1E6853E5D0E58FF7268255E91A9BF6FD43750F114BCA5DC70176ECACAF59C812798941D04FFFF200B53F9843066568A5EF6B324692239A9DC94383C53DA447D942BD51E17F51C22106DC3A2FC7A8942E20E5DA369D19124D184A96589E66EE15C4A8E4CB0FBB6B5E629875DEB3C6AAF622ABC4A4057E0B95533A03C94C514D2129CD6ECE739D9E3A98A54461DF577CC508BF4D5EE7FBE6178B248E3F51C59FE57BFBDE33DD833D0CF22DB22AE0F4F9F03EEF8E0E1DB0EDF7BB4C755148AD2D3FECED23DE1F028A3A6396D7F8F721D11023BD58335ADE175939E140A92C7B532A3D77168E566B7AADEA6F137A158AF3D2608FD4C1081018C1BC2B860A2830A097BDAFA96A3D5B5E1130D2C0778837C63ACBE958573B4ADAC2AE629D17728313AB9064D890006B2F0EC1869E35480B96651B9B3837B876190D5F1876A151A87C58A1CE2A9AD0744BE4CF955BFA9FA5653300FF6ECD64667ECD836D61DC3675048A8EB5AE945B50CB699F7FB4E36167515A2054199687DEC77D5117DF28B63F383403C49097F23AA4DE5857A0D865AFC7E4D0994B46386C20A41E9B41963CD425A82B30C4EE72FB3EFACD6C4090D740E44C196E51F41894FDB26142B72EF1E65A676C30EFB65C937C0F64CDEC167ECC16F0CAA3C932F3DD5C6F7A1EB073F03F2CB9F2059BE75EBAE32FA3170B5FA93D69CAB8275935686242E1F43ED23FE8784A0AD694442D35193DAAF5F7DA49B267B716C38F36C92AE7986DF8126904B11EA74323F3AB3AF436D64AC41996529AB95876EE4DF3739130460A50E2EC8463F2306454F08745CE40938858B6237A5D38B33FD6541BB98EFB39A7B0B501B7943FF594DF0964BF535CBD35105E35BA14C40E62D57F3B110AE82CD7F9FF73C3A28740C8EB397494F6D7CF5F0F147385424D70B276C6AD849E56C9985115EAF2CCF3D3A6C828F2A303178EC48BB08F36AF3800739E841F7B758FF06EFA10F6467E98DA4B1B302EFED0EF5A7D3AD74100E41C168ACBBF10EC5FFC497B43409D02D942C144408C32C83ED49334BC48FD1D446FDEBB71CA1F9276F3180ECA057E4B8F19FAFE368D0097EE2A5736D72BE661382939491A244B068D26A071E55E25DF2C8706ADEFD8245BC97A691AB57A8D39CE24469E9CC69198F4F795CACCB45053F464CA0C2F04C71E9CD6BB6D378E917C413B7FADEACD41A7A43E9A1FC04576658DBF7420A35252A899B51F9ED9B2D0B5534A696C2465C950EF5880636D96CC963AF6C314D00834969C45DE752163 +20250616002444 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626168803637 +20250616002455 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626168CECC1F +20250616002507 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261692C7353 +20250616002518 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261697DCA23 +20250616002520 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261698D69EF +20250616002525 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626169AA57DB +20250616002529 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626169CBB25F +20250616002546 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616A5307EB +20250616002549 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616A6385DB +20250616002603 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616AD0C40B +20250616002612 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616B10F7D3 +20250616002613 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616B182DC3 +20250616002615 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616B25024B +20250616002624 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616B689AFF +20250616002627 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616B79A1F3 +20250616002633 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616BA0CE7B +20250616002634 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616BA926E7 +20250616002638 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616BBF1327 +20250616002644 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616BEC119B +20250616002648 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616C0A4D47 +20250616002651 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616C1B6AAF +20250616002713 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616CCBE9D3 +20250616002747 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616DE70BB3 +20250616002755 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616E1C5B1F +20250616002802 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616E57586B +20250616002822 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616EFEC4AB +20250616002825 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F0CBA83 +20250616002826 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F133697 +20250616002834 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F526313 +20250616002835 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F56D8DB +20250616002838 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F63E88B +20250616002842 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F813C83 +20250616002843 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616F86C16B +20250616002854 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616FDC52CF +20250616002858 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62616FFB576F +20250616002914 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626170776DAF +20250616002919 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626170939C97 +20250616002920 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261709C6907 +20250616002954 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171B2A95B +20250616002958 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171CCCD77 +20250616003000 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171D0FA13 +20250616003002 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171E18997 +20250616003005 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171EE92B7 +20250616003006 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171F5ADB3 +20250616003007 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626171F9F0F3 +20250616003016 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261723F66A7 +20250616003019 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261724E9AAF +20250616003020 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626172573C83 +20250616003025 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626172798D8B +20250616003052 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261734F06E7 +20250616003103 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626173A507C3 +20250616003114 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626173FB9947 +20250616003118 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617416E49B +20250616003127 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261745F914B +20250616003136 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626174A4F763 +20250616003143 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626174D621A7 +20250616003153 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626175244157 +20250616003155 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626175304CEB +20250616003159 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617553F42F +20250616003209 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261759B7C0B +20250616003214 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626175BFA7AF +20250616003217 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626175D8110F +20250616003218 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626175D8BEBB +20250616003248 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626176C7670B +20250616003253 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626176E7934F +20250616003256 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626176FDC4CB +20250616003314 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261778C1A6B +20250616003318 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626177A40A3F +20250616003324 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626177CE451F +20250616003329 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626177F722EB +20250616003331 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626177FFB46F +20250616003336 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617822C973 +20250616003337 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617828C757 +20250616003405 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261790E9D67 +20250616003413 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261794E5533 +20250616003416 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA6261796529CF +20250616003430 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626179D66303 +20250616003432 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626179DCC057 +20250616003437 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617A0363F3 +20250616003446 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617A46B76B +20250616003455 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617A8D28A7 +20250616003502 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617AC41817 +20250616003503 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617AC8EBC3 +20250616003509 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617AF2AA53 +20250616003510 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617AF70D8B +20250616003522 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617B4FA6B7 +20250616003526 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617B69E4D7 +20250616003530 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617B8C1623 +20250616003541 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617BE325B3 +20250616003554 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617C48E047 +20250616003605 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617C9BBBC7 +20250616003611 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617CC7D78B +20250616003642 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617DC7164F +20250616003645 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617DDCEBBB +20250616003646 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617DDD5EFF +20250616003700 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617E532FAF +20250616003718 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617EE49D4F +20250616003737 2 6 100 2047 5 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617F78544F +20250616003745 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA62617FBBF7FB +20250616003759 2 6 100 2047 2 EE0FE3E5743174100BD44FCCF81A0B0C184789558AC0B35400ED73B9EFEEFFED3075997428479CAC425A827BBC69DB6C3DD2DFD508472073700893CE2B48F7A69CD9FB1D7C12FECB37E9A6928B3A3F80D1DBC0BAAB33AD37738E36CA83D3916529F1210294618DF754F1AD7BEA0A224CA3F771C18E2A9B9326F9AE725FFCCE244C2DA3435599DA41FF9C434DBB1302A6E9925E4F3BAAD3717288B312F1ACE0117E54AABAABFD113C3A722BBDCD26A7767371FF56CCD572A3F91006BE91C72B3FFEB235FAA91338B9A191845846FCEAFA179B059A13C158530E107E284E6CA2D63C002E2F6734CC9DBA05036F193D2D6F508CFCBA899512AD42CA626180295803 +20250616024900 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE52FE1D8983 +20250616024916 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE52FE5187AB +20250616025426 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53015B738B +20250616025613 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5302B72663 +20250616025652 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53032B6AB3 +20250616025739 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5303BCB52B +20250616025750 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5303D8B5E7 +20250616025804 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5303FF3613 +20250616025808 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5304041DF3 +20250616025813 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53040D42B3 +20250616025942 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5305308573 +20250616025956 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5305566ACB +20250616030027 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5305B57B5B +20250616030040 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5305D951BB +20250616030126 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53066DC43B +20250616030131 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5306792277 +20250616030407 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53087BB3C3 +20250616030439 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5308DA22D7 +20250616030457 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53090CC43F +20250616030623 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530A10BF03 +20250616030625 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530A12A4A3 +20250616030728 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530AD1C937 +20250616030747 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530B08F417 +20250616030753 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530B149E1F +20250616030835 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530B97C463 +20250616030917 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530C17195B +20250616030941 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530C5E29EB +20250616031012 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530CB69887 +20250616031047 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530D1B2B3B +20250616031102 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530D42691B +20250616031119 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530D6F09B7 +20250616031345 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530F453A3F +20250616031437 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE530FE6A46F +20250616031522 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5310725CA3 +20250616031526 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5310796467 +20250616031630 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531145D673 +20250616031744 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53122DAB97 +20250616031748 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531235DC5B +20250616031828 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5312B5048F +20250616031908 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53132F33C7 +20250616031911 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531334BD6B +20250616031947 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5313A1C823 +20250616032023 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53140EA06B +20250616032050 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531463930B +20250616032110 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53149D1AE3 +20250616032205 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53154763FB +20250616032225 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531582AC17 +20250616032243 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5315B3627B +20250616032250 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5315C62473 +20250616032257 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5315D6A113 +20250616032301 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5315DA6E1B +20250616032456 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53174EA23B +20250616032613 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5318454747 +20250616032619 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5318518CE3 +20250616032621 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53185266F3 +20250616032705 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5318DB30D3 +20250616032722 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53190CF753 +20250616032801 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531983C403 +20250616032827 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5319D4832F +20250616032843 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531A0401AB +20250616032854 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531A1F94AB +20250616032858 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531A26B47B +20250616032930 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531A86BE9B +20250616032934 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531A8B9B23 +20250616032956 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531ACEECF7 +20250616033009 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531AF0B31B +20250616033016 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531B028B8B +20250616033036 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531B3D86EB +20250616033049 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531B65D127 +20250616033115 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531BB41F3F +20250616033140 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531C01336B +20250616033207 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531C54135F +20250616033259 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531CF6B74B +20250616033308 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531D0E1EF3 +20250616033331 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531D5478CB +20250616033419 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531DED6323 +20250616033601 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531F31D043 +20250616033611 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531F48BD03 +20250616033701 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE531FEA1EFF +20250616033825 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5320F3FBAB +20250616033938 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5321DD2153 +20250616033959 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53221A5443 +20250616034137 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532357E1EF +20250616034150 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53237AE35B +20250616034211 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5323B7E21F +20250616034317 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532486893F +20250616034324 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532496A2F7 +20250616034453 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5325B5FF2F +20250616034508 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5325DFBD83 +20250616034516 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5325F4BEAF +20250616034538 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532632A773 +20250616034604 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE53267F3C1F +20250616034646 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532703CCAF +20250616034920 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE5328EDA0EF +20250616035201 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532AF8A223 +20250616035247 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532B864D0B +20250616035259 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532BA3AD6F +20250616035343 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532C2F66F3 +20250616035404 2 6 100 3071 5 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532C6CBB1F +20250616035550 2 6 100 3071 2 CEDC89F91D5B5F3DAC95CBCC930B48068AE6149F5DC88374E503625E4B5236F2C65319DAD0D0B6A82BF7F41B255248306E71D51F9E2869885B39DACBD5222ACDFDDF290C21129701015D6F2AFED9904454BA15479CC4E819311C27F83CAAB9C8C4B3572489C94167DF92ABDEBD8D738411446904D2FDC1C02A38320CC5FA7EFAD66C787B5D76754F9858490E0CEB18DB7845B8C685D78414BE438E08FE7151AF55E234E9808986E342B8ADD40797D4EE8453C5F18A1AADCF026E6A148BAFC2874A8BEBA0E675861B3EC122FB3A0ECAB6BBA1B322D86026F843B459B8B89423117C7FFC47A922EF3AA3C3EA40885D9F2E94D6E87C0C578655F38FC53389B5356DE343BD142253CEBCAFC014D1F22B6F50018BEA27F05DB691B65C10C4F3C7E23E860D537276851B30257F206233CA2F67E6F96D2BBE5C58A22ADF5F84E804273E3B6B4A7B57F78324A3ACCCA14F9F5F2E1C6E24B20CBB1DF11A6C7B64DE5AA16E460C646507CD5BA015ECAB525DE328579EF6E20EFF8829E31049AE532DC5FC83 +20250616025251 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0AAACEB7 +20250616025500 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0B703A67 +20250616025644 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0C098BAF +20250616025822 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0C9F6593 +20250616025947 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0D1C3E97 +20250616030000 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0D2AE36B +20250616030055 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0D7B87EB +20250616030200 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0DD7FA2B +20250616030339 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D0E70A8D7 +20250616031225 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D119395BB +20250616031921 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D141530E7 +20250616032156 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D14FF9A9B +20250616032638 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D16BBC31B +20250616032926 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D17C00207 +20250616032959 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D17ED9CB7 +20250616033143 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D188B3F2B +20250616033239 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D18D93D7B +20250616033406 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D195811AF +20250616033432 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D197A3F23 +20250616033615 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1A164913 +20250616033743 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1A9B44E3 +20250616034059 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1BCEF6E7 +20250616034148 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1C136A53 +20250616034236 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1C5441E3 +20250616034337 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1CAB3D9F +20250616034506 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1D3741AB +20250616034604 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1D8D2B83 +20250616034629 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1DABAEFF +20250616034737 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1E0E748B +20250616034755 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1E214BBF +20250616034809 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1E33125F +20250616035026 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1F01594F +20250616035037 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1F0BD763 +20250616035313 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D1FFD9B1F +20250616035402 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2044014B +20250616035437 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D20733A13 +20250616035449 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D207F63BF +20250616035530 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D20B97BAF +20250616035709 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D214FA723 +20250616035859 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D21FB8CD3 +20250616035947 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D22419713 +20250616040250 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D23574D73 +20250616041101 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D265B4043 +20250616041134 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2688243B +20250616041233 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D26E075D3 +20250616041313 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2717FB07 +20250616041513 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D27C50567 +20250616041521 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D27C7F1FF +20250616041543 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D27E425BB +20250616041613 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D280BE63F +20250616041750 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D289E2F63 +20250616041811 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D28B7A6AB +20250616042211 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2A30F7BB +20250616042216 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2A31526F +20250616042440 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2B142177 +20250616042937 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2CF2463F +20250616043203 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D2DCED4A3 +20250616044015 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D30DE8723 +20250616044102 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3123CD73 +20250616044318 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D31EC950F +20250616044447 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D326D5903 +20250616044737 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D33780D73 +20250616045055 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D34ADF7BB +20250616045513 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D363FBDB3 +20250616045709 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D36F8CB13 +20250616045917 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D37C1BF97 +20250616050232 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D38EF2887 +20250616050404 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3978CA43 +20250616050547 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3A18F2FB +20250616050558 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3A207793 +20250616050630 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3A4A78B3 +20250616051043 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3BCF05C7 +20250616051341 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3CE19A73 +20250616051541 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3D96A783 +20250616051610 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3DBD0F4F +20250616051630 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D3DD597C3 +20250616052534 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D412B8027 +20250616052644 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4191D41B +20250616052653 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4197FE0F +20250616053049 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D43097AFB +20250616053247 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D43BB9F6F +20250616053318 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D43E4F583 +20250616053536 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D44B73D53 +20250616053606 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D44E1EE3B +20250616053755 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D45876E0F +20250616054222 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4726EF6B +20250616054241 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D473B5563 +20250616054858 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D498E3BAF +20250616054917 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D49A569F7 +20250616055026 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4A0F8DAB +20250616055148 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4A8B902F +20250616055232 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4AC9177F +20250616055323 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4B1157AB +20250616055559 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4C06056B +20250616055943 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4D5F3253 +20250616060324 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4EB4258B +20250616060456 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D4F406FC3 +20250616061112 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D51930143 +20250616061754 2 6 100 4095 2 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D5404A0F3 +20250616062045 2 6 100 4095 5 ECFE2345925613E912C05977A53B7FFB53C9CC5F153ABC4B86FB6EE484FCA6EFA4FB6A21A07984A885B16B8316BD30007D0AEB805E960C0BDEB0AC4D7941E9299071B2FD8E29936EEF604963DAFF758B79326DBA0F875C5A1BA26AA7841135758235A4359130BA4B50FD05921D6FCE4CB46FC7DCCF7374DF61ADFEE13BCBA269AD82F379279EE9DA30F1ECBC59DA3EE072F08E278ED59107BB38429BD020383A1316B5B6505D98D4DE55935F8AB9D65316491BE5E104CF7B004878D04D839278D373C65211EA91E774246B33F98066C95B959127EB03D9B0C4BFB141E61E0C57741E18A1D69DABE678FFBDAF384FC7E8546CB032DEA833E4FAF2A2BB965364566AD5591E56FB54C6CF10D4DBB0C0B01EA5EE17043A8B033BF3C0209EAA6CADD9CECCA503F6DF31382411C32100DC16D2C92682A0EA02CABB44ED418BC92D906343799C77AEA661123BB1A304ED9CAAB8CF2D27FAEADB5B723562B164C0C7636EEA2C70A2544967B5087CBBE6EEB7B69B7CF00E45543FC6A5E611A0476D310EFB400FD7280CB984C4F61A808311351C685957BD311052FE647A84F82EDFC9FC0F8A7ABDA3ACB06084EA82B761F99FE4A5DA7C6E95C4346447A3BC816C29734DFABE2451087D44A605365B38F19F8C47581E0415D7CB67F2FF045AB8C6F4589768E065CB5611C93FD7D10FC57C082B7A7D6FFBC9733264354EB8AB2F1D550D543F +20250616031848 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABCFEBCFD5B +20250616041123 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD054A326B +20250616042441 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD06E7D59B +20250616042612 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD07106BD3 +20250616043534 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD08355803 +20250616043924 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD08A63293 +20250616044633 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0982DEEB +20250616045128 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0A19FE5B +20250616050534 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0BD5F123 +20250616051248 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0CB284DF +20250616051744 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0D4576E7 +20250616052615 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0E4EAA4F +20250616053024 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD0EC9F933 +20250616054931 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD112C869B +20250616061023 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD13C0FA33 +20250616061103 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD13CF073F +20250616062941 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD16121F27 +20250616063708 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD16F3763F +20250616065251 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD18E600CF +20250616065656 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD1961739B +20250616070508 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD1A63040B +20250616071147 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD1B2EB503 +20250616072730 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD1D19F2FF +20250616075823 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD20E7E04F +20250616085003 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD274EB153 +20250616090823 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD298EF107 +20250616090942 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD29B0BD37 +20250616091953 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD2AD9C44B +20250616092428 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD2B623263 +20250616092837 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD2BDBD627 +20250616093520 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD2CA7968B +20250616093745 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD2CEA82B3 +20250616100958 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD30DEC413 +20250616104346 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD34EE8193 +20250616104422 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD34F86857 +20250616111013 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD3825D493 +20250616113910 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD3BAD9997 +20250616115912 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD3E1DEE1B +20250616121039 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD3F7A2C5B +20250616130700 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD46657F43 +20250616131547 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD47787287 +20250616131819 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD47C09A53 +20250616132017 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD47F6C84F +20250616140437 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4D750693 +20250616141233 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4E6BD827 +20250616141414 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4E9887C3 +20250616141602 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4EC7148F +20250616142052 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4F592B73 +20250616142305 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4F9896B3 +20250616151719 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD5631119F +20250616152331 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD56EC431B +20250616154044 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD590666B7 +20250616155712 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD5B10CB97 +20250616160048 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD5B7B673F +20250616170503 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD6377E0DF +20250616170926 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD63FDBC83 +20250616171549 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD64C3C247 +20250616171931 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD653018DB +20250616175241 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD69541097 +20250616183731 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD6EE1B19F +20250616184010 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD6F2D909B +20250616184304 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD6F839987 +20250616190140 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD71C69267 +20250616190401 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD720797DB +20250616191520 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD73692CE3 +20250616192842 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD75053C7B +20250616194857 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD7782C27B +20250616195918 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD78C5964B +20250616200557 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD799219DF +20250616203649 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD7D732CE7 +20250616205237 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD7F5D63A3 +20250616211219 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD81D243C7 +20250616211808 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD827D9623 +20250616213202 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD8429B4CF +20250616214429 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD85BA7CCF +20250616215347 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD86DADC7B +20250616215504 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD86FBFAC3 +20250616215846 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD876E6177 +20250616221047 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD88DF6D3B +20250616223829 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD8C566667 +20250616224259 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD8CE0DE5B +20250616231230 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD908DA493 +20250616232834 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD928EEF7B +20250616233319 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD931E7A6F +20250616235722 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD961D984F +20250617002544 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD3F7A2C5B +20250617012034 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD46657F43 +20250617012906 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD47787287 +20250617013133 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD47C09A53 +20250617013329 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD47F6C84F +20250617021654 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4D750693 +20250617022440 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4E6BD827 +20250617022615 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4E9887C3 +20250617022801 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4EC7148F +20250617023244 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4F592B73 +20250617023455 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD4F9896B3 +20250617032739 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD5631119F +20250617033339 2 6 100 6143 2 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD56EC431B +20250617035013 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD590666B7 +20250617040630 2 6 100 6143 5 E14CB0AD6B03109962790668D317CC69BC29BB96941F75C9BB739C214F83ABACC6508E89C92108C3C075AC60830A996E6A5758E76CCE93C18627A18E951FF26DD53CB94D1348BD062C835177EF5B07353F9AC7D5874D78B3E215C4DC54A8E8F0A3D97705390A53050F25C75E944A4AF84803830492006104387892A78ABBCE80E7950A1B4F59D79AD867DF6DCFD7E23046774C0E28FD907F37F5EE9EF6D9F593DF94313E725D9EE35C57DBE177FA3027AE4BF30C4509333CCBE98DF2E251710A4B899C6C42CA499A8D2657FDC1A82945C74776AC859665175FD8F1DCB16C7B22D455E584DB02B3A95AF9A88126CE3634570A6968DB2654254A030B2F8A133E49F6EAFCD8015FF22D7C622026D6D6FA63BEFA7237C5EC05B7DF99A5854D4792683B454F0ECD52EF41266A550595594556AE969EE307915AC40FA9C551379F2C485A1D53F9C960CF9262A8AD681CFF53EE2D0E208E3DDAFC7C6C82271E0890745579C906BA77716E593D29C5B15F0C18E616BCA698BE676918697281730E0DAF112EE5B763906FC0A373EC15915202FB96241F26AAB0D77DA4357CB2B0C3101F3DB88B5D3AB4497C21377DD543BB422C12CF4E18861AE40924DC2D9AFCCDA500FCFA693288B5DD73216515ECCB12D0400D19BB27E50D3C3183BEA9C113B5A553F9704962FD4BC8510D930F32061EABEC7FC2C1CE32CA6297F5BA8DB6E4B6AEB755A07EF153C51BF7C07A827F43FBFDD4D5136187533FB6155535A9369C5776BDB22D1BE141316CA5DF6704FF2F970C070F6EA37678258683DEDF45056F127C5819E59F2A94680CF651EA983632EA91F47BF80B6D725ADD1E5795884239C5877E753C374266DFD973C414587074750852A5397A7FAC047152100F29AF82E7B2DA89DF3248CAA2B3DF71C4912989A4A660F8DF46155229B4AAF59789ACF49B0021CF015C59D97DE13B91EEA8BFAD9CA6699C59CF385C40F9FC38263207A46505D76DE443A3C2A7BEFB5E5A1040337F50D569F529D885CD651A87100B4634EE7A6F0D5C607E894E1475434F56DC62B016C73C07AE7A716B55F0AD0F399ABD5B10CB97 +20250616035607 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85826297803B +20250616042133 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582643F4617 +20250616052001 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858268210533 +20250616054850 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85826A097C53 +20250616080903 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858273567FDB +20250616093015 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858278B0E5BB +20250616103728 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85827D1D4113 +20250616111218 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85827F657FAB +20250616112833 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858280648FFB +20250616125341 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858285F47EEF +20250616135204 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858289C8483F +20250616150327 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85828E80E33B +20250616161704 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582936A88E3 +20250616170843 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858296D09663 +20250616174557 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858299434467 +20250616185934 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85829E1EAFA3 +20250616190202 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85829E3F6D2B +20250616202814 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582A400B97B +20250616210901 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582A6B686D7 +20250616212925 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582A805594B +20250616232503 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582AFB7787B +20250616235406 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B19E791F +20250616235513 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B1A8E57B +20250617002853 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858289C8483F +20250617013846 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85828E80E33B +20250617025103 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582936A88E3 +20250617034223 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858296D09663 +20250617041923 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858299434467 +20250617053144 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85829E1EAFA3 +20250617053409 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85829E3F6D2B +20250617075210 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85826297803B +20250617081717 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582643F4617 +20250617091509 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858268210533 +20250617094347 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85826A097C53 +20250617120252 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858273567FDB +20250617132226 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858278B0E5BB +20250617142749 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85827D1D4113 +20250617150158 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85827F657FAB +20250617151822 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858280648FFB +20250617164140 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858285F47EEF +20250617173833 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858289C8483F +20250617184837 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85828E80E33B +20250617200056 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582936A88E3 +20250617205150 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858296D09663 +20250617212820 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858299434467 +20250617223953 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85829E1EAFA3 +20250617224217 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85829E3F6D2B +20250618000646 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582A400B97B +20250618004650 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582A6B686D7 +20250618010652 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582A805594B +20250618030037 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582AFB7787B +20250618032918 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B19E791F +20250618033024 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B1A8E57B +20250618042330 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B53C775B +20250618045322 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B7440A97 +20250618052359 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582B954EBF7 +20250618055947 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582BBB8C053 +20250618070614 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582C035FFE3 +20250618072936 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582C1B7AD67 +20250618073924 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582C2551963 +20250618081151 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582C480076F +20250618091411 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582C8B7648B +20250618104754 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582CEFBD56F +20250618114039 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D2828D6F +20250618121547 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D4D953FB +20250618122123 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D533E9B3 +20250618123407 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D608F5D7 +20250618124634 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D6DB3867 +20250618125907 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D7B0E9A3 +20250618131722 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582D8E5433B +20250618154711 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582E318E597 +20250618161518 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582E4FC61FF +20250618173320 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582EA4C196B +20250618181001 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582ECCDA5AF +20250618182405 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582EDB674CF +20250618185052 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582EF76E9A7 +20250618205008 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582F7986EE3 +20250618212939 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8582FA3E17BF +20250618235642 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858304421B3B +20250619002145 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858305ECDC73 +20250619004148 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8583074F20CB +20250619005851 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858308581EC3 +20250619011346 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858309471D47 +20250619020628 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85830CCF0183 +20250619024424 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85830F5F31F3 +20250619033602 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858312D48B7B +20250619043748 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858316F99C53 +20250619050309 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A858318AA26EF +20250619053830 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85831AFC8263 +20250619063025 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85831E74A76B +20250619063819 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85831EF74217 +20250619064710 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85831F833663 +20250619082314 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8583253C251F +20250619082850 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8583257F0853 +20250619090252 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A8583276E0493 +20250619095319 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85832AA1D0AB +20250619111645 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85833035388F +20250619143826 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85833DC506AB +20250619144408 2 6 100 7679 5 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85833E1EBFA7 +20250619144618 2 6 100 7679 2 EEB5FE98B7CF15B438162A5F2DEBBAB8BCF08B8A2614E263AA570052D2B01AC3E0B943491218DF247DB063E7DAECD19D0CD00C65335041AC9D3E4B8493CB58F9CBB166E38FF5E8697EF59D9EE4FAC6415070E0156AF8DA6BE11D672AA9A8E71033936AF75D835CCDBB0ED13CB17CBF9C9D98DEB4FAAD874FCD0929E86CF411426A3A96CED22F7EDC5F7E8D3A3B860F91E3FE92623F97C15EF13921C6AE6B3A566C7E42F46EF7B9721A09D10BEE52CE93694F6EF85F362D90239C4066C8FFFA6C6CCBAF59DFE083B248BF313F2A9D3EF96ACF569CA1B05FBDEFBD4A52C854C7B71AAB2B8AEAF8BFA8F283851E4CAA76F7D155939555F09830E49F38E73A7AE48B489883CA0D96A59B3560A8DF02DC0A0E5B6AD0AFD445B54F5580F4D962D8156DB6A0F70E5E4E47CF3CF9E1281180F5BC90B5C6FCB2DEFF1BD985D405BC3A138700D75D9BAEBBD1A7496F5CD1E6E6D5C0325B89E120A0994AFF0F35741DDC17A7D7C19A818A6C3DB5874B0E78B2BA319C6D4F850762EC32005074492723FAD2876E1C8F9A318852E97F6B28706F67ACAB944E8CFCA7C6A47C0D2F9B6907713CFFE21DEB070F45BAC19828094C424A445440ADF79E925BFE0BE687E82751D9ACBDDA02A6FACD4FEC77EEB9CD32A265B67ABFF9CF22E7EE68DCA133109BD7515B0002A9D4DEF5E3B190CE0E5C8EE2BF18F6176CD47DC00C87CD5CFBADC9D3085DAE39ECC4B320C4AE130E62A03FA4E321F0CDA4844551140DAB5658F27B2A1884BA1B039F25AA1E386BBE9C0BB3906880E46A22D2F9F9C1A7943BC1D71E45A9E6FF4828196192B4063650EAC50555E53516BF4D816888C1E7841914862FA5F82181204155ADCD7652D4B3F8CB0CDFF69BC897FEE50C420A6243059B742171BBC5C94BC6AF23AE90F0DE756DBC1027E3F92EE866A669054CC133A685AE21A51478A305851308220705E0E38D97BD62A8B07047594266DEE3414D3D6C0659C4A8DB9484B86E0638ED13499E7B58030881991FD4E83B61AD429E4276DE69DB74677F16A1EB6D5D3756CB7074B312DDA5679C4E85720ECA7B738F4556BCAADD307D4A2F29158CE326F55CCDEB8755BABC2F7F8DE3F8B19C786D4219E9C45CB9FC7BAD2C5EE5984A392E2AC541662C4552CDB981BB65FE4A28FD19B1A472015BB45AB351F0CF6A9FD756EF6471794E08AB5A7092E0657F873133A0FEB2882251B80D08FC475EB43173F6A9F34787A67B282BB86FB559D883FDE93F10CCA73EA0ECC232CA1B719A98E0280CEAC5338550DBAE750E388F6671F8552A4FEFEDA1190DA60909A797336785C8C7BE9C233CC33F86818D1686C9558C900553F19A85833E3B9B63 +20250616030759 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F355CA78B +20250616040000 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F3838355B +20250616041144 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F38D7F49B +20250616050424 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F3BBD0A5B +20250616052304 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F3CBEA257 +20250616061654 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F3FACE56B +20250616075926 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F454D7B5F +20250616081144 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F45F6C43F +20250616090044 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F48A7A38B +20250616122407 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F53BFE9BB +20250616142400 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F5A4DBBAF +20250616160108 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F5F8C5217 +20250616193743 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F6B909527 +20250616213952 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F72566C2F +20250616232936 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F785F050F +20250617022031 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F5A4DBBAF +20250617035521 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F5F8C5217 +20250617084531 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F5A4DBBAF +20250617102034 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F5F8C5217 +20250617135507 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F6B909527 +20250617155752 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F72566C2F +20250617174609 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F785F050F +20250617185010 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F7BE9453B +20250617203518 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F81D8D1BF +20250617221016 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F872F0C47 +20250617224617 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F89296483 +20250618022226 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F955CABCF +20250618025323 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F971B858F +20250618025845 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F976024CF +20250618031117 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F980C128F +20250618050316 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93F9E572DB3 +20250618054129 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FA0770223 +20250618054813 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FA0D14BEB +20250618061719 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FA267BBE3 +20250618064955 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FA436E453 +20250618065418 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FA46BE9D3 +20250618091516 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FAC5A7C77 +20250618094924 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FAE3F83CB +20250618115905 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FB57652DF +20250618130037 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FB8EDA617 +20250618132027 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FBA050653 +20250618141430 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FBD161D4F +20250618141922 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FBD51B563 +20250618142521 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FBD9DAAA3 +20250618155406 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FC2A05D13 +20250618171641 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FC74EF183 +20250618171856 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FC769295B +20250618181022 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FCA4F6A13 +20250618202914 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FD226B033 +20250618220927 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FD7DA67EF +20250618224256 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FD9B5DB6B +20250618232600 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FDC16AAB7 +20250618232719 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FDC210A83 +20250618233147 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FDC59DC33 +20250618234218 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FDCEE4BE3 +20250618235527 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FDDA3E65F +20250619001532 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FDEC67F03 +20250619021548 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FE56B64F3 +20250619022245 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FE5CF6A53 +20250619050955 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FEF3B127B +20250619055851 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FF1FBE17F +20250619061510 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FF2DEEC33 +20250619062630 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FF376CBEB +20250619062934 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FF39994E7 +20250619075919 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FF8440A8F +20250619100929 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED93FFEB8B7A3 +20250619113103 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED940033A057B +20250619121235 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94005794C2F +20250619123456 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94006B2B897 +20250619124527 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94007401FAB +20250619143042 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9400D0E145B +20250619161110 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94012944667 +20250619180616 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94019090B9F +20250619182713 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9401A2D7303 +20250619200425 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9401F9624E3 +20250619202406 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94020A68B53 +20250619224804 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94028B6619B +20250619234955 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9402C389D97 +20250619235705 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9402C96896B +20250620000401 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9402CF2980F +20250620001146 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9402D572997 +20250620002229 2 6 100 8191 5 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9402DE7288F +20250620004426 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED9402F1E827B +20250620013315 2 6 100 8191 2 DA1E367F51064DE37C61DF292F64D691D584C03B41D0D878E4EAA25ECE0D922818300E39D15F259EB25F466620B3BAA5A1BB314488CD6BC2BA17B82542CE832E02410CEB2C6619BD5358D1C0898F91777C76CE47507DAC5DCE417ED74BD7D816447C06A59051E5F70EEEF96BEBFC70752E26A3507DE5B89B66548A4AC87BA678064ECC851356306BAC0AF3189C284C5D2AE4E624552B2DC83705CB320D3AD9445D569486A6B80B05BBD2C55E8E085A25F422F2FACF52B33ECCA626BE5EC2283FF401D937B3FBE49527D233C8E7187E0A85AC04871CCE580067BDD5C687285C5DA0A930B05AF96DD44CA6F2935C7398251CA9DB735069F88DE6CE2423B6A334DA2CC50AFD2A29C1B5CA7785CCEFD856B39B87666AE368996CEBCC3999562434DA299C1856EDED42DF3F92B122957175296F115C0D6FB214B13EA5616DC9597768FBFF08E2B6BAF5619C078E11F7EEFD8C90459F155305DA5854EE326490AA8D6A9403A62031E890881AD2FDF1855A7BBD6591AD2D1C85EF1270BD1EAFC5EF58336EF37155421222DE87045709F2590250E6CB893DA415E0C1ECFD856544C1100EC71541721C6632CF5A2698A4F8A831414D9DF21B5DB664FCE613BE362C2851DFA14997AF54C9DE6EC79A402060A379C2706BBCE05D192FEDF9C3E6838E6D7B5B8B16D08AE01A5A614CD41CDC6D2EF81CAB6A6C66F2DFE62DFF99F50BBD74E2D1C6F301F84F8DE83952023A2B06FA5391082EF6A4AC7DBFEBB48F0572B6C08FD390EF30D75B6E442D273A6C248A49CE291B55B7E820685541EEE2AA7EBAFAA9516A5EFAB4F41F81347829956522C44DAAC5727E7BFD9DE81493069497D3092E4F36597EE35142629CB3B64750964CEFAB2916B51C507C48DEB6DC62681ED8AEB4F29A3D82D2C20C54153C874F090C9DB8112A6F4F279E22D6CF17C6230963B7A46AFA77195B4CB982D00F351BE4ACBF3B721EF95CDEEF56A3DFF16503BC9B1D1094131DD3CE3DEED0F579EBDD35308FCEB3877F06AE591875236F79608699CBA67B50D6540955D5BEE1CD0A24C175056ABE9C3A93E6EEECD21B60E8BD2F4E73C7385BC35F210E4E29AD2D957008C9BC985B5AB5942E506C3EA2C66BED0811BED5D7CC8CAC13AF701555F6C3E36A21C5BE052E01916B3A22D315ED4824F310D540AD1FBE4A2EF695F507175B4B91D0B3E8C970038700BB5147FC461641858AE21BEB4DDA61A7BE98419001223F4754A4A67CEE4683DDC1094BC2843ED5C95A4769C85450141E1EADF6A611D5E9B8C3A621D94BE0E2965F8309CDDEE5BDDACF9BA41097CBF50144E5E50BF17BE66C8C5F201B007BE42D52A7B65A37E288AC425AC7FD16D059B95EA1EDFFD361F717FEA5F1586459FF2218652DAFB69511B3551CCEF1417ED578B083C92C58AAEF2BE45C24A9877E2261E51A26D69ED94031D70FAB From 6432b9f6a216d0f5fb43df500e9bc30bebb3f58b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 13 Oct 2025 00:53:51 +0000 Subject: [PATCH 363/687] upstream: when using the SFTP protocol for transfers, fix implicit destination path selection when source path ends with ".."; ok deraadt@ bz3871 OpenBSD-Commit-ID: d75b3b006386c5302ed4f67c4add18464ab36a0b --- scp.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/scp.c b/scp.c index c5f573cc1fde..85880a7923a4 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.268 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: scp.c,v 1.269 2025/10/13 00:53:51 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -1340,6 +1340,10 @@ source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn) if ((filename = basename(src)) == NULL) fatal("basename \"%s\": %s", src, strerror(errno)); + /* Special handling for source of '..' */ + if (strcmp(filename, "..") == 0) + filename = "."; /* Upload to dest, not dest/.. */ + /* * No need to glob here - the local shell already took care of * the expansions @@ -1613,6 +1617,10 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn) goto out; } + /* Special handling for destination of '..' */ + if (strcmp(filename, "..") == 0) + filename = "."; /* Download to dest, not dest/.. */ + if (dst_is_dir) abs_dst = sftp_path_append(dst, filename); else From 4f14ca8633a2c8c0a1a19165663421f0ab32f6ab Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 13 Oct 2025 00:54:29 +0000 Subject: [PATCH 364/687] upstream: similar to scp, fix implicit destination path selection when source path ends with ".."; ok deraadt@ OpenBSD-Commit-ID: 9b8d2a662d96b241293a88b3ea21f2419bfc4812 --- sftp.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/sftp.c b/sftp.c index 57516a73a683..c463899c4b06 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.246 2025/10/08 21:48:40 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.247 2025/10/13 00:54:29 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -679,6 +679,10 @@ process_get(struct sftp_conn *conn, const char *src, const char *dst, goto out; } + /* Special handling for dest of '..' */ + if (strcmp(filename, "..") == 0) + filename = "."; /* Download to dest, not dest/.. */ + if (g.gl_matchc == 1 && dst) { if (local_is_dir(dst)) { abs_dst = sftp_path_append(dst, filename); @@ -773,6 +777,9 @@ process_put(struct sftp_conn *conn, const char *src, const char *dst, err = -1; goto out; } + /* Special handling for source of '..' */ + if (strcmp(filename, "..") == 0) + filename = "."; /* Upload to dest, not dest/.. */ free(abs_dst); abs_dst = NULL; From 36a98fccaacbbf07eaf67855a8057cba724c5e91 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 13 Oct 2025 00:55:09 +0000 Subject: [PATCH 365/687] upstream: test implicit destination path selection when source path ends with ".." OpenBSD-Regress-ID: 42a88e7cdceee8a83879f5730199084ee4a95902 --- regress/scp.sh | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/regress/scp.sh b/regress/scp.sh index 640cf434ff67..98f45129b9fe 100644 --- a/regress/scp.sh +++ b/regress/scp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp.sh,v 1.19 2023/09/08 05:50:57 djm Exp $ +# $OpenBSD: scp.sh,v 1.20 2025/10/13 00:55:09 djm Exp $ # Placed in the Public Domain. tid="scp" @@ -199,6 +199,19 @@ for mode in scp sftp ; do echo b > ${COPY2} $SCP $scpopts ${DATA} ${COPY} ${COPY2} cmp ${COPY} ${COPY2} >/dev/null && fail "corrupt target" + + # scp /blah/.. is only supported via the sftp protocol. + # Original protocol scp just refuses it. + test $mode != sftp && continue + verbose "$tag: recursive local .. to remote dir" + forest + $SCP $scpopts -r ${DIR}/subdir/.. somehost:${DIR2} || fail "copy failed" + diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" + + verbose "$tag: recursive remote .. to local dir" + forest + $SCP $scpopts -r somehost:${DIR}/subdir/.. ${DIR2} || fail "copy failed" + diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" done scpclean From be0777ae3ef6d9deacb0e3c494674c84feac34bd Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 13 Oct 2025 00:55:45 +0000 Subject: [PATCH 366/687] upstream: test recursive transfers, including cases where the source path ends in ".." OpenBSD-Regress-ID: a38e3dbc86f6b7a95605784dcc601f17ede9c3f0 --- regress/sftp-cmds.sh | 51 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh index 6c21e911374d..a03959d60def 100644 --- a/regress/sftp-cmds.sh +++ b/regress/sftp-cmds.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-cmds.sh,v 1.22 2025/10/10 00:31:53 djm Exp $ +# $OpenBSD: sftp-cmds.sh,v 1.23 2025/10/13 00:55:45 djm Exp $ # Placed in the Public Domain. # XXX - TODO: @@ -137,6 +137,30 @@ for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get" done +forest +verbose "$tid: get recursive absolute" +echo "get -R ${COPY}.dd ${COPY}.dd2" | sftpserver || fail "get failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + +forest +verbose "$tid: get recursive relative src" +printf "cd ${COPY}.dd\n get -R . ${COPY}.dd2\n" | sftpserver || \ + fail "get failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + +forest +verbose "$tid: get relative .." +printf "cd ${COPY}.dd/b\n get -R .. ${COPY}.dd2\n" | sftpserver || \ + fail "get failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + +forest +mkdir ${COPY}.dd2 +verbose "$tid: get recursive relative .." +printf "cd ${COPY}.dd/b\n lcd ${COPY}.dd2\n get -R ..\n" | sftpserver || \ + fail "get failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + rm -f ${COPY} verbose "$tid: put" echo "put $DATA $COPY" | sftpserver || fail "put failed" @@ -176,12 +200,37 @@ for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put" done +forest +verbose "$tid: put recursive absolute" +echo "put -R ${COPY}.dd ${COPY}.dd2" | sftpserver || fail "put failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + +forest +verbose "$tid: put recursive relative src" +printf "lcd ${COPY}.dd\n put -R . ${COPY}.dd2\n" | sftpserver || \ + fail "put failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + +forest +verbose "$tid: put recursive .." +printf "lcd ${COPY}.dd/b\n put -R .. ${COPY}.dd2\n" | sftpserver || \ + fail "put failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + +forest +mkdir ${COPY}.dd2 +verbose "$tid: put recursive .. relative" +printf "lcd ${COPY}.dd/b\n cd ${COPY}.dd2\n put -R ..\n" | sftpserver || \ + fail "put failed" +diff ${DIFFOPT} ${COPY}.dd ${COPY}.dd2 || fail "corrupted copy" + verbose "$tid: rename" echo "rename $COPY ${COPY}.1" | sftpserver || fail "rename failed" test -f ${COPY}.1 || fail "missing file after rename" cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename" verbose "$tid: rename directory" +rm -rf ${COPY}.dd2 echo "rename ${COPY}.dd ${COPY}.dd2" | sftpserver || \ fail "rename directory failed" test -d ${COPY}.dd && fail "oldname exists after rename directory" From cd8c96f283dbad90991edc09ade962bcfd96adc9 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 13 Oct 2025 00:56:15 +0000 Subject: [PATCH 367/687] upstream: test remote/remote recursive transfers where the source path ends in ".." OpenBSD-Regress-ID: 2f42078cfcee986d08b5d135968b8de6186c0003 --- regress/scp3.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/regress/scp3.sh b/regress/scp3.sh index eeb7a9dde475..ef316c099414 100644 --- a/regress/scp3.sh +++ b/regress/scp3.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp3.sh,v 1.5 2023/09/08 06:10:57 djm Exp $ +# $OpenBSD: scp3.sh,v 1.6 2025/10/13 00:56:15 djm Exp $ # Placed in the Public Domain. tid="scp3" @@ -6,6 +6,7 @@ tid="scp3" COPY2=${OBJ}/copy2 DIR=${COPY}.dd DIR2=${COPY}.dd2 +DIFFOPT="-rN" maybe_add_scp_path_to_sshd @@ -63,6 +64,15 @@ for mode in scp sftp ; do echo b > ${COPY2} $SCP $scpopts -3 hostA:${DATA} hostA:${COPY} hostB:${COPY2} cmp ${COPY} ${COPY2} >/dev/null && fail "corrupt target" + + # scp /blah/.. is only supported via the sftp protocol. + # Original protocol scp just refuses it. + test $mode != sftp && continue + verbose "$tag: recursive .." + forest + $SCP $scpopts -r hostA:${DIR}/subdir/.. hostB:${DIR2} || \ + fail "copy failed" + diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" done scpclean From da2f945f62e5a462381103803ee72e924bd1f137 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 13 Oct 2025 14:33:04 +1100 Subject: [PATCH 368/687] check whether diff accepts -N --- regress/scp3.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/regress/scp3.sh b/regress/scp3.sh index ef316c099414..d42abc2dc824 100644 --- a/regress/scp3.sh +++ b/regress/scp3.sh @@ -8,6 +8,11 @@ DIR=${COPY}.dd DIR2=${COPY}.dd2 DIFFOPT="-rN" +# Figure out if diff does not understand "-N" +if ! diff -N ${SRC}/scp.sh ${SRC}/scp.sh 2>/dev/null; then + DIFFOPT="-r" +fi + maybe_add_scp_path_to_sshd SRC=`dirname ${SCRIPT}` From a6ee0eb8cd951d0a00b2f06687c77f8f573b5985 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 13 Oct 2025 19:02:45 +1100 Subject: [PATCH 369/687] Switch OpenBSD VMs to use doas instead of sudo. OpenBSD 7.3 packages have been removed from the mirrors so we can't install sudo for it any more, so switch to the native doas utility. --- .github/workflows/vm.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 9dcf5fcca764..759de69cbe33 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -282,9 +282,12 @@ jobs: release: ${{ matrix.target }} usesh: true prepare: | - env PKG_PATH=https://ftp.openbsd.org/pub/OpenBSD/${{matrix.target}}/packages/amd64 pkg_add sudo-- useradd -m builder - echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers + echo "permit nopass keepenv root" >/etc/doas.conf + echo "permit nopass keepenv builder" >>/etc/doas.conf + ls -l /etc/doas.conf + chown root:wheel /etc/doas.conf + chmod 644 /etc/doas.conf mkdir -p /var/empty /usr/local/etc cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli @@ -293,18 +296,18 @@ jobs: run: cd $GITHUB_WORKSPACE && chown -R builder . - name: configure shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure + run: cd $GITHUB_WORKSPACE && doas -u builder ./configure - name: make clean shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + run: cd $GITHUB_WORKSPACE && doas -u builder make clean - name: make shell: openbsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4 + run: cd $GITHUB_WORKSPACE && doas -u builder make -j4 - name: make tests shell: openbsd {0} run: | cd $GITHUB_WORKSPACE - sudo -u builder env SUDO=sudo make tests + doas -u builder env SUDO=doas make tests solaris: From 3adc47e161901001816045c032fa61e94b0c9426 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 14 Oct 2025 14:52:50 +1100 Subject: [PATCH 370/687] don't leak PAM handle on repeat invocations Reported by Casper Dik via bz3882; ok dtucker@ --- auth-pam.c | 1 + 1 file changed, 1 insertion(+) diff --git a/auth-pam.c b/auth-pam.c index 5591f094ece3..965de210060f 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -735,6 +735,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) /* We already have a PAM context; check if the user matches */ if ((sshpam_err = check_pam_user(authctxt)) != PAM_SUCCESS) fatal("PAM user mismatch"); + return 0; } debug("PAM: initializing for \"%s\" with service \"%s\"", user, options.pam_service_name); From 3ccdd9841f48e7d660f8b60c996965e9dde0a3a9 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Mon, 13 Oct 2025 12:49:24 -0400 Subject: [PATCH 371/687] bsd-misc: include sys/ioctl.h This file uses ioctl() to implement some fallback functions, but doesn't include sys/ioctl.h for it. --- openbsd-compat/bsd-misc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 2c196ec23eee..fe0c2a3006fa 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -18,6 +18,7 @@ #include "includes.h" #include +#include #ifdef HAVE_SYS_SELECT_H # include #endif From 2b1761dea36c120417d8b73db8310dc09a781e6f Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Mon, 13 Oct 2025 11:29:36 -0400 Subject: [PATCH 372/687] gitignore: ignore all *~ files This is a common backup style. --- .gitignore | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index a017df851006..002d102b88e0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ +*~ Makefile buildpkg.sh config.h -config.h.in~ config.log config.status openbsd-compat/Makefile @@ -17,7 +17,6 @@ survey.sh **/*.dll **/*.out **/*.a -**/*.un~ **/.*.swp autom4te.cache/ scp From 45e2d8861bb724cfced1bf0693a6418a0cba6ab2 Mon Sep 17 00:00:00 2001 From: Arnout Engelen Date: Fri, 20 Jun 2025 21:36:44 +0200 Subject: [PATCH 373/687] mdoc2man: support `Ns` inside `Ic` When encountering an `Ns` mdoc macro ('no space') inside an `Ic` block ('command'), such as for 'lines=number' in ssh-keygen.1, `mdoc2man` just output the macro instead of processing it. This adds processing for `Ns` when seen inside an `Ic` block. --- mdoc2man.awk | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mdoc2man.awk b/mdoc2man.awk index 02a04f7621d8..469891965e78 100644 --- a/mdoc2man.awk +++ b/mdoc2man.awk @@ -281,6 +281,12 @@ function add(str) { add("[") words[nwords]=words[nwords] "]" } + if(match(words[w],"^Ns$")) { + w++ + if(!nospace) + nospace=1 + sub(" $","",line) + } if(match(words[w],"^Ar$")) { add("\\fI" words[++w] "\\fP") } else if(match(words[w],"^[\\.,]")) { From a4e404a64b117a15453075ee26eb061d416e58cd Mon Sep 17 00:00:00 2001 From: Arnout Engelen Date: Sat, 21 Jun 2025 09:47:28 +0200 Subject: [PATCH 374/687] mdoc2man: process `Dl` macros `Dl` marks a single line as 'literal'. Since we don't output single lines differently in literal vs regular mode (we only insert line breaks for multi-line blocks in literal mode), we can just skip it. --- mdoc2man.awk | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mdoc2man.awk b/mdoc2man.awk index 469891965e78..c942ab86f709 100644 --- a/mdoc2man.awk +++ b/mdoc2man.awk @@ -95,6 +95,8 @@ function add(str) { } else if(match(words[w],"^Ed$")) { skip=1 literal=0 + } else if(match(words[w],"^Dl$")) { + skip=1 } else if(match(words[w],"^Ns$")) { skip=1 if(!nospace) From 9c8572a357c071923569a62bd9cfb68b1f788e09 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 15 Oct 2025 23:54:20 +0000 Subject: [PATCH 375/687] upstream: mention this is for both ssh-pkcs11.c and ssh-pkcs11-client.c OpenBSD-Commit-ID: 26eff4b9a328fa056e98b997cb57254639e48fda --- ssh-pkcs11.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h index d86c506c1c57..6da1737cc978 100644 --- a/ssh-pkcs11.h +++ b/ssh-pkcs11.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.h,v 1.9 2025/07/30 04:27:42 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.h,v 1.10 2025/10/15 23:54:20 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -15,6 +15,8 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +/* API for ssh-pkcs11.c and ssh-pkcs11-client.c */ + /* Errors for pkcs11_add_provider() */ #define SSH_PKCS11_ERR_GENERIC 1 #define SSH_PKCS11_ERR_LOGIN_FAIL 2 From d926a84d17fb28bc94219e68575cb4847af02e9a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 15 Oct 2025 23:55:01 +0000 Subject: [PATCH 376/687] upstream: don't try to pledge() the client if a PKCS11Provider is in use OpenBSD-Commit-ID: 445b2bf4b1e36e515f4d888f35244fd2dcfbb566 --- clientloop.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clientloop.c b/clientloop.c index 49d048d85a4f..15bf7c1e895d 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.415 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: clientloop.c,v 1.416 2025/10/15 23:55:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -942,7 +942,7 @@ client_repledge(void) /* Might be able to tighten pledge now that session is established */ if (options.control_master || options.control_path != NULL || options.forward_x11 || options.fork_after_authentication || - can_update_hostkeys() || + options.pkcs11_provider != NULL || can_update_hostkeys() || (session_ident != -1 && !session_setup_complete)) { /* Can't tighten */ return; From e3fdb82fb02723dbe139f9d4be274d7fddfb7983 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 16 Oct 2025 00:00:36 +0000 Subject: [PATCH 377/687] upstream: missed a case in previous OpenBSD-Commit-ID: 271c5602b5e719ee3def19dbd9a33328b4fa7edc --- clientloop.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/clientloop.c b/clientloop.c index 15bf7c1e895d..1f2dad3f1c85 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.416 2025/10/15 23:55:01 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.417 2025/10/16 00:00:36 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1457,7 +1457,9 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, debug("Entering interactive session."); session_ident = ssh2_chan_id; - if (options.control_master && + if (options.pkcs11_provider != NULL) + debug("pledge: disabled (PKCS11Provider active)"); + else if (options.control_master && !option_clear_or_none(options.control_path)) { debug("pledge: id"); if (pledge("stdio rpath wpath cpath unix inet dns recvfd sendfd proc exec id tty", From 946574b97ceae126e0f0af2db43abb454937defe Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 16 Oct 2025 00:01:54 +0000 Subject: [PATCH 378/687] upstream: regress test for PKCS#11 directly in ssh (not via ssh-agent) would have caught bz3879 OpenBSD-Regress-ID: ceafb1e9a6c07185cc0cb0589f3170489a516123 --- regress/Makefile | 8 +++++--- regress/ssh-pkcs11.sh | 40 ++++++++++++++++++++++++++++++++++++++++ regress/test-exec.sh | 10 ++++++++-- 3 files changed, 53 insertions(+), 5 deletions(-) create mode 100644 regress/ssh-pkcs11.sh diff --git a/regress/Makefile b/regress/Makefile index ece093a2ba87..0bb90bcb4fb2 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.140 2025/07/04 07:52:17 djm Exp $ +# $OpenBSD: Makefile,v 1.141 2025/10/16 00:01:54 djm Exp $ tests: prep file-tests t-exec unit @@ -114,7 +114,8 @@ LTESTS= connect \ agent-pkcs11-cert \ penalty \ penalty-expire \ - connect-bigconf + connect-bigconf \ + ssh-pkcs11 INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers INTEROP_TESTS+= dropbear-ciphers dropbear-kex dropbear-server @@ -151,7 +152,8 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ sshd_proxy_orig t10.out t10.out.pub t12.out t12.out.pub \ t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \ t8.out t8.out.pub t9.out t9.out.pub \ - timestamp testdata user_*key* user_ca* user_key* + timestamp testdata user_*key* user_ca* user_key* \ + pin.sh nopin.sh wrongpin.sh key.pub # Enable all malloc(3) randomisations and checks TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" diff --git a/regress/ssh-pkcs11.sh b/regress/ssh-pkcs11.sh new file mode 100644 index 000000000000..96680fca9f74 --- /dev/null +++ b/regress/ssh-pkcs11.sh @@ -0,0 +1,40 @@ +# $OpenBSD: ssh-pkcs11.sh,v 1.1 2025/10/16 00:01:54 djm Exp $ +# Placed in the Public Domain. + +tid="pkcs11 ssh test" + +p11_setup || skip "No PKCS#11 library found" + +grep -iv IdentityFile $OBJ/ssh_proxy | + grep -vi BatchMode > $OBJ/ssh_proxy.orig +#echo "IdentitiesOnly=yes" >> $OBJ/ssh_proxy.orig +echo "PKCS11Provider=${TEST_SSH_PKCS11}" >> $OBJ/ssh_proxy.orig + +check_all() { + tag="$1" + expect_success=$2 + pinsh="$3" + for k in $ED25519 $RSA $EC; do + kshort=`basename "$k"` + verbose "$tag: $kshort" + pub="$k.pub" + cp $pub $OBJ/key.pub + chmod 0600 $OBJ/key.pub + cat $OBJ/key.pub > $OBJ/authorized_keys_$USER + cp $OBJ/ssh_proxy.orig $OBJ/ssh_proxy + env SSH_ASKPASS="$pinsh" SSH_ASKPASS_REQUIRE=force \ + ${SSH} -F $OBJ/ssh_proxy somehost exit 5 >/dev/null 2>&1 + r=$? + if [ "x$expect_success" = "xy" ]; then + if [ $r -ne 5 ]; then + fail "ssh connect failed (exit code $r)" + fi + elif [ $r -eq 5 ]; then + fail "ssh connect succeeded unexpectedly (exit code $r)" + fi + done +} + +check_all "correct pin" y $PIN_SH +check_all "wrong pin" n $WRONGPIN_SH +check_all "nopin" n `which true` diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 34fb58fda0f8..f13750eaeaeb 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.131 2025/07/26 01:53:31 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.132 2025/10/16 00:01:54 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -991,13 +991,19 @@ EOF fatal "softhsm import ed25519 fail" chmod 600 $ED25519 ${SSHKEYGEN} -y -f $ED25519 > ${ED25519}.pub - # Prepare askpass script to load PIN. + # Prepare some askpass scripts to load PINs. PIN_SH=$SSH_SOFTHSM_DIR/pin.sh cat > $PIN_SH << EOF #!/bin/sh echo "${TEST_SSH_PIN}" EOF chmod 0700 "$PIN_SH" + WRONGPIN_SH=$SSH_SOFTHSM_DIR/wrongpin.sh + cat > $WRONGPIN_SH << EOF +#!/bin/sh +echo "0000" +EOF + chmod 0700 "$WRONGPIN_SH" PKCS11_OK=yes if env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force \ ${SSHKEYGEN} -D ${TEST_SSH_PKCS11} >/dev/null 2>&1 ; then From ce49aceba9f4b5f34a1041145782914aa35ca880 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 16 Oct 2025 11:15:16 +1100 Subject: [PATCH 379/687] link ssh against ssh-pkcs11.o Should fix PIN entry for direct use of PKCS11Provider in ssh(1) bz3879 --- Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index ba17a79f0d3d..a099b38fc1ec 100644 --- a/Makefile.in +++ b/Makefile.in @@ -114,7 +114,7 @@ P11OBJS= ssh-pkcs11-client.o SKOBJS= ssh-sk-client.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect2.o mux.o $(P11OBJS) $(SKOBJS) + sshconnect.o sshconnect2.o mux.o ssh-pkcs11.o $(SKOBJS) SSHDOBJS=sshd.o \ platform-listen.o \ From a6503f1e22aa34ac08d5b4d2b6730954ffd30116 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 17 Oct 2025 16:23:43 +1100 Subject: [PATCH 380/687] If we have nfds_t, check if it's int or long. Should fix build on very old Mac OS X, eg 10.3. Spotted and patch tested by Sevan Janiyan. --- configure.ac | 18 ++++++++++++++++++ openbsd-compat/bsd-poll.h | 4 ++++ 2 files changed, 22 insertions(+) diff --git a/configure.ac b/configure.ac index db5211013f43..916ba032e36d 100644 --- a/configure.ac +++ b/configure.ac @@ -3773,6 +3773,24 @@ AC_CHECK_TYPES([nfds_t], , , [ #endif ]) +if test "x$ac_cv_type_nfds_t" != "xyes"; then + AC_MSG_CHECKING([if poll nfds_t is unsigned long]) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#include +#ifdef HAVE_POLL_H +#include +#endif +#ifdef HAVE_SYS_POLL_H +#include +#endif + int poll(struct pollfd *, unsigned long, int timeout); + ]], [[return poll(0, 0, 0);]])], + [AC_MSG_RESULT([yes]) + AC_DEFINE(POLL_NFDS_T_ULONG, 1, [Define if poll 2nd arg is ulong])], + [AC_MSG_RESULT([no])] + ) +fi + # Decide which sandbox style to use sandbox_arg="" AC_ARG_WITH([sandbox], diff --git a/openbsd-compat/bsd-poll.h b/openbsd-compat/bsd-poll.h index 67fd8c66f803..bebd5d87d05a 100644 --- a/openbsd-compat/bsd-poll.h +++ b/openbsd-compat/bsd-poll.h @@ -72,7 +72,11 @@ typedef struct pollfd { #endif /* !HAVE_STRUCT_POLLFD_FD */ #ifndef HAVE_NFDS_T +# ifdef POLL_NFDS_T_ULONG +typedef unsigned long nfds_t; +# else typedef unsigned int nfds_t; +# endif #endif #ifndef HAVE_POLL From a204650386124df8035b8c8613dccbe9b3158cdf Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 17 Oct 2025 16:26:22 +1100 Subject: [PATCH 381/687] Retire macos-13 runners, add Intel-specific ones. --- .github/workflows/c-cpp.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index f64803b55ef6..f7691cb767f1 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -29,9 +29,9 @@ jobs: - ubuntu-latest - ubuntu-22.04-arm - ubuntu-24.04-arm - - macos-13 - macos-14 - macos-15 + - macos-15-intel - windows-2022 - windows-2025 config: [default] @@ -111,7 +111,6 @@ jobs: - { target: ubuntu-latest, config: musl } - { target: ubuntu-22.04-arm, config: kitchensink } - { target: ubuntu-24.04-arm, config: kitchensink } - - { target: macos-13, config: pam } - { target: macos-14, config: pam } - { target: macos-15, config: pam } runs-on: ${{ matrix.target }} From 74369b2b7c366887211ef5c092b0aaa60f31ef11 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 20 Oct 2025 00:45:10 +0000 Subject: [PATCH 382/687] upstream: regression test for "interactive" ssh with a PTY attached, using tmux would have likely caught the ControlPersist regression in 10.1. feedback nicm@ OpenBSD-Regress-ID: d4d709c08657769cb5691893cc98f34b6f537e76 --- regress/Makefile | 6 +- regress/ssh-tty.sh | 152 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 156 insertions(+), 2 deletions(-) create mode 100644 regress/ssh-tty.sh diff --git a/regress/Makefile b/regress/Makefile index 0bb90bcb4fb2..bd44b0489901 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -19,6 +19,7 @@ clean: for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done rm -rf $(OBJ).putty rm -rf $(OBJ).dropbear + rm -rf $(OBJ).fakehome distclean: clean @@ -115,7 +116,8 @@ LTESTS= connect \ penalty \ penalty-expire \ connect-bigconf \ - ssh-pkcs11 + ssh-pkcs11 \ + ssh-tty INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers INTEROP_TESTS+= dropbear-ciphers dropbear-kex dropbear-server @@ -153,7 +155,7 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \ t8.out t8.out.pub t9.out t9.out.pub \ timestamp testdata user_*key* user_ca* user_key* \ - pin.sh nopin.sh wrongpin.sh key.pub + pin.sh nopin.sh wrongpin.sh key.pub test.sh ctl-sock # Enable all malloc(3) randomisations and checks TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh new file mode 100644 index 000000000000..2864f50014c8 --- /dev/null +++ b/regress/ssh-tty.sh @@ -0,0 +1,152 @@ +# $OpenBSD: ssh-tty.sh,v 1.1 2025/10/20 00:45:10 djm Exp $ +# Placed in the Public Domain. + +# Basic TTY smoke test + +tid="ssh-tty" + +# Fake home directory to avoid user shell configuration. +FAKEHOME="$OBJ/.fakehome" +rm -rf "$FAKEHOME" +mkdir -m 0700 -p "$FAKEHOME" + +# tmux stuff +TMUX=tmux +test -x $TMUX || skip "tmux not found" +CLEANENV="env -i HOME=$HOME LOGNAME=$USER USER=$USER PATH=$PATH SHELL=$SHELL" +TMUX_TEST="$CLEANENV $TMUX -f/dev/null -Lopenssh-regress-ssh-tty" +sess="regress-ssh-tty$$" + +# Multiplexing control socket. +CTL=$OBJ/ctl-sock + +# Some randomish strings used for signalling back and forth. +# We use the octal variants via printf(1). +MAGIC1="XY23zzY" +MAGIC1_OCTAL="\130\131\062\063\172\172\131" +MAGIC2="99sMarT86" +MAGIC2_OCTAL="\071\071\163\115\141\162\124\070\066" +MAGIC3="woLF1701d" +MAGIC3_OCTAL="\167\157\114\106\061\067\060\061\144" +MAGIC4="lUh4thX4evR" +MAGIC4_OCTAL="\154\125\150\064\164\150\130\064\145\166\122" + +# Wait for a mux process to become ready. +wait_for_mux_ready() +{ + for i in 1 2 3 4 5 6 7 8 9; do + ${SSH} -F $OBJ/ssh_config -S $CTL -Ocheck otherhost \ + >/dev/null 2>&1 && return 0 + sleep $i + done + fatal "mux never becomes ready" +} + +# Wait for a mux process to have finished. +wait_for_mux_done() +{ + for i in 1 2 3 4 5 6 7 8 9; do + test -S $CTL || return 0 + sleep $i + done + fatal "mux socket never removed" +} + +# Wait for a regex to appear in terminal output. +wait_for_regex() { + string="$1" + errors_are_fatal="$2" + for x in 1 2 3 4 5 6 7 8 9 10 ; do + $TMUX_TEST capture-pane -pt $sess | grep "$string" >/dev/null + [ $? -eq 0 ] && return + sleep 1 + done + if test -z "$errors_are_fatal"; then + fail "failed to match \"$string\" in terminal output" + return + fi + fatal "failed to match \"$string\" in terminal output" +} + +# Check that a regex does *not* appear in terminal output +not_in_term() { + string="$1" + error="$2" + errors_are_fatal="$3" + $TMUX_TEST capture-pane -pt $sess | grep "$string" > /dev/null + [ $? -ne 0 ] && return + if test -z "$errors_are_fatal"; then + fail "$error" + return + fi + fatal "$error" +} + +trap "$TMUX_TEST kill-session -t $sess 2>/dev/null" EXIT + +run_test() { + tag="$1" + ssh_args="$2" + # Prepare a tmux session. + $TMUX_TEST kill-session -t $sess 2>/dev/null + $TMUX_TEST new-session -d -s $sess + #echo XXXXXXXXXX $sess; sleep 10 + + # Command to start SSH; sent as keystrokes to tmux session. + RCMD="$CLEANENV $SHELL" + CMD="$SSH -F $OBJ/ssh_proxy $ssh_args -S $CTL x -tt $RCMD" + + verbose "${tag}: start connection" + # arrange for the shell to print something after ssh completes. + $TMUX_TEST send-keys -t $sess "$CMD && printf '$MAGIC1_OCTAL\n'" ENTER + wait_for_mux_ready + + verbose "${tag}: send string" + $TMUX_TEST send-keys -t $sess "printf '$MAGIC2_OCTAL\n'" ENTER + wait_for_regex "$MAGIC2" + + verbose "${tag}: ^c interrupts process" + # ^c should interrupt the sleep and prevent the magic string + # from appearing. + $TMUX_TEST send-keys -t $sess "sleep 30 || printf '$MAGIC3_OCTAL\n'" + $TMUX_TEST send-keys -t $sess ENTER + $TMUX_TEST send-keys -t $sess "C-c" + # send another string to let us know that the sleep has finished. + $TMUX_TEST send-keys -t $sess "printf '$MAGIC4_OCTAL\n'" ENTER + wait_for_regex "$MAGIC4" + not_in_term "$MAGIC3" "^c did not interrupt" + + verbose "${tag}: ~? produces help" + $TMUX_TEST send-keys -t $sess ENTER "~?" + wait_for_regex "^Supported escape sequences:$" + + verbose "${tag}: ~. terminates session" + $TMUX_TEST send-keys -t $sess ENTER "~." + wait_for_mux_done + not_in_term "$MAGIC1" "ssh unexpectedly exited successfully after ~." + + verbose "${tag}: restart session" + $TMUX_TEST send-keys -t $sess "$CMD && printf '$MAGIC1_OCTAL\n'" ENTER + wait_for_mux_ready + + verbose "${tag}: eof terminates session successfully" + $TMUX_TEST send-keys -t $sess ENTER "C-d" + wait_for_regex "$MAGIC1" +} + +# Make sure tmux is working as expected before we start. +$TMUX_TEST kill-session -t $sess 2>/dev/null +$TMUX_TEST new-session -d -s $sess +# Make sure the session doesn't contain the magic strings we will use +# for signalling or any #? output. +not_in_term "$MAGIC1" "terminal already contains magic1 string" fatal +not_in_term "$MAGIC2" "terminal already contains magic2 string" fatal +not_in_term "$MAGIC3" "terminal already contains magic3 string" fatal +not_in_term "$MAGIC4" "terminal already contains magic4 string" fatal +not_in_term "^Supported escape" "terminal already contains escape help" fatal +$TMUX_TEST send-keys -t $sess "printf '$MAGIC1_OCTAL\n'" ENTER +wait_for_regex "$MAGIC1" fatal +$TMUX_TEST kill-session -t $sess 2>/dev/null + +run_test "basic" "-oControlMaster=yes" +run_test "ControlPersist" "-oControlMaster=auto -oControlPersist=1s" From 75faa8a167b5cd4453937387b15216aa3cbc52ce Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 20 Oct 2025 18:29:24 +1100 Subject: [PATCH 383/687] Update LibreSSL versions and add 4.2.0. --- .github/workflows/c-cpp.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index f7691cb767f1..a132ed87f65f 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -79,8 +79,9 @@ jobs: - { target: ubuntu-latest, config: libressl-3.7.3 } - { target: ubuntu-latest, config: libressl-3.8.4 } - { target: ubuntu-latest, config: libressl-3.9.2 } - - { target: ubuntu-latest, config: libressl-4.0.0 } - - { target: ubuntu-latest, config: libressl-4.1.0 } + - { target: ubuntu-latest, config: libressl-4.0.1 } + - { target: ubuntu-latest, config: libressl-4.1.1 } + - { target: ubuntu-latest, config: libressl-4.2.0 } - { target: ubuntu-latest, config: openssl-master } - { target: ubuntu-latest, config: openssl-noec } - { target: ubuntu-latest, config: openssl-1.1.1 } From a750ec60782d21db69383344dda478342d40ffa1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 20 Oct 2025 18:31:08 +1100 Subject: [PATCH 384/687] Detect tmux at configure time and pass to tests. ok djm@ --- Makefile.in | 1 + configure.ac | 1 + regress/ssh-tty.sh | 2 +- regress/test-exec.sh | 3 +++ 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index a099b38fc1ec..66f15968928c 100644 --- a/Makefile.in +++ b/Makefile.in @@ -818,6 +818,7 @@ interop-tests t-exec file-tests extra-tests: regress-prep regress-binaries $(TAR TEST_SSH_DROPBEARKEY="@DROPBEARKEY@" \ TEST_SSH_DROPBEARCONVERT="@DROPBEARCONVERT@" \ TEST_SSH_DBCLIENT="@DBCLIENT@" \ + TEST_SSH_TMUX="@TMUX@" \ TEST_SSH_IPV6="@TEST_SSH_IPV6@" \ TEST_SSH_UTF8="@TEST_SSH_UTF8@" \ TEST_SHELL="$(TEST_SHELL)" \ diff --git a/configure.ac b/configure.ac index 916ba032e36d..86cf56689b61 100644 --- a/configure.ac +++ b/configure.ac @@ -5825,6 +5825,7 @@ AC_PATH_PROG([DROPBEAR], [dropbear]) AC_PATH_PROG([DBCLIENT], [dbclient]) AC_PATH_PROG([DROPBEARKEY], [dropbearkey]) AC_PATH_PROG([DROPBEARCONVERT], [dropbearconvert]) +AC_PATH_PROG([TMUX], [tmux]) CFLAGS="${CFLAGS} ${CFLAGS_AFTER}" LDFLAGS="${LDFLAGS} ${LDFLAGS_AFTER}" diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index 2864f50014c8..690794c9ec24 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -11,7 +11,7 @@ rm -rf "$FAKEHOME" mkdir -m 0700 -p "$FAKEHOME" # tmux stuff -TMUX=tmux +TMUX=${TMUX:-tmux} test -x $TMUX || skip "tmux not found" CLEANENV="env -i HOME=$HOME LOGNAME=$USER USER=$USER PATH=$PATH SHELL=$SHELL" TMUX_TEST="$CLEANENV $TMUX -f/dev/null -Lopenssh-regress-ssh-tty" diff --git a/regress/test-exec.sh b/regress/test-exec.sh index f13750eaeaeb..377c726409b2 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -168,6 +168,9 @@ fi if [ "x$TEST_SSH_DROPBEARCONVERT" != "x" ]; then DROPBEARCONVERT="${TEST_SSH_DROPBEARCONVERT}" fi +if [ "x$TEST_SSH_TMUX" != "x" ]; then + TMUX="${TEST_SSH_TMUX}" +fi if [ "x$TEST_SSH_PKCS11_HELPER" != "x" ]; then SSH_PKCS11_HELPER="${TEST_SSH_PKCS11_HELPER}" fi From afe83537e0c0c159c7c3b6ef859424f6da18169c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 21 Oct 2025 09:14:35 +1100 Subject: [PATCH 385/687] include tmux in CI package list --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index c90969627022..95c759a59a36 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -3,7 +3,7 @@ config="$1" target="$2" -PACKAGES="" +PACKAGES="tmux" echo Running as: id From dc9af8fb0436013afb544248e0afc2fd02a1a8fa Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Sun, 19 Oct 2025 09:33:23 -0400 Subject: [PATCH 386/687] bsd-openpty: include stdio.h for snprintf --- openbsd-compat/bsd-openpty.c | 1 + 1 file changed, 1 insertion(+) diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index f08d6156d284..2f12862584bd 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c @@ -38,6 +38,7 @@ #include #include +#include #include #ifdef HAVE_SYS_IOCTL_H From 8704c141bf6ded67ab466f5e987c49329ebbd968 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 21 Oct 2025 07:18:27 +0000 Subject: [PATCH 387/687] upstream: Always create logfiles. Should prevent "can't operate on symlink" warnings during test runs. OpenBSD-Regress-ID: 65cf5ce3c8b87b5609f1f3ea142b4f381128dc33 --- regress/test-exec.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 377c726409b2..5b0c91f3faa9 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.132 2025/10/16 00:01:54 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.133 2025/10/21 07:18:27 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -534,11 +534,12 @@ save_debug_log () for logfile in $TEST_SSH_LOGDIR $TEST_REGRESS_LOGFILE \ $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE; do - if [ ! -z "$SUDO" ] && [ -e "$logfile" ]; then + if [ ! -z "$SUDO" ]; then + touch $logfile $SUDO chown -R $USER $logfile + $SUDO chmod ug+rw $logfile fi done - test -z "$SUDO" || $SUDO chmod ug+rw $TEST_SSHD_LOGFILE echo $@ >>$TEST_REGRESS_LOGFILE echo $@ >>$TEST_SSH_LOGFILE echo $@ >>$TEST_SSHD_LOGFILE From d1d8144ea682adae5c3bb2994322fa524584ce8b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 21 Oct 2025 08:34:52 +0000 Subject: [PATCH 388/687] upstream: add some more synchronisation to avoid a race between command entry and ^C that showed up on the portable regress tests. OpenBSD-Regress-ID: 5527e74aed1b008aa7e5223ca5a84aedecd973d4 --- regress/ssh-tty.sh | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index 690794c9ec24..866e92287c74 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-tty.sh,v 1.1 2025/10/20 00:45:10 djm Exp $ +# $OpenBSD: ssh-tty.sh,v 1.2 2025/10/21 08:34:52 djm Exp $ # Placed in the Public Domain. # Basic TTY smoke test @@ -30,6 +30,8 @@ MAGIC3="woLF1701d" MAGIC3_OCTAL="\167\157\114\106\061\067\060\061\144" MAGIC4="lUh4thX4evR" MAGIC4_OCTAL="\154\125\150\064\164\150\130\064\145\166\122" +MAGIC5="AllMo1000x" +MAGIC5_OCTAL="\101\154\154\115\157\061\060\060\060\170" # Wait for a mux process to become ready. wait_for_mux_ready() @@ -90,7 +92,7 @@ run_test() { # Prepare a tmux session. $TMUX_TEST kill-session -t $sess 2>/dev/null $TMUX_TEST new-session -d -s $sess - #echo XXXXXXXXXX $sess; sleep 10 + # echo XXXXXXXXXX $TMUX_TEST attach -t $sess; sleep 10 # Command to start SSH; sent as keystrokes to tmux session. RCMD="$CLEANENV $SHELL" @@ -108,13 +110,15 @@ run_test() { verbose "${tag}: ^c interrupts process" # ^c should interrupt the sleep and prevent the magic string # from appearing. - $TMUX_TEST send-keys -t $sess "sleep 30 || printf '$MAGIC3_OCTAL\n'" + $TMUX_TEST send-keys -t $sess \ + "printf '$MAGIC3_OCTAL' ; sleep 30 || printf '$MAGIC4_OCTAL\n'" $TMUX_TEST send-keys -t $sess ENTER + wait_for_regex "$MAGIC3" # Command has executed. $TMUX_TEST send-keys -t $sess "C-c" # send another string to let us know that the sleep has finished. - $TMUX_TEST send-keys -t $sess "printf '$MAGIC4_OCTAL\n'" ENTER - wait_for_regex "$MAGIC4" - not_in_term "$MAGIC3" "^c did not interrupt" + $TMUX_TEST send-keys -t $sess "printf '$MAGIC5_OCTAL\n'" ENTER + wait_for_regex "$MAGIC5" + not_in_term "$MAGIC4" "^c did not interrupt" verbose "${tag}: ~? produces help" $TMUX_TEST send-keys -t $sess ENTER "~?" @@ -143,6 +147,7 @@ not_in_term "$MAGIC1" "terminal already contains magic1 string" fatal not_in_term "$MAGIC2" "terminal already contains magic2 string" fatal not_in_term "$MAGIC3" "terminal already contains magic3 string" fatal not_in_term "$MAGIC4" "terminal already contains magic4 string" fatal +not_in_term "$MAGIC5" "terminal already contains magic5 string" fatal not_in_term "^Supported escape" "terminal already contains escape help" fatal $TMUX_TEST send-keys -t $sess "printf '$MAGIC1_OCTAL\n'" ENTER wait_for_regex "$MAGIC1" fatal From 425e5b6bd765efbfc7691f43bfc08c86dc8a615e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 21 Oct 2025 08:35:22 +0000 Subject: [PATCH 389/687] upstream: fix test for executability of tmux OpenBSD-Regress-ID: a18119876ecfd95edb78225b086ac668eb0977ab --- regress/ssh-tty.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index 866e92287c74..33c2d77a1911 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-tty.sh,v 1.2 2025/10/21 08:34:52 djm Exp $ +# $OpenBSD: ssh-tty.sh,v 1.3 2025/10/21 08:35:22 djm Exp $ # Placed in the Public Domain. # Basic TTY smoke test @@ -12,7 +12,7 @@ mkdir -m 0700 -p "$FAKEHOME" # tmux stuff TMUX=${TMUX:-tmux} -test -x $TMUX || skip "tmux not found" +type $TMUX >/dev/null || skip "tmux not found" CLEANENV="env -i HOME=$HOME LOGNAME=$USER USER=$USER PATH=$PATH SHELL=$SHELL" TMUX_TEST="$CLEANENV $TMUX -f/dev/null -Lopenssh-regress-ssh-tty" sess="regress-ssh-tty$$" From a8eac05a85e31b11513a6a8dc5d662b14cbc2f4b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 21 Oct 2025 22:13:27 +0000 Subject: [PATCH 390/687] upstream: quote paths; avoids test failure when run from a path with a space in it OpenBSD-Regress-ID: e4b7bffc289f10d47c50c02dd70b0323078a83b4 --- regress/ssh-tty.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index 33c2d77a1911..ffdcde091943 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-tty.sh,v 1.3 2025/10/21 08:35:22 djm Exp $ +# $OpenBSD: ssh-tty.sh,v 1.4 2025/10/21 22:13:27 djm Exp $ # Placed in the Public Domain. # Basic TTY smoke test @@ -13,7 +13,7 @@ mkdir -m 0700 -p "$FAKEHOME" # tmux stuff TMUX=${TMUX:-tmux} type $TMUX >/dev/null || skip "tmux not found" -CLEANENV="env -i HOME=$HOME LOGNAME=$USER USER=$USER PATH=$PATH SHELL=$SHELL" +CLEANENV="env -i HOME='$HOME' LOGNAME='$USER' USER='$USER' PATH='$PATH' SHELL='$SHELL'" TMUX_TEST="$CLEANENV $TMUX -f/dev/null -Lopenssh-regress-ssh-tty" sess="regress-ssh-tty$$" From 52712d5f11172ca98ffb0b2ac93007f74cb67134 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 21 Oct 2025 23:30:01 +0000 Subject: [PATCH 391/687] upstream: just skip the test if $PATH or $HOME has whitespace in it OpenBSD-Regress-ID: ccf75a29d1a300a35f63be0e4f11ad5276756275 --- regress/ssh-tty.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index ffdcde091943..9d3c68b72c01 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -10,10 +10,14 @@ FAKEHOME="$OBJ/.fakehome" rm -rf "$FAKEHOME" mkdir -m 0700 -p "$FAKEHOME" +case "${PATH}${HOME}" in +*\ *|*\t*) skip "\$PATH or \$HOME has whitespace, not supported in this test";; +esac + # tmux stuff TMUX=${TMUX:-tmux} type $TMUX >/dev/null || skip "tmux not found" -CLEANENV="env -i HOME='$HOME' LOGNAME='$USER' USER='$USER' PATH='$PATH' SHELL='$SHELL'" +CLEANENV="env -i HOME=$HOME LOGNAME=$USER USER=$USER PATH=$PATH SHELL=$SHELL" TMUX_TEST="$CLEANENV $TMUX -f/dev/null -Lopenssh-regress-ssh-tty" sess="regress-ssh-tty$$" @@ -59,6 +63,7 @@ wait_for_regex() { string="$1" errors_are_fatal="$2" for x in 1 2 3 4 5 6 7 8 9 10 ; do +set -x $TMUX_TEST capture-pane -pt $sess | grep "$string" >/dev/null [ $? -eq 0 ] && return sleep 1 From ffd086b69886e8cfeb74f9b2bcb18764bf7d9a52 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 22 Oct 2025 05:22:31 +0000 Subject: [PATCH 392/687] upstream: remove debugging junk OpenBSD-Regress-ID: 3247e0ac98ae4cfe4eede871ef424d166e29e828 --- regress/ssh-tty.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index 9d3c68b72c01..fd41414de242 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-tty.sh,v 1.4 2025/10/21 22:13:27 djm Exp $ +# $OpenBSD: ssh-tty.sh,v 1.6 2025/10/22 05:22:31 djm Exp $ # Placed in the Public Domain. # Basic TTY smoke test @@ -63,7 +63,6 @@ wait_for_regex() { string="$1" errors_are_fatal="$2" for x in 1 2 3 4 5 6 7 8 9 10 ; do -set -x $TMUX_TEST capture-pane -pt $sess | grep "$string" >/dev/null [ $? -eq 0 ] && return sleep 1 From 0ffb76c6590800958777cd0f7b1aaae19c74fa3f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 22 Oct 2025 06:22:58 +0000 Subject: [PATCH 393/687] upstream: more explicit synchronisation around killing tmux sessions between runs. OpenBSD-Regress-ID: 1735f5cb13ad281e869ab998c7d49b692ee3ed47 --- regress/ssh-tty.sh | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index fd41414de242..38260e73e37e 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-tty.sh,v 1.6 2025/10/22 05:22:31 djm Exp $ +# $OpenBSD: ssh-tty.sh,v 1.7 2025/10/22 06:22:58 djm Exp $ # Placed in the Public Domain. # Basic TTY smoke test @@ -88,13 +88,23 @@ not_in_term() { fatal "$error" } +# Shut down tmux session and Wait for it to terminate. +kill_tmux() { + $TMUX_TEST kill-session -t $sess 2>/dev/null + for x in 1 2 3 4 5 6 7 8 9 10; do + $TMUX_TEST has-session -t $sess >/dev/null 2>&1 || return + sleep 1 + done + fatal "tmux session didn't terminate" +} + trap "$TMUX_TEST kill-session -t $sess 2>/dev/null" EXIT run_test() { tag="$1" ssh_args="$2" # Prepare a tmux session. - $TMUX_TEST kill-session -t $sess 2>/dev/null + kill_tmux $TMUX_TEST new-session -d -s $sess # echo XXXXXXXXXX $TMUX_TEST attach -t $sess; sleep 10 @@ -143,7 +153,7 @@ run_test() { } # Make sure tmux is working as expected before we start. -$TMUX_TEST kill-session -t $sess 2>/dev/null +kill_tmux $TMUX_TEST new-session -d -s $sess # Make sure the session doesn't contain the magic strings we will use # for signalling or any #? output. @@ -155,7 +165,7 @@ not_in_term "$MAGIC5" "terminal already contains magic5 string" fatal not_in_term "^Supported escape" "terminal already contains escape help" fatal $TMUX_TEST send-keys -t $sess "printf '$MAGIC1_OCTAL\n'" ENTER wait_for_regex "$MAGIC1" fatal -$TMUX_TEST kill-session -t $sess 2>/dev/null +kill_tmux run_test "basic" "-oControlMaster=yes" run_test "ControlPersist" "-oControlMaster=auto -oControlPersist=1s" From e7f5928ef1c8e8c725bdca9cdd6b80e77fe774ac Mon Sep 17 00:00:00 2001 From: "miod@openbsd.org" Date: Thu, 23 Oct 2025 19:06:10 +0000 Subject: [PATCH 394/687] upstream: Prepare for gcc 3 leaving the building, COMPILER_VERSION can no longer get set to "gcc3". OpenBSD-Commit-ID: 98eefed432ff8253b307002e20d28da14b93e7e3 --- .skipped-commit-ids | 1 + 1 file changed, 1 insertion(+) diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 138ca3d019f9..f4b7ee22e092 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -46,6 +46,7 @@ ef7ecdb6dd2542f42fa7236d17ac0b144851f0b5 ssh-keygen, fixup'ed into 21682417 da414a364c25b187fc686da7aacec2c35d29238a ssh-keygen, fixup'ed into 21682417 a05e13a7e2c0b65bb4b47184fef731243431c6ff Makefile.inc 7e8178786157e863f6ff63c5d55200d7b6b04f9e remove old sandbox files +98eefed432ff8253b307002e20d28da14b93e7e3 Makefile.inc Old upstream tree: From 4f3e65bda22b65dc5fff82df1e97af07456fed42 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 30 Oct 2025 03:19:54 +0000 Subject: [PATCH 395/687] upstream: Activate UnusedConnectionTimeout only after last channel has closed. Previously UnusedConnectionTimeout could fire early after a ChannelTimeout. This was not a problem for the OpenSSH client because it terminates once all channels have closed but could cause problems for other clients (e.g. API clients) that do things differently. bz3827; ok dtucker OpenBSD-Commit-ID: ff2e4607cbd4e600de3c8a5ece3b0e4bb641ed8f --- serverloop.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/serverloop.c b/serverloop.c index 5d3b194d128f..dba2fc3053e9 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.244 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: serverloop.c,v 1.245 2025/10/30 03:19:54 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -178,12 +178,15 @@ wait_until_can_do_something(struct ssh *ssh, * start the clock to terminate the connection. */ if (options.unused_connection_timeout != 0) { - if (channel_still_open(ssh) || unused_connection_expiry == 0) { + if (channel_still_open(ssh)) + unused_connection_expiry = 0; + else if (unused_connection_expiry == 0) { unused_connection_expiry = now + options.unused_connection_timeout; } - ptimeout_deadline_monotime(&timeout, unused_connection_expiry); } + if (unused_connection_expiry != 0) + ptimeout_deadline_monotime(&timeout, unused_connection_expiry); /* * if using client_alive, set the max timeout accordingly, From 266647c5f2075d397bd5ed5316450183eda73388 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 30 Oct 2025 20:49:10 +0000 Subject: [PATCH 396/687] upstream: support ed25519 signatures via libcrypto. Mostly by Jeremy Allison Feedback tb@, ok tb@ markus@ OpenBSD-Commit-ID: e8edf8adffd5975d05769dde897df882d7933526 --- .depend | 1 + Makefile.in | 2 +- ed25519-openssl.c | 207 ++++++++++++++++++++++++++++++++++++++++++++++ ed25519.c | 4 + 4 files changed, 213 insertions(+), 1 deletion(-) create mode 100644 ed25519-openssl.c diff --git a/.depend b/.depend index 660f515caf54..cb8c28eac558 100644 --- a/.depend +++ b/.depend @@ -51,6 +51,7 @@ digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h ssherr.h dispatch.h packet.h openbsd-compat/sys-queue.h dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h +ed25519-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h fatal.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h diff --git a/Makefile.in b/Makefile.in index 66f15968928c..35a6fb15e4bf 100644 --- a/Makefile.in +++ b/Makefile.in @@ -102,7 +102,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ - hmac.o ed25519.o hash.o \ + hmac.o ed25519.o ed25519-openssl.o hash.o \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ diff --git a/ed25519-openssl.c b/ed25519-openssl.c new file mode 100644 index 000000000000..5d1e343d2e69 --- /dev/null +++ b/ed25519-openssl.c @@ -0,0 +1,207 @@ +/* $OpenBSD: ed25519-openssl.c,v 1.1 2025/10/30 20:49:10 djm Exp $ */ +/* + * Copyright (c) 2025 OpenSSH + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * OpenSSL-based implementation of Ed25519 crypto_sign API + * Alternative to the internal SUPERCOP-based implementation in ed25519.c + */ + +#include "includes.h" + +#ifdef OPENSSL_HAS_ED25519 + +#include + +#include +#include +#include + +#include + +#include "crypto_api.h" +#include "log.h" + +#if crypto_sign_ed25519_SECRETKEYBYTES <= crypto_sign_ed25519_PUBLICKEYBYTES +#error "crypto_sign_ed25519_SECRETKEYBYTES < crypto_sign_ed25519_PUBLICKEYBYTES" +#endif + +#define SSH_ED25519_RAW_SECRET_KEY_LEN \ + (crypto_sign_ed25519_SECRETKEYBYTES - crypto_sign_ed25519_PUBLICKEYBYTES) + +int +crypto_sign_ed25519_keypair(unsigned char *pk, unsigned char *sk) +{ + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *pkey = NULL; + size_t pklen, sklen; + int ret = -1; + + if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL)) == NULL) { + debug3_f("EVP_PKEY_CTX_new_id failed"); + goto out; + } + if (EVP_PKEY_keygen_init(ctx) <= 0) { + debug3_f("EVP_PKEY_keygen_init failed"); + goto out; + } + if (EVP_PKEY_keygen(ctx, &pkey) <= 0) { + debug3_f("EVP_PKEY_keygen failed"); + goto out; + } + + /* Extract public key */ + pklen = crypto_sign_ed25519_PUBLICKEYBYTES; + if (!EVP_PKEY_get_raw_public_key(pkey, pk, &pklen)) { + debug3_f("EVP_PKEY_get_raw_public_key failed"); + goto out; + } + if (pklen != crypto_sign_ed25519_PUBLICKEYBYTES) { + debug3_f("public key length mismatch: %zu", pklen); + goto out; + } + + sklen = SSH_ED25519_RAW_SECRET_KEY_LEN; + /* Extract private key (32 bytes seed) */ + if (!EVP_PKEY_get_raw_private_key(pkey, sk, &sklen)) { + debug3_f("EVP_PKEY_get_raw_private_key failed"); + goto out; + } + if (sklen != SSH_ED25519_RAW_SECRET_KEY_LEN) { + debug3_f("private key length mismatch: %zu", sklen); + goto out; + } + + /* Append public key to secret key (SUPERCOP format compatibility) */ + memcpy(sk + sklen, pk, crypto_sign_ed25519_PUBLICKEYBYTES); + + ret = 0; +out: + EVP_PKEY_free(pkey); + EVP_PKEY_CTX_free(ctx); + return ret; +} + +int +crypto_sign_ed25519(unsigned char *sm, unsigned long long *smlen, + const unsigned char *m, unsigned long long mlen, + const unsigned char *sk) +{ + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mdctx = NULL; + size_t siglen; + int ret = -1; + + /* Create EVP_PKEY from secret key (first 32 bytes are the seed) */ + if ((pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, NULL, + sk, SSH_ED25519_RAW_SECRET_KEY_LEN)) == NULL) { + debug3_f("EVP_PKEY_new_raw_private_key failed"); + goto out; + } + + /* Sign the message */ + if ((mdctx = EVP_MD_CTX_new()) == NULL) { + debug3_f("EVP_MD_CTX_new failed"); + goto out; + } + if (EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey) != 1) { + debug3_f("EVP_DigestSignInit failed"); + goto out; + } + siglen = crypto_sign_ed25519_BYTES; + if (EVP_DigestSign(mdctx, sm, &siglen, m, mlen) != 1) { + debug3_f("EVP_DigestSign failed"); + goto out; + } + if (siglen != crypto_sign_ed25519_BYTES) { + debug3_f("signature length mismatch: %zu", siglen); + goto out; + } + + /* Append message after signature (SUPERCOP format) */ + if (mlen > ULLONG_MAX - siglen) { + debug3_f("message length overflow: siglen=%zu mlen=%llu", + siglen, mlen); + goto out; + } + memmove(sm + siglen, m, mlen); + *smlen = siglen + mlen; + + ret = 0; +out: + EVP_MD_CTX_free(mdctx); + EVP_PKEY_free(pkey); + return ret; +} + +int +crypto_sign_ed25519_open(unsigned char *m, unsigned long long *mlen, + const unsigned char *sm, unsigned long long smlen, + const unsigned char *pk) +{ + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mdctx = NULL; + int ret = -1; + const unsigned char *msg; + size_t msglen; + + if (smlen < crypto_sign_ed25519_BYTES) { + debug3_f("signed message bad length: %llu", smlen); + return -1; + } + /* Signature is first crypto_sign_ed25519_BYTES, message follows */ + msg = sm + crypto_sign_ed25519_BYTES; + msglen = smlen - crypto_sign_ed25519_BYTES; + + /* Make sure the message buffer is big enough. */ + if (*mlen < msglen) { + debug_f("message bad length: %llu", *mlen); + return -1; + } + + /* Create EVP_PKEY from public key */ + if ((pkey = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, + pk, crypto_sign_ed25519_PUBLICKEYBYTES)) == NULL) { + debug3_f("EVP_PKEY_new_raw_public_key failed"); + goto out; + } + + if ((mdctx = EVP_MD_CTX_new()) == NULL) { + debug3_f("EVP_MD_CTX_new failed"); + goto out; + } + if (EVP_DigestVerifyInit(mdctx, NULL, NULL, NULL, pkey) <= 0) { + debug3_f("EVP_DigestVerifyInit failed"); + goto out; + } + if (EVP_DigestVerify(mdctx, sm, crypto_sign_ed25519_BYTES, + msg, msglen) != 1) { + debug3_f("EVP_DigestVerify failed"); + goto out; + } + + /* Copy message out */ + *mlen = msglen; + memmove(m, msg, msglen); + + ret = 0; +out: + EVP_MD_CTX_free(mdctx); + EVP_PKEY_free(pkey); + return ret; +} + +#endif /* OPENSSL_HAS_ED25519 */ diff --git a/ed25519.c b/ed25519.c index 0e167ae1f6bc..2452dff0f62d 100644 --- a/ed25519.c +++ b/ed25519.c @@ -11,6 +11,8 @@ #include "includes.h" +#ifndef OPENSSL_HAS_ED25519 + #include #include "crypto_api.h" @@ -2028,3 +2030,5 @@ int crypto_sign_ed25519_open( memset(m,0,smlen); return -1; } + +#endif /* OPENSSL_HAS_ED25519 */ From 94a78254a1c953c2a55eb54f65a5d99873b54bdf Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 30 Oct 2025 23:19:33 +0000 Subject: [PATCH 397/687] upstream: move crypto_hash_sha512() to be inline in crypto_api.h, saves about 0.5kb per binary and makes life easier for portable; with/ok dtucker@ OpenBSD-Commit-ID: 672d7390f78bb6581c12661d7f5adc8a9c6be564 --- .depend | 1 - Makefile.in | 2 +- crypto_api.h | 32 +++++++++++++++++++++++++++++--- hash.c | 43 ------------------------------------------- 4 files changed, 30 insertions(+), 48 deletions(-) delete mode 100644 hash.c diff --git a/.depend b/.depend index cb8c28eac558..1d1ec5212fa0 100644 --- a/.depend +++ b/.depend @@ -59,7 +59,6 @@ groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -hash.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h ssherr.h misc.h pathnames.h digest.h hmac.h sshbuf.h kex-names.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kex.h mac.h crypto_api.h log.h ssherr.h match.h digest.h misc.h xmalloc.h diff --git a/Makefile.in b/Makefile.in index 35a6fb15e4bf..a61d4f023a91 100644 --- a/Makefile.in +++ b/Makefile.in @@ -102,7 +102,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ - hmac.o ed25519.o ed25519-openssl.o hash.o \ + hmac.o ed25519.o ed25519-openssl.o \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ diff --git a/crypto_api.h b/crypto_api.h index 693b67bbc0e7..f5e38b547ff3 100644 --- a/crypto_api.h +++ b/crypto_api.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_api.h,v 1.9 2024/09/02 12:13:56 djm Exp $ */ +/* $OpenBSD: crypto_api.h,v 1.10 2025/10/30 23:19:33 djm Exp $ */ /* * Assembled from generated headers and source files by Markus Friedl. @@ -27,8 +27,34 @@ typedef uint64_t crypto_uint64; #define crypto_hash_sha512_BYTES 64U -int crypto_hash_sha512(unsigned char *, const unsigned char *, - unsigned long long); +#ifdef WITH_OPENSSL +#include +static inline int +crypto_hash_sha512(unsigned char *out, const unsigned char *in, + unsigned long long inlen) +{ + + if (!EVP_Digest(in, inlen, out, NULL, EVP_sha512(), NULL)) + return -1; + return 0; +} +#else /* WITH_OPENSSL */ +# ifdef HAVE_SHA2_H +# include +# endif +static inline int +crypto_hash_sha512(unsigned char *out, const unsigned char *in, + unsigned long long inlen) +{ + + SHA2_CTX ctx; + + SHA512Init(&ctx); + SHA512Update(&ctx, in, inlen); + SHA512Final(out, &ctx); + return 0; +} +#endif /* WITH_OPENSSL */ #define crypto_sign_ed25519_SECRETKEYBYTES 64U #define crypto_sign_ed25519_PUBLICKEYBYTES 32U diff --git a/hash.c b/hash.c deleted file mode 100644 index b4f8f6c50d5e..000000000000 --- a/hash.c +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: hash.c,v 1.6 2019/11/29 00:11:21 djm Exp $ */ -/* - * Public domain. Author: Christian Weisgerber - * API compatible reimplementation of function from nacl - */ - -#include "includes.h" - -#include "crypto_api.h" - -#include - -#ifdef WITH_OPENSSL -#include - -int -crypto_hash_sha512(unsigned char *out, const unsigned char *in, - unsigned long long inlen) -{ - - if (!EVP_Digest(in, inlen, out, NULL, EVP_sha512(), NULL)) - return -1; - return 0; -} - -#else -# ifdef HAVE_SHA2_H -# include -# endif - -int -crypto_hash_sha512(unsigned char *out, const unsigned char *in, - unsigned long long inlen) -{ - - SHA2_CTX ctx; - - SHA512Init(&ctx); - SHA512Update(&ctx, in, inlen); - SHA512Final(out, &ctx); - return 0; -} -#endif /* WITH_OPENSSL */ From 9dcd640d44b8270c75783ef662c340187250d6e4 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 23 Oct 2025 06:15:26 +0000 Subject: [PATCH 398/687] upstream: Check tmux version and skip if too old. ok djm@ OpenBSD-Regress-ID: fb62024eb753c61b4d78402ec8378af839fad26c --- regress/ssh-tty.sh | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/regress/ssh-tty.sh b/regress/ssh-tty.sh index 38260e73e37e..07053d13be64 100644 --- a/regress/ssh-tty.sh +++ b/regress/ssh-tty.sh @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-tty.sh,v 1.7 2025/10/22 06:22:58 djm Exp $ +# $OpenBSD: ssh-tty.sh,v 1.8 2025/10/23 06:15:26 dtucker Exp $ # Placed in the Public Domain. # Basic TTY smoke test @@ -17,6 +17,14 @@ esac # tmux stuff TMUX=${TMUX:-tmux} type $TMUX >/dev/null || skip "tmux not found" + +if $TMUX -V >/dev/null 2>&1; then + tver="`$TMUX -V 2>&1`" + echo "tmux version $tver" +else + skip "tmux version not reported" +fi + CLEANENV="env -i HOME=$HOME LOGNAME=$USER USER=$USER PATH=$PATH SHELL=$SHELL" TMUX_TEST="$CLEANENV $TMUX -f/dev/null -Lopenssh-regress-ssh-tty" sess="regress-ssh-tty$$" From 249224a0d43fdd2a536d7476c2bb15f4006dbbdd Mon Sep 17 00:00:00 2001 From: "miod@openbsd.org" Date: Thu, 23 Oct 2025 19:06:10 +0000 Subject: [PATCH 399/687] upstream: Prepare for gcc 3 leaving the building, COMPILER_VERSION can no longer get set to "gcc3". OpenBSD-Regress-ID: 02351ea947975b80be60b9a8c6e4dbb57789e890 --- regress/misc/sk-dummy/Makefile | 6 ++---- regress/misc/ssh-verify-attestation/Makefile | 6 ++---- regress/unittests/Makefile.inc | 6 ++---- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/regress/misc/sk-dummy/Makefile b/regress/misc/sk-dummy/Makefile index 18b0a243f664..4e6babc6885a 100644 --- a/regress/misc/sk-dummy/Makefile +++ b/regress/misc/sk-dummy/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 2023/01/15 23:35:10 djm Exp $ +# $OpenBSD: Makefile,v 1.4 2025/10/23 19:06:10 miod Exp $ .include .include @@ -36,6 +36,7 @@ CDIAGFLAGS+= -Wimplicit CDIAGFLAGS+= -Winline CDIAGFLAGS+= -Wmissing-declarations CDIAGFLAGS+= -Wmissing-prototypes +CDIAGFLAGS+= -Wold-style-definition CDIAGFLAGS+= -Wparentheses CDIAGFLAGS+= -Wpointer-arith CDIAGFLAGS+= -Wreturn-type @@ -48,9 +49,6 @@ CDIAGFLAGS+= -Wtrigraphs CDIAGFLAGS+= -Wuninitialized CDIAGFLAGS+= -Wunused CDIAGFLAGS+= -Wno-unused-parameter -.if ${COMPILER_VERSION:L} != "gcc3" -CDIAGFLAGS+= -Wold-style-definition -.endif CFLAGS+=-I${.CURDIR}/${SSHREL} diff --git a/regress/misc/ssh-verify-attestation/Makefile b/regress/misc/ssh-verify-attestation/Makefile index 06fb8aac4e98..4665555cdaf6 100644 --- a/regress/misc/ssh-verify-attestation/Makefile +++ b/regress/misc/ssh-verify-attestation/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.2 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile,v 1.3 2025/10/23 19:06:10 miod Exp $ .include .include @@ -46,6 +46,7 @@ CDIAGFLAGS+= -Wimplicit CDIAGFLAGS+= -Winline CDIAGFLAGS+= -Wmissing-declarations CDIAGFLAGS+= -Wmissing-prototypes +CDIAGFLAGS+= -Wold-style-definition CDIAGFLAGS+= -Wparentheses CDIAGFLAGS+= -Wpointer-arith CDIAGFLAGS+= -Wreturn-type @@ -58,9 +59,6 @@ CDIAGFLAGS+= -Wtrigraphs CDIAGFLAGS+= -Wuninitialized CDIAGFLAGS+= -Wunused CDIAGFLAGS+= -Wno-unused-parameter -.if ${COMPILER_VERSION:L} != "gcc3" -CDIAGFLAGS+= -Wold-style-definition -.endif CFLAGS+=-I${.CURDIR}/${SSHREL} diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index 5fcf7a950a39..a5c2e8c21188 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.18 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: Makefile.inc,v 1.19 2025/10/23 19:06:10 miod Exp $ .include .include @@ -38,6 +38,7 @@ CDIAGFLAGS+= -Wimplicit CDIAGFLAGS+= -Winline CDIAGFLAGS+= -Wmissing-declarations CDIAGFLAGS+= -Wmissing-prototypes +CDIAGFLAGS+= -Wold-style-definition CDIAGFLAGS+= -Wparentheses CDIAGFLAGS+= -Wpointer-arith CDIAGFLAGS+= -Wreturn-type @@ -50,9 +51,6 @@ CDIAGFLAGS+= -Wtrigraphs CDIAGFLAGS+= -Wuninitialized CDIAGFLAGS+= -Wunused CDIAGFLAGS+= -Wno-unused-parameter -.if ${COMPILER_VERSION:L} != "gcc3" -CDIAGFLAGS+= -Wold-style-definition -.endif SSHREL=../../../../../usr.bin/ssh From c2a178959b03472c1b1677fea4bb263ed9fee2bd Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 30 Oct 2025 23:55:09 +0000 Subject: [PATCH 400/687] upstream: don't link hash.c OpenBSD-Regress-ID: a145f09c1efb1fcd3924544463f1f94f5d4805c0 --- regress/unittests/authopt/Makefile | 7 +++---- regress/unittests/hostkeys/Makefile | 7 +++---- regress/unittests/kex/Makefile | 8 ++++---- regress/unittests/sshkey/Makefile | 10 +++++----- regress/unittests/sshsig/Makefile | 7 +++---- 5 files changed, 18 insertions(+), 21 deletions(-) diff --git a/regress/unittests/authopt/Makefile b/regress/unittests/authopt/Makefile index 1ecaa30ce343..1860b3fe9582 100644 --- a/regress/unittests/authopt/Makefile +++ b/regress/unittests/authopt/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.10 2025/07/24 06:04:47 djm Exp $ +# $OpenBSD: Makefile,v 1.11 2025/10/30 23:55:09 djm Exp $ PROG=test_authopt SRCS=tests.c @@ -11,12 +11,11 @@ SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c -SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c -SRCS+=digest-openssl.c -#SRCS+=digest-libc.c +SRCS+=digest-openssl.c ed25519-openssl.c +#SRCS+=digest-libc.c ed25519.c SRCS+=utf8.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/hostkeys/Makefile b/regress/unittests/hostkeys/Makefile index 76c8e67f8aa1..a07e924f6356 100644 --- a/regress/unittests/hostkeys/Makefile +++ b/regress/unittests/hostkeys/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.13 2025/07/24 06:04:47 djm Exp $ +# $OpenBSD: Makefile,v 1.14 2025/10/30 23:55:09 djm Exp $ PROG=test_hostkeys SRCS=tests.c test_iterate.c @@ -9,12 +9,11 @@ SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c hostfile.c -SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c -SRCS+=digest-openssl.c -#SRCS+=digest-libc.c +SRCS+=digest-openssl.c ed25519-openssl.c +#SRCS+=digest-libc.c ed25519.c SRCS+=utf8.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index 5201a35df5bc..fe871d628ea8 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.19 2025/07/24 06:04:47 djm Exp $ +# $OpenBSD: Makefile,v 1.20 2025/10/30 23:55:09 djm Exp $ PROG=test_kex SRCS=tests.c test_kex.c test_proposal.c @@ -9,7 +9,7 @@ SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c -SRCS+=compat.c ed25519.c hash.c +SRCS+=compat.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c @@ -29,8 +29,8 @@ SRCS+= kexmlkem768x25519.c SRCS+= sntrup761.c SRCS+= utf8.c -SRCS+=digest-openssl.c -#SRCS+=digest-libc.c +SRCS+=digest-openssl.c ed25519-openssl.c +#SRCS+=digest-libc.c ed25519.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile index 77d07d1b550e..e592b012fb05 100644 --- a/regress/unittests/sshkey/Makefile +++ b/regress/unittests/sshkey/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.14 2025/07/24 06:04:47 djm Exp $ +# $OpenBSD: Makefile,v 1.15 2025/10/30 23:55:09 djm Exp $ PROG=test_sshkey SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c @@ -9,14 +9,14 @@ SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c -SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c - -SRCS+=digest-openssl.c -#SRCS+=digest-libc.c SRCS+=utf8.c +SRCS+=digest-openssl.c ed25519-openssl.c +#SRCS+=digest-libc.c ed25519.c + + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/sshsig/Makefile b/regress/unittests/sshsig/Makefile index f2f03e843856..a982ccc7ff73 100644 --- a/regress/unittests/sshsig/Makefile +++ b/regress/unittests/sshsig/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.5 2025/07/24 06:04:47 djm Exp $ +# $OpenBSD: Makefile,v 1.6 2025/10/30 23:55:09 djm Exp $ PROG=test_sshsig SRCS=tests.c @@ -9,12 +9,11 @@ SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c sshsig.c -SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c -SRCS+=digest-openssl.c -#SRCS+=digest-libc.c +SRCS+=digest-openssl.c ed25519-openssl.c +#SRCS+=digest-libc.c ed25519.c SRCS+=utf8.c REGRESS_TARGETS=run-regress-${PROG} From a5f638585152863dc64ee9436a08e1d84735d740 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 31 Oct 2025 11:07:17 +1100 Subject: [PATCH 401/687] fix linking for sk-dummy.so, used in tests --- Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index a61d4f023a91..e5f8364423df 100644 --- a/Makefile.in +++ b/Makefile.in @@ -721,7 +721,7 @@ regress/unittests/utf8/test_utf8$(EXEEXT): \ SK_DUMMY_OBJS=\ regress/misc/sk-dummy/sk-dummy.lo \ regress/misc/sk-dummy/fatal.lo \ - ed25519.lo hash.lo + ed25519.lo ed25519-openssl.lo SK_DUMMY_LIBRARY=@SK_DUMMY_LIBRARY@ From 57e347bae04cf214795fdeae3579991f0cc2e090 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 31 Oct 2025 11:16:29 +1100 Subject: [PATCH 402/687] rename openbsd-compat sha2.h -> bsd-sha2.h avoids confusion with system header when included from files under openbsd-compat/ --- .depend | 326 +++++++++++++------------- openbsd-compat/{sha2.h => bsd-sha2.h} | 0 openbsd-compat/openbsd-compat.h | 2 +- openbsd-compat/sha2.c | 2 +- 4 files changed, 165 insertions(+), 165 deletions(-) rename openbsd-compat/{sha2.h => bsd-sha2.h} (100%) diff --git a/.depend b/.depend index 1d1ec5212fa0..da3676dcaf1d 100644 --- a/.depend +++ b/.depend @@ -2,177 +2,177 @@ # Run "make depend" to rebuild. # DO NOT DELETE -addr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h addr.h -addrmatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h addr.h match.h log.h ssherr.h -atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h -audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h -auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h -auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h ssherr.h misc.h xmalloc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth.o: authfile.h monitor_wrap.h channels.h -auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h dispatch.h -auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h -auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h +addr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h addr.h +addrmatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h addr.h match.h log.h ssherr.h +atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h +audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h +auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h +auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h ssherr.h misc.h xmalloc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth.o: dispatch.h authfile.h monitor_wrap.h channels.h +auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h +auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h +auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h auth2-hostbased.o: monitor_wrap.h pathnames.h match.h -auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h -auth2-methods.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h xmalloc.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h misc.h servconf.h ssh2.h monitor_wrap.h -auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h -auth2-pubkey.o: audit.h loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h -auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h -auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h -auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h kex.h -auth2.o: mac.h crypto_api.h -authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h log.h ssherr.h atomicio.h misc.h -authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h ssherr.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h krl.h -bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h -canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h canohost.h misc.h -chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h -channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h -cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h -cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h -cipher-chachapoly-libcrypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h cipher-chachapoly.h chacha.h poly1305.h -cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h -cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h -clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h -clientloop.o: myproposal.h log.h ssherr.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h hostfile.h -compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h log.h ssherr.h match.h -dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h -digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h ssherr.h dispatch.h packet.h openbsd-compat/sys-queue.h -dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h -ed25519-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h -entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -fatal.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h -groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h groupaccess.h match.h log.h ssherr.h -gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h -hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h ssherr.h misc.h pathnames.h digest.h hmac.h sshbuf.h -kex-names.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kex.h mac.h crypto_api.h log.h ssherr.h match.h digest.h misc.h xmalloc.h -kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h ssh2.h atomicio.h version.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h -kex.o: match.h misc.h monitor.h myproposal.h sshbuf.h digest.h xmalloc.h -kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h ssh2.h -kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h -kexgen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h ssh2.h sshbuf.h digest.h -kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -kexmlkem768x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h log.h -kexsntrup761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h -krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h utf8.h krl.h -log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h match.h -loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h ssherr.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h misc.h -logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h -mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h -match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h -misc-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h misc.h pathnames.h ssh.h xmalloc.h -misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssherr.h ssh.h sshbuf.h -moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h +auth2-methods.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h xmalloc.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h misc.h servconf.h ssh2.h monitor_wrap.h +auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h +auth2-pubkey.o: auth-pam.h audit.h loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h +auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h +auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h +auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h +auth2.o: kex.h mac.h crypto_api.h +authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h log.h ssherr.h atomicio.h misc.h +authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h ssherr.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h krl.h +bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h +canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h canohost.h misc.h +chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h +channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h +cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h +cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h +cipher-chachapoly-libcrypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h cipher-chachapoly.h chacha.h poly1305.h +cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h +cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h +clientloop.o: crypto_api.h myproposal.h log.h ssherr.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h hostfile.h +clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h +compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h log.h ssherr.h match.h +dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h +digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h ssherr.h dispatch.h packet.h openbsd-compat/sys-queue.h +dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h +ed25519-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h +entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +fatal.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h +groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h groupaccess.h match.h log.h ssherr.h +gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h +hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h ssherr.h misc.h pathnames.h digest.h hmac.h sshbuf.h +kex-names.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kex.h mac.h crypto_api.h log.h ssherr.h match.h digest.h misc.h xmalloc.h +kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h ssh2.h atomicio.h version.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h log.h +kex.o: ssherr.h match.h misc.h monitor.h myproposal.h sshbuf.h digest.h xmalloc.h +kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h ssh2.h +kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h +kexgen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h ssh2.h sshbuf.h digest.h +kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +kexmlkem768x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h log.h +kexsntrup761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h +krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h utf8.h krl.h +log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h match.h +loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h ssherr.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h misc.h +logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h +mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h +match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h +misc-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h misc.h pathnames.h ssh.h xmalloc.h +misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssherr.h ssh.h sshbuf.h +moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h ssherr.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h sk-api.h srclimit.h -monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h -monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h monitor_fdpass.h -monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h +monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h +monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h monitor_fdpass.h +monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h monitor_wrap.o: loginrec.h auth-options.h packet.h dispatch.h log.h ssherr.h monitor.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h monitor_wrap.h srclimit.h -msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h -mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssherr.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h -nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h channels.h compat.h log.h +msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h +mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssherr.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h +nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h channels.h compat.h log.h packet.o: channels.h ssh.h packet.h dispatch.h sshbuf.h -packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h digest.h log.h ssherr.h canohost.h misc.h -platform-listen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h -platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h -platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h -progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h utf8.h -readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h crypto_api.h uidswap.h -readconf.o: myproposal.h digest.h version.h -readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssherr.h ssh.h uidswap.h -rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h -sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sandbox-darwin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sandbox-null.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sandbox-rlimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h atomicio.h pathnames.h log.h ssherr.h misc.h progressmeter.h utf8.h sftp.h sftp-common.h sftp-client.h -servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h ssherr.h sshbuf.h misc.h servconf.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h -servconf.o: mac.h crypto_api.h match.h channels.h groupaccess.h canohost.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h version.h -serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h sshbuf.h log.h ssherr.h misc.h servconf.h canohost.h sshpty.h channels.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h -serverloop.o: rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h -session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h -session.o: kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h monitor_wrap.h sftp.h atomicio.h -sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h -sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h -sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h -sftp-realpath.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sftp.h misc.h xmalloc.h -sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h -sftp-usergroup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h log.h ssherr.h xmalloc.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-usergroup.h -sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h pathnames.h misc.h utf8.h sftp.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-usergroup.h -sk-usbhid.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -srclimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h addr.h canohost.h log.h ssherr.h misc.h srclimit.h xmalloc.h servconf.h openbsd-compat/sys-queue.h match.h -ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h digest.h ssh-sk.h sk-api.h hostfile.h -ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h myproposal.h -ssh-ecdsa-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h sshbuf.h ssherr.h digest.h sshkey.h -ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh-ed25519-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h digest.h -ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h -ssh-keygen.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h -ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h sshbuf.h pathnames.h log.h ssherr.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h atomicio.h krl.h digest.h utf8.h authfd.h sshsig.h ssh-sk.h sk-api.h cipher.h cipher-chachapoly.h +packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h digest.h log.h ssherr.h canohost.h misc.h +platform-listen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h +platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h +platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h +progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h utf8.h +readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h crypto_api.h +readconf.o: uidswap.h myproposal.h digest.h version.h +readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssherr.h ssh.h uidswap.h +rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h +sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sandbox-darwin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sandbox-null.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sandbox-rlimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h atomicio.h pathnames.h log.h ssherr.h misc.h progressmeter.h utf8.h sftp.h sftp-common.h sftp-client.h +servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h ssherr.h sshbuf.h misc.h servconf.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h +servconf.o: kex.h mac.h crypto_api.h match.h channels.h groupaccess.h canohost.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h version.h +serverloop.o: cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h +serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h sshbuf.h log.h ssherr.h misc.h servconf.h canohost.h sshpty.h channels.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h +session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h +session.o: rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h monitor_wrap.h sftp.h atomicio.h +sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h +sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h +sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h +sftp-realpath.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sftp.h misc.h xmalloc.h +sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h +sftp-usergroup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h log.h ssherr.h xmalloc.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-usergroup.h +sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h pathnames.h misc.h utf8.h sftp.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-usergroup.h +sk-usbhid.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +srclimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h addr.h canohost.h log.h ssherr.h misc.h srclimit.h xmalloc.h servconf.h openbsd-compat/sys-queue.h match.h +ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h digest.h ssh-sk.h sk-api.h hostfile.h +ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h myproposal.h +ssh-ecdsa-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h sshbuf.h ssherr.h digest.h sshkey.h +ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +ssh-ed25519-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h digest.h +ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h +ssh-keygen.o: cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h +ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h sshbuf.h pathnames.h log.h ssherr.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h atomicio.h krl.h digest.h utf8.h authfd.h sshsig.h ssh-sk.h sk-api.h cipher.h ssh-keyscan.o: dispatch.h log.h ssherr.h atomicio.h misc.h hostfile.h ssh_api.h ssh2.h dns.h addr.h -ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h -ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h -ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h pathnames.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h atomicio.h ssh-pkcs11.h -ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h ssh-pkcs11.h -ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshkey.h ssh-pkcs11.h -ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h digest.h pathnames.h ssh-sk.h misc.h -ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h ssh-pkcs11.h -ssh-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h channels.h -ssh.o: sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h ssherr.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h myproposal.h utf8.h +ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h +ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h +ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h pathnames.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h atomicio.h ssh-pkcs11.h +ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h ssh-pkcs11.h +ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshkey.h ssh-pkcs11.h +ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h digest.h pathnames.h ssh-sk.h misc.h +ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h ssh-pkcs11.h +ssh-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +ssh.o: channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h ssherr.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h myproposal.h utf8.h +ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h ssh_api.o: authfile.h dh.h misc.h version.h myproposal.h sshbuf.h openbsd-compat/openssl-compat.h -ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h ssherr.h -sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h -sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -sshbuf-io.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h atomicio.h -sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h -sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h -sshconnect.o: authfd.h kex.h mac.h crypto_api.h -sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h sshkey.h sshconnect.h log.h ssherr.h match.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h -sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h +ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h ssherr.h +sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h +sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h +sshbuf-io.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h atomicio.h +sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h +sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h +sshconnect.o: authfile.h authfd.h kex.h mac.h crypto_api.h +sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h sshkey.h sshconnect.h log.h ssherr.h match.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h +sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h ssherr.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h utf8.h ssh-sk.h sk-api.h sshd-auth.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h ssh-sandbox.h dh.h -sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h +sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h sshd-session.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h dh.h -sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h +sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h monitor_wrap.h -sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h +sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h ssherr.o: ssherr.h -sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h match.h ssh-sk.h ssh-pkcs11.h openbsd-compat/openssl-compat.h -sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h -sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h ssherr.h misc.h -sshsig.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfd.h authfile.h log.h ssherr.h misc.h sshbuf.h sshsig.h sshkey.h match.h digest.h -sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h -ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h compat.h sshbuf.h ttymodes.h -uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h uidswap.h xmalloc.h -umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h -umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h -utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h utf8.h -xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h +sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h match.h ssh-sk.h ssh-pkcs11.h openbsd-compat/openssl-compat.h +sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h +sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h ssherr.h misc.h +sshsig.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfd.h authfile.h log.h ssherr.h misc.h sshbuf.h sshsig.h sshkey.h match.h digest.h +sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h +ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h compat.h sshbuf.h ttymodes.h +uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h uidswap.h xmalloc.h +umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h +umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h +utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h utf8.h +xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h diff --git a/openbsd-compat/sha2.h b/openbsd-compat/bsd-sha2.h similarity index 100% rename from openbsd-compat/sha2.h rename to openbsd-compat/bsd-sha2.h diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index 0823d6a8377f..680ba9db2c27 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h @@ -43,7 +43,7 @@ #include "vis.h" #include "getrrsetbyname.h" #include "sha1.h" -#include "sha2.h" +#include "bsd-sha2.h" #include "md5.h" #include "blf.h" #include "fnmatch.h" diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c index 4f2ad8f2352a..61941c685eca 100644 --- a/openbsd-compat/sha2.c +++ b/openbsd-compat/sha2.c @@ -45,7 +45,7 @@ #define MAKE_CLONE(x, y) void __ssh_compat_make_clone_##x_##y(void) #include -#include "openbsd-compat/sha2.h" +#include "openbsd-compat/bsd-sha2.h" /* * UNROLLED TRANSFORM LOOP NOTE: From 590a260f0bedc895688bb38b1cf6f0f72d8013e3 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 31 Oct 2025 12:19:34 +1100 Subject: [PATCH 403/687] add sshlog() replacement to sk-dummy.so --- regress/misc/sk-dummy/fatal.c | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/regress/misc/sk-dummy/fatal.c b/regress/misc/sk-dummy/fatal.c index c6e4b5d6fa71..4f5e88585384 100644 --- a/regress/misc/sk-dummy/fatal.c +++ b/regress/misc/sk-dummy/fatal.c @@ -10,18 +10,36 @@ #include "log.h" void -sshfatal(const char *file, const char *func, int line, int showfunc, - LogLevel level, const char *suffix, const char *fmt, ...) +sshlogv(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, va_list args) { - va_list ap; - if (showfunc) fprintf(stderr, "%s: ", func); - va_start(ap, fmt); - vfprintf(stderr, fmt, ap); - va_end(ap); + vfprintf(stderr, fmt, args); if (suffix != NULL) fprintf(stderr, ": %s", suffix); fputc('\n', stderr); +} + +void +sshlog(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, level, suffix, fmt, args); + va_end(args); +} + +void +sshfatal(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, level, suffix, fmt, args); + va_end(args); _exit(1); } From 7e2f89b0fb72141abbce098e2682ba8e090cabfc Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 31 Oct 2025 12:19:47 +1100 Subject: [PATCH 404/687] skip pkcs11 tests when built --without-openssl --- regress/test-exec.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 5b0c91f3faa9..b38908cee086 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -926,6 +926,9 @@ p11_find_lib() { PKCS11_OK= export PKCS11_OK p11_setup() { + # XXX we could potentially test ed25519 only in the absence of + # RSA and ECDSA support. + $SSH -Q key | grep ssh-rsa >/dev/null || return 1 p11_find_lib \ /usr/local/lib/softhsm/libsofthsm2.so \ /usr/lib64/pkcs11/libsofthsm2.so \ From 2425d7faf4154b32b5f836596023cf2432b81eaf Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 31 Oct 2025 13:47:49 +1100 Subject: [PATCH 405/687] check PAM user against previous user, not pw_name Avoids early fatal() if the user doesn't exist. Reported by Viswesh Narayanan; ok dtucker@ --- auth-pam.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 965de210060f..7b1002943517 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -237,6 +237,7 @@ pthread_join(sp_pthread_t thread, void **value) static pam_handle_t *sshpam_handle = NULL; +static char *sshpam_initial_user; static int sshpam_err = 0; static int sshpam_authenticated = 0; static int sshpam_session_open = 0; @@ -485,10 +486,11 @@ check_pam_user(Authctxt *authctxt) return PAM_USER_UNKNOWN; } - if (strcmp(authctxt->pw->pw_name, pam_user) != 0) { - debug("PAM user \"%s\" does not match expected \"%s\"", - pam_user, authctxt->pw->pw_name); - return PAM_USER_UNKNOWN; + if (sshpam_initial_user == NULL) + fatal_f("internal error: sshpam_initial_user NULL"); + if (strcmp(sshpam_initial_user, pam_user) != 0) { + error_f("PAM user \"%s\" does not match previous \"%s\"", + pam_user, sshpam_initial_user); } return PAM_SUCCESS; } @@ -709,6 +711,8 @@ sshpam_cleanup(void) sshpam_authenticated = 0; pam_end(sshpam_handle, sshpam_err); sshpam_handle = NULL; + free(sshpam_initial_user); + sshpam_initial_user = NULL; } static int @@ -725,12 +729,8 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) fatal("Username too long from %s port %d", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); #endif - if (sshpam_handle == NULL) { - if (ssh == NULL) { - fatal("%s: called initially with no " - "packet context", __func__); - } - } + if (sshpam_handle == NULL && ssh == NULL) + fatal("%s: called initially with no packet context", __func__); if (sshpam_handle != NULL) { /* We already have a PAM context; check if the user matches */ if ((sshpam_err = check_pam_user(authctxt)) != PAM_SUCCESS) @@ -741,6 +741,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) options.pam_service_name); sshpam_err = pam_start(options.pam_service_name, user, &store_conv, &sshpam_handle); + sshpam_initial_user = xstrdup(user); sshpam_authctxt = authctxt; if (sshpam_err != PAM_SUCCESS) { From d87e7f0bed66fc9f76fe4a2f43390fdc9a664132 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 1 Nov 2025 08:33:07 +1100 Subject: [PATCH 406/687] Add OpenBSD 7.8 test target. --- .github/workflows/selfhosted.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index a46d8a451aa7..aa01c8b296a9 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -51,6 +51,7 @@ jobs: - obsd74 - obsd76 - obsd77 + - obsd78 - obsdsnap - obsdsnap-i386 - omnios From 7e5d404cf73b6762715eec69b67cce2c4801f9e9 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 1 Nov 2025 08:34:15 +1100 Subject: [PATCH 407/687] Support using git for OpenBSD src tree tests. --- .github/workflows/upstream.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 6cb08fd41032..d055627a8831 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -42,7 +42,7 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc" + run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:"%h %an: %s" ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" - name: update netcat run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install" - name: make clean From f2ff1d9c1687be313dd491fcd136c682ef51bea8 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 31 Oct 2025 01:50:43 +0000 Subject: [PATCH 408/687] upstream: cleanup file descriptors across PKCS#11 client/helper execution; ok markus OpenBSD-Commit-ID: 993628a5b361e30aa48bbb4c07667a280f3f23ab --- ssh-pkcs11-client.c | 3 ++- ssh-pkcs11-helper.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index 85afb62ac6f4..e58292628b0a 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.24 2025/07/30 10:17:13 dtucker Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.25 2025/10/31 01:50:43 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -355,6 +355,7 @@ pkcs11_start_helper(const char *path) } close(pair[0]); close(pair[1]); + closefrom(STDERR_FILENO + 1); prog = getenv("SSH_PKCS11_HELPER"); if (prog == NULL || strlen(prog) == 0) prog = _PATH_SSH_PKCS11_HELPER; diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index aeb5b7a8a924..838610d96d27 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.29 2025/07/30 04:27:42 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.30 2025/10/31 01:50:43 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -222,6 +222,8 @@ main(int argc, char **argv) __progname = ssh_get_progname(argv[0]); seed_rng(); + sanitise_stdfd(); + closefrom(STDERR_FILENO + 1); log_init(__progname, log_level, log_facility, log_stderr); while ((ch = getopt(argc, argv, "v")) != -1) { From 1399419f0b2d024bde968ffe769a3808611917e4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 6 Nov 2025 01:31:11 +0000 Subject: [PATCH 409/687] upstream: move stringlist_append() and stringlist_free() to misc.c OpenBSD-Commit-ID: 7d047bbff6964b9abbc04e9b3e2e1b4cc1db0aea --- misc.c | 30 +++++++++++++++++++++++++++++- misc.h | 4 +++- ssh-add.c | 30 +----------------------------- 3 files changed, 33 insertions(+), 31 deletions(-) diff --git a/misc.c b/misc.c index ce77ec943067..15d7fc4dfe3c 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.208 2025/09/25 06:33:19 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.209 2025/11/06 01:31:11 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -121,6 +121,34 @@ strprefix(const char *s, const char *prefix, int ignorecase) return s + prefixlen; } +/* Append string 's' to a NULL-terminated array of strings */ +void +stringlist_append(char ***listp, const char *s) +{ + size_t i = 0; + + if (*listp == NULL) + *listp = xcalloc(2, sizeof(**listp)); + else { + for (i = 0; (*listp)[i] != NULL; i++) + ; /* count */ + *listp = xrecallocarray(*listp, i + 1, i + 2, sizeof(**listp)); + } + (*listp)[i] = xstrdup(s); +} + +void +stringlist_free(char **list) +{ + size_t i = 0; + + if (list == NULL) + return; + for (i = 0; list[i] != NULL; i++) + free(list[i]); + free(list); +} + /* set/unset filedescriptor to non-blocking */ int set_nonblock(int fd) diff --git a/misc.h b/misc.h index f3c5a18c6249..f106be18f638 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.112 2025/09/25 06:33:19 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.113 2025/11/06 01:31:11 djm Exp $ */ /* * Author: Tatu Ylonen @@ -59,6 +59,8 @@ void skip_space(char **); const char *strprefix(const char *, const char *, int); char *strdelim(char **); char *strdelimw(char **); +void stringlist_append(char ***listp, const char *s); +void stringlist_free(char **list); int set_nonblock(int); int unset_nonblock(int); void set_nodelay(int); diff --git a/ssh-add.c b/ssh-add.c index 2d5bec89cec5..412635b29cce 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.181 2025/09/29 03:17:54 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.182 2025/11/06 01:31:11 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -649,34 +649,6 @@ do_file(int agent_fd, int deleting, int key_only, int cert_only, return 0; } -/* Append string 's' to a NULL-terminated array of strings */ -static void -stringlist_append(char ***listp, const char *s) -{ - size_t i = 0; - - if (*listp == NULL) - *listp = xcalloc(2, sizeof(**listp)); - else { - for (i = 0; (*listp)[i] != NULL; i++) - ; /* count */ - *listp = xrecallocarray(*listp, i + 1, i + 2, sizeof(**listp)); - } - (*listp)[i] = xstrdup(s); -} - -static void -stringlist_free(char **list) -{ - size_t i = 0; - - if (list == NULL) - return; - for (i = 0; list[i] != NULL; i++) - free(list[i]); - free(list); -} - static void free_dest_constraint_hop(struct dest_constraint_hop *dch) { From 9bea081888fa659b964e6bfa41caca2b5def98c2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 7 Nov 2025 04:11:59 +0000 Subject: [PATCH 410/687] upstream: Remove some unnecessary checks in MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit sshkey_ec_validate_public() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Checking nQ == infinity is not needed for cofactor 1 curves. Checking x and y coordinates against order is not needed either. patch from Szilárd Pfeiffer, with further refinement by tb@ ok tb@ OpenBSD-Commit-ID: ef985e2be7c64e215d064757d3fc65eb181e8ede --- sshkey.c | 68 ++++++++++++++++++++++++-------------------------------- 1 file changed, 29 insertions(+), 39 deletions(-) diff --git a/sshkey.c b/sshkey.c index afd7822c4f41..6e47362fcc37 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.155 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.156 2025/11/07 04:11:59 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2672,64 +2672,54 @@ int sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) { EC_POINT *nq = NULL; - BIGNUM *order = NULL, *x = NULL, *y = NULL, *tmp = NULL; + BIGNUM *order = NULL, *cofactor = NULL; int ret = SSH_ERR_KEY_INVALID_EC_VALUE; /* * NB. This assumes OpenSSL has already verified that the public - * point lies on the curve. This is done by EC_POINT_oct2point() - * implicitly calling EC_POINT_is_on_curve(). If this code is ever - * reachable with public points not unmarshalled using - * EC_POINT_oct2point then the caller will need to explicitly check. + * point lies on the curve and that its coordinates are in [0, p). + * This is done by EC_POINT_oct2point() on at least OpenSSL >= 1.1, + * LibreSSL and BoringSSL. */ /* Q != infinity */ if (EC_POINT_is_at_infinity(group, public)) goto out; - if ((x = BN_new()) == NULL || - (y = BN_new()) == NULL || - (order = BN_new()) == NULL || - (tmp = BN_new()) == NULL) { + if ((cofactor = BN_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; } - - /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ - if (EC_GROUP_get_order(group, order, NULL) != 1 || - EC_POINT_get_affine_coordinates(group, public, x, y, NULL) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (BN_num_bits(x) <= BN_num_bits(order) / 2 || - BN_num_bits(y) <= BN_num_bits(order) / 2) + if (EC_GROUP_get_cofactor(group, cofactor, NULL) != 1) goto out; - /* nQ == infinity (n == order of subgroup) */ - if ((nq = EC_POINT_new(group)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (EC_POINT_mul(group, nq, NULL, public, order, NULL) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; + /* + * Verify nQ == infinity (n == order of subgroup) + * This check may be skipped for curves with cofactor 1, as per + * NIST SP 800-56A, 5.6.2.3. + */ + if (!BN_is_one(cofactor)) { + if ((order = BN_new()) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((nq = EC_POINT_new(group)) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } + if (EC_POINT_mul(group, nq, NULL, public, order, NULL) != 1) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + if (EC_POINT_is_at_infinity(group, nq) != 1) + goto out; } - if (EC_POINT_is_at_infinity(group, nq) != 1) - goto out; - /* x < order - 1, y < order - 1 */ - if (!BN_sub(tmp, order, BN_value_one())) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (BN_cmp(x, tmp) >= 0 || BN_cmp(y, tmp) >= 0) - goto out; + /* success */ ret = 0; out: - BN_clear_free(x); - BN_clear_free(y); + BN_clear_free(cofactor); BN_clear_free(order); - BN_clear_free(tmp); EC_POINT_free(nq); return ret; } From e57ef43c3ecb69aa237e2d88b793f18ee8a25817 Mon Sep 17 00:00:00 2001 From: "anton@openbsd.org" Date: Sat, 1 Nov 2025 05:39:25 +0000 Subject: [PATCH 411/687] upstream: Cope with recent changes and don't link hash.c. OpenBSD-Regress-ID: 577ef2f36ee592528448e8c0f33499e2e3512054 --- regress/misc/sk-dummy/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/misc/sk-dummy/Makefile b/regress/misc/sk-dummy/Makefile index 4e6babc6885a..3d5599bc48b7 100644 --- a/regress/misc/sk-dummy/Makefile +++ b/regress/misc/sk-dummy/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2025/10/23 19:06:10 miod Exp $ +# $OpenBSD: Makefile,v 1.5 2025/11/01 05:39:25 anton Exp $ .include .include @@ -11,7 +11,7 @@ SSHREL=../../../../../usr.bin/ssh SRCS=sk-dummy.c # From usr.bin/ssh -SRCS+=ed25519.c hash.c +SRCS+=ed25519.c OPENSSL?= yes CFLAGS+= -fPIC From 9d8c686981834bc1dde09f5067ff925d8fc158f5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 6 Nov 2025 01:33:03 +0000 Subject: [PATCH 412/687] upstream: link against ed25519-openssl.c instead of ed25519.c OpenBSD-Regress-ID: f789d46e99d2598929e3c2d00b45c47cc3102501 --- regress/misc/sk-dummy/Makefile | 5 +++-- regress/misc/ssh-verify-attestation/Makefile | 7 +++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/regress/misc/sk-dummy/Makefile b/regress/misc/sk-dummy/Makefile index 3d5599bc48b7..97c2dcd8419e 100644 --- a/regress/misc/sk-dummy/Makefile +++ b/regress/misc/sk-dummy/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.5 2025/11/01 05:39:25 anton Exp $ +# $OpenBSD: Makefile,v 1.6 2025/11/06 01:33:03 djm Exp $ .include .include @@ -11,7 +11,8 @@ SSHREL=../../../../../usr.bin/ssh SRCS=sk-dummy.c # From usr.bin/ssh -SRCS+=ed25519.c +SRCS+=ed25519-openssl.c +#SRCS+=ed25519.c OPENSSL?= yes CFLAGS+= -fPIC diff --git a/regress/misc/ssh-verify-attestation/Makefile b/regress/misc/ssh-verify-attestation/Makefile index 4665555cdaf6..2124b78b1314 100644 --- a/regress/misc/ssh-verify-attestation/Makefile +++ b/regress/misc/ssh-verify-attestation/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 2025/10/23 19:06:10 miod Exp $ +# $OpenBSD: Makefile,v 1.4 2025/11/06 01:33:03 djm Exp $ .include .include @@ -16,12 +16,11 @@ SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c -SRCS+=ed25519.c hash.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c -SRCS+=digest-openssl.c -#SRCS+=digest-libc.c +SRCS+=digest-openssl.c ed25519-openssl.c +#SRCS+=digest-libc.c ed25519.c SRCS+=utf8.c OPENSSL?= yes From a1c526f29b47147046f77a0f74097008256396f6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 6 Nov 2025 01:33:26 +0000 Subject: [PATCH 413/687] upstream: unit test for stringlist_append() and stringlist_free() OpenBSD-Regress-ID: a3a4dae538c831b3810f69abc34ad8504dc3c460 --- regress/unittests/misc/test_misc.c | 39 ++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/regress/unittests/misc/test_misc.c b/regress/unittests/misc/test_misc.c index d175196b7d47..db0b5bb6643f 100644 --- a/regress/unittests/misc/test_misc.c +++ b/regress/unittests/misc/test_misc.c @@ -373,6 +373,44 @@ test_path_absolute(void) TEST_DONE(); } +static void +test_stringlist(void) +{ + char **list = NULL; + + TEST_START("stringlist_append initial"); + stringlist_append(&list, "one"); + ASSERT_PTR_NE(list, NULL); + ASSERT_STRING_EQ(list[0], "one"); + ASSERT_PTR_EQ(list[1], NULL); + TEST_DONE(); + + TEST_START("stringlist_append second"); + stringlist_append(&list, "two"); + ASSERT_PTR_NE(list, NULL); + ASSERT_STRING_EQ(list[0], "one"); + ASSERT_STRING_EQ(list[1], "two"); + ASSERT_PTR_EQ(list[2], NULL); + TEST_DONE(); + + TEST_START("stringlist_append third"); + stringlist_append(&list, "three"); + ASSERT_PTR_NE(list, NULL); + ASSERT_STRING_EQ(list[0], "one"); + ASSERT_STRING_EQ(list[1], "two"); + ASSERT_STRING_EQ(list[2], "three"); + ASSERT_PTR_EQ(list[3], NULL); + TEST_DONE(); + + TEST_START("stringlist_free"); + stringlist_free(list); + TEST_DONE(); + + TEST_START("stringlist_free NULL"); + stringlist_free(NULL); + TEST_DONE(); +} + static void test_skip_space(void) { @@ -432,5 +470,6 @@ test_misc(void) test_tohex(); test_lowercase(); test_path_absolute(); + test_stringlist(); test_skip_space(); } From 5794f2a186ee8ea7db0002bf7470b817572aaef0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 6 Nov 2025 17:24:28 +0000 Subject: [PATCH 414/687] upstream: sk-dummy.so needs sshlog() stub after ed25519-openssl.c change OpenBSD-Regress-ID: 50b7f49021b8085728d0544275e141fb1bf4a2b5 --- regress/misc/sk-dummy/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/misc/sk-dummy/Makefile b/regress/misc/sk-dummy/Makefile index 97c2dcd8419e..2a88617ccde9 100644 --- a/regress/misc/sk-dummy/Makefile +++ b/regress/misc/sk-dummy/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.6 2025/11/06 01:33:03 djm Exp $ +# $OpenBSD: Makefile,v 1.7 2025/11/06 17:24:28 djm Exp $ .include .include @@ -9,7 +9,7 @@ NOMAN= SSHREL=../../../../../usr.bin/ssh .PATH: ${.CURDIR}/${SSHREL} -SRCS=sk-dummy.c +SRCS=sk-dummy.c fatal.c # From usr.bin/ssh SRCS+=ed25519-openssl.c #SRCS+=ed25519.c From 1f1d63e16b5ce67f6f2f1170ec7221f1e6bff530 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 7 Nov 2025 04:33:52 +0000 Subject: [PATCH 415/687] upstream: Escape SSH_AUTH_SOCK paths that are sent to the shell as setenv commands. Unbreaks ssh-agent for home directory paths that contain whitespace. Based on fix from Beat Bolli via bz3884; feedback/ok dtucker@ OpenBSD-Commit-ID: aaf06594e299940df8b4c4b9f0a1d14bef427e02 --- ssh-agent.c | 46 +++++++++++++++++++++------------------------- 1 file changed, 21 insertions(+), 25 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index df241379c0b1..6e9723c841e9 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.313 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.314 2025/11/07 04:33:52 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -162,8 +162,8 @@ static sig_atomic_t signalled_keydrop; pid_t cleanup_pid = 0; /* pathname and directory for AUTH_SOCKET */ -char socket_name[PATH_MAX]; -char socket_dir[PATH_MAX]; +static char *socket_name; +static char socket_dir[PATH_MAX]; /* Pattern-list of allowed PKCS#11/Security key paths */ static char *allowed_providers; @@ -2131,8 +2131,11 @@ cleanup_socket(void) if (cleanup_pid != 0 && getpid() != cleanup_pid) return; debug_f("cleanup"); - if (socket_name[0]) + if (socket_name != NULL) { unlink(socket_name); + free(socket_name); + socket_name = NULL; + } if (socket_dir[0]) rmdir(socket_dir); } @@ -2192,7 +2195,9 @@ main(int ac, char **av) int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0; int s_flag = 0, T_flag = 0, u_flag = 0, U_flag = 0; int sock = -1, ch, result, saved_errno; - char *homedir = NULL, *shell, *format, *pidstr, *agentsocket = NULL; + pid_t pid; + char *homedir = NULL, *shell, *format, *pidstr, *agentsocket = NULL; + char *cp, pidstrbuf[1 + 3 * sizeof pid]; char *fdstr; const char *errstr = NULL; const char *ccp; @@ -2201,8 +2206,6 @@ main(int ac, char **av) #endif extern int optind; extern char *optarg; - pid_t pid; - char pidstrbuf[1 + 3 * sizeof pid]; size_t len; mode_t prev_mask; struct timespec timeout; @@ -2393,16 +2396,9 @@ main(int ac, char **av) fatal("Couldn't determine home directory"); if (!U_flag) agent_cleanup_stale(homedir, 0); - if (agent_listener(homedir, "agent", &sock, &agentsocket) != 0) + if (agent_listener(homedir, "agent", &sock, &socket_name) != 0) fatal_f("Couldn't prepare agent socket"); - if (strlcpy(socket_name, agentsocket, - sizeof(socket_name)) >= sizeof(socket_name)) { - fatal_f("Socket path \"%s\" too long", - agentsocket); - } free(homedir); - free(agentsocket); - agentsocket = NULL; } else if (sock == -1) { if (T_flag) { /* @@ -2414,16 +2410,12 @@ main(int ac, char **av) perror("mkdtemp: private socket dir"); exit(1); } - snprintf(socket_name, sizeof(socket_name), - "%s/agent.%ld", socket_dir, (long)parent_pid); + xasprintf(&socket_name, "%s/agent.%ld", + socket_dir, (long)parent_pid); } else { /* Try to use specified agent socket */ socket_dir[0] = '\0'; - if (strlcpy(socket_name, agentsocket, - sizeof(socket_name)) >= sizeof(socket_name)) { - fatal_f("Socket path \"%s\" too long", - agentsocket); - } + socket_name = xstrdup(agentsocket); } /* Listen on socket */ prev_mask = umask(0177); @@ -2460,11 +2452,13 @@ main(int ac, char **av) log_init(__progname, d_flag ? SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 1); - if (socket_name[0] != '\0') { + if (socket_name != NULL) { + cp = argv_assemble(1, &socket_name); format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; - printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, + printf(format, SSH_AUTHSOCKET_ENV_NAME, cp, SSH_AUTHSOCKET_ENV_NAME); + free(cp); printf("echo Agent pid %ld;\n", (long)parent_pid); fflush(stdout); } @@ -2480,10 +2474,12 @@ main(int ac, char **av) snprintf(pidstrbuf, sizeof pidstrbuf, "%ld", (long)pid); if (ac == 0) { format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; - printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, + cp = argv_assemble(1, &socket_name); + printf(format, SSH_AUTHSOCKET_ENV_NAME, cp, SSH_AUTHSOCKET_ENV_NAME); printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf, SSH_AGENTPID_ENV_NAME); + free(cp); printf("echo Agent pid %ld;\n", (long)pid); exit(0); } From 48d8293956b9801b870a56782e19f29793ca04ba Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 7 Nov 2025 15:42:57 +1100 Subject: [PATCH 416/687] escape quotes in yaml --- .github/workflows/upstream.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index d055627a8831..7075306ed49b 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -42,7 +42,7 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:"%h %an: %s" ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" + run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:\"%h %an: %s\" ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" - name: update netcat run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install" - name: make clean From 5a104d81a2a916a6b9a42e28a7fa11bb781dfdf4 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 7 Nov 2025 15:44:18 +1100 Subject: [PATCH 417/687] try single quotes instead of escaped quotes --- .github/workflows/upstream.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 7075306ed49b..63960ccb38ca 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -42,7 +42,7 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:\"%h %an: %s\" ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" + run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:'%h %an: %s' ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" - name: update netcat run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install" - name: make clean From d12813314452173b1709f7fdbae74add84c0056f Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 7 Nov 2025 15:49:55 +1100 Subject: [PATCH 418/687] octal-escape the colon character Apparently these are YAML magic when followed by whitespace --- .github/workflows/upstream.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 63960ccb38ca..c5bfee463c9f 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -42,7 +42,7 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:'%h %an: %s' ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" + run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:\"%h %an\072 %s\" ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" - name: update netcat run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install" - name: make clean From 08786bbe7eebff316efb0b4ccb882f93f33a16b8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 13 Nov 2025 09:53:17 +1100 Subject: [PATCH 419/687] Don't use OpenSSL's ed25519 if built without EC. Explicitly check for OPENSSL_NO_EC, since otherwise the test will link but then fail at runtime. --- configure.ac | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/configure.ac b/configure.ac index 86cf56689b61..f7e9d4184c9b 100644 --- a/configure.ac +++ b/configure.ac @@ -3357,6 +3357,10 @@ if test "x$openssl" = "xyes" ; then [AC_LANG_PROGRAM([[ #include #include + #include + #ifdef OPENSSL_NO_EC + # error "OpenSSL has no EC support." + #endif ]], [[ unsigned char buf[64]; memset(buf, 0, sizeof(buf)); From 7cb3ea4dcc7d73b2fad6782a119901cfa2b022aa Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 13 Nov 2025 10:23:45 +1100 Subject: [PATCH 420/687] Simplify git command to avoid yaml syntax error. --- .github/workflows/upstream.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index c5bfee463c9f..420b2439b009 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -42,7 +42,7 @@ jobs: run: sshfs_mount working-directory: ${{ runner.temp }} - name: update source - run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1 --pretty=format:\"%h %an\072 %s\" ; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" + run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi" - name: update netcat run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install" - name: make clean From c09eeba78ad622b988ab7f8d96e75b7edd434598 Mon Sep 17 00:00:00 2001 From: "tb@openbsd.org" Date: Fri, 7 Nov 2025 06:29:45 +0000 Subject: [PATCH 421/687] upstream: sshkey_ec_validate_public: zap trailing blank I missed on review OpenBSD-Commit-ID: b296bd6056f33fd567ca0d5e9123dac1ec00f037 --- sshkey.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshkey.c b/sshkey.c index 6e47362fcc37..e9a287480a1b 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.156 2025/11/07 04:11:59 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.157 2025/11/07 06:29:45 tb Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2696,7 +2696,7 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) /* * Verify nQ == infinity (n == order of subgroup) * This check may be skipped for curves with cofactor 1, as per - * NIST SP 800-56A, 5.6.2.3. + * NIST SP 800-56A, 5.6.2.3. */ if (!BN_is_one(cofactor)) { if ((order = BN_new()) == NULL) { From 84347d67ad2d5ee0db43f32bca91bacccecdb647 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 13 Nov 2025 04:56:23 +0000 Subject: [PATCH 422/687] upstream: update our ML-KEM implementation to upstream libcrux v0.0.4 tested/ok tb@ OpenBSD-Commit-ID: 525a62549efbf53492adcb2c57e4872cdbaeed62 --- libcrux_mlkem768_sha3.h | 13877 ++++++++++++++++++-------------------- mlkem768.sh | 123 +- 2 files changed, 6734 insertions(+), 7266 deletions(-) diff --git a/libcrux_mlkem768_sha3.h b/libcrux_mlkem768_sha3.h index 885e82bafa06..a0e79a2a7f2d 100644 --- a/libcrux_mlkem768_sha3.h +++ b/libcrux_mlkem768_sha3.h @@ -1,6 +1,6 @@ -/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.2 2024/10/27 02:06:01 djm Exp $ */ +/* $OpenBSD$ */ -/* Extracted from libcrux revision 84c5d87b3092c59294345aa269ceefe0eb97cc35 */ +/* Extracted from libcrux revision 026a87ab6d88ad3626b9fbbf3710d1e0483c1849 */ /* * MIT License @@ -34,100 +34,233 @@ #define KRML_HOST_EPRINTF(...) #define KRML_HOST_EXIT(x) fatal_f("internal error") -/* from libcrux/libcrux-ml-kem/cg/eurydice_glue.h */ -/* - * SPDX-FileCopyrightText: 2024 Eurydice Contributors - * SPDX-FileCopyrightText: 2024 Cryspen Sarl - * - * SPDX-License-Identifier: MIT or Apache-2.0 - */ +static inline void +store64_le(uint8_t dst[8], uint64_t src) +{ + dst[0] = src & 0xff; + dst[1] = (src >> 8) & 0xff; + dst[2] = (src >> 16) & 0xff; + dst[3] = (src >> 24) & 0xff; + dst[4] = (src >> 32) & 0xff; + dst[5] = (src >> 40) & 0xff; + dst[6] = (src >> 48) & 0xff; + dst[7] = (src >> 56) & 0xff; +} -#pragma once +static inline void +store32_le(uint8_t dst[4], uint32_t src) +{ + dst[0] = src & 0xff; + dst[1] = (src >> 8) & 0xff; + dst[2] = (src >> 16) & 0xff; + dst[3] = (src >> 24) & 0xff; +} -#if defined(__cplusplus) -extern "C" { +static inline void +store32_be(uint8_t dst[4], uint32_t src) +{ + dst[0] = (src >> 24) & 0xff; + dst[1] = (src >> 16) & 0xff; + dst[2] = (src >> 8) & 0xff; + dst[3] = src & 0xff; +} + +static inline uint64_t +load64_le(uint8_t src[8]) +{ + return (uint64_t)(src[0]) | + ((uint64_t)(src[1]) << 8) | + ((uint64_t)(src[2]) << 16) | + ((uint64_t)(src[3]) << 24) | + ((uint64_t)(src[4]) << 32) | + ((uint64_t)(src[5]) << 40) | + ((uint64_t)(src[6]) << 48) | + ((uint64_t)(src[7]) << 56); +} + +static inline uint32_t +load32_le(uint8_t src[4]) +{ + return (uint32_t)(src[0]) | + ((uint32_t)(src[1]) << 8) | + ((uint32_t)(src[2]) << 16) | + ((uint32_t)(src[3]) << 24); +} + +#ifdef MISSING_BUILTIN_POPCOUNT +static inline unsigned int +__builtin_popcount(unsigned int num) +{ + const int v[16] = { 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4 }; + return v[num & 0xf] + v[(num >> 4) & 0xf]; +} #endif +/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/eurydice_glue.h */ +#pragma once +#ifdef _MSC_VER +// For __popcnt +#endif -// SLICES, ARRAYS, ETC. -// The MSVC C++ compiler does not support compound literals. -// This CLITERAL is used to turn `(type){...}` into `type{...}` when using a C++ -// compiler. +// C++ HELPERS + #if defined(__cplusplus) -#define CLITERAL(type) type + +#ifndef KRML_HOST_EPRINTF +#define KRML_HOST_EPRINTF(...) fprintf(stderr, __VA_ARGS__) +#endif + + +#ifndef __cpp_lib_type_identity +template +struct type_identity { + using type = T; +}; + +template +using type_identity_t = typename type_identity::type; #else -#define CLITERAL(type) (type) +using std::type_identity_t; +#endif + +#define KRML_UNION_CONSTRUCTOR(T) \ + template \ + constexpr T(int t, V U::*m, type_identity_t v) : tag(t) { \ + val.*m = std::move(v); \ + } \ + T() = default; + #endif +// GENERAL-PURPOSE STUFF + +#define LowStar_Ignore_ignore(e, t, _ret_t) ((void)e) + +#define EURYDICE_ASSERT(test, msg) \ + do { \ + if (!(test)) { \ + fprintf(stderr, "assertion \"%s\" failed: file \"%s\", line %d\n", msg, \ + __FILE__, __LINE__); \ + exit(255); \ + } \ + } while (0) + +// SLICES, ARRAYS, ETC. + // We represent a slice as a pair of an (untyped) pointer, along with the length // of the slice, i.e. the number of elements in the slice (this is NOT the // number of bytes). This design choice has two important consequences. // - if you need to use `ptr`, you MUST cast it to a proper type *before* -// performing pointer -// arithmetic on it (remember that C desugars pointer arithmetic based on the -// type of the address) +// performing pointer arithmetic on it (remember that C desugars pointer +// arithmetic based on the type of the address) // - if you need to use `len` for a C style function (e.g. memcpy, memcmp), you -// need to multiply it -// by sizeof t, where t is the type of the elements. +// need to multiply it by sizeof t, where t is the type of the elements. // -// Empty slices have `len == 0` and `ptr` always needs to be valid pointer that -// is not NULL (otherwise the construction in EURYDICE_SLICE computes `NULL + -// start`). +// Empty slices have `len == 0` and `ptr` always needs to be a valid pointer +// that is not NULL (otherwise the construction in EURYDICE_SLICE computes `NULL +// + start`). typedef struct { void *ptr; size_t len; } Eurydice_slice; +#if defined(__cplusplus) +#define KRML_CLITERAL(type) type +#else +#define KRML_CLITERAL(type) (type) +#endif + +#if defined(__cplusplus) && defined(__cpp_designated_initializers) || \ + !(defined(__cplusplus)) +#define EURYDICE_CFIELD(X) X +#else +#define EURYDICE_CFIELD(X) +#endif + // Helper macro to create a slice out of a pointer x, a start index in x // (included), and an end index in x (excluded). The argument x must be suitably // cast to something that can decay (see remark above about how pointer // arithmetic works in C), meaning either pointer or array type. #define EURYDICE_SLICE(x, start, end) \ - (CLITERAL(Eurydice_slice){.ptr = (void *)(x + start), .len = end - start}) -#define EURYDICE_SLICE_LEN(s, _) s.len + (KRML_CLITERAL(Eurydice_slice){(void *)(x + start), end - start}) + +// Slice length +#define EURYDICE_SLICE_LEN(s, _) (s).len +#define Eurydice_slice_len(s, _) (s).len + // This macro is a pain because in case the dereferenced element type is an // array, you cannot simply write `t x` as it would yield `int[4] x` instead, // which is NOT correct C syntax, so we add a dedicated phase in Eurydice that // adds an extra argument to this macro at the last minute so that we have the // correct type of *pointers* to elements. #define Eurydice_slice_index(s, i, t, t_ptr_t) (((t_ptr_t)s.ptr)[i]) -#define Eurydice_slice_subslice(s, r, t, _) \ + +// The following functions get sub slices from a slice. + +#define Eurydice_slice_subslice(s, r, t, _0, _1) \ EURYDICE_SLICE((t *)s.ptr, r.start, r.end) + // Variant for when the start and end indices are statically known (i.e., the // range argument `r` is a literal). #define Eurydice_slice_subslice2(s, start, end, t) \ - EURYDICE_SLICE((t *)s.ptr, start, end) -#define Eurydice_slice_subslice_to(s, subslice_end_pos, t, _) \ + EURYDICE_SLICE((t *)s.ptr, (start), (end)) + +// Previous version above does not work when t is an array type (as usual). Will +// be deprecated soon. +#define Eurydice_slice_subslice3(s, start, end, t_ptr) \ + EURYDICE_SLICE((t_ptr)s.ptr, (start), (end)) + +#define Eurydice_slice_subslice_to(s, subslice_end_pos, t, _0, _1) \ EURYDICE_SLICE((t *)s.ptr, 0, subslice_end_pos) -#define Eurydice_slice_subslice_from(s, subslice_start_pos, t, _) \ + +#define Eurydice_slice_subslice_from(s, subslice_start_pos, t, _0, _1) \ EURYDICE_SLICE((t *)s.ptr, subslice_start_pos, s.len) + #define Eurydice_array_to_slice(end, x, t) \ EURYDICE_SLICE(x, 0, \ end) /* x is already at an array type, no need for cast */ -#define Eurydice_array_to_subslice(_arraylen, x, r, t, _) \ +#define Eurydice_array_to_subslice(_arraylen, x, r, t, _0, _1) \ EURYDICE_SLICE((t *)x, r.start, r.end) + // Same as above, variant for when start and end are statically known #define Eurydice_array_to_subslice2(x, start, end, t) \ - EURYDICE_SLICE((t *)x, start, end) -#define Eurydice_array_to_subslice_to(_size, x, r, t, _range_t) \ + EURYDICE_SLICE((t *)x, (start), (end)) + +// Same as above, variant for when start and end are statically known +#define Eurydice_array_to_subslice3(x, start, end, t_ptr) \ + EURYDICE_SLICE((t_ptr)x, (start), (end)) + +#define Eurydice_array_repeat(dst, len, init, t) \ + ERROR "should've been desugared" + +// The following functions convert an array into a slice. + +#define Eurydice_array_to_subslice_to(_size, x, r, t, _range_t, _0) \ EURYDICE_SLICE((t *)x, 0, r) -#define Eurydice_array_to_subslice_from(size, x, r, t, _range_t) \ +#define Eurydice_array_to_subslice_from(size, x, r, t, _range_t, _0) \ EURYDICE_SLICE((t *)x, r, size) -#define Eurydice_slice_len(s, t) EURYDICE_SLICE_LEN(s, t) + +// Copy a slice with memcopy #define Eurydice_slice_copy(dst, src, t) \ memcpy(dst.ptr, src.ptr, dst.len * sizeof(t)) -#define core_array___Array_T__N__23__as_slice(len_, ptr_, t, _ret_t) \ - ((Eurydice_slice){.ptr = ptr_, .len = len_}) -#define core_array___core__clone__Clone_for__Array_T__N___20__clone( \ - len, src, dst, elem_type, _ret_t) \ +#define core_array___Array_T__N___as_slice(len_, ptr_, t, _ret_t) \ + KRML_CLITERAL(Eurydice_slice) { ptr_, len_ } + +#define core_array__core__clone__Clone_for__Array_T__N___clone( \ + len, src, dst, elem_type, _ret_t) \ (memcpy(dst, src, len * sizeof(elem_type))) #define TryFromSliceError uint8_t +#define core_array_TryFromSliceError uint8_t + +#define Eurydice_array_eq(sz, a1, a2, t) (memcmp(a1, a2, sz * sizeof(t)) == 0) + +// core::cmp::PartialEq<&0 (@Slice)> for @Array +#define Eurydice_array_eq_slice(sz, a1, s2, t, _) \ + (memcmp(a1, (s2)->ptr, sz * sizeof(t)) == 0) -#define Eurydice_array_eq(sz, a1, a2, t, _) \ - (memcmp(a1, a2, sz * sizeof(t)) == 0) #define core_array_equality___core__cmp__PartialEq__Array_U__N___for__Array_T__N____eq( \ sz, a1, a2, t, _, _ret_t) \ Eurydice_array_eq(sz, a1, a2, t, _) @@ -135,20 +268,30 @@ typedef struct { sz, a1, a2, t, _, _ret_t) \ Eurydice_array_eq(sz, a1, ((a2)->ptr), t, _) -#define Eurydice_slice_split_at(slice, mid, element_type, ret_t) \ - (CLITERAL(ret_t){ \ - .fst = EURYDICE_SLICE((element_type *)slice.ptr, 0, mid), \ - .snd = EURYDICE_SLICE((element_type *)slice.ptr, mid, slice.len)}) -#define Eurydice_slice_split_at_mut(slice, mid, element_type, ret_t) \ - (CLITERAL(ret_t){ \ - .fst = {.ptr = slice.ptr, .len = mid}, \ - .snd = {.ptr = (char *)slice.ptr + mid * sizeof(element_type), \ - .len = slice.len - mid}}) +#define Eurydice_slice_split_at(slice, mid, element_type, ret_t) \ + KRML_CLITERAL(ret_t) { \ + EURYDICE_CFIELD(.fst =) \ + EURYDICE_SLICE((element_type *)(slice).ptr, 0, mid), \ + EURYDICE_CFIELD(.snd =) \ + EURYDICE_SLICE((element_type *)(slice).ptr, mid, (slice).len) \ + } + +#define Eurydice_slice_split_at_mut(slice, mid, element_type, ret_t) \ + KRML_CLITERAL(ret_t) { \ + EURYDICE_CFIELD(.fst =) \ + KRML_CLITERAL(Eurydice_slice){EURYDICE_CFIELD(.ptr =)(slice.ptr), \ + EURYDICE_CFIELD(.len =) mid}, \ + EURYDICE_CFIELD(.snd =) KRML_CLITERAL(Eurydice_slice) { \ + EURYDICE_CFIELD(.ptr =) \ + ((char *)slice.ptr + mid * sizeof(element_type)), \ + EURYDICE_CFIELD(.len =)(slice.len - mid) \ + } \ + } // Conversion of slice to an array, rewritten (by Eurydice) to name the // destination array, since arrays are not values in C. // N.B.: see note in karamel/lib/Inlining.ml if you change this. -#define Eurydice_slice_to_array2(dst, src, _, t_arr) \ +#define Eurydice_slice_to_array2(dst, src, _0, t_arr, _1) \ Eurydice_slice_to_array3(&(dst)->tag, (char *)&(dst)->val.case_Ok, src, \ sizeof(t_arr)) @@ -158,126 +301,309 @@ static inline void Eurydice_slice_to_array3(uint8_t *dst_tag, char *dst_ok, memcpy(dst_ok, src.ptr, sz); } +// SUPPORT FOR DSTs (Dynamically-Sized Types) + +// A DST is a fat pointer that keeps tracks of the size of it flexible array +// member. Slices are a specific case of DSTs, where [T; N] implements +// Unsize<[T]>, meaning an array of statically known size can be converted to a +// fat pointer, i.e. a slice. +// +// Unlike slices, DSTs have a built-in definition that gets monomorphized, of +// the form: +// +// typedef struct { +// T *ptr; +// size_t len; // number of elements +// } Eurydice_dst; +// +// Furthermore, T = T0<[U0]> where `struct T0`, where the `U` is the +// last field. This means that there are two monomorphizations of T0 in the +// program. One is `T0<[V; N]>` +// -- this is directly converted to a Eurydice_dst via suitable codegen (no +// macro). The other is `T = T0<[U]>`, where `[U]` gets emitted to +// `Eurydice_derefed_slice`, a type that only appears in that precise situation +// and is thus defined to give rise to a flexible array member. + +typedef char Eurydice_derefed_slice[]; + +#define Eurydice_slice_of_dst(fam_ptr, len_, t, _) \ + ((Eurydice_slice){.ptr = (void *)(fam_ptr), .len = len_}) + +#define Eurydice_slice_of_boxed_array(ptr_, len_, t, _) \ + ((Eurydice_slice){.ptr = (void *)(ptr_), .len = len_}) + // CORE STUFF (conversions, endianness, ...) -static inline void core_num__u64_9__to_le_bytes(uint64_t v, uint8_t buf[8]) { - v = htole64(v); - memcpy(buf, &v, sizeof(v)); +// We slap extern "C" on declarations that intend to implement a prototype +// generated by Eurydice, because Eurydice prototypes are always emitted within +// an extern "C" block, UNLESS you use -fcxx17-compat, in which case, you must +// pass -DKRML_CXX17_COMPAT="" to your C++ compiler. +#if defined(__cplusplus) && !defined(KRML_CXX17_COMPAT) +extern "C" { +#endif + +static inline void core_num__u32__to_be_bytes(uint32_t src, uint8_t dst[4]) { + store32_be(dst, src); +} + +static inline void core_num__u32__to_le_bytes(uint32_t src, uint8_t dst[4]) { + store32_le(dst, src); +} + +static inline uint32_t core_num__u32__from_le_bytes(uint8_t buf[4]) { + return load32_le(buf); +} + +static inline void core_num__u64__to_le_bytes(uint64_t v, uint8_t buf[8]) { + store64_le(buf, v); +} + +static inline uint64_t core_num__u64__from_le_bytes(uint8_t buf[8]) { + return load64_le(buf); +} + +static inline int64_t core_convert_num___core__convert__From_i32__for_i64__from( + int32_t x) { + return x; } -static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t buf[8]) { - uint64_t v; - memcpy(&v, buf, sizeof(v)); - return le64toh(v); + +static inline uint64_t core_convert_num___core__convert__From_u8__for_u64__from( + uint8_t x) { + return x; +} + +static inline uint64_t +core_convert_num___core__convert__From_u16__for_u64__from(uint16_t x) { + return x; } -static inline uint32_t core_num__u32_8__from_le_bytes(uint8_t buf[4]) { - uint32_t v; - memcpy(&v, buf, sizeof(v)); - return le32toh(v); +static inline size_t +core_convert_num___core__convert__From_u16__for_usize__from(uint16_t x) { + return x; } -static inline uint32_t core_num__u8_6__count_ones(uint8_t x0) { -#if defined(_MSC_VER) +static inline uint32_t core_num__u8__count_ones(uint8_t x0) { +#ifdef _MSC_VER return __popcnt(x0); -#elif !defined(MISSING_BUILTIN_POPCOUNT) - return __builtin_popcount(x0); #else - const uint8_t v[16] = { 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4 }; - return v[x0 & 0xf] + v[(x0 >> 4) & 0xf]; + return __builtin_popcount(x0); +#endif +} +static inline uint32_t core_num__i32__count_ones(int32_t x0) { +#ifdef _MSC_VER + return __popcnt(x0); +#else + return __builtin_popcount(x0); #endif } +static inline size_t core_cmp_impls___core__cmp__Ord_for_usize__min(size_t a, + size_t b) { + if (a <= b) + return a; + else + return b; +} + // unsigned overflow wraparound semantics in C -static inline uint16_t core_num__u16_7__wrapping_add(uint16_t x, uint16_t y) { +static inline uint16_t core_num__u16__wrapping_add(uint16_t x, uint16_t y) { return x + y; } -static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x, uint8_t y) { +static inline uint8_t core_num__u8__wrapping_sub(uint8_t x, uint8_t y) { return x - y; } +static inline uint64_t core_num__u64__rotate_left(uint64_t x0, uint32_t x1) { + return (x0 << x1 | x0 >> (64 - x1)); +} + +static inline void core_ops_arith__i32__add_assign(int32_t *x0, int32_t *x1) { + *x0 = *x0 + *x1; +} + +static inline uint8_t Eurydice_bitand_pv_u8(uint8_t *p, uint8_t v) { + return (*p) & v; +} +static inline uint8_t Eurydice_shr_pv_u8(uint8_t *p, int32_t v) { + return (*p) >> v; +} +static inline uint32_t Eurydice_min_u32(uint32_t x, uint32_t y) { + return x < y ? x : y; +} + +static inline uint8_t +core_ops_bit___core__ops__bit__BitAnd_u8__u8__for___a__u8___46__bitand( + uint8_t *x0, uint8_t x1) { + return Eurydice_bitand_pv_u8(x0, x1); +} + +static inline uint8_t +core_ops_bit___core__ops__bit__Shr_i32__u8__for___a__u8___792__shr(uint8_t *x0, + int32_t x1) { + return Eurydice_shr_pv_u8(x0, x1); +} + +#define core_num_nonzero_private_NonZeroUsizeInner size_t +static inline core_num_nonzero_private_NonZeroUsizeInner +core_num_nonzero_private___core__clone__Clone_for_core__num__nonzero__private__NonZeroUsizeInner__26__clone( + core_num_nonzero_private_NonZeroUsizeInner *x0) { + return *x0; +} + +#if defined(__cplusplus) && !defined(KRML_CXX17_COMPAT) +} +#endif // ITERATORS -#define Eurydice_range_iter_next(iter_ptr, t, ret_t) \ - (((iter_ptr)->start == (iter_ptr)->end) \ - ? (CLITERAL(ret_t){.tag = None}) \ - : (CLITERAL(ret_t){.tag = Some, .f0 = (iter_ptr)->start++})) +#define Eurydice_range_iter_next(iter_ptr, t, ret_t) \ + (((iter_ptr)->start >= (iter_ptr)->end) \ + ? (KRML_CLITERAL(ret_t){EURYDICE_CFIELD(.tag =) 0, \ + EURYDICE_CFIELD(.f0 =) 0}) \ + : (KRML_CLITERAL(ret_t){EURYDICE_CFIELD(.tag =) 1, \ + EURYDICE_CFIELD(.f0 =)(iter_ptr)->start++})) -#define core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next \ +#define core_iter_range___core__iter__traits__iterator__Iterator_A__for_core__ops__range__Range_A__TraitClause_0___6__next \ Eurydice_range_iter_next // See note in karamel/lib/Inlining.ml if you change this -#define Eurydice_into_iter(x, t, _ret_t) (x) -#define core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter \ +#define Eurydice_into_iter(x, t, _ret_t, _) (x) +#define core_iter_traits_collect___core__iter__traits__collect__IntoIterator_Clause1_Item__I__for_I__1__into_iter \ Eurydice_into_iter -#if defined(__cplusplus) -} -#endif +typedef struct { + Eurydice_slice slice; + size_t chunk_size; +} Eurydice_chunks; + +// Can't use macros Eurydice_slice_subslice_{to,from} because they require a +// type, and this static inline function cannot receive a type as an argument. +// Instead, we receive the element size and use it to peform manual offset +// computations rather than going through the macros. +static inline Eurydice_slice chunk_next(Eurydice_chunks *chunks, + size_t element_size) { + size_t chunk_size = chunks->slice.len >= chunks->chunk_size + ? chunks->chunk_size + : chunks->slice.len; + Eurydice_slice curr_chunk; + curr_chunk.ptr = chunks->slice.ptr; + curr_chunk.len = chunk_size; + chunks->slice.ptr = (char *)(chunks->slice.ptr) + chunk_size * element_size; + chunks->slice.len = chunks->slice.len - chunk_size; + return curr_chunk; +} + +#define core_slice___Slice_T___chunks(slice_, sz_, t, _ret_t) \ + ((Eurydice_chunks){.slice = slice_, .chunk_size = sz_}) +#define core_slice___Slice_T___chunks_exact(slice_, sz_, t, _ret_t) \ + ((Eurydice_chunks){ \ + .slice = {.ptr = slice_.ptr, .len = slice_.len - (slice_.len % sz_)}, \ + .chunk_size = sz_}) +#define core_slice_iter_Chunks Eurydice_chunks +#define core_slice_iter_ChunksExact Eurydice_chunks +#define Eurydice_chunks_next(iter, t, ret_t) \ + (((iter)->slice.len == 0) ? ((ret_t){.tag = core_option_None}) \ + : ((ret_t){.tag = core_option_Some, \ + .f0 = chunk_next(iter, sizeof(t))})) +#define core_slice_iter___core__iter__traits__iterator__Iterator_for_core__slice__iter__Chunks__a__T___70__next \ + Eurydice_chunks_next +// This name changed on 20240627 +#define core_slice_iter___core__iter__traits__iterator__Iterator_for_core__slice__iter__Chunks__a__T___71__next \ + Eurydice_chunks_next +#define core_slice_iter__core__slice__iter__ChunksExact__a__T__89__next( \ + iter, t, _ret_t) \ + core_slice_iter__core__slice__iter__Chunks__a__T__70__next(iter, t) -/* from libcrux/libcrux-ml-kem/cg/libcrux_core.h */ +typedef struct { + Eurydice_slice s; + size_t index; +} Eurydice_slice_iterator; + +#define core_slice___Slice_T___iter(x, t, _ret_t) \ + ((Eurydice_slice_iterator){.s = x, .index = 0}) +#define core_slice_iter_Iter Eurydice_slice_iterator +#define core_slice_iter__core__slice__iter__Iter__a__T__181__next(iter, t, \ + ret_t) \ + (((iter)->index == (iter)->s.len) \ + ? (KRML_CLITERAL(ret_t){.tag = core_option_None}) \ + : (KRML_CLITERAL(ret_t){ \ + .tag = core_option_Some, \ + .f0 = ((iter)->index++, \ + &((t *)((iter)->s.ptr))[(iter)->index - 1])})) +#define core_option__core__option__Option_T__TraitClause_0___is_some(X, _0, \ + _1) \ + ((X)->tag == 1) +// STRINGS + +typedef const char *Prims_string; + +// MISC (UNTESTED) + +typedef void *core_fmt_Formatter; +typedef void *core_fmt_Arguments; +typedef void *core_fmt_rt_Argument; +#define core_fmt_rt__core__fmt__rt__Argument__a__1__new_display(x1, x2, x3, \ + x4) \ + NULL + +// BOXES + +// Crimes. +static inline char *malloc_and_init(size_t sz, char *init) { + char *ptr = (char *)malloc(sz); + memcpy(ptr, init, sz); + return ptr; +} + +#define Eurydice_box_new(init, t, t_dst) \ + ((t_dst)(malloc_and_init(sizeof(t), (char *)(&init)))) + +#define Eurydice_box_new_array(len, ptr, t, t_dst) \ + ((t_dst)(malloc_and_init(len * sizeof(t), (char *)(ptr)))) + +/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_mlkem_core.h */ /* - * SPDX-FileCopyrightText: 2024 Cryspen Sarl + * SPDX-FileCopyrightText: 2025 Cryspen Sarl * * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4 - * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb - * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee + * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7 + * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785 + * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b + * F*: 71d8221589d4d438af3706d89cb653cf53e18aab + * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc */ -#ifndef __libcrux_core_H -#define __libcrux_core_H +#ifndef libcrux_mlkem_core_H +#define libcrux_mlkem_core_H + #if defined(__cplusplus) extern "C" { #endif - /** A monomorphic instance of core.ops.range.Range with types size_t */ -typedef struct core_ops_range_Range_b3_s { +typedef struct core_ops_range_Range_08_s { size_t start; size_t end; -} core_ops_range_Range_b3; - -#define Ok 0 -#define Err 1 - -typedef uint8_t Result_86_tags; - -#define None 0 -#define Some 1 - -typedef uint8_t Option_ef_tags; - -/** -A monomorphic instance of core.option.Option -with types size_t - -*/ -typedef struct Option_b3_s { - Option_ef_tags tag; - size_t f0; -} Option_b3; +} core_ops_range_Range_08; -static inline uint16_t core_num__u16_7__wrapping_add(uint16_t x0, uint16_t x1); +static inline uint16_t core_num__u16__wrapping_add(uint16_t x0, uint16_t x1); -#define CORE_NUM__U32_8__BITS (32U) +static inline uint64_t core_num__u64__from_le_bytes(uint8_t x0[8U]); -static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t x0[8U]); +static inline uint64_t core_num__u64__rotate_left(uint64_t x0, uint32_t x1); -static inline void core_num__u64_9__to_le_bytes(uint64_t x0, uint8_t x1[8U]); +static inline void core_num__u64__to_le_bytes(uint64_t x0, uint8_t x1[8U]); -static inline uint32_t core_num__u8_6__count_ones(uint8_t x0); +static inline uint32_t core_num__u8__count_ones(uint8_t x0); -static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x0, uint8_t x1); +static inline uint8_t core_num__u8__wrapping_sub(uint8_t x0, uint8_t x1); #define LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE ((size_t)32U) @@ -293,242 +619,480 @@ static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x0, uint8_t x1); #define LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE ((size_t)32U) -#define LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE ((size_t)32U) +#define LIBCRUX_ML_KEM_CONSTANTS_G_DIGEST_SIZE ((size_t)64U) -typedef struct libcrux_ml_kem_utils_extraction_helper_Keypair768_s { - uint8_t fst[1152U]; - uint8_t snd[1184U]; -} libcrux_ml_kem_utils_extraction_helper_Keypair768; +#define LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE ((size_t)32U) /** -A monomorphic instance of core.result.Result -with types uint8_t[24size_t], core_array_TryFromSliceError + K * BITS_PER_RING_ELEMENT / 8 + [eurydice] Note that we can't use const generics here because that breaks + C extraction with eurydice. */ -typedef struct Result_6f_s { - Result_86_tags tag; - union { - uint8_t case_Ok[24U]; - TryFromSliceError case_Err; - } val; -} Result_6f; +static inline size_t libcrux_ml_kem_constants_ranked_bytes_per_ring_element( + size_t rank) { + return rank * LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_RING_ELEMENT / (size_t)8U; +} /** -This function found in impl {core::result::Result} +This function found in impl {libcrux_secrets::traits::Classify for T} */ /** -A monomorphic instance of core.result.unwrap_41 -with types uint8_t[24size_t], core_array_TryFromSliceError +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types uint8_t */ -static inline void unwrap_41_1c(Result_6f self, uint8_t ret[24U]) { - if (self.tag == Ok) { - uint8_t f0[24U]; - memcpy(f0, self.val.case_Ok, (size_t)24U * sizeof(uint8_t)); - memcpy(ret, f0, (size_t)24U * sizeof(uint8_t)); - } else { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "unwrap not Ok"); - KRML_HOST_EXIT(255U); - } +static KRML_MUSTINLINE uint8_t +libcrux_secrets_int_public_integers_classify_27_90(uint8_t self) { + return self; } /** -A monomorphic instance of core.result.Result -with types uint8_t[20size_t], core_array_TryFromSliceError - -*/ -typedef struct Result_7a_s { - Result_86_tags tag; - union { - uint8_t case_Ok[20U]; - TryFromSliceError case_Err; - } val; -} Result_7a; - -/** -This function found in impl {core::result::Result} +This function found in impl {libcrux_secrets::traits::Declassify for T} */ /** -A monomorphic instance of core.result.unwrap_41 -with types uint8_t[20size_t], core_array_TryFromSliceError +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types int16_t */ -static inline void unwrap_41_34(Result_7a self, uint8_t ret[20U]) { - if (self.tag == Ok) { - uint8_t f0[20U]; - memcpy(f0, self.val.case_Ok, (size_t)20U * sizeof(uint8_t)); - memcpy(ret, f0, (size_t)20U * sizeof(uint8_t)); - } else { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "unwrap not Ok"); - KRML_HOST_EXIT(255U); - } +static KRML_MUSTINLINE int16_t +libcrux_secrets_int_public_integers_declassify_d8_39(int16_t self) { + return self; } /** -A monomorphic instance of core.result.Result -with types uint8_t[10size_t], core_array_TryFromSliceError - +This function found in impl {libcrux_secrets::int::CastOps for i16} */ -typedef struct Result_cd_s { - Result_86_tags tag; - union { - uint8_t case_Ok[10U]; - TryFromSliceError case_Err; - } val; -} Result_cd; +static KRML_MUSTINLINE uint8_t libcrux_secrets_int_as_u8_f5(int16_t self) { + return libcrux_secrets_int_public_integers_classify_27_90( + (uint8_t)libcrux_secrets_int_public_integers_declassify_d8_39(self)); +} /** -This function found in impl {core::result::Result} +This function found in impl {libcrux_secrets::traits::Classify for T} */ /** -A monomorphic instance of core.result.unwrap_41 -with types uint8_t[10size_t], core_array_TryFromSliceError +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types int16_t */ -static inline void unwrap_41_e8(Result_cd self, uint8_t ret[10U]) { - if (self.tag == Ok) { - uint8_t f0[10U]; - memcpy(f0, self.val.case_Ok, (size_t)10U * sizeof(uint8_t)); - memcpy(ret, f0, (size_t)10U * sizeof(uint8_t)); - } else { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "unwrap not Ok"); - KRML_HOST_EXIT(255U); - } +static KRML_MUSTINLINE int16_t +libcrux_secrets_int_public_integers_classify_27_39(int16_t self) { + return self; } -typedef struct Eurydice_slice_uint8_t_4size_t__x2_s { - Eurydice_slice fst[4U]; - Eurydice_slice snd[4U]; -} Eurydice_slice_uint8_t_4size_t__x2; - -typedef struct libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s { - uint8_t value[1088U]; -} libcrux_ml_kem_mlkem768_MlKem768Ciphertext; - -/** - A reference to the raw byte slice. -*/ /** -This function found in impl {libcrux_ml_kem::types::MlKemCiphertext#6} +This function found in impl {libcrux_secrets::traits::Declassify for T} */ /** -A monomorphic instance of libcrux_ml_kem.types.as_slice_d4 -with const generics -- SIZE= 1088 +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint8_t + */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_1d( - libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { - return self->value; +static KRML_MUSTINLINE uint8_t +libcrux_secrets_int_public_integers_declassify_d8_90(uint8_t self) { + return self; } /** -A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey -with const generics -- $1184size_t +This function found in impl {libcrux_secrets::int::CastOps for u8} */ -typedef struct libcrux_ml_kem_types_MlKemPublicKey_15_s { - uint8_t value[1184U]; -} libcrux_ml_kem_types_MlKemPublicKey_15; +static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_59(uint8_t self) { + return libcrux_secrets_int_public_integers_classify_27_39( + (int16_t)libcrux_secrets_int_public_integers_declassify_d8_90(self)); +} /** -This function found in impl {(core::convert::From<@Array> for -libcrux_ml_kem::types::MlKemPublicKey)#14} +This function found in impl {libcrux_secrets::traits::Classify for T} */ /** -A monomorphic instance of libcrux_ml_kem.types.from_b6 -with const generics -- SIZE= 1184 +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types int32_t + */ -static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_b6_da(uint8_t value[1184U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_value[1184U]; - memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPublicKey_15 lit; - memcpy(lit.value, copy_of_value, (size_t)1184U * sizeof(uint8_t)); - return lit; +static KRML_MUSTINLINE int32_t +libcrux_secrets_int_public_integers_classify_27_a8(int32_t self) { + return self; } /** -A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey -with const generics -- $2400size_t +This function found in impl {libcrux_secrets::int::CastOps for i16} */ -typedef struct libcrux_ml_kem_types_MlKemPrivateKey_55_s { - uint8_t value[2400U]; -} libcrux_ml_kem_types_MlKemPrivateKey_55; - -typedef struct libcrux_ml_kem_mlkem768_MlKem768KeyPair_s { - libcrux_ml_kem_types_MlKemPrivateKey_55 sk; - libcrux_ml_kem_types_MlKemPublicKey_15 pk; -} libcrux_ml_kem_mlkem768_MlKem768KeyPair; +static KRML_MUSTINLINE int32_t libcrux_secrets_int_as_i32_f5(int16_t self) { + return libcrux_secrets_int_public_integers_classify_27_a8( + (int32_t)libcrux_secrets_int_public_integers_declassify_d8_39(self)); +} /** - Create a new [`MlKemKeyPair`] from the secret and public key. +This function found in impl {libcrux_secrets::traits::Declassify for T} */ /** -This function found in impl -{libcrux_ml_kem::types::MlKemKeyPair} +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types int32_t + */ +static KRML_MUSTINLINE int32_t +libcrux_secrets_int_public_integers_declassify_d8_a8(int32_t self) { + return self; +} + /** -A monomorphic instance of libcrux_ml_kem.types.from_17 -with const generics -- PRIVATE_KEY_SIZE= 2400 -- PUBLIC_KEY_SIZE= 1184 +This function found in impl {libcrux_secrets::int::CastOps for i32} */ -static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_17_35(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, - libcrux_ml_kem_types_MlKemPublicKey_15 pk) { - return ( - CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); +static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_36(int32_t self) { + return libcrux_secrets_int_public_integers_classify_27_39( + (int16_t)libcrux_secrets_int_public_integers_declassify_d8_a8(self)); } /** -This function found in impl {(core::convert::From<@Array> for -libcrux_ml_kem::types::MlKemPrivateKey)#8} +This function found in impl {libcrux_secrets::traits::Declassify for T} */ /** -A monomorphic instance of libcrux_ml_kem.types.from_05 -with const generics -- SIZE= 2400 +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint32_t + */ -static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_05_f2(uint8_t value[2400U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_value[2400U]; - memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 lit; - memcpy(lit.value, copy_of_value, (size_t)2400U * sizeof(uint8_t)); - return lit; +static KRML_MUSTINLINE uint32_t +libcrux_secrets_int_public_integers_declassify_d8_df(uint32_t self) { + return self; } /** -A monomorphic instance of core.result.Result -with types uint8_t[32size_t], core_array_TryFromSliceError - +This function found in impl {libcrux_secrets::int::CastOps for u32} */ -typedef struct Result_00_s { - Result_86_tags tag; - union { - uint8_t case_Ok[32U]; - TryFromSliceError case_Err; - } val; -} Result_00; +static KRML_MUSTINLINE int32_t libcrux_secrets_int_as_i32_b8(uint32_t self) { + return libcrux_secrets_int_public_integers_classify_27_a8( + (int32_t)libcrux_secrets_int_public_integers_declassify_d8_df(self)); +} /** -This function found in impl {core::result::Result} +This function found in impl {libcrux_secrets::traits::Classify for T} */ /** -A monomorphic instance of core.result.unwrap_41 -with types uint8_t[32size_t], core_array_TryFromSliceError +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types uint16_t */ -static inline void unwrap_41_83(Result_00 self, uint8_t ret[32U]) { - if (self.tag == Ok) { - uint8_t f0[32U]; +static KRML_MUSTINLINE uint16_t +libcrux_secrets_int_public_integers_classify_27_de(uint16_t self) { + return self; +} + +/** +This function found in impl {libcrux_secrets::int::CastOps for i16} +*/ +static KRML_MUSTINLINE uint16_t libcrux_secrets_int_as_u16_f5(int16_t self) { + return libcrux_secrets_int_public_integers_classify_27_de( + (uint16_t)libcrux_secrets_int_public_integers_declassify_d8_39(self)); +} + +/** +This function found in impl {libcrux_secrets::traits::Declassify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint16_t + +*/ +static KRML_MUSTINLINE uint16_t +libcrux_secrets_int_public_integers_declassify_d8_de(uint16_t self) { + return self; +} + +/** +This function found in impl {libcrux_secrets::int::CastOps for u16} +*/ +static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_ca(uint16_t self) { + return libcrux_secrets_int_public_integers_classify_27_39( + (int16_t)libcrux_secrets_int_public_integers_declassify_d8_de(self)); +} + +/** +This function found in impl {libcrux_secrets::traits::Classify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types uint64_t + +*/ +static KRML_MUSTINLINE uint64_t +libcrux_secrets_int_public_integers_classify_27_49(uint64_t self) { + return self; +} + +/** +This function found in impl {libcrux_secrets::int::CastOps for u16} +*/ +static KRML_MUSTINLINE uint64_t libcrux_secrets_int_as_u64_ca(uint16_t self) { + return libcrux_secrets_int_public_integers_classify_27_49( + (uint64_t)libcrux_secrets_int_public_integers_declassify_d8_de(self)); +} + +/** +This function found in impl {libcrux_secrets::traits::Classify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types uint32_t + +*/ +static KRML_MUSTINLINE uint32_t +libcrux_secrets_int_public_integers_classify_27_df(uint32_t self) { + return self; +} + +/** +This function found in impl {libcrux_secrets::traits::Declassify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint64_t + +*/ +static KRML_MUSTINLINE uint64_t +libcrux_secrets_int_public_integers_declassify_d8_49(uint64_t self) { + return self; +} + +/** +This function found in impl {libcrux_secrets::int::CastOps for u64} +*/ +static KRML_MUSTINLINE uint32_t libcrux_secrets_int_as_u32_a3(uint64_t self) { + return libcrux_secrets_int_public_integers_classify_27_df( + (uint32_t)libcrux_secrets_int_public_integers_declassify_d8_49(self)); +} + +/** +This function found in impl {libcrux_secrets::int::CastOps for u32} +*/ +static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_b8(uint32_t self) { + return libcrux_secrets_int_public_integers_classify_27_39( + (int16_t)libcrux_secrets_int_public_integers_declassify_d8_df(self)); +} + +/** +This function found in impl {libcrux_secrets::int::CastOps for i16} +*/ +static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_f5(int16_t self) { + return libcrux_secrets_int_public_integers_classify_27_39( + libcrux_secrets_int_public_integers_declassify_d8_39(self)); +} + +typedef struct libcrux_ml_kem_utils_extraction_helper_Keypair768_s { + uint8_t fst[1152U]; + uint8_t snd[1184U]; +} libcrux_ml_kem_utils_extraction_helper_Keypair768; + +#define Ok 0 +#define Err 1 + +typedef uint8_t Result_b2_tags; + +/** +A monomorphic instance of core.result.Result +with types uint8_t[24size_t], core_array_TryFromSliceError + +*/ +typedef struct Result_b2_s { + Result_b2_tags tag; + union { + uint8_t case_Ok[24U]; + TryFromSliceError case_Err; + } val; +} Result_b2; + +/** +This function found in impl {core::result::Result[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of core.result.unwrap_26 +with types uint8_t[24size_t], core_array_TryFromSliceError + +*/ +static inline void unwrap_26_70(Result_b2 self, uint8_t ret[24U]) { + if (self.tag == Ok) { + uint8_t f0[24U]; + memcpy(f0, self.val.case_Ok, (size_t)24U * sizeof(uint8_t)); + memcpy(ret, f0, (size_t)24U * sizeof(uint8_t)); + } else { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "unwrap not Ok"); + KRML_HOST_EXIT(255U); + } +} + +/** +A monomorphic instance of core.result.Result +with types uint8_t[20size_t], core_array_TryFromSliceError + +*/ +typedef struct Result_e1_s { + Result_b2_tags tag; + union { + uint8_t case_Ok[20U]; + TryFromSliceError case_Err; + } val; +} Result_e1; + +/** +This function found in impl {core::result::Result[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of core.result.unwrap_26 +with types uint8_t[20size_t], core_array_TryFromSliceError + +*/ +static inline void unwrap_26_20(Result_e1 self, uint8_t ret[20U]) { + if (self.tag == Ok) { + uint8_t f0[20U]; + memcpy(f0, self.val.case_Ok, (size_t)20U * sizeof(uint8_t)); + memcpy(ret, f0, (size_t)20U * sizeof(uint8_t)); + } else { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "unwrap not Ok"); + KRML_HOST_EXIT(255U); + } +} + +/** + Pad the `slice` with `0`s at the end. +*/ +/** +A monomorphic instance of libcrux_ml_kem.utils.into_padded_array +with const generics +- LEN= 32 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_9e( + Eurydice_slice slice, uint8_t ret[32U]) { + uint8_t out[32U] = {0U}; + uint8_t *uu____0 = out; + Eurydice_slice_copy( + Eurydice_array_to_subslice3( + uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *), + slice, uint8_t); + memcpy(ret, out, (size_t)32U * sizeof(uint8_t)); +} + +/** +A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey +with const generics +- $2400size_t +*/ +typedef struct libcrux_ml_kem_types_MlKemPrivateKey_d9_s { + uint8_t value[2400U]; +} libcrux_ml_kem_types_MlKemPrivateKey_d9; + +/** +This function found in impl {core::default::Default for +libcrux_ml_kem::types::MlKemPrivateKey} +*/ +/** +A monomorphic instance of libcrux_ml_kem.types.default_d3 +with const generics +- SIZE= 2400 +*/ +static inline libcrux_ml_kem_types_MlKemPrivateKey_d9 +libcrux_ml_kem_types_default_d3_28(void) { + return ( + KRML_CLITERAL(libcrux_ml_kem_types_MlKemPrivateKey_d9){.value = {0U}}); +} + +/** +A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey +with const generics +- $1184size_t +*/ +typedef struct libcrux_ml_kem_types_MlKemPublicKey_30_s { + uint8_t value[1184U]; +} libcrux_ml_kem_types_MlKemPublicKey_30; + +/** +This function found in impl {core::convert::From<@Array> for +libcrux_ml_kem::types::MlKemPublicKey} +*/ +/** +A monomorphic instance of libcrux_ml_kem.types.from_fd +with const generics +- SIZE= 1184 +*/ +static inline libcrux_ml_kem_types_MlKemPublicKey_30 +libcrux_ml_kem_types_from_fd_d0(uint8_t value[1184U]) { + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_value[1184U]; + memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); + libcrux_ml_kem_types_MlKemPublicKey_30 lit; + memcpy(lit.value, copy_of_value, (size_t)1184U * sizeof(uint8_t)); + return lit; +} + +typedef struct libcrux_ml_kem_mlkem768_MlKem768KeyPair_s { + libcrux_ml_kem_types_MlKemPrivateKey_d9 sk; + libcrux_ml_kem_types_MlKemPublicKey_30 pk; +} libcrux_ml_kem_mlkem768_MlKem768KeyPair; + +/** +This function found in impl +{libcrux_ml_kem::types::MlKemKeyPair} +*/ +/** +A monomorphic instance of libcrux_ml_kem.types.from_17 +with const generics +- PRIVATE_KEY_SIZE= 2400 +- PUBLIC_KEY_SIZE= 1184 +*/ +static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair +libcrux_ml_kem_types_from_17_74(libcrux_ml_kem_types_MlKemPrivateKey_d9 sk, + libcrux_ml_kem_types_MlKemPublicKey_30 pk) { + return (KRML_CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, + .pk = pk}); +} + +/** +This function found in impl {core::convert::From<@Array> for +libcrux_ml_kem::types::MlKemPrivateKey} +*/ +/** +A monomorphic instance of libcrux_ml_kem.types.from_77 +with const generics +- SIZE= 2400 +*/ +static inline libcrux_ml_kem_types_MlKemPrivateKey_d9 +libcrux_ml_kem_types_from_77_28(uint8_t value[2400U]) { + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_value[2400U]; + memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); + libcrux_ml_kem_types_MlKemPrivateKey_d9 lit; + memcpy(lit.value, copy_of_value, (size_t)2400U * sizeof(uint8_t)); + return lit; +} + +/** +A monomorphic instance of core.result.Result +with types uint8_t[32size_t], core_array_TryFromSliceError + +*/ +typedef struct Result_fb_s { + Result_b2_tags tag; + union { + uint8_t case_Ok[32U]; + TryFromSliceError case_Err; + } val; +} Result_fb; + +/** +This function found in impl {core::result::Result[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of core.result.unwrap_26 +with types uint8_t[32size_t], core_array_TryFromSliceError + +*/ +static inline void unwrap_26_b3(Result_fb self, uint8_t ret[32U]) { + if (self.tag == Ok) { + uint8_t f0[32U]; memcpy(f0, self.val.case_Ok, (size_t)32U * sizeof(uint8_t)); memcpy(ret, f0, (size_t)32U * sizeof(uint8_t)); } else { @@ -538,28 +1102,32 @@ static inline void unwrap_41_83(Result_00 self, uint8_t ret[32U]) { } } +typedef struct libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s { + uint8_t value[1088U]; +} libcrux_ml_kem_mlkem768_MlKem768Ciphertext; + /** A monomorphic instance of K. with types libcrux_ml_kem_types_MlKemCiphertext[[$1088size_t]], uint8_t[32size_t] */ -typedef struct tuple_3c_s { +typedef struct tuple_c2_s { libcrux_ml_kem_mlkem768_MlKem768Ciphertext fst; uint8_t snd[32U]; -} tuple_3c; +} tuple_c2; /** -This function found in impl {(core::convert::From<@Array> for -libcrux_ml_kem::types::MlKemCiphertext)#2} +This function found in impl {core::convert::From<@Array> for +libcrux_ml_kem::types::MlKemCiphertext} */ /** -A monomorphic instance of libcrux_ml_kem.types.from_01 +A monomorphic instance of libcrux_ml_kem.types.from_e0 with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_01_9f(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_e0_80(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -569,21 +1137,46 @@ libcrux_ml_kem_types_from_01_9f(uint8_t value[1088U]) { } /** - A reference to the raw byte slice. +This function found in impl {libcrux_ml_kem::types::MlKemPublicKey} +*/ +/** +A monomorphic instance of libcrux_ml_kem.types.as_slice_e6 +with const generics +- SIZE= 1184 */ +static inline uint8_t *libcrux_ml_kem_types_as_slice_e6_d0( + libcrux_ml_kem_types_MlKemPublicKey_30 *self) { + return self->value; +} + /** -This function found in impl {libcrux_ml_kem::types::MlKemPublicKey#18} +This function found in impl {libcrux_ml_kem::types::MlKemCiphertext} */ /** -A monomorphic instance of libcrux_ml_kem.types.as_slice_cb +A monomorphic instance of libcrux_ml_kem.types.as_slice_a9 with const generics -- SIZE= 1184 +- SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_cb_50( - libcrux_ml_kem_types_MlKemPublicKey_15 *self) { +static inline uint8_t *libcrux_ml_kem_types_as_slice_a9_80( + libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } +/** +A monomorphic instance of libcrux_ml_kem.utils.prf_input_inc +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE uint8_t libcrux_ml_kem_utils_prf_input_inc_e0( + uint8_t (*prf_inputs)[33U], uint8_t domain_separator) { + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + prf_inputs[i0][32U] = domain_separator; + domain_separator = (uint32_t)domain_separator + 1U; + } + return domain_separator; +} + /** Pad the `slice` with `0`s at the end. */ @@ -592,13 +1185,13 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea2( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_c8( Eurydice_slice slice, uint8_t ret[33U]) { uint8_t out[33U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( - Eurydice_array_to_subslice2(uu____0, (size_t)0U, - Eurydice_slice_len(slice, uint8_t), uint8_t), + Eurydice_array_to_subslice3( + uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *), slice, uint8_t); memcpy(ret, out, (size_t)33U * sizeof(uint8_t)); } @@ -611,27 +1204,27 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea1( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_b6( Eurydice_slice slice, uint8_t ret[34U]) { uint8_t out[34U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( - Eurydice_array_to_subslice2(uu____0, (size_t)0U, - Eurydice_slice_len(slice, uint8_t), uint8_t), + Eurydice_array_to_subslice3( + uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *), slice, uint8_t); memcpy(ret, out, (size_t)34U * sizeof(uint8_t)); } /** -This function found in impl {(core::convert::AsRef<@Slice> for -libcrux_ml_kem::types::MlKemCiphertext)#1} +This function found in impl {core::convert::AsRef<@Slice> for +libcrux_ml_kem::types::MlKemCiphertext} */ /** -A monomorphic instance of libcrux_ml_kem.types.as_ref_00 +A monomorphic instance of libcrux_ml_kem.types.as_ref_d3 with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_24( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_d3_80( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -644,13 +1237,13 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea0( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_15( Eurydice_slice slice, uint8_t ret[1120U]) { uint8_t out[1120U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( - Eurydice_array_to_subslice2(uu____0, (size_t)0U, - Eurydice_slice_len(slice, uint8_t), uint8_t), + Eurydice_array_to_subslice3( + uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *), slice, uint8_t); memcpy(ret, out, (size_t)1120U * sizeof(uint8_t)); } @@ -663,39 +1256,182 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_24( Eurydice_slice slice, uint8_t ret[64U]) { uint8_t out[64U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( - Eurydice_array_to_subslice2(uu____0, (size_t)0U, - Eurydice_slice_len(slice, uint8_t), uint8_t), + Eurydice_array_to_subslice3( + uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *), slice, uint8_t); memcpy(ret, out, (size_t)64U * sizeof(uint8_t)); } -/** -A monomorphic instance of core.result.Result -with types int16_t[16size_t], core_array_TryFromSliceError +typedef struct Eurydice_slice_uint8_t_x4_s { + Eurydice_slice fst; + Eurydice_slice snd; + Eurydice_slice thd; + Eurydice_slice f3; +} Eurydice_slice_uint8_t_x4; -*/ -typedef struct Result_c0_s { - Result_86_tags tag; +typedef struct Eurydice_slice_uint8_t_x2_s { + Eurydice_slice fst; + Eurydice_slice snd; +} Eurydice_slice_uint8_t_x2; + +/** + Unpack an incoming private key into it's different parts. + + We have this here in types to extract into a common core for C. +*/ +/** +A monomorphic instance of libcrux_ml_kem.types.unpack_private_key +with const generics +- CPA_SECRET_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +*/ +static inline Eurydice_slice_uint8_t_x4 +libcrux_ml_kem_types_unpack_private_key_b4(Eurydice_slice private_key) { + Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( + private_key, (size_t)1152U, uint8_t, Eurydice_slice_uint8_t_x2); + Eurydice_slice ind_cpa_secret_key = uu____0.fst; + Eurydice_slice secret_key0 = uu____0.snd; + Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( + secret_key0, (size_t)1184U, uint8_t, Eurydice_slice_uint8_t_x2); + Eurydice_slice ind_cpa_public_key = uu____1.fst; + Eurydice_slice secret_key = uu____1.snd; + Eurydice_slice_uint8_t_x2 uu____2 = Eurydice_slice_split_at( + secret_key, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, + Eurydice_slice_uint8_t_x2); + Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; + Eurydice_slice implicit_rejection_value = uu____2.snd; + return ( + KRML_CLITERAL(Eurydice_slice_uint8_t_x4){.fst = ind_cpa_secret_key, + .snd = ind_cpa_public_key, + .thd = ind_cpa_public_key_hash, + .f3 = implicit_rejection_value}); +} + +/** +This function found in impl {libcrux_secrets::traits::Declassify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint8_t[24size_t] + +*/ +static KRML_MUSTINLINE void +libcrux_secrets_int_public_integers_declassify_d8_d2(uint8_t self[24U], + uint8_t ret[24U]) { + memcpy(ret, self, (size_t)24U * sizeof(uint8_t)); +} + +/** +This function found in impl {libcrux_secrets::traits::Declassify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint8_t[20size_t] + +*/ +static KRML_MUSTINLINE void +libcrux_secrets_int_public_integers_declassify_d8_57(uint8_t self[20U], + uint8_t ret[20U]) { + memcpy(ret, self, (size_t)20U * sizeof(uint8_t)); +} + +/** +This function found in impl {libcrux_secrets::traits::Declassify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint8_t[8size_t] + +*/ +static KRML_MUSTINLINE void +libcrux_secrets_int_public_integers_declassify_d8_76(uint8_t self[8U], + uint8_t ret[8U]) { + memcpy(ret, self, (size_t)8U * sizeof(uint8_t)); +} + +/** +This function found in impl {libcrux_secrets::traits::Declassify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8 +with types uint8_t[2size_t] + +*/ +static KRML_MUSTINLINE void +libcrux_secrets_int_public_integers_declassify_d8_d4(uint8_t self[2U], + uint8_t ret[2U]) { + memcpy(ret, self, (size_t)2U * sizeof(uint8_t)); +} + +/** +This function found in impl {libcrux_secrets::traits::Classify for T} +*/ +/** +A monomorphic instance of libcrux_secrets.int.public_integers.classify_27 +with types int16_t[16size_t] + +*/ +static KRML_MUSTINLINE void libcrux_secrets_int_public_integers_classify_27_46( + int16_t self[16U], int16_t ret[16U]) { + memcpy(ret, self, (size_t)16U * sizeof(int16_t)); +} + +/** +This function found in impl {libcrux_secrets::traits::ClassifyRef<&'a +(@Slice)> for &'a (@Slice)} +*/ +/** +A monomorphic instance of libcrux_secrets.int.classify_public.classify_ref_9b +with types uint8_t + +*/ +static KRML_MUSTINLINE Eurydice_slice +libcrux_secrets_int_classify_public_classify_ref_9b_90(Eurydice_slice self) { + return self; +} + +/** +This function found in impl {libcrux_secrets::traits::ClassifyRef<&'a +(@Slice)> for &'a (@Slice)} +*/ +/** +A monomorphic instance of libcrux_secrets.int.classify_public.classify_ref_9b +with types int16_t + +*/ +static KRML_MUSTINLINE Eurydice_slice +libcrux_secrets_int_classify_public_classify_ref_9b_39(Eurydice_slice self) { + return self; +} + +/** +A monomorphic instance of core.result.Result +with types int16_t[16size_t], core_array_TryFromSliceError + +*/ +typedef struct Result_0a_s { + Result_b2_tags tag; union { int16_t case_Ok[16U]; TryFromSliceError case_Err; } val; -} Result_c0; +} Result_0a; /** -This function found in impl {core::result::Result} +This function found in impl {core::result::Result[TraitClause@0, +TraitClause@1]} */ /** -A monomorphic instance of core.result.unwrap_41 +A monomorphic instance of core.result.unwrap_26 with types int16_t[16size_t], core_array_TryFromSliceError */ -static inline void unwrap_41_f9(Result_c0 self, int16_t ret[16U]) { +static inline void unwrap_26_00(Result_0a self, int16_t ret[16U]) { if (self.tag == Ok) { int16_t f0[16U]; memcpy(f0, self.val.case_Ok, (size_t)16U * sizeof(int16_t)); @@ -712,23 +1448,24 @@ A monomorphic instance of core.result.Result with types uint8_t[8size_t], core_array_TryFromSliceError */ -typedef struct Result_56_s { - Result_86_tags tag; +typedef struct Result_15_s { + Result_b2_tags tag; union { uint8_t case_Ok[8U]; TryFromSliceError case_Err; } val; -} Result_56; +} Result_15; /** -This function found in impl {core::result::Result} +This function found in impl {core::result::Result[TraitClause@0, +TraitClause@1]} */ /** -A monomorphic instance of core.result.unwrap_41 +A monomorphic instance of core.result.unwrap_26 with types uint8_t[8size_t], core_array_TryFromSliceError */ -static inline void unwrap_41_ac(Result_56 self, uint8_t ret[8U]) { +static inline void unwrap_26_68(Result_15 self, uint8_t ret[8U]) { if (self.tag == Ok) { uint8_t f0[8U]; memcpy(f0, self.val.case_Ok, (size_t)8U * sizeof(uint8_t)); @@ -740,39 +1477,30 @@ static inline void unwrap_41_ac(Result_56 self, uint8_t ret[8U]) { } } -typedef struct Eurydice_slice_uint8_t_x2_s { - Eurydice_slice fst; - Eurydice_slice snd; -} Eurydice_slice_uint8_t_x2; - -typedef struct Eurydice_slice_uint8_t_1size_t__x2_s { - Eurydice_slice fst[1U]; - Eurydice_slice snd[1U]; -} Eurydice_slice_uint8_t_1size_t__x2; - #if defined(__cplusplus) } #endif -#define __libcrux_core_H_DEFINED -#endif +#define libcrux_mlkem_core_H_DEFINED +#endif /* libcrux_mlkem_core_H */ -/* from libcrux/libcrux-ml-kem/cg/libcrux_ct_ops.h */ +/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_ct_ops.h */ /* - * SPDX-FileCopyrightText: 2024 Cryspen Sarl + * SPDX-FileCopyrightText: 2025 Cryspen Sarl * * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4 - * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb - * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee + * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7 + * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785 + * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b + * F*: 71d8221589d4d438af3706d89cb653cf53e18aab + * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc */ -#ifndef __libcrux_ct_ops_H -#define __libcrux_ct_ops_H +#ifndef libcrux_ct_ops_H +#define libcrux_ct_ops_H + #if defined(__cplusplus) extern "C" { @@ -782,14 +1510,12 @@ extern "C" { /** Return 1 if `value` is not zero and 0 otherwise. */ -static inline uint8_t libcrux_ml_kem_constant_time_ops_inz(uint8_t value) { +static KRML_NOINLINE uint8_t +libcrux_ml_kem_constant_time_ops_inz(uint8_t value) { uint16_t value0 = (uint16_t)value; - uint16_t result = (((uint32_t)value0 | - (uint32_t)core_num__u16_7__wrapping_add(~value0, 1U)) & - 0xFFFFU) >> - 8U & - 1U; - return (uint8_t)result; + uint8_t result = + (uint8_t)((uint32_t)core_num__u16__wrapping_add(~value0, 1U) >> 8U); + return (uint32_t)result & 1U; } static KRML_NOINLINE uint8_t @@ -801,14 +1527,15 @@ libcrux_ml_kem_constant_time_ops_is_non_zero(uint8_t value) { Return 1 if the bytes of `lhs` and `rhs` do not exactly match and 0 otherwise. */ -static inline uint8_t libcrux_ml_kem_constant_time_ops_compare( +static KRML_NOINLINE uint8_t libcrux_ml_kem_constant_time_ops_compare( Eurydice_slice lhs, Eurydice_slice rhs) { uint8_t r = 0U; for (size_t i = (size_t)0U; i < Eurydice_slice_len(lhs, uint8_t); i++) { size_t i0 = i; - r = (uint32_t)r | - ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) ^ - (uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *)); + uint8_t nr = (uint32_t)r | + ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) ^ + (uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *)); + r = nr; } return libcrux_ml_kem_constant_time_ops_is_non_zero(r); } @@ -823,19 +1550,21 @@ libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( If `selector` is not zero, return the bytes in `rhs`; return the bytes in `lhs` otherwise. */ -static inline void libcrux_ml_kem_constant_time_ops_select_ct( +static KRML_NOINLINE void libcrux_ml_kem_constant_time_ops_select_ct( Eurydice_slice lhs, Eurydice_slice rhs, uint8_t selector, uint8_t ret[32U]) { - uint8_t mask = core_num__u8_6__wrapping_sub( + uint8_t mask = core_num__u8__wrapping_sub( libcrux_ml_kem_constant_time_ops_is_non_zero(selector), 1U); uint8_t out[32U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE; i++) { size_t i0 = i; - out[i0] = ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) & - (uint32_t)mask) | - ((uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *) & - (uint32_t)~mask); + uint8_t outi = + ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) & + (uint32_t)mask) | + ((uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *) & + (uint32_t)~mask); + out[i0] = outi; } memcpy(ret, out, (size_t)32U * sizeof(uint8_t)); } @@ -847,7 +1576,7 @@ libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( libcrux_ml_kem_constant_time_ops_select_ct(lhs, rhs, selector, ret); } -static inline void +static KRML_NOINLINE void libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( Eurydice_slice lhs_c, Eurydice_slice rhs_c, Eurydice_slice lhs_s, Eurydice_slice rhs_s, uint8_t ret[32U]) { @@ -864,2259 +1593,2271 @@ libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_con } #endif -#define __libcrux_ct_ops_H_DEFINED -#endif +#define libcrux_ct_ops_H_DEFINED +#endif /* libcrux_ct_ops_H */ -/* from libcrux/libcrux-ml-kem/cg/libcrux_sha3_portable.h */ +/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_sha3_portable.h */ /* - * SPDX-FileCopyrightText: 2024 Cryspen Sarl + * SPDX-FileCopyrightText: 2025 Cryspen Sarl * * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4 - * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb - * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee + * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7 + * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785 + * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b + * F*: 71d8221589d4d438af3706d89cb653cf53e18aab + * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc */ -#ifndef __libcrux_sha3_portable_H -#define __libcrux_sha3_portable_H +#ifndef libcrux_sha3_portable_H +#define libcrux_sha3_portable_H + #if defined(__cplusplus) extern "C" { #endif -static const uint64_t libcrux_sha3_generic_keccak_ROUNDCONSTANTS[24U] = { - 1ULL, - 32898ULL, - 9223372036854808714ULL, - 9223372039002292224ULL, - 32907ULL, - 2147483649ULL, - 9223372039002292353ULL, - 9223372036854808585ULL, - 138ULL, - 136ULL, - 2147516425ULL, - 2147483658ULL, - 2147516555ULL, - 9223372036854775947ULL, - 9223372036854808713ULL, - 9223372036854808579ULL, - 9223372036854808578ULL, - 9223372036854775936ULL, - 32778ULL, - 9223372039002259466ULL, - 9223372039002292353ULL, - 9223372036854808704ULL, - 2147483649ULL, - 9223372039002292232ULL}; - -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak_zero_5a(void) { +/** +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} +*/ +static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable_zero_d2(void) { return 0ULL; } -static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak__veor5q_u64( +static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable__veor5q_u64( uint64_t a, uint64_t b, uint64_t c, uint64_t d, uint64_t e) { - uint64_t ab = a ^ b; - uint64_t cd = c ^ d; - uint64_t abcd = ab ^ cd; - return abcd ^ e; + return (((a ^ b) ^ c) ^ d) ^ e; } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ -static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak_xor5_5a( +static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable_xor5_d2( uint64_t a, uint64_t b, uint64_t c, uint64_t d, uint64_t e) { - return libcrux_sha3_portable_keccak__veor5q_u64(a, b, c, d, e); + return libcrux_sha3_simd_portable__veor5q_u64(a, b, c, d, e); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 1 - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb(uint64_t x) { - return x << (uint32_t)(int32_t)1 | x >> (uint32_t)(int32_t)63; +libcrux_sha3_simd_portable_rotate_left_76(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)1); } static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vrax1q_u64(uint64_t a, uint64_t b) { +libcrux_sha3_simd_portable__vrax1q_u64(uint64_t a, uint64_t b) { uint64_t uu____0 = a; - return uu____0 ^ libcrux_sha3_portable_keccak_rotate_left_cb(b); + return uu____0 ^ libcrux_sha3_simd_portable_rotate_left_76(b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vrax1q_u64(a, b); +libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vrax1q_u64(a, b); } static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vbcaxq_u64(uint64_t a, uint64_t b, uint64_t c) { +libcrux_sha3_simd_portable__vbcaxq_u64(uint64_t a, uint64_t b, uint64_t c) { return a ^ (b & ~c); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ -static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak_and_not_xor_5a( - uint64_t a, uint64_t b, uint64_t c) { - return libcrux_sha3_portable_keccak__vbcaxq_u64(a, b, c); +static KRML_MUSTINLINE uint64_t +libcrux_sha3_simd_portable_and_not_xor_d2(uint64_t a, uint64_t b, uint64_t c) { + return libcrux_sha3_simd_portable__vbcaxq_u64(a, b, c); } static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__veorq_n_u64(uint64_t a, uint64_t c) { +libcrux_sha3_simd_portable__veorq_n_u64(uint64_t a, uint64_t c) { return a ^ c; } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_constant_5a(uint64_t a, uint64_t c) { - return libcrux_sha3_portable_keccak__veorq_n_u64(a, c); +libcrux_sha3_simd_portable_xor_constant_d2(uint64_t a, uint64_t c) { + return libcrux_sha3_simd_portable__veorq_n_u64(a, c); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ -static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_5a(uint64_t a, uint64_t b) { +static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable_xor_d2(uint64_t a, + uint64_t b) { return a ^ b; } -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_slice_1( - Eurydice_slice a[1U], size_t start, size_t len, Eurydice_slice ret[1U]) { - ret[0U] = Eurydice_slice_subslice2(a[0U], start, start + len, uint8_t); -} +static const uint64_t + libcrux_sha3_generic_keccak_constants_ROUNDCONSTANTS[24U] = { + 1ULL, + 32898ULL, + 9223372036854808714ULL, + 9223372039002292224ULL, + 32907ULL, + 2147483649ULL, + 9223372039002292353ULL, + 9223372036854808585ULL, + 138ULL, + 136ULL, + 2147516425ULL, + 2147483658ULL, + 2147516555ULL, + 9223372036854775947ULL, + 9223372036854808713ULL, + 9223372036854808579ULL, + 9223372036854808578ULL, + 9223372036854775936ULL, + 32778ULL, + 9223372039002259466ULL, + 9223372039002292353ULL, + 9223372036854808704ULL, + 2147483649ULL, + 9223372039002292232ULL}; + +typedef struct size_t_x2_s { + size_t fst; + size_t snd; +} size_t_x2; /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +A monomorphic instance of libcrux_sha3.generic_keccak.KeccakState +with types uint64_t +with const generics +- $1size_t */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_slice_n_5a( - Eurydice_slice a[1U], size_t start, size_t len, Eurydice_slice ret[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_a[1U]; - memcpy(copy_of_a, a, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret0[1U]; - libcrux_sha3_portable_keccak_slice_1(copy_of_a, start, len, ret0); - memcpy(ret, ret0, (size_t)1U * sizeof(Eurydice_slice)); -} - -static KRML_MUSTINLINE Eurydice_slice_uint8_t_1size_t__x2 -libcrux_sha3_portable_keccak_split_at_mut_1(Eurydice_slice out[1U], - size_t mid) { - Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at_mut( - out[0U], mid, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice out00 = uu____0.fst; - Eurydice_slice out01 = uu____0.snd; - Eurydice_slice_uint8_t_1size_t__x2 lit; - lit.fst[0U] = out00; - lit.snd[0U] = out01; - return lit; -} +typedef struct libcrux_sha3_generic_keccak_KeccakState_17_s { + uint64_t st[25U]; +} libcrux_sha3_generic_keccak_KeccakState_17; /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} */ -static KRML_MUSTINLINE Eurydice_slice_uint8_t_1size_t__x2 -libcrux_sha3_portable_keccak_split_at_mut_n_5a(Eurydice_slice a[1U], - size_t mid) { - return libcrux_sha3_portable_keccak_split_at_mut_1(a, mid); -} - /** -A monomorphic instance of libcrux_sha3.generic_keccak.KeccakState +A monomorphic instance of libcrux_sha3.generic_keccak.new_80 with types uint64_t with const generics -- $1size_t +- N= 1 */ -typedef struct libcrux_sha3_generic_keccak_KeccakState_48_s { - uint64_t st[5U][5U]; -} libcrux_sha3_generic_keccak_KeccakState_48; +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 +libcrux_sha3_generic_keccak_new_80_04(void) { + libcrux_sha3_generic_keccak_KeccakState_17 lit; + uint64_t repeat_expression[25U]; + for (size_t i = (size_t)0U; i < (size_t)25U; i++) { + repeat_expression[i] = libcrux_sha3_simd_portable_zero_d2(); + } + memcpy(lit.st, repeat_expression, (size_t)25U * sizeof(uint64_t)); + return lit; +} /** - Create a new Shake128 x4 state. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0]#1} +A monomorphic instance of libcrux_sha3.traits.get_ij +with types uint64_t +with const generics +- N= 1 */ +static KRML_MUSTINLINE uint64_t *libcrux_sha3_traits_get_ij_04(uint64_t *arr, + size_t i, + size_t j) { + return &arr[(size_t)5U * j + i]; +} + /** -A monomorphic instance of libcrux_sha3.generic_keccak.new_1e +A monomorphic instance of libcrux_sha3.traits.set_ij with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 -libcrux_sha3_generic_keccak_new_1e_f4(void) { - libcrux_sha3_generic_keccak_KeccakState_48 lit; - lit.st[0U][0U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[0U][1U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[0U][2U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[0U][3U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[0U][4U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[1U][0U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[1U][1U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[1U][2U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[1U][3U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[1U][4U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[2U][0U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[2U][1U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[2U][2U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[2U][3U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[2U][4U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[3U][0U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[3U][1U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[3U][2U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[3U][3U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[3U][4U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[4U][0U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[4U][1U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[4U][2U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[4U][3U] = libcrux_sha3_portable_keccak_zero_5a(); - lit.st[4U][4U] = libcrux_sha3_portable_keccak_zero_5a(); - return lit; +static KRML_MUSTINLINE void libcrux_sha3_traits_set_ij_04(uint64_t *arr, + size_t i, size_t j, + uint64_t value) { + arr[(size_t)5U * j + i] = value; } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block +A monomorphic instance of libcrux_sha3.simd.portable.load_block with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c( - uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_f8( + uint64_t *state, Eurydice_slice blocks, size_t start) { + uint64_t state_flat[25U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { size_t i0 = i; + size_t offset = start + (size_t)8U * i0; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, - Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, - (size_t)8U * i0 + (size_t)8U, uint8_t), - Eurydice_slice, uint8_t[8U]); - unwrap_41_ac(dst, uu____0); - size_t uu____1 = i0 / (size_t)5U; - size_t uu____2 = i0 % (size_t)5U; - s[uu____1][uu____2] = - s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0); + Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U, + uint8_t *), + Eurydice_slice, uint8_t[8U], TryFromSliceError); + unwrap_26_68(dst, uu____0); + state_flat[i0] = core_num__u64__from_le_bytes(uu____0); + } + for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { + size_t i0 = i; + libcrux_sha3_traits_set_ij_04( + state, i0 / (size_t)5U, i0 % (size_t)5U, + libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U, + i0 % (size_t)5U)[0U] ^ + state_flat[i0]); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1 with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b8( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_b[1U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_2c(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_block_a1_f8( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start) { + libcrux_sha3_simd_portable_load_block_f8(self->st, input[0U], start); +} + +/** +This function found in impl {core::ops::index::Index<(usize, usize), T> for +libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.index_c2 +with types uint64_t +with const generics +- N= 1 +*/ +static inline uint64_t *libcrux_sha3_generic_keccak_index_c2_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self, size_t_x2 index) { + return libcrux_sha3_traits_get_ij_04(self->st, index.fst, index.snd); +} + +/** +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.theta_80 +with types uint64_t +with const generics +- N= 1 +*/ +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self, uint64_t ret[5U]) { + uint64_t c[5U] = { + libcrux_sha3_simd_portable_xor5_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)0U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)0U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)0U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)0U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)0U}))[0U]), + libcrux_sha3_simd_portable_xor5_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)1U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)1U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)1U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)1U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)1U}))[0U]), + libcrux_sha3_simd_portable_xor5_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)2U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)2U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)2U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)2U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)2U}))[0U]), + libcrux_sha3_simd_portable_xor5_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)3U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)3U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)3U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)3U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)3U}))[0U]), + libcrux_sha3_simd_portable_xor5_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)4U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)4U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)4U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)4U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)4U}))[0U])}; + uint64_t uu____0 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2( + c[((size_t)0U + (size_t)4U) % (size_t)5U], + c[((size_t)0U + (size_t)1U) % (size_t)5U]); + uint64_t uu____1 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2( + c[((size_t)1U + (size_t)4U) % (size_t)5U], + c[((size_t)1U + (size_t)1U) % (size_t)5U]); + uint64_t uu____2 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2( + c[((size_t)2U + (size_t)4U) % (size_t)5U], + c[((size_t)2U + (size_t)1U) % (size_t)5U]); + uint64_t uu____3 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2( + c[((size_t)3U + (size_t)4U) % (size_t)5U], + c[((size_t)3U + (size_t)1U) % (size_t)5U]); + ret[0U] = uu____0; + ret[1U] = uu____1; + ret[2U] = uu____2; + ret[3U] = uu____3; + ret[4U] = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2( + c[((size_t)4U + (size_t)4U) % (size_t)5U], + c[((size_t)4U + (size_t)1U) % (size_t)5U]); +} + +/** +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.set_80 +with types uint64_t +with const generics +- N= 1 +*/ +static inline void libcrux_sha3_generic_keccak_set_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self, size_t i, size_t j, + uint64_t v) { + libcrux_sha3_traits_set_ij_04(self->st, i, j, v); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 36 - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb0(uint64_t x) { - return x << (uint32_t)(int32_t)36 | x >> (uint32_t)(int32_t)28; +libcrux_sha3_simd_portable_rotate_left_02(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)36); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 36 - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_42(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb0(ab); +libcrux_sha3_simd_portable__vxarq_u64_02(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_02(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 36 - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_42(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_02(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_02(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 3 - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb1(uint64_t x) { - return x << (uint32_t)(int32_t)3 | x >> (uint32_t)(int32_t)61; +libcrux_sha3_simd_portable_rotate_left_ac(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)3); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 3 - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_420(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb1(ab); +libcrux_sha3_simd_portable__vxarq_u64_ac(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_ac(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 3 - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb0(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_420(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_ac(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_ac(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 41 - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb2(uint64_t x) { - return x << (uint32_t)(int32_t)41 | x >> (uint32_t)(int32_t)23; +libcrux_sha3_simd_portable_rotate_left_020(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)41); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 41 - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_421(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb2(ab); +libcrux_sha3_simd_portable__vxarq_u64_020(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_020(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 41 - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb1(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_421(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_020(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_020(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 18 - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb3(uint64_t x) { - return x << (uint32_t)(int32_t)18 | x >> (uint32_t)(int32_t)46; +libcrux_sha3_simd_portable_rotate_left_a9(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)18); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 18 - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_422(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb3(ab); +libcrux_sha3_simd_portable__vxarq_u64_a9(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_a9(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 18 - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb2(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_422(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_a9(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_a9(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 1 - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_423(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb(ab); +libcrux_sha3_simd_portable__vxarq_u64_76(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_76(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 1 - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb3(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_423(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_76(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_76(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 44 - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb4(uint64_t x) { - return x << (uint32_t)(int32_t)44 | x >> (uint32_t)(int32_t)20; +libcrux_sha3_simd_portable_rotate_left_58(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)44); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 44 - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_424(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb4(ab); +libcrux_sha3_simd_portable__vxarq_u64_58(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_58(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 44 - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb4(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_424(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_58(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_58(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 10 - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb5(uint64_t x) { - return x << (uint32_t)(int32_t)10 | x >> (uint32_t)(int32_t)54; +libcrux_sha3_simd_portable_rotate_left_e0(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)10); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 10 - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_425(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb5(ab); +libcrux_sha3_simd_portable__vxarq_u64_e0(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_e0(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 10 - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb5(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_425(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_e0(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_e0(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 45 - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb6(uint64_t x) { - return x << (uint32_t)(int32_t)45 | x >> (uint32_t)(int32_t)19; +libcrux_sha3_simd_portable_rotate_left_63(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)45); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 45 - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_426(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb6(ab); +libcrux_sha3_simd_portable__vxarq_u64_63(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_63(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 45 - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb6(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_426(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_63(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_63(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 2 - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb7(uint64_t x) { - return x << (uint32_t)(int32_t)2 | x >> (uint32_t)(int32_t)62; +libcrux_sha3_simd_portable_rotate_left_6a(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)2); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 2 - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_427(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb7(ab); +libcrux_sha3_simd_portable__vxarq_u64_6a(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_6a(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 2 - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb7(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_427(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_6a(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_6a(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 62 - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb8(uint64_t x) { - return x << (uint32_t)(int32_t)62 | x >> (uint32_t)(int32_t)2; +libcrux_sha3_simd_portable_rotate_left_ab(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)62); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 62 - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_428(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb8(ab); +libcrux_sha3_simd_portable__vxarq_u64_ab(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_ab(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 62 - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb8(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_428(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_ab(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_ab(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 6 - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb9(uint64_t x) { - return x << (uint32_t)(int32_t)6 | x >> (uint32_t)(int32_t)58; +libcrux_sha3_simd_portable_rotate_left_5b(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)6); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 6 - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_429(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb9(ab); +libcrux_sha3_simd_portable__vxarq_u64_5b(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_5b(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 6 - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb9(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_429(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_5b(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_5b(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 43 - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb10(uint64_t x) { - return x << (uint32_t)(int32_t)43 | x >> (uint32_t)(int32_t)21; +libcrux_sha3_simd_portable_rotate_left_6f(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)43); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 43 - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4210(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb10(ab); +libcrux_sha3_simd_portable__vxarq_u64_6f(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_6f(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 43 - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb10(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4210(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_6f(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_6f(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 15 - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb11(uint64_t x) { - return x << (uint32_t)(int32_t)15 | x >> (uint32_t)(int32_t)49; +libcrux_sha3_simd_portable_rotate_left_62(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)15); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 15 - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4211(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb11(ab); +libcrux_sha3_simd_portable__vxarq_u64_62(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_62(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 15 - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb11(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4211(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_62(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_62(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 61 - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb12(uint64_t x) { - return x << (uint32_t)(int32_t)61 | x >> (uint32_t)(int32_t)3; +libcrux_sha3_simd_portable_rotate_left_23(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)61); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 61 - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4212(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb12(ab); +libcrux_sha3_simd_portable__vxarq_u64_23(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_23(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 61 - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb12(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4212(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_23(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_23(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 28 - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb13(uint64_t x) { - return x << (uint32_t)(int32_t)28 | x >> (uint32_t)(int32_t)36; +libcrux_sha3_simd_portable_rotate_left_37(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)28); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 28 - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4213(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb13(ab); +libcrux_sha3_simd_portable__vxarq_u64_37(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_37(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 28 - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb13(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4213(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_37(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_37(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 55 - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb14(uint64_t x) { - return x << (uint32_t)(int32_t)55 | x >> (uint32_t)(int32_t)9; +libcrux_sha3_simd_portable_rotate_left_bb(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)55); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 55 - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4214(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb14(ab); +libcrux_sha3_simd_portable__vxarq_u64_bb(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_bb(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 55 - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb14(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4214(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_bb(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_bb(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 25 - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb15(uint64_t x) { - return x << (uint32_t)(int32_t)25 | x >> (uint32_t)(int32_t)39; +libcrux_sha3_simd_portable_rotate_left_b9(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)25); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 25 - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4215(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb15(ab); +libcrux_sha3_simd_portable__vxarq_u64_b9(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_b9(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 25 - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb15(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4215(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_b9(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_b9(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 21 - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb16(uint64_t x) { - return x << (uint32_t)(int32_t)21 | x >> (uint32_t)(int32_t)43; +libcrux_sha3_simd_portable_rotate_left_54(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)21); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 21 - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4216(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb16(ab); +libcrux_sha3_simd_portable__vxarq_u64_54(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_54(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 21 - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb16(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4216(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_54(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_54(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 56 - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb17(uint64_t x) { - return x << (uint32_t)(int32_t)56 | x >> (uint32_t)(int32_t)8; +libcrux_sha3_simd_portable_rotate_left_4c(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)56); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 56 - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4217(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb17(ab); +libcrux_sha3_simd_portable__vxarq_u64_4c(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_4c(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 56 - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb17(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4217(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_4c(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_4c(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 27 - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb18(uint64_t x) { - return x << (uint32_t)(int32_t)27 | x >> (uint32_t)(int32_t)37; +libcrux_sha3_simd_portable_rotate_left_ce(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)27); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 27 - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4218(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb18(ab); +libcrux_sha3_simd_portable__vxarq_u64_ce(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_ce(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 27 - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb18(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4218(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_ce(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_ce(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 20 - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb19(uint64_t x) { - return x << (uint32_t)(int32_t)20 | x >> (uint32_t)(int32_t)44; +libcrux_sha3_simd_portable_rotate_left_77(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)20); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 20 - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4219(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb19(ab); +libcrux_sha3_simd_portable__vxarq_u64_77(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_77(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 20 - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb19(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4219(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_77(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_77(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 39 - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb20(uint64_t x) { - return x << (uint32_t)(int32_t)39 | x >> (uint32_t)(int32_t)25; +libcrux_sha3_simd_portable_rotate_left_25(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)39); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 39 - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4220(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb20(ab); +libcrux_sha3_simd_portable__vxarq_u64_25(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_25(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 39 - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb20(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4220(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_25(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_25(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 8 - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb21(uint64_t x) { - return x << (uint32_t)(int32_t)8 | x >> (uint32_t)(int32_t)56; +libcrux_sha3_simd_portable_rotate_left_af(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)8); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 8 - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4221(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb21(ab); +libcrux_sha3_simd_portable__vxarq_u64_af(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_af(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 8 - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb21(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4221(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_af(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_af(a, b); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left +A monomorphic instance of libcrux_sha3.simd.portable.rotate_left with const generics - LEFT= 14 - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_cb22(uint64_t x) { - return x << (uint32_t)(int32_t)14 | x >> (uint32_t)(int32_t)50; +libcrux_sha3_simd_portable_rotate_left_fd(uint64_t x) { + return core_num__u64__rotate_left(x, (uint32_t)(int32_t)14); } /** -A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64 +A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64 with const generics - LEFT= 14 - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_4222(uint64_t a, uint64_t b) { - uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_cb22(ab); +libcrux_sha3_simd_portable__vxarq_u64_fd(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable_rotate_left_fd(a ^ b); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a +A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2 with const generics - LEFT= 14 - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb22(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_4222(a, b); +libcrux_sha3_simd_portable_xor_and_rotate_d2_fd(uint64_t a, uint64_t b) { + return libcrux_sha3_simd_portable__vxarq_u64_fd(a, b); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.theta_rho +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.rho_80 with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_16( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { - uint64_t c[5U] = { - libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][0U], s->st[1U][0U], - s->st[2U][0U], s->st[3U][0U], - s->st[4U][0U]), - libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][1U], s->st[1U][1U], - s->st[2U][1U], s->st[3U][1U], - s->st[4U][1U]), - libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][2U], s->st[1U][2U], - s->st[2U][2U], s->st[3U][2U], - s->st[4U][2U]), - libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][3U], s->st[1U][3U], - s->st[2U][3U], s->st[3U][3U], - s->st[4U][3U]), - libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][4U], s->st[1U][4U], - s->st[2U][4U], s->st[3U][4U], - s->st[4U][4U])}; - uint64_t uu____0 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a( - c[((size_t)0U + (size_t)4U) % (size_t)5U], - c[((size_t)0U + (size_t)1U) % (size_t)5U]); - uint64_t uu____1 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a( - c[((size_t)1U + (size_t)4U) % (size_t)5U], - c[((size_t)1U + (size_t)1U) % (size_t)5U]); - uint64_t uu____2 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a( - c[((size_t)2U + (size_t)4U) % (size_t)5U], - c[((size_t)2U + (size_t)1U) % (size_t)5U]); - uint64_t uu____3 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a( - c[((size_t)3U + (size_t)4U) % (size_t)5U], - c[((size_t)3U + (size_t)1U) % (size_t)5U]); - uint64_t t[5U] = {uu____0, uu____1, uu____2, uu____3, - libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a( - c[((size_t)4U + (size_t)4U) % (size_t)5U], - c[((size_t)4U + (size_t)1U) % (size_t)5U])}; - s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_5a(s->st[0U][0U], t[0U]); - s->st[1U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(s->st[1U][0U], t[0U]); - s->st[2U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb0(s->st[2U][0U], t[0U]); - s->st[3U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb1(s->st[3U][0U], t[0U]); - s->st[4U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb2(s->st[4U][0U], t[0U]); - s->st[0U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb3(s->st[0U][1U], t[1U]); - s->st[1U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb4(s->st[1U][1U], t[1U]); - s->st[2U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb5(s->st[2U][1U], t[1U]); - s->st[3U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb6(s->st[3U][1U], t[1U]); - s->st[4U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb7(s->st[4U][1U], t[1U]); - s->st[0U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb8(s->st[0U][2U], t[2U]); - s->st[1U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb9(s->st[1U][2U], t[2U]); - s->st[2U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb10(s->st[2U][2U], t[2U]); - s->st[3U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb11(s->st[3U][2U], t[2U]); - s->st[4U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb12(s->st[4U][2U], t[2U]); - s->st[0U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb13(s->st[0U][3U], t[3U]); - s->st[1U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb14(s->st[1U][3U], t[3U]); - s->st[2U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb15(s->st[2U][3U], t[3U]); - s->st[3U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb16(s->st[3U][3U], t[3U]); - s->st[4U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb17(s->st[4U][3U], t[3U]); - s->st[0U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb18(s->st[0U][4U], t[4U]); - s->st[1U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb19(s->st[1U][4U], t[4U]); - s->st[2U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb20(s->st[2U][4U], t[4U]); - s->st[3U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb21(s->st[3U][4U], t[4U]); - uint64_t uu____27 = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb22(s->st[4U][4U], t[4U]); - s->st[4U][4U] = uu____27; -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.pi +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_rho_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self, uint64_t t[5U]) { + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)0U, (size_t)0U, + libcrux_sha3_simd_portable_xor_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)0U}))[0U], + t[0U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____0, (size_t)1U, (size_t)0U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_02( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)0U}))[0U], + t[0U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____1 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____1, (size_t)2U, (size_t)0U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_ac( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)0U}))[0U], + t[0U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____2, (size_t)3U, (size_t)0U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_020( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)0U}))[0U], + t[0U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____3 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____3, (size_t)4U, (size_t)0U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_a9( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)0U}))[0U], + t[0U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____4 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____4, (size_t)0U, (size_t)1U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_76( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)1U}))[0U], + t[1U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____5 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____5, (size_t)1U, (size_t)1U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_58( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)1U}))[0U], + t[1U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____6 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____6, (size_t)2U, (size_t)1U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_e0( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)1U}))[0U], + t[1U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____7 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____7, (size_t)3U, (size_t)1U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_63( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)1U}))[0U], + t[1U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____8 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____8, (size_t)4U, (size_t)1U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_6a( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)1U}))[0U], + t[1U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____9 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____9, (size_t)0U, (size_t)2U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_ab( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)2U}))[0U], + t[2U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____10 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____10, (size_t)1U, (size_t)2U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_5b( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)2U}))[0U], + t[2U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____11 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____11, (size_t)2U, (size_t)2U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_6f( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)2U}))[0U], + t[2U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____12 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____12, (size_t)3U, (size_t)2U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_62( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)2U}))[0U], + t[2U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____13 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____13, (size_t)4U, (size_t)2U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_23( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)2U}))[0U], + t[2U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____14 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____14, (size_t)0U, (size_t)3U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_37( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)3U}))[0U], + t[3U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____15 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____15, (size_t)1U, (size_t)3U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_bb( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)3U}))[0U], + t[3U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____16 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____16, (size_t)2U, (size_t)3U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_b9( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)3U}))[0U], + t[3U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____17 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____17, (size_t)3U, (size_t)3U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_54( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)3U}))[0U], + t[3U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____18 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____18, (size_t)4U, (size_t)3U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_4c( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)3U}))[0U], + t[3U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____19 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____19, (size_t)0U, (size_t)4U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_ce( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)4U}))[0U], + t[4U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____20 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____20, (size_t)1U, (size_t)4U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_77( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)4U}))[0U], + t[4U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____21 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____21, (size_t)2U, (size_t)4U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_25( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)4U}))[0U], + t[4U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____22 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____22, (size_t)3U, (size_t)4U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_af( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)4U}))[0U], + t[4U])); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____23 = self; + libcrux_sha3_generic_keccak_set_80_04( + uu____23, (size_t)4U, (size_t)4U, + libcrux_sha3_simd_portable_xor_and_rotate_d2_fd( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)4U}))[0U], + t[4U])); +} + +/** +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.pi_80 with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_1d( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { - uint64_t old[5U][5U]; - memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); - s->st[0U][1U] = old[1U][1U]; - s->st[0U][2U] = old[2U][2U]; - s->st[0U][3U] = old[3U][3U]; - s->st[0U][4U] = old[4U][4U]; - s->st[1U][0U] = old[0U][3U]; - s->st[1U][1U] = old[1U][4U]; - s->st[1U][2U] = old[2U][0U]; - s->st[1U][3U] = old[3U][1U]; - s->st[1U][4U] = old[4U][2U]; - s->st[2U][0U] = old[0U][1U]; - s->st[2U][1U] = old[1U][2U]; - s->st[2U][2U] = old[2U][3U]; - s->st[2U][3U] = old[3U][4U]; - s->st[2U][4U] = old[4U][0U]; - s->st[3U][0U] = old[0U][4U]; - s->st[3U][1U] = old[1U][0U]; - s->st[3U][2U] = old[2U][1U]; - s->st[3U][3U] = old[3U][2U]; - s->st[3U][4U] = old[4U][3U]; - s->st[4U][0U] = old[0U][2U]; - s->st[4U][1U] = old[1U][3U]; - s->st[4U][2U] = old[2U][4U]; - s->st[4U][3U] = old[3U][0U]; - s->st[4U][4U] = old[4U][1U]; -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.chi +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self) { + libcrux_sha3_generic_keccak_KeccakState_17 old = self[0U]; + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)1U, (size_t)0U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)3U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)2U, (size_t)0U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)1U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)3U, (size_t)0U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)4U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)4U, (size_t)0U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)2U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)0U, (size_t)1U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)1U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)1U, (size_t)1U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)4U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)2U, (size_t)1U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)2U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)3U, (size_t)1U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)0U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)4U, (size_t)1U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U, + .snd = (size_t)3U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)0U, (size_t)2U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)2U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)1U, (size_t)2U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)0U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)2U, (size_t)2U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)3U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)3U, (size_t)2U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)1U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)4U, (size_t)2U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U, + .snd = (size_t)4U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)0U, (size_t)3U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)3U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)1U, (size_t)3U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)1U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)2U, (size_t)3U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)4U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)3U, (size_t)3U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)2U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)4U, (size_t)3U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U, + .snd = (size_t)0U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)0U, (size_t)4U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)4U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)1U, (size_t)4U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)2U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)2U, (size_t)4U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)0U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)3U, (size_t)4U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)3U}))[0U]); + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)4U, (size_t)4U, + libcrux_sha3_generic_keccak_index_c2_04( + &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U, + .snd = (size_t)1U}))[0U]); +} + +/** +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.chi_80 with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_12( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { - uint64_t old[5U][5U]; - memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self) { + libcrux_sha3_generic_keccak_KeccakState_17 old = self[0U]; for (size_t i0 = (size_t)0U; i0 < (size_t)5U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)5U; i++) { size_t j = i; - s->st[i1][j] = libcrux_sha3_portable_keccak_and_not_xor_5a( - s->st[i1][j], old[i1][(j + (size_t)2U) % (size_t)5U], - old[i1][(j + (size_t)1U) % (size_t)5U]); + libcrux_sha3_generic_keccak_set_80_04( + self, i1, j, + libcrux_sha3_simd_portable_and_not_xor_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = i1, .snd = j}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + &old, + (KRML_CLITERAL(size_t_x2){ + .fst = i1, .snd = (j + (size_t)2U) % (size_t)5U}))[0U], + libcrux_sha3_generic_keccak_index_c2_04( + &old, + (KRML_CLITERAL(size_t_x2){ + .fst = i1, .snd = (j + (size_t)1U) % (size_t)5U}))[0U])); } } } /** -A monomorphic instance of libcrux_sha3.generic_keccak.iota +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.iota_80 with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_62( - libcrux_sha3_generic_keccak_KeccakState_48 *s, size_t i) { - s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_constant_5a( - s->st[0U][0U], libcrux_sha3_generic_keccak_ROUNDCONSTANTS[i]); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self, size_t i) { + libcrux_sha3_generic_keccak_set_80_04( + self, (size_t)0U, (size_t)0U, + libcrux_sha3_simd_portable_xor_constant_d2( + libcrux_sha3_generic_keccak_index_c2_04( + self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U, + .snd = (size_t)0U}))[0U], + libcrux_sha3_generic_keccak_constants_ROUNDCONSTANTS[i])); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.keccakf1600 +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.keccakf1600_80 with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_21( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_80_04( + libcrux_sha3_generic_keccak_KeccakState_17 *self) { for (size_t i = (size_t)0U; i < (size_t)24U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_theta_rho_16(s); - libcrux_sha3_generic_keccak_pi_1d(s); - libcrux_sha3_generic_keccak_chi_12(s); - libcrux_sha3_generic_keccak_iota_62(s, i0); + uint64_t t[5U]; + libcrux_sha3_generic_keccak_theta_80_04(self, t); + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = self; + uint64_t uu____1[5U]; + memcpy(uu____1, t, (size_t)5U * sizeof(uint64_t)); + libcrux_sha3_generic_keccak_rho_80_04(uu____0, uu____1); + libcrux_sha3_generic_keccak_pi_80_04(self); + libcrux_sha3_generic_keccak_chi_80_04(self); + libcrux_sha3_generic_keccak_iota_80_04(self, i0); } } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80 with types uint64_t with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { - uint64_t(*uu____0)[5U] = s->st; - Eurydice_slice uu____1[1U]; - memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b8(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks, + size_t start) { + libcrux_sha3_simd_portable_load_block_a1_f8(self, blocks, start); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full +A monomorphic instance of libcrux_sha3.simd.portable.load_last with const generics - RATE= 72 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df( - uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_2c(s, buf); +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_96( + uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) { + uint8_t buffer[72U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *), + Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t); + buffer[len] = 6U; + size_t uu____0 = (size_t)72U - (size_t)1U; + buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U; + libcrux_sha3_simd_portable_load_block_f8( + state, Eurydice_array_to_slice((size_t)72U, buffer, uint8_t), (size_t)0U); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1 with const generics - RATE= 72 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d2( - uint64_t (*a)[5U], uint8_t b[1U][200U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_b[1U][200U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_df(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_last_a1_96( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_96(self->st, input[0U], start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80 with types uint64_t with const generics - N= 1 - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c7( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { - size_t last_len = Eurydice_slice_len(last[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - if (last_len > (size_t)0U) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, last_len, uint8_t); - Eurydice_slice_copy(uu____0, last[i0], uint8_t); - } - blocks[i0][last_len] = 6U; - size_t uu____1 = i0; - size_t uu____2 = (size_t)72U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; - } - uint64_t(*uu____3)[5U] = s->st; - uint8_t uu____4[1U][200U]; - memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d2(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_a1_96(self, last, start, len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block +A monomorphic instance of libcrux_sha3.simd.portable.store_block with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_58( - uint64_t (*s)[5U], Eurydice_slice out[1U]) { - for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_f8( + uint64_t *s, Eurydice_slice out, size_t start, size_t len) { + size_t octets = len / (size_t)8U; + for (size_t i = (size_t)0U; i < octets; i++) { size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t); + Eurydice_slice uu____0 = Eurydice_slice_subslice3( + out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U, + uint8_t *); uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret); + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U], + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); } + size_t remaining = len % (size_t)8U; + if (remaining > (size_t)0U) { + Eurydice_slice uu____1 = Eurydice_slice_subslice3( + out, start + len - remaining, start + len, uint8_t *); + uint8_t ret[8U]; + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U, + octets % (size_t)5U)[0U], + ret); + Eurydice_slice_copy( + uu____1, + Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *), + uint8_t); + } } /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full -with const generics -- RATE= 72 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d( - uint64_t (*s)[5U], uint8_t ret[1U][200U]) { - uint8_t out[200U] = {0U}; - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_58(s, buf); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_out[200U]; - memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); - memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Squeeze1 for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13 with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_29( - uint64_t (*a)[5U], uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_2d(a, ret); +static inline void libcrux_sha3_simd_portable_squeeze_13_f8( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start, size_t len) { + libcrux_sha3_simd_portable_store_block_f8(self->st, out, start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last -with types uint64_t +A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1 with const generics -- N= 1 - RATE= 72 +- DELIM= 6 */ -static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_c5( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_29(s->st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { +static inline void libcrux_sha3_generic_keccak_portable_keccak1_96( + Eurydice_slice data, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_80_04(); + size_t data_len = Eurydice_slice_len(data, uint8_t); + for (size_t i = (size_t)0U; i < data_len / (size_t)72U; i++) { size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_block_80_c6(&s, buf, i0 * (size_t)72U); + } + size_t rem = data_len % (size_t)72U; + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e(&s, buf, data_len - rem, rem); + size_t outlen = Eurydice_slice_len(out, uint8_t); + size_t blocks = outlen / (size_t)72U; + size_t last = outlen - outlen % (size_t)72U; + if (blocks == (size_t)0U) { + libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, (size_t)0U, outlen); + } else { + libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, (size_t)0U, (size_t)72U); + for (size_t i = (size_t)1U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, i0 * (size_t)72U, + (size_t)72U); + } + if (last < outlen) { + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, last, outlen - last); + } } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a -with const generics -- RATE= 72 + A portable SHA3 512 implementation. */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_59( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_58(a, b); +static KRML_MUSTINLINE void libcrux_sha3_portable_sha512(Eurydice_slice digest, + Eurydice_slice data) { + libcrux_sha3_generic_keccak_portable_keccak1_96(data, digest); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block -with types uint64_t +A monomorphic instance of libcrux_sha3.simd.portable.load_block with const generics -- N= 1 -- RATE= 72 +- RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_84( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_59(s->st, out); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block -with types uint64_t -with const generics -- N= 1 -- RATE= 72 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(s); - libcrux_sha3_portable_keccak_store_block_5a_59(s->st, out); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last -with types uint64_t -with const generics -- N= 1 -- RATE= 72 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(&s); - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_29(s.st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); - } -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.keccak -with types uint64_t -with const generics -- N= 1 -- RATE= 72 -- DELIM= 6 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e9( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_1e_f4(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)72U; i++) { - size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)72U, - (size_t)72U, ret); - libcrux_sha3_generic_keccak_absorb_block_df(uu____0, ret); - } - size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)72U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_c7(uu____2, ret); - size_t outlen = Eurydice_slice_len(out[0U], uint8_t); - size_t blocks = outlen / (size_t)72U; - size_t last = outlen - outlen % (size_t)72U; - if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_c5(&s, out); - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____4 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)72U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o1[1U]; - memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_84(&s, o0); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____5 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)72U); - Eurydice_slice o[1U]; - memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice orest[1U]; - memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc(&s, o); - memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); - } - } - if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_cf(s, o1); - } - } -} - -/** -A monomorphic instance of libcrux_sha3.portable.keccakx1 -with const generics -- RATE= 72 -- DELIM= 6 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_e9(copy_of_data, out); -} - -/** - A portable SHA3 512 implementation. -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_sha512(Eurydice_slice digest, - Eurydice_slice data) { - Eurydice_slice buf0[1U] = {data}; - Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_ce(buf0, buf); -} - -/** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block -with const generics -- RATE= 136 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c0( - uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_5b( + uint64_t *state, Eurydice_slice blocks, size_t start) { + uint64_t state_flat[25U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { size_t i0 = i; + size_t offset = start + (size_t)8U * i0; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, - Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, - (size_t)8U * i0 + (size_t)8U, uint8_t), - Eurydice_slice, uint8_t[8U]); - unwrap_41_ac(dst, uu____0); - size_t uu____1 = i0 / (size_t)5U; - size_t uu____2 = i0 % (size_t)5U; - s[uu____1][uu____2] = - s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0); + Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U, + uint8_t *), + Eurydice_slice, uint8_t[8U], TryFromSliceError); + unwrap_26_68(dst, uu____0); + state_flat[i0] = core_num__u64__from_le_bytes(uu____0); + } + for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { + size_t i0 = i; + libcrux_sha3_traits_set_ij_04( + state, i0 / (size_t)5U, i0 % (size_t)5U, + libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U, + i0 % (size_t)5U)[0U] ^ + state_flat[i0]); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1 with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b80( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_b[1U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_2c0(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_block_a1_5b( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start) { + libcrux_sha3_simd_portable_load_block_5b(self->st, input[0U], start); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80 with types uint64_t with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df0( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { - uint64_t(*uu____0)[5U] = s->st; - Eurydice_slice uu____1[1U]; - memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b80(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks, + size_t start) { + libcrux_sha3_simd_portable_load_block_a1_5b(self, blocks, start); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full +A monomorphic instance of libcrux_sha3.simd.portable.load_last with const generics - RATE= 136 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df0( - uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_2c0(s, buf); +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_ad( + uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) { + uint8_t buffer[136U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *), + Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t); + buffer[len] = 6U; + size_t uu____0 = (size_t)136U - (size_t)1U; + buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U; + libcrux_sha3_simd_portable_load_block_5b( + state, Eurydice_array_to_slice((size_t)136U, buffer, uint8_t), + (size_t)0U); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1 with const generics - RATE= 136 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d20( - uint64_t (*a)[5U], uint8_t b[1U][200U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_b[1U][200U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_df0(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_last_a1_ad( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_ad(self->st, input[0U], start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80 with types uint64_t with const generics - N= 1 - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c70( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { - size_t last_len = Eurydice_slice_len(last[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - if (last_len > (size_t)0U) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, last_len, uint8_t); - Eurydice_slice_copy(uu____0, last[i0], uint8_t); - } - blocks[i0][last_len] = 6U; - size_t uu____1 = i0; - size_t uu____2 = (size_t)136U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; - } - uint64_t(*uu____3)[5U] = s->st; - uint8_t uu____4[1U][200U]; - memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d20(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e0( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_a1_ad(self, last, start, len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block +A monomorphic instance of libcrux_sha3.simd.portable.store_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_580( - uint64_t (*s)[5U], Eurydice_slice out[1U]) { - for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_5b( + uint64_t *s, Eurydice_slice out, size_t start, size_t len) { + size_t octets = len / (size_t)8U; + for (size_t i = (size_t)0U; i < octets; i++) { size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t); + Eurydice_slice uu____0 = Eurydice_slice_subslice3( + out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U, + uint8_t *); uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret); + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U], + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); } -} - -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full -with const generics -- RATE= 136 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d0( - uint64_t (*s)[5U], uint8_t ret[1U][200U]) { - uint8_t out[200U] = {0U}; - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_580(s, buf); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_out[200U]; - memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); - memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a -with const generics -- RATE= 136 -*/ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_290(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_2d0(a, ret); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last -with types uint64_t -with const generics -- N= 1 -- RATE= 136 -*/ -static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_c50( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_290(s->st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); + size_t remaining = len % (size_t)8U; + if (remaining > (size_t)0U) { + Eurydice_slice uu____1 = Eurydice_slice_subslice3( + out, start + len - remaining, start + len, uint8_t *); + uint8_t ret[8U]; + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U, + octets % (size_t)5U)[0U], + ret); Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + uu____1, + Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *), uint8_t); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a -with const generics -- RATE= 136 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_590( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_580(a, b); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block -with types uint64_t -with const generics -- N= 1 -- RATE= 136 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_840( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_590(s->st, out); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block -with types uint64_t -with const generics -- N= 1 -- RATE= 136 +This function found in impl {libcrux_sha3::traits::Squeeze1 for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc0( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(s); - libcrux_sha3_portable_keccak_store_block_5a_590(s->st, out); -} - /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last -with types uint64_t +A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13 with const generics -- N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf0( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(&s); - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_290(s.st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); - } +static inline void libcrux_sha3_simd_portable_squeeze_13_5b( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start, size_t len) { + libcrux_sha3_simd_portable_store_block_5b(self->st, out, start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.keccak -with types uint64_t +A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1 with const generics -- N= 1 - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e90( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_1e_f4(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { +static inline void libcrux_sha3_generic_keccak_portable_keccak1_ad( + Eurydice_slice data, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_80_04(); + size_t data_len = Eurydice_slice_len(data, uint8_t); + for (size_t i = (size_t)0U; i < data_len / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U, - (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_df0(uu____0, ret); - } - size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_c70(uu____2, ret); - size_t outlen = Eurydice_slice_len(out[0U], uint8_t); + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_block_80_c60(&s, buf, i0 * (size_t)136U); + } + size_t rem = data_len % (size_t)136U; + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e0(&s, buf, data_len - rem, rem); + size_t outlen = Eurydice_slice_len(out, uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_c50(&s, out); + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, outlen); } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____4 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o1[1U]; - memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_840(&s, o0); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____5 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)136U); - Eurydice_slice o[1U]; - memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice orest[1U]; - memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc0(&s, o); - memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); - } + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, (size_t)136U); + for (size_t i = (size_t)1U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, i0 * (size_t)136U, + (size_t)136U); } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_cf0(s, o1); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, last, outlen - last); } } } /** -A monomorphic instance of libcrux_sha3.portable.keccakx1 + A portable SHA3 256 implementation. +*/ +static KRML_MUSTINLINE void libcrux_sha3_portable_sha256(Eurydice_slice digest, + Eurydice_slice data) { + libcrux_sha3_generic_keccak_portable_keccak1_ad(data, digest); +} + +/** +A monomorphic instance of libcrux_sha3.simd.portable.load_last with const generics - RATE= 136 -- DELIM= 6 +- DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce0( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_e90(copy_of_data, out); +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_ad0( + uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) { + uint8_t buffer[136U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *), + Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t); + buffer[len] = 31U; + size_t uu____0 = (size_t)136U - (size_t)1U; + buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U; + libcrux_sha3_simd_portable_load_block_5b( + state, Eurydice_array_to_slice((size_t)136U, buffer, uint8_t), + (size_t)0U); } /** - A portable SHA3 256 implementation. +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE void libcrux_sha3_portable_sha256(Eurydice_slice digest, - Eurydice_slice data) { - Eurydice_slice buf0[1U] = {data}; - Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_ce0(buf0, buf); +/** +A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1 +with const generics +- RATE= 136 +- DELIMITER= 31 +*/ +static inline void libcrux_sha3_simd_portable_load_last_a1_ad0( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_ad0(self->st, input[0U], start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80 with types uint64_t with const generics - N= 1 - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c71( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { - size_t last_len = Eurydice_slice_len(last[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - if (last_len > (size_t)0U) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, last_len, uint8_t); - Eurydice_slice_copy(uu____0, last[i0], uint8_t); - } - blocks[i0][last_len] = 31U; - size_t uu____1 = i0; - size_t uu____2 = (size_t)136U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; - } - uint64_t(*uu____3)[5U] = s->st; - uint8_t uu____4[1U][200U]; - memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d20(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e1( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_a1_ad0(self, last, start, len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.keccak -with types uint64_t +A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1 with const generics -- N= 1 - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e91( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_1e_f4(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { +static inline void libcrux_sha3_generic_keccak_portable_keccak1_ad0( + Eurydice_slice data, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_80_04(); + size_t data_len = Eurydice_slice_len(data, uint8_t); + for (size_t i = (size_t)0U; i < data_len / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U, - (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_df0(uu____0, ret); - } - size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_c71(uu____2, ret); - size_t outlen = Eurydice_slice_len(out[0U], uint8_t); + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_block_80_c60(&s, buf, i0 * (size_t)136U); + } + size_t rem = data_len % (size_t)136U; + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e1(&s, buf, data_len - rem, rem); + size_t outlen = Eurydice_slice_len(out, uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_c50(&s, out); + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, outlen); } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____4 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o1[1U]; - memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_840(&s, o0); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____5 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)136U); - Eurydice_slice o[1U]; - memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice orest[1U]; - memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc0(&s, o); - memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); - } + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, (size_t)136U); + for (size_t i = (size_t)1U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, i0 * (size_t)136U, + (size_t)136U); } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_cf0(s, o1); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, last, outlen - last); } } } -/** -A monomorphic instance of libcrux_sha3.portable.keccakx1 -with const generics -- RATE= 136 -- DELIM= 31 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce1( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_e91(copy_of_data, out); -} - /** A portable SHAKE256 implementation. */ static KRML_MUSTINLINE void libcrux_sha3_portable_shake256( Eurydice_slice digest, Eurydice_slice data) { - Eurydice_slice buf0[1U] = {data}; - Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_ce1(buf0, buf); + libcrux_sha3_generic_keccak_portable_keccak1_ad0(data, digest); } -typedef libcrux_sha3_generic_keccak_KeccakState_48 +typedef libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_KeccakState; /** Create a new SHAKE-128 state object. */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_incremental_shake128_init(void) { - return libcrux_sha3_generic_keccak_new_1e_f4(); + return libcrux_sha3_generic_keccak_new_80_04(); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block +A monomorphic instance of libcrux_sha3.simd.portable.load_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c1( - uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_3a( + uint64_t *state, Eurydice_slice blocks, size_t start) { + uint64_t state_flat[25U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { size_t i0 = i; + size_t offset = start + (size_t)8U * i0; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, - Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, - (size_t)8U * i0 + (size_t)8U, uint8_t), - Eurydice_slice, uint8_t[8U]); - unwrap_41_ac(dst, uu____0); - size_t uu____1 = i0 / (size_t)5U; - size_t uu____2 = i0 % (size_t)5U; - s[uu____1][uu____2] = - s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0); + Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U, + uint8_t *), + Eurydice_slice, uint8_t[8U], TryFromSliceError); + unwrap_26_68(dst, uu____0); + state_flat[i0] = core_num__u64__from_le_bytes(uu____0); + } + for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { + size_t i0 = i; + libcrux_sha3_traits_set_ij_04( + state, i0 / (size_t)5U, i0 % (size_t)5U, + libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U, + i0 % (size_t)5U)[0U] ^ + state_flat[i0]); } } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full +A monomorphic instance of libcrux_sha3.simd.portable.load_last with const generics - RATE= 168 +- DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df1( - uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_2c1(s, buf); +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_c6( + uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) { + uint8_t buffer[168U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *), + Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t); + buffer[len] = 31U; + size_t uu____0 = (size_t)168U - (size_t)1U; + buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U; + libcrux_sha3_simd_portable_load_block_3a( + state, Eurydice_array_to_slice((size_t)168U, buffer, uint8_t), + (size_t)0U); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1 with const generics - RATE= 168 +- DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d21( - uint64_t (*a)[5U], uint8_t b[1U][200U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_b[1U][200U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_df1(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_last_a1_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_c6(self->st, input[0U], start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80 with types uint64_t with const generics - N= 1 - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c72( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { - size_t last_len = Eurydice_slice_len(last[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - if (last_len > (size_t)0U) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, last_len, uint8_t); - Eurydice_slice_copy(uu____0, last[i0], uint8_t); - } - blocks[i0][last_len] = 31U; - size_t uu____1 = i0; - size_t uu____2 = (size_t)168U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; - } - uint64_t(*uu____3)[5U] = s->st; - uint8_t uu____4[1U][200U]; - memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d21(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e2( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_a1_c6(self, last, start, len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** @@ -3124,143 +3865,160 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c72( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data0) { - Eurydice_slice buf[1U] = {data0}; - libcrux_sha3_generic_keccak_absorb_final_c72(s, buf); + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data0) { + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = s; + Eurydice_slice uu____1[1U] = {data0}; + libcrux_sha3_generic_keccak_absorb_final_80_9e2( + uu____0, uu____1, (size_t)0U, Eurydice_slice_len(data0, uint8_t)); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block +A monomorphic instance of libcrux_sha3.simd.portable.store_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_581( - uint64_t (*s)[5U], Eurydice_slice out[1U]) { - for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_3a( + uint64_t *s, Eurydice_slice out, size_t start, size_t len) { + size_t octets = len / (size_t)8U; + for (size_t i = (size_t)0U; i < octets; i++) { size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t); + Eurydice_slice uu____0 = Eurydice_slice_subslice3( + out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U, + uint8_t *); uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret); + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U], + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); } + size_t remaining = len % (size_t)8U; + if (remaining > (size_t)0U) { + Eurydice_slice uu____1 = Eurydice_slice_subslice3( + out, start + len - remaining, start + len, uint8_t *); + uint8_t ret[8U]; + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U, + octets % (size_t)5U)[0U], + ret); + Eurydice_slice_copy( + uu____1, + Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *), + uint8_t); + } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Squeeze1 for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a +A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13 with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_591( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_581(a, b); +static inline void libcrux_sha3_simd_portable_squeeze_13_3a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start, size_t len) { + libcrux_sha3_simd_portable_store_block_3a(self->st, out, start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block -with types uint64_t -with const generics -- N= 1 +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} +*/ +/** +A monomorphic instance of +libcrux_sha3.generic_keccak.portable.squeeze_first_three_blocks_b4 with const +generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc1( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(s); - libcrux_sha3_portable_keccak_store_block_5a_591(s->st, out); +static KRML_MUSTINLINE void +libcrux_sha3_generic_keccak_portable_squeeze_first_three_blocks_b4_3a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out) { + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)0U, (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)168U, + (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)2U * (size_t)168U, + (size_t)168U); } /** - Squeeze another block + Squeeze three blocks */ static KRML_MUSTINLINE void -libcrux_sha3_portable_incremental_shake128_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { - Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, buf); +libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_portable_squeeze_first_three_blocks_b4_3a(s, + out0); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block -with types uint64_t -with const generics -- N= 1 -- RATE= 168 +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_841( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_591(s->st, out); -} - /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_three_blocks -with types uint64_t -with const generics -- N= 1 +A monomorphic instance of +libcrux_sha3.generic_keccak.portable.squeeze_next_block_b4 with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_three_blocks_cc( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - Eurydice_slice_uint8_t_1size_t__x2 uu____0 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o10[1U]; - memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_841(s, o0); - Eurydice_slice_uint8_t_1size_t__x2 uu____1 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U); - Eurydice_slice o1[1U]; - memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o2[1U]; - memcpy(o2, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o1); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o2); +libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_3a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start) { + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, start, (size_t)168U); } /** - Squeeze three blocks + Squeeze another block */ static KRML_MUSTINLINE void -libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { - Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_cc(s, buf); +libcrux_sha3_portable_incremental_shake128_squeeze_next_block( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_3a(s, out0, + (size_t)0U); } -#define libcrux_sha3_Sha224 0 -#define libcrux_sha3_Sha256 1 -#define libcrux_sha3_Sha384 2 -#define libcrux_sha3_Sha512 3 +#define libcrux_sha3_Algorithm_Sha224 1 +#define libcrux_sha3_Algorithm_Sha256 2 +#define libcrux_sha3_Algorithm_Sha384 3 +#define libcrux_sha3_Algorithm_Sha512 4 typedef uint8_t libcrux_sha3_Algorithm; +typedef uint8_t libcrux_sha3_Sha3_224Digest[28U]; + +typedef uint8_t libcrux_sha3_Sha3_256Digest[32U]; + +typedef uint8_t libcrux_sha3_Sha3_384Digest[48U]; + +typedef uint8_t libcrux_sha3_Sha3_512Digest[64U]; + /** Returns the output size of a digest. */ static inline size_t libcrux_sha3_digest_size(libcrux_sha3_Algorithm mode) { - size_t uu____0; switch (mode) { - case libcrux_sha3_Sha224: { - uu____0 = (size_t)28U; + case libcrux_sha3_Algorithm_Sha224: { break; } - case libcrux_sha3_Sha256: { - uu____0 = (size_t)32U; - break; + case libcrux_sha3_Algorithm_Sha256: { + return (size_t)32U; } - case libcrux_sha3_Sha384: { - uu____0 = (size_t)48U; - break; + case libcrux_sha3_Algorithm_Sha384: { + return (size_t)48U; } - case libcrux_sha3_Sha512: { - uu____0 = (size_t)64U; - break; + case libcrux_sha3_Algorithm_Sha512: { + return (size_t)64U; } default: { KRML_HOST_EPRINTF("KaRaMeL incomplete match at %s:%d\n", __FILE__, @@ -3268,725 +4026,453 @@ static inline size_t libcrux_sha3_digest_size(libcrux_sha3_Algorithm mode) { KRML_HOST_EXIT(253U); } } - return uu____0; + return (size_t)28U; } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block +A monomorphic instance of libcrux_sha3.simd.portable.load_block with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c2( - uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_2c( + uint64_t *state, Eurydice_slice blocks, size_t start) { + uint64_t state_flat[25U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { size_t i0 = i; + size_t offset = start + (size_t)8U * i0; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, - Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, - (size_t)8U * i0 + (size_t)8U, uint8_t), - Eurydice_slice, uint8_t[8U]); - unwrap_41_ac(dst, uu____0); - size_t uu____1 = i0 / (size_t)5U; - size_t uu____2 = i0 % (size_t)5U; - s[uu____1][uu____2] = - s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0); + Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U, + uint8_t *), + Eurydice_slice, uint8_t[8U], TryFromSliceError); + unwrap_26_68(dst, uu____0); + state_flat[i0] = core_num__u64__from_le_bytes(uu____0); + } + for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { + size_t i0 = i; + libcrux_sha3_traits_set_ij_04( + state, i0 / (size_t)5U, i0 % (size_t)5U, + libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U, + i0 % (size_t)5U)[0U] ^ + state_flat[i0]); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1 with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b81( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_b[1U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_2c2(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_block_a1_2c( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start) { + libcrux_sha3_simd_portable_load_block_2c(self->st, input[0U], start); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80 with types uint64_t with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df1( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { - uint64_t(*uu____0)[5U] = s->st; - Eurydice_slice uu____1[1U]; - memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b81(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks, + size_t start) { + libcrux_sha3_simd_portable_load_block_a1_2c(self, blocks, start); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full +A monomorphic instance of libcrux_sha3.simd.portable.load_last with const generics - RATE= 144 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df2( - uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_2c2(s, buf); +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_1e( + uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) { + uint8_t buffer[144U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *), + Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t); + buffer[len] = 6U; + size_t uu____0 = (size_t)144U - (size_t)1U; + buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U; + libcrux_sha3_simd_portable_load_block_2c( + state, Eurydice_array_to_slice((size_t)144U, buffer, uint8_t), + (size_t)0U); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1 with const generics - RATE= 144 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d22( - uint64_t (*a)[5U], uint8_t b[1U][200U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_b[1U][200U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_df2(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_last_a1_1e( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_1e(self->st, input[0U], start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80 with types uint64_t with const generics - N= 1 - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c73( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { - size_t last_len = Eurydice_slice_len(last[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - if (last_len > (size_t)0U) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, last_len, uint8_t); - Eurydice_slice_copy(uu____0, last[i0], uint8_t); - } - blocks[i0][last_len] = 6U; - size_t uu____1 = i0; - size_t uu____2 = (size_t)144U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; - } - uint64_t(*uu____3)[5U] = s->st; - uint8_t uu____4[1U][200U]; - memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d22(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e3( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_a1_1e(self, last, start, len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block +A monomorphic instance of libcrux_sha3.simd.portable.store_block with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_582( - uint64_t (*s)[5U], Eurydice_slice out[1U]) { - for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_2c( + uint64_t *s, Eurydice_slice out, size_t start, size_t len) { + size_t octets = len / (size_t)8U; + for (size_t i = (size_t)0U; i < octets; i++) { size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t); + Eurydice_slice uu____0 = Eurydice_slice_subslice3( + out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U, + uint8_t *); uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret); + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U], + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); } -} - -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full -with const generics -- RATE= 144 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d1( - uint64_t (*s)[5U], uint8_t ret[1U][200U]) { - uint8_t out[200U] = {0U}; - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_582(s, buf); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_out[200U]; - memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); - memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a -with const generics -- RATE= 144 -*/ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_291(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_2d1(a, ret); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last -with types uint64_t -with const generics -- N= 1 -- RATE= 144 -*/ -static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_c51( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_291(s->st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); + size_t remaining = len % (size_t)8U; + if (remaining > (size_t)0U) { + Eurydice_slice uu____1 = Eurydice_slice_subslice3( + out, start + len - remaining, start + len, uint8_t *); + uint8_t ret[8U]; + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U, + octets % (size_t)5U)[0U], + ret); Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + uu____1, + Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *), uint8_t); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a -with const generics -- RATE= 144 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_592( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_582(a, b); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block -with types uint64_t -with const generics -- N= 1 -- RATE= 144 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_842( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_592(s->st, out); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block -with types uint64_t -with const generics -- N= 1 -- RATE= 144 +This function found in impl {libcrux_sha3::traits::Squeeze1 for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc2( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(s); - libcrux_sha3_portable_keccak_store_block_5a_592(s->st, out); -} - /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last -with types uint64_t +A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13 with const generics -- N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf1( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(&s); - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_291(s.st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); - } +static inline void libcrux_sha3_simd_portable_squeeze_13_2c( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start, size_t len) { + libcrux_sha3_simd_portable_store_block_2c(self->st, out, start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.keccak -with types uint64_t +A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1 with const generics -- N= 1 - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e92( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_1e_f4(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)144U; i++) { +static inline void libcrux_sha3_generic_keccak_portable_keccak1_1e( + Eurydice_slice data, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_80_04(); + size_t data_len = Eurydice_slice_len(data, uint8_t); + for (size_t i = (size_t)0U; i < data_len / (size_t)144U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)144U, - (size_t)144U, ret); - libcrux_sha3_generic_keccak_absorb_block_df1(uu____0, ret); - } - size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)144U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_c73(uu____2, ret); - size_t outlen = Eurydice_slice_len(out[0U], uint8_t); + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_block_80_c61(&s, buf, i0 * (size_t)144U); + } + size_t rem = data_len % (size_t)144U; + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e3(&s, buf, data_len - rem, rem); + size_t outlen = Eurydice_slice_len(out, uint8_t); size_t blocks = outlen / (size_t)144U; size_t last = outlen - outlen % (size_t)144U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_c51(&s, out); + libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, (size_t)0U, outlen); } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____4 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)144U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o1[1U]; - memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_842(&s, o0); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____5 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)144U); - Eurydice_slice o[1U]; - memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice orest[1U]; - memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc2(&s, o); - memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); - } + libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, (size_t)0U, (size_t)144U); + for (size_t i = (size_t)1U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, i0 * (size_t)144U, + (size_t)144U); } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_cf1(s, o1); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, last, outlen - last); } } } -/** -A monomorphic instance of libcrux_sha3.portable.keccakx1 -with const generics -- RATE= 144 -- DELIM= 6 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce2( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_e92(copy_of_data, out); -} - /** A portable SHA3 224 implementation. */ static KRML_MUSTINLINE void libcrux_sha3_portable_sha224(Eurydice_slice digest, Eurydice_slice data) { - Eurydice_slice buf0[1U] = {data}; - Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_ce2(buf0, buf); + libcrux_sha3_generic_keccak_portable_keccak1_1e(data, digest); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block +A monomorphic instance of libcrux_sha3.simd.portable.load_block with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c3( - uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_7a( + uint64_t *state, Eurydice_slice blocks, size_t start) { + uint64_t state_flat[25U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { size_t i0 = i; + size_t offset = start + (size_t)8U * i0; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, - Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, - (size_t)8U * i0 + (size_t)8U, uint8_t), - Eurydice_slice, uint8_t[8U]); - unwrap_41_ac(dst, uu____0); - size_t uu____1 = i0 / (size_t)5U; - size_t uu____2 = i0 % (size_t)5U; - s[uu____1][uu____2] = - s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0); + Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U, + uint8_t *), + Eurydice_slice, uint8_t[8U], TryFromSliceError); + unwrap_26_68(dst, uu____0); + state_flat[i0] = core_num__u64__from_le_bytes(uu____0); + } + for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { + size_t i0 = i; + libcrux_sha3_traits_set_ij_04( + state, i0 / (size_t)5U, i0 % (size_t)5U, + libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U, + i0 % (size_t)5U)[0U] ^ + state_flat[i0]); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1 with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b82( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_b[1U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_2c3(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_block_a1_7a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start) { + libcrux_sha3_simd_portable_load_block_7a(self->st, input[0U], start); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80 with types uint64_t with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df2( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { - uint64_t(*uu____0)[5U] = s->st; - Eurydice_slice uu____1[1U]; - memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b82(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks, + size_t start) { + libcrux_sha3_simd_portable_load_block_a1_7a(self, blocks, start); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full +A monomorphic instance of libcrux_sha3.simd.portable.load_last with const generics - RATE= 104 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df3( - uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_2c3(s, buf); +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_7c( + uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) { + uint8_t buffer[104U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *), + Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t); + buffer[len] = 6U; + size_t uu____0 = (size_t)104U - (size_t)1U; + buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U; + libcrux_sha3_simd_portable_load_block_7a( + state, Eurydice_array_to_slice((size_t)104U, buffer, uint8_t), + (size_t)0U); } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1 with const generics - RATE= 104 +- DELIMITER= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d23( - uint64_t (*a)[5U], uint8_t b[1U][200U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_b[1U][200U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_df3(uu____0, copy_of_b); +static inline void libcrux_sha3_simd_portable_load_last_a1_7c( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_7c(self->st, input[0U], start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80 with types uint64_t with const generics - N= 1 - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c74( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { - size_t last_len = Eurydice_slice_len(last[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - if (last_len > (size_t)0U) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, last_len, uint8_t); - Eurydice_slice_copy(uu____0, last[i0], uint8_t); - } - blocks[i0][last_len] = 6U; - size_t uu____1 = i0; - size_t uu____2 = (size_t)104U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; - } - uint64_t(*uu____3)[5U] = s->st; - uint8_t uu____4[1U][200U]; - memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d23(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_21(s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e4( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last, + size_t start, size_t len) { + libcrux_sha3_simd_portable_load_last_a1_7c(self, last, start, len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block +A monomorphic instance of libcrux_sha3.simd.portable.store_block with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_583( - uint64_t (*s)[5U], Eurydice_slice out[1U]) { - for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { +static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_7a( + uint64_t *s, Eurydice_slice out, size_t start, size_t len) { + size_t octets = len / (size_t)8U; + for (size_t i = (size_t)0U; i < octets; i++) { size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t); + Eurydice_slice uu____0 = Eurydice_slice_subslice3( + out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U, + uint8_t *); uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret); + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U], + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); } -} - -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full -with const generics -- RATE= 104 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d2( - uint64_t (*s)[5U], uint8_t ret[1U][200U]) { - uint8_t out[200U] = {0U}; - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_583(s, buf); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_out[200U]; - memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); - memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a -with const generics -- RATE= 104 -*/ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_292(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_2d2(a, ret); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last -with types uint64_t -with const generics -- N= 1 -- RATE= 104 -*/ -static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_c52( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_292(s->st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); + size_t remaining = len % (size_t)8U; + if (remaining > (size_t)0U) { + Eurydice_slice uu____1 = Eurydice_slice_subslice3( + out, start + len - remaining, start + len, uint8_t *); + uint8_t ret[8U]; + core_num__u64__to_le_bytes( + libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U, + octets % (size_t)5U)[0U], + ret); Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + uu____1, + Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *), uint8_t); } } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a -with const generics -- RATE= 104 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_593( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_583(a, b); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block -with types uint64_t -with const generics -- N= 1 -- RATE= 104 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_843( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_593(s->st, out); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block -with types uint64_t -with const generics -- N= 1 -- RATE= 104 +This function found in impl {libcrux_sha3::traits::Squeeze1 for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc3( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(s); - libcrux_sha3_portable_keccak_store_block_5a_593(s->st, out); -} - /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last -with types uint64_t +A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13 with const generics -- N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf2( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(&s); - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_292(s.st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); - } +static inline void libcrux_sha3_simd_portable_squeeze_13_7a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start, size_t len) { + libcrux_sha3_simd_portable_store_block_7a(self->st, out, start, len); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.keccak -with types uint64_t +A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1 with const generics -- N= 1 - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e93( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_1e_f4(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)104U; i++) { +static inline void libcrux_sha3_generic_keccak_portable_keccak1_7c( + Eurydice_slice data, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_80_04(); + size_t data_len = Eurydice_slice_len(data, uint8_t); + for (size_t i = (size_t)0U; i < data_len / (size_t)104U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)104U, - (size_t)104U, ret); - libcrux_sha3_generic_keccak_absorb_block_df2(uu____0, ret); - } - size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)104U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_c74(uu____2, ret); - size_t outlen = Eurydice_slice_len(out[0U], uint8_t); + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_block_80_c62(&s, buf, i0 * (size_t)104U); + } + size_t rem = data_len % (size_t)104U; + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e4(&s, buf, data_len - rem, rem); + size_t outlen = Eurydice_slice_len(out, uint8_t); size_t blocks = outlen / (size_t)104U; size_t last = outlen - outlen % (size_t)104U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_c52(&s, out); + libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, (size_t)0U, outlen); } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____4 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)104U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o1[1U]; - memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_843(&s, o0); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____5 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)104U); - Eurydice_slice o[1U]; - memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice orest[1U]; - memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc3(&s, o); - memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); - } + libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, (size_t)0U, (size_t)104U); + for (size_t i = (size_t)1U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, i0 * (size_t)104U, + (size_t)104U); } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_cf2(s, o1); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, last, outlen - last); } } } -/** -A monomorphic instance of libcrux_sha3.portable.keccakx1 -with const generics -- RATE= 104 -- DELIM= 6 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce3( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_e93(copy_of_data, out); -} - /** A portable SHA3 384 implementation. */ static KRML_MUSTINLINE void libcrux_sha3_portable_sha384(Eurydice_slice digest, Eurydice_slice data) { - Eurydice_slice buf0[1U] = {data}; - Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_ce3(buf0, buf); + libcrux_sha3_generic_keccak_portable_keccak1_7c(data, digest); } /** @@ -3995,16 +4481,15 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha384(Eurydice_slice digest, Preconditions: - `digest.len() == 28` */ -static KRML_MUSTINLINE void libcrux_sha3_sha224_ema(Eurydice_slice digest, - Eurydice_slice payload) { +static inline void libcrux_sha3_sha224_ema(Eurydice_slice digest, + Eurydice_slice payload) { libcrux_sha3_portable_sha224(digest, payload); } /** SHA3 224 */ -static KRML_MUSTINLINE void libcrux_sha3_sha224(Eurydice_slice data, - uint8_t ret[28U]) { +static inline void libcrux_sha3_sha224(Eurydice_slice data, uint8_t ret[28U]) { uint8_t out[28U] = {0U}; libcrux_sha3_sha224_ema(Eurydice_array_to_slice((size_t)28U, out, uint8_t), data); @@ -4014,16 +4499,15 @@ static KRML_MUSTINLINE void libcrux_sha3_sha224(Eurydice_slice data, /** SHA3 256 */ -static KRML_MUSTINLINE void libcrux_sha3_sha256_ema(Eurydice_slice digest, - Eurydice_slice payload) { +static inline void libcrux_sha3_sha256_ema(Eurydice_slice digest, + Eurydice_slice payload) { libcrux_sha3_portable_sha256(digest, payload); } /** SHA3 256 */ -static KRML_MUSTINLINE void libcrux_sha3_sha256(Eurydice_slice data, - uint8_t ret[32U]) { +static inline void libcrux_sha3_sha256(Eurydice_slice data, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; libcrux_sha3_sha256_ema(Eurydice_array_to_slice((size_t)32U, out, uint8_t), data); @@ -4033,16 +4517,15 @@ static KRML_MUSTINLINE void libcrux_sha3_sha256(Eurydice_slice data, /** SHA3 384 */ -static KRML_MUSTINLINE void libcrux_sha3_sha384_ema(Eurydice_slice digest, - Eurydice_slice payload) { +static inline void libcrux_sha3_sha384_ema(Eurydice_slice digest, + Eurydice_slice payload) { libcrux_sha3_portable_sha384(digest, payload); } /** SHA3 384 */ -static KRML_MUSTINLINE void libcrux_sha3_sha384(Eurydice_slice data, - uint8_t ret[48U]) { +static inline void libcrux_sha3_sha384(Eurydice_slice data, uint8_t ret[48U]) { uint8_t out[48U] = {0U}; libcrux_sha3_sha384_ema(Eurydice_array_to_slice((size_t)48U, out, uint8_t), data); @@ -4052,16 +4535,15 @@ static KRML_MUSTINLINE void libcrux_sha3_sha384(Eurydice_slice data, /** SHA3 512 */ -static KRML_MUSTINLINE void libcrux_sha3_sha512_ema(Eurydice_slice digest, - Eurydice_slice payload) { +static inline void libcrux_sha3_sha512_ema(Eurydice_slice digest, + Eurydice_slice payload) { libcrux_sha3_portable_sha512(digest, payload); } /** SHA3 512 */ -static KRML_MUSTINLINE void libcrux_sha3_sha512(Eurydice_slice data, - uint8_t ret[64U]) { +static inline void libcrux_sha3_sha512(Eurydice_slice data, uint8_t ret[64U]) { uint8_t out[64U] = {0U}; libcrux_sha3_sha512_ema(Eurydice_array_to_slice((size_t)64U, out, uint8_t), data); @@ -4069,220 +4551,85 @@ static KRML_MUSTINLINE void libcrux_sha3_sha512(Eurydice_slice data, } /** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a -with const generics -- RATE= 168 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b83( - uint64_t (*a)[5U], Eurydice_slice b[1U]) { - uint64_t(*uu____0)[5U] = a; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_b[1U]; - memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_2c1(uu____0, copy_of_b); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block -with types uint64_t -with const generics -- N= 1 -- RATE= 168 -*/ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df3( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { - uint64_t(*uu____0)[5U] = s->st; - Eurydice_slice uu____1[1U]; - memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b83(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_21(s); -} - -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full -with const generics -- RATE= 168 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d3( - uint64_t (*s)[5U], uint8_t ret[1U][200U]) { - uint8_t out[200U] = {0U}; - Eurydice_slice buf[1U] = { - Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_581(s, buf); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_out[200U]; - memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); - memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} +This function found in impl {libcrux_sha3::traits::Absorb<1usize> for +libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ /** -A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a +A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1 with const generics - RATE= 168 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_293(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_2d3(a, ret); +static inline void libcrux_sha3_simd_portable_load_block_a1_3a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input, + size_t start) { + libcrux_sha3_simd_portable_load_block_3a(self->st, input[0U], start); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last -with types uint64_t -with const generics -- N= 1 -- RATE= 168 +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[TraitClause@0, TraitClause@1]} */ -static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_c53( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_293(s->st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); - } -} - /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last +A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80 with types uint64_t with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf3( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_21(&s); - uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_293(s.st, b); - for (size_t i = (size_t)0U; i < (size_t)1U; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; - uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; - lit.start = (size_t)0U; - lit.end = Eurydice_slice_len(out[i0], uint8_t); - Eurydice_slice_copy( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), - uint8_t); - } +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks, + size_t start) { + libcrux_sha3_simd_portable_load_block_a1_3a(self, blocks, start); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.keccak -with types uint64_t +A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1 with const generics -- N= 1 - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e94( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_1e_f4(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)168U; i++) { +static inline void libcrux_sha3_generic_keccak_portable_keccak1_c6( + Eurydice_slice data, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_80_04(); + size_t data_len = Eurydice_slice_len(data, uint8_t); + for (size_t i = (size_t)0U; i < data_len / (size_t)168U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)168U, - (size_t)168U, ret); - libcrux_sha3_generic_keccak_absorb_block_df3(uu____0, ret); - } - size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)168U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_c72(uu____2, ret); - size_t outlen = Eurydice_slice_len(out[0U], uint8_t); + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_block_80_c63(&s, buf, i0 * (size_t)168U); + } + size_t rem = data_len % (size_t)168U; + Eurydice_slice buf[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e2(&s, buf, data_len - rem, rem); + size_t outlen = Eurydice_slice_len(out, uint8_t); size_t blocks = outlen / (size_t)168U; size_t last = outlen - outlen % (size_t)168U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_c53(&s, out); + libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, (size_t)0U, outlen); } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____4 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o1[1U]; - memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_841(&s, o0); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____5 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)168U); - Eurydice_slice o[1U]; - memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice orest[1U]; - memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(&s, o); - memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); - } + libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, (size_t)0U, (size_t)168U); + for (size_t i = (size_t)1U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, i0 * (size_t)168U, + (size_t)168U); } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_cf3(s, o1); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&s); + libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, last, outlen - last); } } } -/** -A monomorphic instance of libcrux_sha3.portable.keccakx1 -with const generics -- RATE= 168 -- DELIM= 31 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce4( - Eurydice_slice data[1U], Eurydice_slice out[1U]) { - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_data[1U]; - memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_e94(copy_of_data, out); -} - /** A portable SHAKE128 implementation. */ static KRML_MUSTINLINE void libcrux_sha3_portable_shake128( Eurydice_slice digest, Eurydice_slice data) { - Eurydice_slice buf0[1U] = {data}; - Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_ce4(buf0, buf); + libcrux_sha3_generic_keccak_portable_keccak1_c6(data, digest); } /** @@ -4290,8 +4637,8 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_shake128( Writes `out.len()` bytes. */ -static KRML_MUSTINLINE void libcrux_sha3_shake128_ema(Eurydice_slice out, - Eurydice_slice data) { +static inline void libcrux_sha3_shake128_ema(Eurydice_slice out, + Eurydice_slice data) { libcrux_sha3_portable_shake128(out, data); } @@ -4300,208 +4647,113 @@ static KRML_MUSTINLINE void libcrux_sha3_shake128_ema(Eurydice_slice out, Writes `out.len()` bytes. */ -static KRML_MUSTINLINE void libcrux_sha3_shake256_ema(Eurydice_slice out, - Eurydice_slice data) { +static inline void libcrux_sha3_shake256_ema(Eurydice_slice out, + Eurydice_slice data) { libcrux_sha3_portable_shake256(out, data); } -static const size_t libcrux_sha3_generic_keccak__PI[24U] = { - (size_t)6U, (size_t)12U, (size_t)18U, (size_t)24U, (size_t)3U, - (size_t)9U, (size_t)10U, (size_t)16U, (size_t)22U, (size_t)1U, - (size_t)7U, (size_t)13U, (size_t)19U, (size_t)20U, (size_t)4U, - (size_t)5U, (size_t)11U, (size_t)17U, (size_t)23U, (size_t)2U, - (size_t)8U, (size_t)14U, (size_t)15U, (size_t)21U}; - -static const size_t libcrux_sha3_generic_keccak__ROTC[24U] = { - (size_t)1U, (size_t)62U, (size_t)28U, (size_t)27U, (size_t)36U, - (size_t)44U, (size_t)6U, (size_t)55U, (size_t)20U, (size_t)3U, - (size_t)10U, (size_t)43U, (size_t)25U, (size_t)39U, (size_t)41U, - (size_t)45U, (size_t)15U, (size_t)21U, (size_t)8U, (size_t)18U, - (size_t)2U, (size_t)61U, (size_t)56U, (size_t)14U}; - /** - A portable SHA3 224 implementation. +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} +*/ +/** +A monomorphic instance of +libcrux_sha3.generic_keccak.portable.squeeze_first_five_blocks_b4 with const +generics +- RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_neon_sha224(Eurydice_slice digest, - Eurydice_slice data) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); +static KRML_MUSTINLINE void +libcrux_sha3_generic_keccak_portable_squeeze_first_five_blocks_b4_3a( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out) { + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)0U, (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)168U, + (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)2U * (size_t)168U, + (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)3U * (size_t)168U, + (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)4U * (size_t)168U, + (size_t)168U); } /** - A portable SHA3 256 implementation. + Squeeze five blocks */ -static KRML_MUSTINLINE void libcrux_sha3_neon_sha256(Eurydice_slice digest, - Eurydice_slice data) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); +static KRML_MUSTINLINE void +libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_portable_squeeze_first_five_blocks_b4_3a(s, out0); } /** - A portable SHA3 384 implementation. + Absorb some data for SHAKE-256 for the last time */ -static KRML_MUSTINLINE void libcrux_sha3_neon_sha384(Eurydice_slice digest, - Eurydice_slice data) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); +static KRML_MUSTINLINE void +libcrux_sha3_portable_incremental_shake256_absorb_final( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data) { + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = s; + Eurydice_slice uu____1[1U] = {data}; + libcrux_sha3_generic_keccak_absorb_final_80_9e1( + uu____0, uu____1, (size_t)0U, Eurydice_slice_len(data, uint8_t)); } /** - A portable SHA3 512 implementation. + Create a new SHAKE-256 state object. */ -static KRML_MUSTINLINE void libcrux_sha3_neon_sha512(Eurydice_slice digest, - Eurydice_slice data) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 +libcrux_sha3_portable_incremental_shake256_init(void) { + return libcrux_sha3_generic_keccak_new_80_04(); } /** - Run SHAKE256 on both inputs in parallel. - - Writes the two results into `out0` and `out1` -*/ -static KRML_MUSTINLINE void libcrux_sha3_neon_x2_shake256(Eurydice_slice input0, - Eurydice_slice input1, - Eurydice_slice out0, - Eurydice_slice out1) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); -} - -typedef struct libcrux_sha3_neon_x2_incremental_KeccakState_s { - libcrux_sha3_generic_keccak_KeccakState_48 state[2U]; -} libcrux_sha3_neon_x2_incremental_KeccakState; - -/** - Initialise the `KeccakState2`. -*/ -static KRML_MUSTINLINE libcrux_sha3_neon_x2_incremental_KeccakState -libcrux_sha3_neon_x2_incremental_shake128_init(void) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); -} - -/** - Shake128 absorb `data0` and `data1` in the [`KeccakState`] `s`. -*/ -static KRML_MUSTINLINE void -libcrux_sha3_neon_x2_incremental_shake128_absorb_final( - libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice data0, - Eurydice_slice data1) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); -} - -/** - Squeeze 2 times the first three blocks in parallel in the - [`KeccakState`] and return the output in `out0` and `out1`. -*/ -static KRML_MUSTINLINE void -libcrux_sha3_neon_x2_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, - Eurydice_slice out1) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); -} - -/** - Squeeze 2 times the next block in parallel in the - [`KeccakState`] and return the output in `out0` and `out1`. -*/ -static KRML_MUSTINLINE void -libcrux_sha3_neon_x2_incremental_shake128_squeeze_next_block( - libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, - Eurydice_slice out1) { - KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, - "panic!"); - KRML_HOST_EXIT(255U); -} - -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_five_blocks -with types uint64_t -with const generics -- N= 1 -- RATE= 168 +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_five_blocks_4f( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - Eurydice_slice_uint8_t_1size_t__x2 uu____0 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); - Eurydice_slice o0[1U]; - memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o10[1U]; - memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_841(s, o0); - Eurydice_slice_uint8_t_1size_t__x2 uu____1 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U); - Eurydice_slice o1[1U]; - memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o20[1U]; - memcpy(o20, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o1); - Eurydice_slice_uint8_t_1size_t__x2 uu____2 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o20, (size_t)168U); - Eurydice_slice o2[1U]; - memcpy(o2, uu____2.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o30[1U]; - memcpy(o30, uu____2.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o2); - Eurydice_slice_uint8_t_1size_t__x2 uu____3 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(o30, (size_t)168U); - Eurydice_slice o3[1U]; - memcpy(o3, uu____3.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice o4[1U]; - memcpy(o4, uu____3.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o3); - libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o4); -} - /** - Squeeze five blocks +A monomorphic instance of +libcrux_sha3.generic_keccak.portable.squeeze_first_block_b4 with const generics +- RATE= 136 */ static KRML_MUSTINLINE void -libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { - Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_first_five_blocks_4f(s, buf); +libcrux_sha3_generic_keccak_portable_squeeze_first_block_b4_5b( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out) { + libcrux_sha3_simd_portable_squeeze_13_5b(self, out, (size_t)0U, (size_t)136U); } /** - Absorb some data for SHAKE-256 for the last time + Squeeze the first SHAKE-256 block */ static KRML_MUSTINLINE void -libcrux_sha3_portable_incremental_shake256_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data) { - Eurydice_slice buf[1U] = {data}; - libcrux_sha3_generic_keccak_absorb_final_c71(s, buf); +libcrux_sha3_portable_incremental_shake256_squeeze_first_block( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) { + libcrux_sha3_generic_keccak_portable_squeeze_first_block_b4_5b(s, out); } /** - Create a new SHAKE-256 state object. +This function found in impl {libcrux_sha3::generic_keccak::KeccakState[core::marker::Sized, +libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for +u64}]} */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 -libcrux_sha3_portable_incremental_shake256_init(void) { - return libcrux_sha3_generic_keccak_new_1e_f4(); -} - /** - Squeeze the first SHAKE-256 block +A monomorphic instance of +libcrux_sha3.generic_keccak.portable.squeeze_next_block_b4 with const generics +- RATE= 136 */ static KRML_MUSTINLINE void -libcrux_sha3_portable_incremental_shake256_squeeze_first_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) { - Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_first_block_840(s, buf); +libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_5b( + libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out, + size_t start) { + libcrux_sha3_generic_keccak_keccakf1600_80_04(self); + libcrux_sha3_simd_portable_squeeze_13_5b(self, out, start, (size_t)136U); } /** @@ -4509,51 +4761,43 @@ libcrux_sha3_portable_incremental_shake256_squeeze_first_block( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) { - Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_next_block_fc0(s, buf); + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) { + libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_5b(s, out, + (size_t)0U); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.KeccakXofState +A monomorphic instance of libcrux_sha3.generic_keccak.xof.KeccakXofState with types uint64_t with const generics - $1size_t - $136size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakXofState_4f_s { - libcrux_sha3_generic_keccak_KeccakState_48 inner; +typedef struct libcrux_sha3_generic_keccak_xof_KeccakXofState_e2_s { + libcrux_sha3_generic_keccak_KeccakState_17 inner; uint8_t buf[1U][136U]; size_t buf_len; bool sponge; -} libcrux_sha3_generic_keccak_KeccakXofState_4f; - -typedef libcrux_sha3_generic_keccak_KeccakXofState_4f - libcrux_sha3_portable_incremental_Shake256Absorb; +} libcrux_sha3_generic_keccak_xof_KeccakXofState_e2; -/** - Consume the internal buffer and the required amount of the input to pad to - `RATE`. +typedef libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 + libcrux_sha3_portable_incremental_Shake256Xof; - Returns the `consumed` bytes from `inputs` if there's enough buffered - content to consume, and `0` otherwise. - If `consumed > 0` is returned, `self.buf` contains a full block to be - loaded. -*/ /** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.fill_buffer_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.fill_buffer_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b0( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, - Eurydice_slice inputs[1U]) { +static inline size_t libcrux_sha3_generic_keccak_xof_fill_buffer_35_c6( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice *inputs) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); size_t consumed = (size_t)0U; if (self->buf_len > (size_t)0U) { @@ -4562,10 +4806,12 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b0( for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( - (size_t)136U, self->buf[i0], self->buf_len, uint8_t, size_t); + (size_t)136U, self->buf[i0], self->buf_len, uint8_t, size_t, + uint8_t[]); Eurydice_slice_copy( uu____0, - Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t), + Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t, + uint8_t[]), uint8_t); } self->buf_len = self->buf_len + consumed; @@ -4575,42 +4821,37 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b0( } /** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_full_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_full_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f8( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, - Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs0[1U]; - memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice)); +static inline size_t libcrux_sha3_generic_keccak_xof_absorb_full_35_c6( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice *inputs) { size_t input_consumed = - libcrux_sha3_generic_keccak_fill_buffer_9d_b0(uu____0, copy_of_inputs0); + libcrux_sha3_generic_keccak_xof_fill_buffer_35_c6(self, inputs); if (input_consumed > (size_t)0U) { Eurydice_slice borrowed[1U]; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { uint8_t buf[136U] = {0U}; - borrowed[i] = core_array___Array_T__N__23__as_slice( - (size_t)136U, buf, uint8_t, Eurydice_slice); + borrowed[i] = core_array___Array_T__N___as_slice((size_t)136U, buf, + uint8_t, Eurydice_slice); } for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; borrowed[i0] = Eurydice_array_to_slice((size_t)136U, self->buf[i0], uint8_t); } - uint64_t(*uu____2)[5U] = self->inner.st; - Eurydice_slice uu____3[1U]; - memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b80(uu____2, uu____3); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); + libcrux_sha3_simd_portable_load_block_a1_5b(&self->inner, borrowed, + (size_t)0U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); self->buf_len = (size_t)0U; } size_t input_to_consume = @@ -4619,63 +4860,41 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f8( size_t remainder = input_to_consume % (size_t)136U; for (size_t i = (size_t)0U; i < num_blocks; i++) { size_t i0 = i; - uint64_t(*uu____4)[5U] = self->inner.st; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs[1U]; - memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_inputs, input_consumed + i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_portable_keccak_load_block_5a_b80(uu____4, ret); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); + libcrux_sha3_simd_portable_load_block_a1_5b( + &self->inner, inputs, input_consumed + i0 * (size_t)136U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); } return remainder; } /** - Absorb - - This function takes any number of bytes to absorb and buffers if it's not - enough. The function assumes that all input slices in `blocks` have the same - length. - - Only a multiple of `RATE` blocks are absorbed. - For the remaining bytes [`absorb_final`] needs to be called. - - This works best with relatively small `inputs`. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_9d_7b( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, - Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs[1U]; - memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_35_c6( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice *inputs) { size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_9d_f8(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_xof_absorb_full_35_c6(self, inputs); if (input_remainder_len > (size_t)0U) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; - Eurydice_slice uu____2 = Eurydice_array_to_subslice2( - self->buf[i0], self->buf_len, self->buf_len + input_remainder_len, - uint8_t); - Eurydice_slice_copy( - uu____2, - Eurydice_slice_subslice_from( - inputs[i0], input_len - input_remainder_len, uint8_t, size_t), - uint8_t); + Eurydice_slice_copy(Eurydice_array_to_subslice3( + self->buf[i0], self->buf_len, + self->buf_len + input_remainder_len, uint8_t *), + Eurydice_slice_subslice_from( + inputs[i0], input_len - input_remainder_len, + uint8_t, size_t, uint8_t[]), + uint8_t); } self->buf_len = self->buf_len + input_remainder_len; } @@ -4685,271 +4904,101 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_9d_7b( Shake256 absorb */ /** -This function found in impl -{(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for -libcrux_sha3::portable::incremental::Shake256Absorb)#2} +This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize> +for libcrux_sha3::portable::incremental::Shake256Xof} */ -static inline void libcrux_sha3_portable_incremental_absorb_7d( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice input) { +static inline void libcrux_sha3_portable_incremental_absorb_42( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_9d_7b(self, buf); + libcrux_sha3_generic_keccak_xof_absorb_35_c6(self, buf); } -typedef libcrux_sha3_generic_keccak_KeccakXofState_4f - libcrux_sha3_portable_incremental_Shake256Squeeze; - -/** - Absorb a final block. - - The `inputs` block may be empty. Everything in the `inputs` block beyond - `RATE` bytes is ignored. -*/ /** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_final_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 136 - DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9d_25( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, - Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs[1U]; - memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); - size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_9d_f8(uu____0, copy_of_inputs); - size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_final_35_9e( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice *inputs) { + libcrux_sha3_generic_keccak_xof_absorb_35_c6(self, inputs); + Eurydice_slice borrowed[1U]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + uint8_t buf[136U] = {0U}; + borrowed[i] = core_array___Array_T__N___as_slice((size_t)136U, buf, uint8_t, + Eurydice_slice); + } for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; - if (self->buf_len > (size_t)0U) { - Eurydice_slice uu____2 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, self->buf_len, uint8_t); - Eurydice_slice_copy(uu____2, - Eurydice_array_to_subslice2(self->buf[i0], (size_t)0U, - self->buf_len, uint8_t), - uint8_t); - } - if (input_remainder_len > (size_t)0U) { - Eurydice_slice uu____3 = Eurydice_array_to_subslice2( - blocks[i0], self->buf_len, self->buf_len + input_remainder_len, - uint8_t); - Eurydice_slice_copy( - uu____3, - Eurydice_slice_subslice_from( - inputs[i0], input_len - input_remainder_len, uint8_t, size_t), - uint8_t); - } - blocks[i0][self->buf_len + input_remainder_len] = 31U; - size_t uu____4 = i0; - size_t uu____5 = (size_t)136U - (size_t)1U; - blocks[uu____4][uu____5] = (uint32_t)blocks[uu____4][uu____5] | 128U; + borrowed[i0] = + Eurydice_array_to_slice((size_t)136U, self->buf[i0], uint8_t); } - uint64_t(*uu____6)[5U] = self->inner.st; - uint8_t uu____7[1U][200U]; - memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d20(uu____6, uu____7); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); + libcrux_sha3_simd_portable_load_last_a1_ad0(&self->inner, borrowed, + (size_t)0U, self->buf_len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); } /** Shake256 absorb final */ /** -This function found in impl -{(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for -libcrux_sha3::portable::incremental::Shake256Absorb)#2} +This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize> +for libcrux_sha3::portable::incremental::Shake256Xof} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f -libcrux_sha3_portable_incremental_absorb_final_7d( - libcrux_sha3_generic_keccak_KeccakXofState_4f self, Eurydice_slice input) { +static inline void libcrux_sha3_portable_incremental_absorb_final_42( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_final_9d_25(&self, buf); - return self; + libcrux_sha3_generic_keccak_xof_absorb_final_35_9e(self, buf); } /** - An all zero block -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.zero_block_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.zero_block_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline void libcrux_sha3_generic_keccak_zero_block_9d_e6( +static inline void libcrux_sha3_generic_keccak_xof_zero_block_35_c6( uint8_t ret[136U]) { - ret[0U] = 0U; - ret[1U] = 0U; - ret[2U] = 0U; - ret[3U] = 0U; - ret[4U] = 0U; - ret[5U] = 0U; - ret[6U] = 0U; - ret[7U] = 0U; - ret[8U] = 0U; - ret[9U] = 0U; - ret[10U] = 0U; - ret[11U] = 0U; - ret[12U] = 0U; - ret[13U] = 0U; - ret[14U] = 0U; - ret[15U] = 0U; - ret[16U] = 0U; - ret[17U] = 0U; - ret[18U] = 0U; - ret[19U] = 0U; - ret[20U] = 0U; - ret[21U] = 0U; - ret[22U] = 0U; - ret[23U] = 0U; - ret[24U] = 0U; - ret[25U] = 0U; - ret[26U] = 0U; - ret[27U] = 0U; - ret[28U] = 0U; - ret[29U] = 0U; - ret[30U] = 0U; - ret[31U] = 0U; - ret[32U] = 0U; - ret[33U] = 0U; - ret[34U] = 0U; - ret[35U] = 0U; - ret[36U] = 0U; - ret[37U] = 0U; - ret[38U] = 0U; - ret[39U] = 0U; - ret[40U] = 0U; - ret[41U] = 0U; - ret[42U] = 0U; - ret[43U] = 0U; - ret[44U] = 0U; - ret[45U] = 0U; - ret[46U] = 0U; - ret[47U] = 0U; - ret[48U] = 0U; - ret[49U] = 0U; - ret[50U] = 0U; - ret[51U] = 0U; - ret[52U] = 0U; - ret[53U] = 0U; - ret[54U] = 0U; - ret[55U] = 0U; - ret[56U] = 0U; - ret[57U] = 0U; - ret[58U] = 0U; - ret[59U] = 0U; - ret[60U] = 0U; - ret[61U] = 0U; - ret[62U] = 0U; - ret[63U] = 0U; - ret[64U] = 0U; - ret[65U] = 0U; - ret[66U] = 0U; - ret[67U] = 0U; - ret[68U] = 0U; - ret[69U] = 0U; - ret[70U] = 0U; - ret[71U] = 0U; - ret[72U] = 0U; - ret[73U] = 0U; - ret[74U] = 0U; - ret[75U] = 0U; - ret[76U] = 0U; - ret[77U] = 0U; - ret[78U] = 0U; - ret[79U] = 0U; - ret[80U] = 0U; - ret[81U] = 0U; - ret[82U] = 0U; - ret[83U] = 0U; - ret[84U] = 0U; - ret[85U] = 0U; - ret[86U] = 0U; - ret[87U] = 0U; - ret[88U] = 0U; - ret[89U] = 0U; - ret[90U] = 0U; - ret[91U] = 0U; - ret[92U] = 0U; - ret[93U] = 0U; - ret[94U] = 0U; - ret[95U] = 0U; - ret[96U] = 0U; - ret[97U] = 0U; - ret[98U] = 0U; - ret[99U] = 0U; - ret[100U] = 0U; - ret[101U] = 0U; - ret[102U] = 0U; - ret[103U] = 0U; - ret[104U] = 0U; - ret[105U] = 0U; - ret[106U] = 0U; - ret[107U] = 0U; - ret[108U] = 0U; - ret[109U] = 0U; - ret[110U] = 0U; - ret[111U] = 0U; - ret[112U] = 0U; - ret[113U] = 0U; - ret[114U] = 0U; - ret[115U] = 0U; - ret[116U] = 0U; - ret[117U] = 0U; - ret[118U] = 0U; - ret[119U] = 0U; - ret[120U] = 0U; - ret[121U] = 0U; - ret[122U] = 0U; - ret[123U] = 0U; - ret[124U] = 0U; - ret[125U] = 0U; - ret[126U] = 0U; - ret[127U] = 0U; - ret[128U] = 0U; - ret[129U] = 0U; - ret[130U] = 0U; - ret[131U] = 0U; - ret[132U] = 0U; - ret[133U] = 0U; - ret[134U] = 0U; - ret[135U] = 0U; -} - -/** - Generate a new keccak xof state. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} -*/ -/** -A monomorphic instance of libcrux_sha3.generic_keccak.new_9d + memset(ret, 0U, 136U * sizeof(uint8_t)); +} + +/** +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.xof.new_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f -libcrux_sha3_generic_keccak_new_9d_7e(void) { - libcrux_sha3_generic_keccak_KeccakXofState_4f lit; - lit.inner = libcrux_sha3_generic_keccak_new_1e_f4(); - uint8_t ret[136U]; - libcrux_sha3_generic_keccak_zero_block_9d_e6(ret); - memcpy(lit.buf[0U], ret, (size_t)136U * sizeof(uint8_t)); +static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 +libcrux_sha3_generic_keccak_xof_new_35_c6(void) { + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 lit; + lit.inner = libcrux_sha3_generic_keccak_new_80_04(); + uint8_t repeat_expression[1U][136U]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + libcrux_sha3_generic_keccak_xof_zero_block_35_c6(repeat_expression[i]); + } + memcpy(lit.buf, repeat_expression, (size_t)1U * sizeof(uint8_t[136U])); lit.buf_len = (size_t)0U; lit.sponge = false; return lit; @@ -4959,55 +5008,103 @@ libcrux_sha3_generic_keccak_new_9d_7e(void) { Shake256 new state */ /** +This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize> +for libcrux_sha3::portable::incremental::Shake256Xof} +*/ +static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 +libcrux_sha3_portable_incremental_new_42(void) { + return libcrux_sha3_generic_keccak_xof_new_35_c6(); +} + +/** + Squeeze `N` x `LEN` bytes. Only `N = 1` for now. +*/ +/** This function found in impl -{(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for -libcrux_sha3::portable::incremental::Shake256Absorb)#2} +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_sha3.generic_keccak.xof.squeeze_85 +with types uint64_t +with const generics +- RATE= 136 +*/ +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_squeeze_85_c7( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice out) { + if (self->sponge) { + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); + } + size_t out_len = Eurydice_slice_len(out, uint8_t); + if (out_len > (size_t)0U) { + if (out_len <= (size_t)136U) { + libcrux_sha3_simd_portable_squeeze_13_5b(&self->inner, out, (size_t)0U, + out_len); + } else { + size_t blocks = out_len / (size_t)136U; + for (size_t i = (size_t)0U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); + libcrux_sha3_simd_portable_squeeze_13_5b( + &self->inner, out, i0 * (size_t)136U, (size_t)136U); + } + size_t remaining = out_len % (size_t)136U; + if (remaining > (size_t)0U) { + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); + libcrux_sha3_simd_portable_squeeze_13_5b( + &self->inner, out, blocks * (size_t)136U, remaining); + } + } + self->sponge = true; + } +} + +/** + Shake256 squeeze */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f -libcrux_sha3_portable_incremental_new_7d(void) { - return libcrux_sha3_generic_keccak_new_9d_7e(); +/** +This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize> +for libcrux_sha3::portable::incremental::Shake256Xof} +*/ +static inline void libcrux_sha3_portable_incremental_squeeze_42( + libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self, + Eurydice_slice out) { + libcrux_sha3_generic_keccak_xof_squeeze_85_c7(self, out); } /** -A monomorphic instance of libcrux_sha3.generic_keccak.KeccakXofState +A monomorphic instance of libcrux_sha3.generic_keccak.xof.KeccakXofState with types uint64_t with const generics - $1size_t - $168size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakXofState_78_s { - libcrux_sha3_generic_keccak_KeccakState_48 inner; +typedef struct libcrux_sha3_generic_keccak_xof_KeccakXofState_97_s { + libcrux_sha3_generic_keccak_KeccakState_17 inner; uint8_t buf[1U][168U]; size_t buf_len; bool sponge; -} libcrux_sha3_generic_keccak_KeccakXofState_78; - -typedef libcrux_sha3_generic_keccak_KeccakXofState_78 - libcrux_sha3_portable_incremental_Shake128Absorb; +} libcrux_sha3_generic_keccak_xof_KeccakXofState_97; -/** - Consume the internal buffer and the required amount of the input to pad to - `RATE`. +typedef libcrux_sha3_generic_keccak_xof_KeccakXofState_97 + libcrux_sha3_portable_incremental_Shake128Xof; - Returns the `consumed` bytes from `inputs` if there's enough buffered - content to consume, and `0` otherwise. - If `consumed > 0` is returned, `self.buf` contains a full block to be - loaded. -*/ /** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.fill_buffer_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.fill_buffer_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b00( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, - Eurydice_slice inputs[1U]) { +static inline size_t libcrux_sha3_generic_keccak_xof_fill_buffer_35_c60( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice *inputs) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); size_t consumed = (size_t)0U; if (self->buf_len > (size_t)0U) { @@ -5016,10 +5113,12 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b00( for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( - (size_t)168U, self->buf[i0], self->buf_len, uint8_t, size_t); + (size_t)168U, self->buf[i0], self->buf_len, uint8_t, size_t, + uint8_t[]); Eurydice_slice_copy( uu____0, - Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t), + Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t, + uint8_t[]), uint8_t); } self->buf_len = self->buf_len + consumed; @@ -5029,42 +5128,37 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b00( } /** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_full_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_full_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f80( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, - Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs0[1U]; - memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice)); +static inline size_t libcrux_sha3_generic_keccak_xof_absorb_full_35_c60( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice *inputs) { size_t input_consumed = - libcrux_sha3_generic_keccak_fill_buffer_9d_b00(uu____0, copy_of_inputs0); + libcrux_sha3_generic_keccak_xof_fill_buffer_35_c60(self, inputs); if (input_consumed > (size_t)0U) { Eurydice_slice borrowed[1U]; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { uint8_t buf[168U] = {0U}; - borrowed[i] = core_array___Array_T__N__23__as_slice( - (size_t)168U, buf, uint8_t, Eurydice_slice); + borrowed[i] = core_array___Array_T__N___as_slice((size_t)168U, buf, + uint8_t, Eurydice_slice); } for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; borrowed[i0] = Eurydice_array_to_slice((size_t)168U, self->buf[i0], uint8_t); } - uint64_t(*uu____2)[5U] = self->inner.st; - Eurydice_slice uu____3[1U]; - memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_b83(uu____2, uu____3); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); + libcrux_sha3_simd_portable_load_block_a1_3a(&self->inner, borrowed, + (size_t)0U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); self->buf_len = (size_t)0U; } size_t input_to_consume = @@ -5073,648 +5167,237 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f80( size_t remainder = input_to_consume % (size_t)168U; for (size_t i = (size_t)0U; i < num_blocks; i++) { size_t i0 = i; - uint64_t(*uu____4)[5U] = self->inner.st; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs[1U]; - memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice ret[1U]; - libcrux_sha3_portable_keccak_slice_n_5a( - copy_of_inputs, input_consumed + i0 * (size_t)168U, (size_t)168U, ret); - libcrux_sha3_portable_keccak_load_block_5a_b83(uu____4, ret); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); + libcrux_sha3_simd_portable_load_block_a1_3a( + &self->inner, inputs, input_consumed + i0 * (size_t)168U); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); } return remainder; } /** - Absorb - - This function takes any number of bytes to absorb and buffers if it's not - enough. The function assumes that all input slices in `blocks` have the same - length. - - Only a multiple of `RATE` blocks are absorbed. - For the remaining bytes [`absorb_final`] needs to be called. - - This works best with relatively small `inputs`. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_9d_7b0( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, - Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs[1U]; - memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_35_c60( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice *inputs) { size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_9d_f80(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_xof_absorb_full_35_c60(self, inputs); if (input_remainder_len > (size_t)0U) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; - Eurydice_slice uu____2 = Eurydice_array_to_subslice2( - self->buf[i0], self->buf_len, self->buf_len + input_remainder_len, - uint8_t); - Eurydice_slice_copy( - uu____2, - Eurydice_slice_subslice_from( - inputs[i0], input_len - input_remainder_len, uint8_t, size_t), - uint8_t); + Eurydice_slice_copy(Eurydice_array_to_subslice3( + self->buf[i0], self->buf_len, + self->buf_len + input_remainder_len, uint8_t *), + Eurydice_slice_subslice_from( + inputs[i0], input_len - input_remainder_len, + uint8_t, size_t, uint8_t[]), + uint8_t); } self->buf_len = self->buf_len + input_remainder_len; } } /** -This function found in impl -{(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for -libcrux_sha3::portable::incremental::Shake128Absorb)} +This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize> +for libcrux_sha3::portable::incremental::Shake128Xof} */ -static inline void libcrux_sha3_portable_incremental_absorb_1c( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice input) { +static inline void libcrux_sha3_portable_incremental_absorb_26( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_9d_7b0(self, buf); + libcrux_sha3_generic_keccak_xof_absorb_35_c60(self, buf); } -typedef libcrux_sha3_generic_keccak_KeccakXofState_78 - libcrux_sha3_portable_incremental_Shake128Squeeze; - /** - Absorb a final block. - - The `inputs` block may be empty. Everything in the `inputs` block beyond - `RATE` bytes is ignored. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_final_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 168 - DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9d_250( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, - Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; - /* Passing arrays by value in Rust generates a copy in C */ - Eurydice_slice copy_of_inputs[1U]; - memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); - size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_9d_f80(uu____0, copy_of_inputs); - size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); - uint8_t blocks[1U][200U] = {{0U}}; +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_final_35_9e0( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice *inputs) { + libcrux_sha3_generic_keccak_xof_absorb_35_c60(self, inputs); + Eurydice_slice borrowed[1U]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + uint8_t buf[168U] = {0U}; + borrowed[i] = core_array___Array_T__N___as_slice((size_t)168U, buf, uint8_t, + Eurydice_slice); + } for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; - if (self->buf_len > (size_t)0U) { - Eurydice_slice uu____2 = Eurydice_array_to_subslice2( - blocks[i0], (size_t)0U, self->buf_len, uint8_t); - Eurydice_slice_copy(uu____2, - Eurydice_array_to_subslice2(self->buf[i0], (size_t)0U, - self->buf_len, uint8_t), - uint8_t); - } - if (input_remainder_len > (size_t)0U) { - Eurydice_slice uu____3 = Eurydice_array_to_subslice2( - blocks[i0], self->buf_len, self->buf_len + input_remainder_len, - uint8_t); - Eurydice_slice_copy( - uu____3, - Eurydice_slice_subslice_from( - inputs[i0], input_len - input_remainder_len, uint8_t, size_t), - uint8_t); - } - blocks[i0][self->buf_len + input_remainder_len] = 31U; - size_t uu____4 = i0; - size_t uu____5 = (size_t)168U - (size_t)1U; - blocks[uu____4][uu____5] = (uint32_t)blocks[uu____4][uu____5] | 128U; + borrowed[i0] = + Eurydice_array_to_slice((size_t)168U, self->buf[i0], uint8_t); } - uint64_t(*uu____6)[5U] = self->inner.st; - uint8_t uu____7[1U][200U]; - memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_d21(uu____6, uu____7); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); + libcrux_sha3_simd_portable_load_last_a1_c6(&self->inner, borrowed, (size_t)0U, + self->buf_len); + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); } /** -This function found in impl -{(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for -libcrux_sha3::portable::incremental::Shake128Absorb)} +This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize> +for libcrux_sha3::portable::incremental::Shake128Xof} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 -libcrux_sha3_portable_incremental_absorb_final_1c( - libcrux_sha3_generic_keccak_KeccakXofState_78 self, Eurydice_slice input) { +static inline void libcrux_sha3_portable_incremental_absorb_final_26( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_final_9d_250(&self, buf); - return self; + libcrux_sha3_generic_keccak_xof_absorb_final_35_9e0(self, buf); } /** - An all zero block -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.zero_block_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.zero_block_35 with types uint64_t with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline void libcrux_sha3_generic_keccak_zero_block_9d_e60( +static inline void libcrux_sha3_generic_keccak_xof_zero_block_35_c60( uint8_t ret[168U]) { - ret[0U] = 0U; - ret[1U] = 0U; - ret[2U] = 0U; - ret[3U] = 0U; - ret[4U] = 0U; - ret[5U] = 0U; - ret[6U] = 0U; - ret[7U] = 0U; - ret[8U] = 0U; - ret[9U] = 0U; - ret[10U] = 0U; - ret[11U] = 0U; - ret[12U] = 0U; - ret[13U] = 0U; - ret[14U] = 0U; - ret[15U] = 0U; - ret[16U] = 0U; - ret[17U] = 0U; - ret[18U] = 0U; - ret[19U] = 0U; - ret[20U] = 0U; - ret[21U] = 0U; - ret[22U] = 0U; - ret[23U] = 0U; - ret[24U] = 0U; - ret[25U] = 0U; - ret[26U] = 0U; - ret[27U] = 0U; - ret[28U] = 0U; - ret[29U] = 0U; - ret[30U] = 0U; - ret[31U] = 0U; - ret[32U] = 0U; - ret[33U] = 0U; - ret[34U] = 0U; - ret[35U] = 0U; - ret[36U] = 0U; - ret[37U] = 0U; - ret[38U] = 0U; - ret[39U] = 0U; - ret[40U] = 0U; - ret[41U] = 0U; - ret[42U] = 0U; - ret[43U] = 0U; - ret[44U] = 0U; - ret[45U] = 0U; - ret[46U] = 0U; - ret[47U] = 0U; - ret[48U] = 0U; - ret[49U] = 0U; - ret[50U] = 0U; - ret[51U] = 0U; - ret[52U] = 0U; - ret[53U] = 0U; - ret[54U] = 0U; - ret[55U] = 0U; - ret[56U] = 0U; - ret[57U] = 0U; - ret[58U] = 0U; - ret[59U] = 0U; - ret[60U] = 0U; - ret[61U] = 0U; - ret[62U] = 0U; - ret[63U] = 0U; - ret[64U] = 0U; - ret[65U] = 0U; - ret[66U] = 0U; - ret[67U] = 0U; - ret[68U] = 0U; - ret[69U] = 0U; - ret[70U] = 0U; - ret[71U] = 0U; - ret[72U] = 0U; - ret[73U] = 0U; - ret[74U] = 0U; - ret[75U] = 0U; - ret[76U] = 0U; - ret[77U] = 0U; - ret[78U] = 0U; - ret[79U] = 0U; - ret[80U] = 0U; - ret[81U] = 0U; - ret[82U] = 0U; - ret[83U] = 0U; - ret[84U] = 0U; - ret[85U] = 0U; - ret[86U] = 0U; - ret[87U] = 0U; - ret[88U] = 0U; - ret[89U] = 0U; - ret[90U] = 0U; - ret[91U] = 0U; - ret[92U] = 0U; - ret[93U] = 0U; - ret[94U] = 0U; - ret[95U] = 0U; - ret[96U] = 0U; - ret[97U] = 0U; - ret[98U] = 0U; - ret[99U] = 0U; - ret[100U] = 0U; - ret[101U] = 0U; - ret[102U] = 0U; - ret[103U] = 0U; - ret[104U] = 0U; - ret[105U] = 0U; - ret[106U] = 0U; - ret[107U] = 0U; - ret[108U] = 0U; - ret[109U] = 0U; - ret[110U] = 0U; - ret[111U] = 0U; - ret[112U] = 0U; - ret[113U] = 0U; - ret[114U] = 0U; - ret[115U] = 0U; - ret[116U] = 0U; - ret[117U] = 0U; - ret[118U] = 0U; - ret[119U] = 0U; - ret[120U] = 0U; - ret[121U] = 0U; - ret[122U] = 0U; - ret[123U] = 0U; - ret[124U] = 0U; - ret[125U] = 0U; - ret[126U] = 0U; - ret[127U] = 0U; - ret[128U] = 0U; - ret[129U] = 0U; - ret[130U] = 0U; - ret[131U] = 0U; - ret[132U] = 0U; - ret[133U] = 0U; - ret[134U] = 0U; - ret[135U] = 0U; - ret[136U] = 0U; - ret[137U] = 0U; - ret[138U] = 0U; - ret[139U] = 0U; - ret[140U] = 0U; - ret[141U] = 0U; - ret[142U] = 0U; - ret[143U] = 0U; - ret[144U] = 0U; - ret[145U] = 0U; - ret[146U] = 0U; - ret[147U] = 0U; - ret[148U] = 0U; - ret[149U] = 0U; - ret[150U] = 0U; - ret[151U] = 0U; - ret[152U] = 0U; - ret[153U] = 0U; - ret[154U] = 0U; - ret[155U] = 0U; - ret[156U] = 0U; - ret[157U] = 0U; - ret[158U] = 0U; - ret[159U] = 0U; - ret[160U] = 0U; - ret[161U] = 0U; - ret[162U] = 0U; - ret[163U] = 0U; - ret[164U] = 0U; - ret[165U] = 0U; - ret[166U] = 0U; - ret[167U] = 0U; -} - -/** - Generate a new keccak xof state. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} -*/ -/** -A monomorphic instance of libcrux_sha3.generic_keccak.new_9d -with types uint64_t -with const generics -- PARALLEL_LANES= 1 -- RATE= 168 -*/ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 -libcrux_sha3_generic_keccak_new_9d_7e0(void) { - libcrux_sha3_generic_keccak_KeccakXofState_78 lit; - lit.inner = libcrux_sha3_generic_keccak_new_1e_f4(); - uint8_t ret[168U]; - libcrux_sha3_generic_keccak_zero_block_9d_e60(ret); - memcpy(lit.buf[0U], ret, (size_t)168U * sizeof(uint8_t)); - lit.buf_len = (size_t)0U; - lit.sponge = false; - return lit; + memset(ret, 0U, 168U * sizeof(uint8_t)); } /** This function found in impl -{(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for -libcrux_sha3::portable::incremental::Shake128Absorb)} -*/ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 -libcrux_sha3_portable_incremental_new_1c(void) { - return libcrux_sha3_generic_keccak_new_9d_7e0(); -} - -/** - `out` has the exact size we want here. It must be less than or equal to `RATE`. -*/ -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_5a -with const generics -- RATE= 136 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_1c( - uint64_t (*state)[5U], Eurydice_slice out[1U]) { - size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U; - size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U; - for (size_t i = (size_t)0U; i < num_full_blocks; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); - uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(state[i0 / (size_t)5U][i0 % (size_t)5U], ret); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); - } - if (last_block_len != (size_t)0U) { - Eurydice_slice uu____1 = Eurydice_slice_subslice2( - out[0U], num_full_blocks * (size_t)8U, - num_full_blocks * (size_t)8U + last_block_len, uint8_t); - uint8_t ret[8U]; - core_num__u64_9__to_le_bytes( - state[num_full_blocks / (size_t)5U][num_full_blocks % (size_t)5U], ret); - Eurydice_slice_copy( - uu____1, - Eurydice_array_to_subslice2(ret, (size_t)0U, last_block_len, uint8_t), - uint8_t); - } -} - -/** - Squeeze `N` x `LEN` bytes. -*/ -/** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.new_35 with types uint64_t with const generics - PARALLEL_LANES= 1 -- RATE= 136 +- RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_9d_96( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, - Eurydice_slice out[1U]) { - if (self->sponge) { - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); - } - size_t out_len = Eurydice_slice_len(out[0U], uint8_t); - size_t blocks = out_len / (size_t)136U; - size_t last = out_len - out_len % (size_t)136U; - size_t mid; - if ((size_t)136U >= out_len) { - mid = out_len; - } else { - mid = (size_t)136U; - } - Eurydice_slice_uint8_t_1size_t__x2 uu____0 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, mid); - Eurydice_slice out00[1U]; - memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice out_rest[1U]; - memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_store_5a_1c(self->inner.st, out00); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; - } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____1 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out_rest, - (size_t)136U); - Eurydice_slice out0[1U]; - memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice tmp[1U]; - memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); - libcrux_sha3_portable_keccak_store_5a_1c(self->inner.st, out0); - memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice)); - } - } - if (last < out_len) { - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); - libcrux_sha3_portable_keccak_store_5a_1c(self->inner.st, out_rest); +static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_97 +libcrux_sha3_generic_keccak_xof_new_35_c60(void) { + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 lit; + lit.inner = libcrux_sha3_generic_keccak_new_80_04(); + uint8_t repeat_expression[1U][168U]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + libcrux_sha3_generic_keccak_xof_zero_block_35_c60(repeat_expression[i]); } - self->sponge = true; -} - -/** - Shake256 squeeze -*/ -/** -This function found in impl -{(libcrux_sha3::portable::incremental::XofSqueeze<136: usize> for -libcrux_sha3::portable::incremental::Shake256Squeeze)#3} -*/ -static inline void libcrux_sha3_portable_incremental_squeeze_8a( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice out) { - Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_9d_96(self, buf); + memcpy(lit.buf, repeat_expression, (size_t)1U * sizeof(uint8_t[168U])); + lit.buf_len = (size_t)0U; + lit.sponge = false; + return lit; } /** - `out` has the exact size we want here. It must be less than or equal to `RATE`. +This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize> +for libcrux_sha3::portable::incremental::Shake128Xof} */ -/** -This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1: -usize> for u64)} -*/ -/** -A monomorphic instance of libcrux_sha3.portable_keccak.store_5a -with const generics -- RATE= 168 -*/ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_1c0( - uint64_t (*state)[5U], Eurydice_slice out[1U]) { - size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U; - size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U; - for (size_t i = (size_t)0U; i < num_full_blocks; i++) { - size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( - out[0U], i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); - uint8_t ret[8U]; - core_num__u64_9__to_le_bytes(state[i0 / (size_t)5U][i0 % (size_t)5U], ret); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t); - } - if (last_block_len != (size_t)0U) { - Eurydice_slice uu____1 = Eurydice_slice_subslice2( - out[0U], num_full_blocks * (size_t)8U, - num_full_blocks * (size_t)8U + last_block_len, uint8_t); - uint8_t ret[8U]; - core_num__u64_9__to_le_bytes( - state[num_full_blocks / (size_t)5U][num_full_blocks % (size_t)5U], ret); - Eurydice_slice_copy( - uu____1, - Eurydice_array_to_subslice2(ret, (size_t)0U, last_block_len, uint8_t), - uint8_t); - } +static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_97 +libcrux_sha3_portable_incremental_new_26(void) { + return libcrux_sha3_generic_keccak_xof_new_35_c60(); } /** - Squeeze `N` x `LEN` bytes. + Squeeze `N` x `LEN` bytes. Only `N = 1` for now. */ /** -This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState[TraitClause@0]#2} +This function found in impl +{libcrux_sha3::generic_keccak::xof::KeccakXofState[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_9d +A monomorphic instance of libcrux_sha3.generic_keccak.xof.squeeze_85 with types uint64_t with const generics -- PARALLEL_LANES= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_9d_960( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, - Eurydice_slice out[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_squeeze_85_13( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice out) { if (self->sponge) { - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); - } - size_t out_len = Eurydice_slice_len(out[0U], uint8_t); - size_t blocks = out_len / (size_t)168U; - size_t last = out_len - out_len % (size_t)168U; - size_t mid; - if ((size_t)168U >= out_len) { - mid = out_len; - } else { - mid = (size_t)168U; - } - Eurydice_slice_uint8_t_1size_t__x2 uu____0 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, mid); - Eurydice_slice out00[1U]; - memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice out_rest[1U]; - memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_store_5a_1c0(self->inner.st, out00); - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, - .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3) - .tag == None) { - break; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); + } + size_t out_len = Eurydice_slice_len(out, uint8_t); + if (out_len > (size_t)0U) { + if (out_len <= (size_t)168U) { + libcrux_sha3_simd_portable_squeeze_13_3a(&self->inner, out, (size_t)0U, + out_len); } else { - Eurydice_slice_uint8_t_1size_t__x2 uu____1 = - libcrux_sha3_portable_keccak_split_at_mut_n_5a(out_rest, - (size_t)168U); - Eurydice_slice out0[1U]; - memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); - Eurydice_slice tmp[1U]; - memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); - libcrux_sha3_portable_keccak_store_5a_1c0(self->inner.st, out0); - memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice)); + size_t blocks = out_len / (size_t)168U; + for (size_t i = (size_t)0U; i < blocks; i++) { + size_t i0 = i; + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); + libcrux_sha3_simd_portable_squeeze_13_3a( + &self->inner, out, i0 * (size_t)168U, (size_t)168U); + } + size_t remaining = out_len % (size_t)168U; + if (remaining > (size_t)0U) { + libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner); + libcrux_sha3_simd_portable_squeeze_13_3a( + &self->inner, out, blocks * (size_t)168U, remaining); + } } + self->sponge = true; } - if (last < out_len) { - libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner); - libcrux_sha3_portable_keccak_store_5a_1c0(self->inner.st, out_rest); - } - self->sponge = true; } /** Shake128 squeeze */ /** -This function found in impl -{(libcrux_sha3::portable::incremental::XofSqueeze<168: usize> for -libcrux_sha3::portable::incremental::Shake128Squeeze)#1} +This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize> +for libcrux_sha3::portable::incremental::Shake128Xof} */ -static inline void libcrux_sha3_portable_incremental_squeeze_10( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice out) { - Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_9d_960(self, buf); +static inline void libcrux_sha3_portable_incremental_squeeze_26( + libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self, + Eurydice_slice out) { + libcrux_sha3_generic_keccak_xof_squeeze_85_13(self, out); } /** -This function found in impl {(core::clone::Clone for -libcrux_sha3::portable::KeccakState)} +This function found in impl {core::clone::Clone for +libcrux_sha3::portable::KeccakState} */ -static inline libcrux_sha3_generic_keccak_KeccakState_48 -libcrux_sha3_portable_clone_3d( - libcrux_sha3_generic_keccak_KeccakState_48 *self) { +static inline libcrux_sha3_generic_keccak_KeccakState_17 +libcrux_sha3_portable_clone_fe( + libcrux_sha3_generic_keccak_KeccakState_17 *self) { return self[0U]; } /** -This function found in impl {(core::convert::From for -u32)#1} +This function found in impl {core::convert::From for +u32} */ -static inline uint32_t libcrux_sha3_from_eb(libcrux_sha3_Algorithm v) { - uint32_t uu____0; +static inline uint32_t libcrux_sha3_from_6c(libcrux_sha3_Algorithm v) { switch (v) { - case libcrux_sha3_Sha224: { - uu____0 = 1U; + case libcrux_sha3_Algorithm_Sha224: { break; } - case libcrux_sha3_Sha256: { - uu____0 = 2U; - break; + case libcrux_sha3_Algorithm_Sha256: { + return 2U; } - case libcrux_sha3_Sha384: { - uu____0 = 3U; - break; + case libcrux_sha3_Algorithm_Sha384: { + return 3U; } - case libcrux_sha3_Sha512: { - uu____0 = 4U; - break; + case libcrux_sha3_Algorithm_Sha512: { + return 4U; } default: { KRML_HOST_EPRINTF("KaRaMeL incomplete match at %s:%d\n", __FILE__, @@ -5722,31 +5405,26 @@ static inline uint32_t libcrux_sha3_from_eb(libcrux_sha3_Algorithm v) { KRML_HOST_EXIT(253U); } } - return uu____0; + return 1U; } /** -This function found in impl {(core::convert::From for -libcrux_sha3::Algorithm)} +This function found in impl {core::convert::From for +libcrux_sha3::Algorithm} */ -static inline libcrux_sha3_Algorithm libcrux_sha3_from_2d(uint32_t v) { - libcrux_sha3_Algorithm uu____0; +static inline libcrux_sha3_Algorithm libcrux_sha3_from_29(uint32_t v) { switch (v) { case 1U: { - uu____0 = libcrux_sha3_Sha224; break; } case 2U: { - uu____0 = libcrux_sha3_Sha256; - break; + return libcrux_sha3_Algorithm_Sha256; } case 3U: { - uu____0 = libcrux_sha3_Sha384; - break; + return libcrux_sha3_Algorithm_Sha384; } case 4U: { - uu____0 = libcrux_sha3_Sha512; - break; + return libcrux_sha3_Algorithm_Sha512; } default: { KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, @@ -5754,52 +5432,40 @@ static inline libcrux_sha3_Algorithm libcrux_sha3_from_2d(uint32_t v) { KRML_HOST_EXIT(255U); } } - return uu____0; + return libcrux_sha3_Algorithm_Sha224; } -typedef uint8_t libcrux_sha3_Sha3_512Digest[64U]; - -typedef uint8_t libcrux_sha3_Sha3_384Digest[48U]; - -typedef uint8_t libcrux_sha3_Sha3_256Digest[32U]; - -typedef uint8_t libcrux_sha3_Sha3_224Digest[28U]; - #if defined(__cplusplus) } #endif -#define __libcrux_sha3_portable_H_DEFINED -#endif +#define libcrux_sha3_portable_H_DEFINED +#endif /* libcrux_sha3_portable_H */ -/* from libcrux/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h */ +/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_mlkem768_portable.h */ /* - * SPDX-FileCopyrightText: 2024 Cryspen Sarl + * SPDX-FileCopyrightText: 2025 Cryspen Sarl * * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4 - * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb - * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee + * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7 + * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785 + * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b + * F*: 71d8221589d4d438af3706d89cb653cf53e18aab + * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc */ -#ifndef __libcrux_mlkem768_portable_H -#define __libcrux_mlkem768_portable_H +#ifndef libcrux_mlkem768_portable_H +#define libcrux_mlkem768_portable_H + #if defined(__cplusplus) extern "C" { #endif -#define LIBCRUX_ML_KEM_HASH_FUNCTIONS_BLOCK_SIZE ((size_t)168U) - -#define LIBCRUX_ML_KEM_HASH_FUNCTIONS_THREE_BLOCKS \ - (LIBCRUX_ML_KEM_HASH_FUNCTIONS_BLOCK_SIZE * (size_t)3U) - -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G( +static inline void libcrux_ml_kem_hash_functions_portable_G( Eurydice_slice input, uint8_t ret[64U]) { uint8_t digest[64U] = {0U}; libcrux_sha3_portable_sha512( @@ -5807,7 +5473,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G( memcpy(ret, digest, (size_t)64U * sizeof(uint8_t)); } -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H( +static inline void libcrux_ml_kem_hash_functions_portable_H( Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_sha256( @@ -5815,15 +5481,6 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H( memcpy(ret, digest, (size_t)32U * sizeof(uint8_t)); } -#define LIBCRUX_ML_KEM_IND_CCA_ENCAPS_SEED_SIZE \ - (LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE) - -#define LIBCRUX_ML_KEM_IND_CCA_KEY_GENERATION_SEED_SIZE \ - (LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE + \ - LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE) - -typedef uint8_t libcrux_ml_kem_ind_cca_MlKemSharedSecret[32U]; - static const int16_t libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[128U] = {(int16_t)-1044, (int16_t)-758, (int16_t)-359, (int16_t)-1517, (int16_t)1493, (int16_t)1422, (int16_t)287, (int16_t)202, @@ -5858,17 +5515,19 @@ static const int16_t libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[128U] = (int16_t)-108, (int16_t)-308, (int16_t)996, (int16_t)991, (int16_t)958, (int16_t)-1460, (int16_t)1522, (int16_t)1628}; -#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR ((size_t)16U) +static KRML_MUSTINLINE int16_t libcrux_ml_kem_polynomial_zeta(size_t i) { + return libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[i]; +} -#define LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT \ - (LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / \ - LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR) +#define LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT ((size_t)16U) -#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS ((int16_t)3329) +#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR ((size_t)16U) #define LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS \ ((int16_t)1353) +#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS ((int16_t)3329) + #define LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R \ (62209U) @@ -5881,155 +5540,23 @@ libcrux_ml_kem_vector_portable_vector_type_from_i16_array( Eurydice_slice array) { libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; int16_t ret[16U]; - Result_c0 dst; + Result_0a dst; Eurydice_slice_to_array2( - &dst, Eurydice_slice_subslice2(array, (size_t)0U, (size_t)16U, int16_t), - Eurydice_slice, int16_t[16U]); - unwrap_41_f9(dst, ret); + &dst, Eurydice_slice_subslice3(array, (size_t)0U, (size_t)16U, int16_t *), + Eurydice_slice, int16_t[16U], TryFromSliceError); + unwrap_26_00(dst, ret); memcpy(lit.elements, ret, (size_t)16U * sizeof(int16_t)); return lit; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_from_i16_array_0d(Eurydice_slice array) { - return libcrux_ml_kem_vector_portable_vector_type_from_i16_array(array); -} - -typedef struct uint8_t_x11_s { - uint8_t fst; - uint8_t snd; - uint8_t thd; - uint8_t f3; - uint8_t f4; - uint8_t f5; - uint8_t f6; - uint8_t f7; - uint8_t f8; - uint8_t f9; - uint8_t f10; -} uint8_t_x11; - -static KRML_MUSTINLINE uint8_t_x11 -libcrux_ml_kem_vector_portable_serialize_serialize_11_int(Eurydice_slice v) { - uint8_t r0 = (uint8_t)Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *); - uint8_t r1 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t, - int16_t *) & - (int16_t)31) - << 3U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, - int16_t *) >> - 8U); - uint8_t r2 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t, - int16_t *) & - (int16_t)3) - << 6U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t, - int16_t *) >> - 5U); - uint8_t r3 = - (uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) >> 2U & - (int16_t)255); - uint8_t r4 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, - int16_t *) & - (int16_t)127) - << 1U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t, - int16_t *) >> - 10U); - uint8_t r5 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)4U, int16_t, - int16_t *) & - (int16_t)15) - << 4U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, - int16_t *) >> - 7U); - uint8_t r6 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)5U, int16_t, - int16_t *) & - (int16_t)1) - << 7U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)4U, int16_t, - int16_t *) >> - 4U); - uint8_t r7 = - (uint8_t)(Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *) >> 1U & - (int16_t)255); - uint8_t r8 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)6U, int16_t, - int16_t *) & - (int16_t)63) - << 2U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)5U, int16_t, - int16_t *) >> - 9U); - uint8_t r9 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)7U, int16_t, - int16_t *) & - (int16_t)7) - << 5U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)6U, int16_t, - int16_t *) >> - 6U); - uint8_t r10 = - (uint8_t)(Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *) >> 3U); - return (CLITERAL(uint8_t_x11){.fst = r0, - .snd = r1, - .thd = r2, - .f3 = r3, - .f4 = r4, - .f5 = r5, - .f6 = r6, - .f7 = r7, - .f8 = r8, - .f9 = r9, - .f10 = r10}); -} - -static KRML_MUSTINLINE void -libcrux_ml_kem_vector_portable_serialize_serialize_11( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, - uint8_t ret[22U]) { - uint8_t_x11 r0_10 = libcrux_ml_kem_vector_portable_serialize_serialize_11_int( - Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)8U, int16_t)); - uint8_t_x11 r11_21 = - libcrux_ml_kem_vector_portable_serialize_serialize_11_int( - Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)16U, - int16_t)); - uint8_t result[22U] = {0U}; - result[0U] = r0_10.fst; - result[1U] = r0_10.snd; - result[2U] = r0_10.thd; - result[3U] = r0_10.f3; - result[4U] = r0_10.f4; - result[5U] = r0_10.f5; - result[6U] = r0_10.f6; - result[7U] = r0_10.f7; - result[8U] = r0_10.f8; - result[9U] = r0_10.f9; - result[10U] = r0_10.f10; - result[11U] = r11_21.fst; - result[12U] = r11_21.snd; - result[13U] = r11_21.thd; - result[14U] = r11_21.f3; - result[15U] = r11_21.f4; - result[16U] = r11_21.f5; - result[17U] = r11_21.f6; - result[18U] = r11_21.f7; - result[19U] = r11_21.f8; - result[20U] = r11_21.f9; - result[21U] = r11_21.f10; - memcpy(ret, result, (size_t)22U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline void libcrux_ml_kem_vector_portable_serialize_11_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); +libcrux_ml_kem_vector_portable_from_i16_array_b8(Eurydice_slice array) { + return libcrux_ml_kem_vector_portable_vector_type_from_i16_array( + libcrux_secrets_int_classify_public_classify_ref_9b_39(array)); } typedef struct int16_t_x8_s { @@ -6043,666 +5570,22 @@ typedef struct int16_t_x8_s { int16_t f7; } int16_t_x8; -static KRML_MUSTINLINE int16_t_x8 -libcrux_ml_kem_vector_portable_serialize_deserialize_11_int( - Eurydice_slice bytes) { - int16_t r0 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) & - (int16_t)7) - << 8U | - (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *); - int16_t r1 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) & - (int16_t)63) - << 5U | - (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) >> - 3U; - int16_t r2 = - (((int16_t)Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *) & - (int16_t)1) - << 10U | - (int16_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) - << 2U) | - (int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) >> - 6U; - int16_t r3 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *) & - (int16_t)15) - << 7U | - (int16_t)Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *) >> - 1U; - int16_t r4 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) & - (int16_t)127) - << 4U | - (int16_t)Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *) >> - 4U; - int16_t r5 = - (((int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) & - (int16_t)3) - << 9U | - (int16_t)Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *) - << 1U) | - (int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) >> - 7U; - int16_t r6 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *) & - (int16_t)31) - << 6U | - (int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) >> - 2U; - int16_t r7 = - (int16_t)Eurydice_slice_index(bytes, (size_t)10U, uint8_t, uint8_t *) - << 3U | - (int16_t)Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *) >> - 5U; - return (CLITERAL(int16_t_x8){.fst = r0, - .snd = r1, - .thd = r2, - .f3 = r3, - .f4 = r4, - .f5 = r5, - .f6 = r6, - .f7 = r7}); -} - static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_vector_type_zero(void) { libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; - lit.elements[0U] = (int16_t)0; - lit.elements[1U] = (int16_t)0; - lit.elements[2U] = (int16_t)0; - lit.elements[3U] = (int16_t)0; - lit.elements[4U] = (int16_t)0; - lit.elements[5U] = (int16_t)0; - lit.elements[6U] = (int16_t)0; - lit.elements[7U] = (int16_t)0; - lit.elements[8U] = (int16_t)0; - lit.elements[9U] = (int16_t)0; - lit.elements[10U] = (int16_t)0; - lit.elements[11U] = (int16_t)0; - lit.elements[12U] = (int16_t)0; - lit.elements[13U] = (int16_t)0; - lit.elements[14U] = (int16_t)0; - lit.elements[15U] = (int16_t)0; + int16_t ret[16U]; + int16_t buf[16U] = {0U}; + libcrux_secrets_int_public_integers_classify_27_46(buf, ret); + memcpy(lit.elements, ret, (size_t)16U * sizeof(int16_t)); return lit; } -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) { - int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_11_int( - Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)11U, uint8_t)); - int16_t_x8 v8_15 = - libcrux_ml_kem_vector_portable_serialize_deserialize_11_int( - Eurydice_slice_subslice2(bytes, (size_t)11U, (size_t)22U, uint8_t)); - libcrux_ml_kem_vector_portable_vector_type_PortableVector v = - libcrux_ml_kem_vector_portable_vector_type_zero(); - v.elements[0U] = v0_7.fst; - v.elements[1U] = v0_7.snd; - v.elements[2U] = v0_7.thd; - v.elements[3U] = v0_7.f3; - v.elements[4U] = v0_7.f4; - v.elements[5U] = v0_7.f5; - v.elements[6U] = v0_7.f6; - v.elements[7U] = v0_7.f7; - v.elements[8U] = v8_15.fst; - v.elements[9U] = v8_15.snd; - v.elements[10U] = v8_15.thd; - v.elements[11U] = v8_15.f3; - v.elements[12U] = v8_15.f4; - v.elements[13U] = v8_15.f5; - v.elements[14U] = v8_15.f6; - v.elements[15U] = v8_15.f7; - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_11_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); -} - -static KRML_MUSTINLINE void -libcrux_ml_kem_vector_portable_vector_type_to_i16_array( - libcrux_ml_kem_vector_portable_vector_type_PortableVector x, - int16_t ret[16U]) { - memcpy(ret, x.elements, (size_t)16U * sizeof(int16_t)); -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline void libcrux_ml_kem_vector_portable_to_i16_array_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector x, - int16_t ret[16U]) { - libcrux_ml_kem_vector_portable_vector_type_to_i16_array(x, ret); -} - -static const uint8_t - libcrux_ml_kem_vector_rej_sample_table_REJECTION_SAMPLE_SHUFFLE_TABLE - [256U][16U] = {{255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, - 255U, 255U, 255U}, - {12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, - 255U, 255U, 255U}, - {10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, - 13U, 255U, 255U}, - {14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, - 255U, 255U, 255U}, - {10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, - 15U, 255U, 255U}, - {12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, - 15U, 255U, 255U}, - {10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, - 15U, 255U, 255U}, - {8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, - 15U, 255U, 255U}, - {6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, - 255U, 255U, 255U, 255U, 255U}, - {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, - 15U, 255U, 255U}, - {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, - 255U, 255U, 255U, 255U}, - {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, - 15U, 255U, 255U}, - {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, - 15U, 255U, 255U}, - {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, - 13U, 14U, 15U}}; - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_ZERO_0d(void) { +libcrux_ml_kem_vector_portable_ZERO_b8(void) { return libcrux_ml_kem_vector_portable_vector_type_zero(); } @@ -6720,11 +5603,11 @@ libcrux_ml_kem_vector_portable_arithmetic_add( } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_add_0d( +libcrux_ml_kem_vector_portable_add_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { return libcrux_ml_kem_vector_portable_arithmetic_add(lhs, rhs); @@ -6744,11 +5627,11 @@ libcrux_ml_kem_vector_portable_arithmetic_sub( } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_sub_0d( +libcrux_ml_kem_vector_portable_sub_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { return libcrux_ml_kem_vector_portable_arithmetic_sub(lhs, rhs); @@ -6756,80 +5639,51 @@ libcrux_ml_kem_vector_portable_sub_0d( static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; size_t uu____0 = i0; - v.elements[uu____0] = v.elements[uu____0] * c; + vec.elements[uu____0] = vec.elements[uu____0] * c; } - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_multiply_by_constant_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { - return libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant(v, c); -} - -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - size_t uu____0 = i0; - v.elements[uu____0] = v.elements[uu____0] & c; - } - return v; +libcrux_ml_kem_vector_portable_multiply_by_constant_b8( + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) { + return libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant(vec, c); } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} + Note: This function is not secret independent + Only use with public values. */ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { - return libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(v, - c); -} - static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_cond_subtract_3329( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - core_ops_range_Range_b3 iter = - core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){ - .start = (size_t)0U, - .end = LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR}), - core_ops_range_Range_b3, core_ops_range_Range_b3); - while (true) { - Option_b3 uu____0 = - core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next( - &iter, size_t, Option_b3); - if (!(uu____0.tag == None)) { - size_t i = uu____0.f0; - if (v.elements[i] >= (int16_t)3329) { - size_t uu____1 = i; - v.elements[uu____1] = v.elements[uu____1] - (int16_t)3329; - } - continue; + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { + for (size_t i = (size_t)0U; + i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { + size_t i0 = i; + if (libcrux_secrets_int_public_integers_declassify_d8_39( + vec.elements[i0]) >= (int16_t)3329) { + size_t uu____0 = i0; + vec.elements[uu____0] = vec.elements[uu____0] - (int16_t)3329; } - return v; } + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_cond_subtract_3329_0d( +libcrux_ml_kem_vector_portable_cond_subtract_3329_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_arithmetic_cond_subtract_3329(v); } @@ -6837,11 +5691,10 @@ libcrux_ml_kem_vector_portable_cond_subtract_3329_0d( #define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_MULTIPLIER \ ((int32_t)20159) -#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT ((int32_t)26) +#define LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_SHIFT ((int32_t)26) -#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_R \ - ((int32_t)1 << (uint32_t) \ - LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT) +#define LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_R \ + ((int32_t)1 << (uint32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_SHIFT) /** Signed Barrett Reduction @@ -6854,50 +5707,47 @@ libcrux_ml_kem_vector_portable_cond_subtract_3329_0d( `|result| ≤ FIELD_MODULUS / 2 · (|value|/BARRETT_R + 1) - In particular, if `|value| < BARRETT_R`, then `|result| < FIELD_MODULUS`. + Note: The input bound is 28296 to prevent overflow in the multiplication of + quotient by FIELD_MODULUS + */ static inline int16_t libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( int16_t value) { - int32_t t = (int32_t)value * + int32_t t = libcrux_secrets_int_as_i32_f5(value) * LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_MULTIPLIER + - (LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_R >> 1U); - int16_t quotient = - (int16_t)(t >> - (uint32_t) - LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT); + (LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_R >> 1U); + int16_t quotient = libcrux_secrets_int_as_i16_36( + t >> (uint32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_SHIFT); return value - quotient * LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - v.elements[i0] = + int16_t vi = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( - v.elements[i0]); + vec.elements[i0]); + vec.elements[i0] = vi; } - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_barrett_reduce_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce(v); +libcrux_ml_kem_vector_portable_barrett_reduce_b8( + libcrux_ml_kem_vector_portable_vector_type_PortableVector vector) { + return libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce(vector); } #define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT (16U) -#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_R \ - ((int32_t)1 << (uint32_t) \ - LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT) - /** Signed Montgomery Reduction @@ -6907,27 +5757,32 @@ libcrux_ml_kem_vector_portable_barrett_reduce_0d( - o ≡ value · MONTGOMERY_R^(-1) (mod FIELD_MODULUS) - the absolute value of `o` is bound as follows: - `|result| ≤ (|value| / MONTGOMERY_R) + (FIELD_MODULUS / 2) + `|result| ≤ ceil(|value| / MONTGOMERY_R) + 1665 + + In particular, if `|value| ≤ FIELD_MODULUS-1 * FIELD_MODULUS-1`, then `|o| <= + FIELD_MODULUS-1`. And, if `|value| ≤ pow2 16 * FIELD_MODULUS-1`, then `|o| <= + FIELD_MODULUS + 1664 - In particular, if `|value| ≤ FIELD_MODULUS * MONTGOMERY_R`, then `|o| < (3 · - FIELD_MODULUS) / 2`. */ static inline int16_t libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( int32_t value) { int32_t k = - (int32_t)(int16_t)value * - (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R; + libcrux_secrets_int_as_i32_f5(libcrux_secrets_int_as_i16_36(value)) * + libcrux_secrets_int_as_i32_b8( + libcrux_secrets_int_public_integers_classify_27_df( + LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R)); int32_t k_times_modulus = - (int32_t)(int16_t)k * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; - int16_t c = - (int16_t)(k_times_modulus >> - (uint32_t) - LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT); - int16_t value_high = - (int16_t)(value >> - (uint32_t) - LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT); + libcrux_secrets_int_as_i32_f5(libcrux_secrets_int_as_i16_36(k)) * + libcrux_secrets_int_as_i32_f5( + libcrux_secrets_int_public_integers_classify_27_39( + LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS)); + int16_t c = libcrux_secrets_int_as_i16_36( + k_times_modulus >> + (uint32_t)LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT); + int16_t value_high = libcrux_secrets_int_as_i16_36( + value >> + (uint32_t)LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT); return value_high - c; } @@ -6945,32 +5800,85 @@ libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( static KRML_MUSTINLINE int16_t libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( int16_t fe, int16_t fer) { + int32_t product = + libcrux_secrets_int_as_i32_f5(fe) * libcrux_secrets_int_as_i32_f5(fer); return libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( - (int32_t)fe * (int32_t)fer); + product); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_by_constant( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - v.elements[i0] = + vec.elements[i0] = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( - v.elements[i0], c); + vec.elements[i0], c); } - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t r) { +libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8( + libcrux_ml_kem_vector_portable_vector_type_PortableVector vector, + int16_t constant) { return libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_by_constant( - v, r); + vector, libcrux_secrets_int_public_integers_classify_27_39(constant)); +} + +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) { + for (size_t i = (size_t)0U; + i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { + size_t i0 = i; + size_t uu____0 = i0; + vec.elements[uu____0] = vec.elements[uu____0] & c; + } + return vec; +} + +/** +A monomorphic instance of libcrux_ml_kem.vector.portable.arithmetic.shift_right +with const generics +- SHIFT_BY= 15 +*/ +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_shift_right_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { + for (size_t i = (size_t)0U; + i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { + size_t i0 = i; + vec.elements[i0] = vec.elements[i0] >> (uint32_t)(int32_t)15; + } + return vec; +} + +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_to_unsigned_representative( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector t = + libcrux_ml_kem_vector_portable_arithmetic_shift_right_ef(a); + libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = + libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant( + t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); + return libcrux_ml_kem_vector_portable_arithmetic_add(a, &fm); +} + +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} +*/ +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_to_unsigned_representative_b8( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_arithmetic_to_unsigned_representative( + a); } /** @@ -6998,34 +5906,38 @@ libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( static inline uint8_t libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( uint16_t fe) { - int16_t shifted = (int16_t)1664 - (int16_t)fe; + int16_t shifted = + libcrux_secrets_int_public_integers_classify_27_39((int16_t)1664) - + libcrux_secrets_int_as_i16_ca(fe); int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); + int16_t r0 = shifted_positive_in_range >> 15U; + int16_t r1 = r0 & (int16_t)1; + return libcrux_secrets_int_as_u8_f5(r1); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_compress_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - v.elements[i0] = (int16_t) + a.elements[i0] = libcrux_secrets_int_as_i16_59( libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( - (uint16_t)v.elements[i0]); + libcrux_secrets_int_as_u16_f5(a.elements[i0]))); } - return v; + return a; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_1_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_1(v); +libcrux_ml_kem_vector_portable_compress_1_b8( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_1(a); } static KRML_MUSTINLINE uint32_t @@ -7037,54 +5949,81 @@ libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits( static inline int16_t libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( uint8_t coefficient_bits, uint16_t fe) { - uint64_t compressed = (uint64_t)fe << (uint32_t)coefficient_bits; + uint64_t compressed = libcrux_secrets_int_as_u64_ca(fe) + << (uint32_t)coefficient_bits; compressed = compressed + 1664ULL; compressed = compressed * 10321340ULL; compressed = compressed >> 35U; - return (int16_t) + return libcrux_secrets_int_as_i16_b8( libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits( - coefficient_bits, (uint32_t)compressed); + coefficient_bits, libcrux_secrets_int_as_u32_a3(compressed))); +} + +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_decompress_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector z = + libcrux_ml_kem_vector_portable_vector_type_zero(); + libcrux_ml_kem_vector_portable_vector_type_PortableVector s = + libcrux_ml_kem_vector_portable_arithmetic_sub(z, &a); + libcrux_ml_kem_vector_portable_vector_type_PortableVector res = + libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant( + s, (int16_t)1665); + return res; +} + +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} +*/ +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_decompress_1_b8( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_decompress_1(a); } static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector *v, int16_t zeta, - size_t i, size_t j) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec, + int16_t zeta, size_t i, size_t j) { int16_t t = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( - v->elements[j], zeta); - v->elements[j] = v->elements[i] - t; - v->elements[i] = v->elements[i] + t; + vec->elements[j], + libcrux_secrets_int_public_integers_classify_27_39(zeta)); + int16_t a_minus_t = vec->elements[i] - t; + int16_t a_plus_t = vec->elements[i] + t; + vec->elements[j] = a_minus_t; + vec->elements[i] = a_plus_t; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_ntt_layer_1_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, - int16_t zeta1, int16_t zeta2, int16_t zeta3) { - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)0U, + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, + int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)0U, (size_t)2U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)1U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)1U, (size_t)3U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)4U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)4U, (size_t)6U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)5U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)5U, (size_t)7U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta2, (size_t)8U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta2, (size_t)8U, (size_t)10U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta2, (size_t)9U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta2, (size_t)9U, (size_t)11U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta3, (size_t)12U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta3, (size_t)12U, (size_t)14U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta3, (size_t)13U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta3, (size_t)13U, (size_t)15U); - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_ntt_layer_1_step_0d( +libcrux_ml_kem_vector_portable_ntt_layer_1_step_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { return libcrux_ml_kem_vector_portable_ntt_ntt_layer_1_step(a, zeta0, zeta1, @@ -7093,33 +6032,33 @@ libcrux_ml_kem_vector_portable_ntt_layer_1_step_0d( static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_ntt_layer_2_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, - int16_t zeta1) { - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)0U, + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, + int16_t zeta0, int16_t zeta1) { + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)0U, (size_t)4U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)1U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)1U, (size_t)5U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)2U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)2U, (size_t)6U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)3U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)3U, (size_t)7U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)8U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)8U, (size_t)12U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)9U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)9U, (size_t)13U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)10U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)10U, (size_t)14U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)11U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)11U, (size_t)15U); - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_ntt_layer_2_step_0d( +libcrux_ml_kem_vector_portable_ntt_layer_2_step_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1) { return libcrux_ml_kem_vector_portable_ntt_ntt_layer_2_step(a, zeta0, zeta1); @@ -7127,75 +6066,80 @@ libcrux_ml_kem_vector_portable_ntt_layer_2_step_0d( static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_ntt_layer_3_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta) { - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)0U, (size_t)8U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)1U, (size_t)9U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)2U, + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, + int16_t zeta) { + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)0U, + (size_t)8U); + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)1U, + (size_t)9U); + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)2U, (size_t)10U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)3U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)3U, (size_t)11U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)4U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)4U, (size_t)12U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)5U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)5U, (size_t)13U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)6U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)6U, (size_t)14U); - libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)7U, + libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)7U, (size_t)15U); - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_ntt_layer_3_step_0d( +libcrux_ml_kem_vector_portable_ntt_layer_3_step_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta) { return libcrux_ml_kem_vector_portable_ntt_ntt_layer_3_step(a, zeta); } static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_inv_ntt_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector *v, int16_t zeta, - size_t i, size_t j) { - int16_t a_minus_b = v->elements[j] - v->elements[i]; - v->elements[i] = - libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( - v->elements[i] + v->elements[j]); - v->elements[j] = + libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec, + int16_t zeta, size_t i, size_t j) { + int16_t a_minus_b = vec->elements[j] - vec->elements[i]; + int16_t a_plus_b = vec->elements[j] + vec->elements[i]; + int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + a_plus_b); + int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( - a_minus_b, zeta); + a_minus_b, libcrux_secrets_int_public_integers_classify_27_39(zeta)); + vec->elements[i] = o0; + vec->elements[j] = o1; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_1_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, - int16_t zeta1, int16_t zeta2, int16_t zeta3) { - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)0U, + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, + int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)0U, (size_t)2U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)1U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)1U, (size_t)3U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)4U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)4U, (size_t)6U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)5U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)5U, (size_t)7U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta2, (size_t)8U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta2, (size_t)8U, (size_t)10U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta2, (size_t)9U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta2, (size_t)9U, (size_t)11U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta3, (size_t)12U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta3, (size_t)12U, (size_t)14U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta3, (size_t)13U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta3, (size_t)13U, (size_t)15U); - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_0d( +libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_1_step( @@ -7204,33 +6148,33 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_0d( static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_2_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, - int16_t zeta1) { - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)0U, + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, + int16_t zeta0, int16_t zeta1) { + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)0U, (size_t)4U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)1U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)1U, (size_t)5U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)2U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)2U, (size_t)6U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)3U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)3U, (size_t)7U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)8U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)8U, (size_t)12U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)9U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)9U, (size_t)13U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)10U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)10U, (size_t)14U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)11U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)11U, (size_t)15U); - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_0d( +libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1) { return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_2_step(a, zeta0, @@ -7239,32 +6183,33 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_0d( static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_3_step( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta) { - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)0U, + libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, + int16_t zeta) { + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)0U, (size_t)8U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)1U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)1U, (size_t)9U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)2U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)2U, (size_t)10U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)3U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)3U, (size_t)11U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)4U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)4U, (size_t)12U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)5U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)5U, (size_t)13U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)6U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)6U, (size_t)14U); - libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)7U, + libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)7U, (size_t)15U); - return v; + return vec; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d( +libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta) { return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_3_step(a, zeta); } @@ -7295,20 +6240,34 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, size_t j, - libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { - int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( - (int32_t)a->elements[i] * (int32_t)b->elements[i] + - (int32_t) - libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( - (int32_t)a->elements[j] * (int32_t)b->elements[j]) * - (int32_t)zeta); + size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { + int16_t ai = a->elements[(size_t)2U * i]; + int16_t bi = b->elements[(size_t)2U * i]; + int16_t aj = a->elements[(size_t)2U * i + (size_t)1U]; + int16_t bj = b->elements[(size_t)2U * i + (size_t)1U]; + int32_t ai_bi = + libcrux_secrets_int_as_i32_f5(ai) * libcrux_secrets_int_as_i32_f5(bi); + int32_t aj_bj_ = + libcrux_secrets_int_as_i32_f5(aj) * libcrux_secrets_int_as_i32_f5(bj); + int16_t aj_bj = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( + aj_bj_); + int32_t aj_bj_zeta = libcrux_secrets_int_as_i32_f5(aj_bj) * + libcrux_secrets_int_as_i32_f5(zeta); + int32_t ai_bi_aj_bj = ai_bi + aj_bj_zeta; + int16_t o0 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( + ai_bi_aj_bj); + int32_t ai_bj = + libcrux_secrets_int_as_i32_f5(ai) * libcrux_secrets_int_as_i32_f5(bj); + int32_t aj_bi = + libcrux_secrets_int_as_i32_f5(aj) * libcrux_secrets_int_as_i32_f5(bi); + int32_t ai_bj_aj_bi = ai_bj + aj_bi; int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( - (int32_t)a->elements[i] * (int32_t)b->elements[j] + - (int32_t)a->elements[j] * (int32_t)b->elements[i]); - out->elements[i] = o0; - out->elements[j] = o1; + ai_bj_aj_bi); + out->elements[(size_t)2U * i] = o0; + out->elements[(size_t)2U * i + (size_t)1U] = o1; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -7316,33 +6275,45 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply( libcrux_ml_kem_vector_portable_vector_type_PortableVector *lhs, libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { + int16_t nzeta0 = -zeta0; + int16_t nzeta1 = -zeta1; + int16_t nzeta2 = -zeta2; + int16_t nzeta3 = -zeta3; libcrux_ml_kem_vector_portable_vector_type_PortableVector out = libcrux_ml_kem_vector_portable_vector_type_zero(); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta0, (size_t)0U, (size_t)1U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta0), + (size_t)0U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, -zeta0, (size_t)2U, (size_t)3U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta0), + (size_t)1U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta1, (size_t)4U, (size_t)5U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta1), + (size_t)2U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, -zeta1, (size_t)6U, (size_t)7U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta1), + (size_t)3U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta2, (size_t)8U, (size_t)9U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta2), + (size_t)4U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, -zeta2, (size_t)10U, (size_t)11U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta2), + (size_t)5U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta3, (size_t)12U, (size_t)13U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta3), + (size_t)6U, &out); libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, -zeta3, (size_t)14U, (size_t)15U, &out); + lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta3), + (size_t)7U, &out); return out; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_ntt_multiply_0d( +libcrux_ml_kem_vector_portable_ntt_multiply_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector *lhs, libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { @@ -7354,62 +6325,114 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[2U]) { - uint8_t result[2U] = {0U}; - for (size_t i = (size_t)0U; i < (size_t)8U; i++) { - size_t i0 = i; - size_t uu____0 = (size_t)0U; - result[uu____0] = (uint32_t)result[uu____0] | - (uint32_t)(uint8_t)v.elements[i0] << (uint32_t)i0; - } - for (size_t i = (size_t)8U; i < (size_t)16U; i++) { - size_t i0 = i; - size_t uu____1 = (size_t)1U; - result[uu____1] = - (uint32_t)result[uu____1] | (uint32_t)(uint8_t)v.elements[i0] - << (uint32_t)(i0 - (size_t)8U); - } - memcpy(ret, result, (size_t)2U * sizeof(uint8_t)); + uint8_t result0 = + (((((((uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[0U]) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[1U]) << 1U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[2U]) << 2U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[3U]) << 3U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[4U]) << 4U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[5U]) << 5U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[6U]) << 6U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[7U]) << 7U; + uint8_t result1 = + (((((((uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[8U]) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[9U]) << 1U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[10U]) << 2U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[11U]) << 3U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[12U]) << 4U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[13U]) << 5U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[14U]) << 6U) | + (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[15U]) << 7U; + ret[0U] = result0; + ret[1U] = result1; +} + +static inline void libcrux_ml_kem_vector_portable_serialize_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[2U]) { + uint8_t ret0[2U]; + libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret0); + libcrux_secrets_int_public_integers_declassify_d8_d4(ret0, ret); } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ -static inline void libcrux_ml_kem_vector_portable_serialize_1_0d( +static inline void libcrux_ml_kem_vector_portable_serialize_1_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); + libcrux_ml_kem_vector_portable_serialize_1(a, ret); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) { - libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_vector_portable_vector_type_zero(); - for (size_t i = (size_t)0U; i < (size_t)8U; i++) { - size_t i0 = i; - result.elements[i0] = (int16_t)((uint32_t)Eurydice_slice_index( - v, (size_t)0U, uint8_t, uint8_t *) >> - (uint32_t)i0 & - 1U); - } - for (size_t i = (size_t)8U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - result.elements[i0] = (int16_t)((uint32_t)Eurydice_slice_index( - v, (size_t)1U, uint8_t, uint8_t *) >> - (uint32_t)(i0 - (size_t)8U) & - 1U); - } - return result; + int16_t result0 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) & 1U); + int16_t result1 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 1U & + 1U); + int16_t result2 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 2U & + 1U); + int16_t result3 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 3U & + 1U); + int16_t result4 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 4U & + 1U); + int16_t result5 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 5U & + 1U); + int16_t result6 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 6U & + 1U); + int16_t result7 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 7U & + 1U); + int16_t result8 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) & 1U); + int16_t result9 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 1U & + 1U); + int16_t result10 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 2U & + 1U); + int16_t result11 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 3U & + 1U); + int16_t result12 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 4U & + 1U); + int16_t result13 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 5U & + 1U); + int16_t result14 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 6U & + 1U); + int16_t result15 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 7U & + 1U); + return ( + KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){ + .elements = {result0, result1, result2, result3, result4, result5, + result6, result7, result8, result9, result10, result11, + result12, result13, result14, result15}}); +} + +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_1( + libcrux_secrets_int_classify_public_classify_ref_9b_90(a)); } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_1_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); +libcrux_ml_kem_vector_portable_deserialize_1_b8(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_deserialize_1(a); } typedef struct uint8_t_x4_s { @@ -7421,27 +6444,27 @@ typedef struct uint8_t_x4_s { static KRML_MUSTINLINE uint8_t_x4 libcrux_ml_kem_vector_portable_serialize_serialize_4_int(Eurydice_slice v) { - uint8_t result0 = - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) - << 4U | - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)0U, int16_t, - int16_t *); - uint8_t result1 = - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) - << 4U | - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)2U, int16_t, - int16_t *); - uint8_t result2 = - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *) - << 4U | - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)4U, int16_t, - int16_t *); - uint8_t result3 = - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *) - << 4U | - (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)6U, int16_t, - int16_t *); - return (CLITERAL(uint8_t_x4){ + uint8_t result0 = (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *)) + << 4U | + (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index( + v, (size_t)0U, int16_t, int16_t *)); + uint8_t result1 = (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *)) + << 4U | + (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index( + v, (size_t)2U, int16_t, int16_t *)); + uint8_t result2 = (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *)) + << 4U | + (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index( + v, (size_t)4U, int16_t, int16_t *)); + uint8_t result3 = (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *)) + << 4U | + (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index( + v, (size_t)6U, int16_t, int16_t *)); + return (KRML_CLITERAL(uint8_t_x4){ .fst = result0, .snd = result1, .thd = result2, .f3 = result3}); } @@ -7451,109 +6474,107 @@ libcrux_ml_kem_vector_portable_serialize_serialize_4( uint8_t ret[8U]) { uint8_t_x4 result0_3 = libcrux_ml_kem_vector_portable_serialize_serialize_4_int( - Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)8U, - int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)0U, (size_t)8U, + int16_t *)); uint8_t_x4 result4_7 = libcrux_ml_kem_vector_portable_serialize_serialize_4_int( - Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)16U, - int16_t)); - uint8_t result[8U] = {0U}; - result[0U] = result0_3.fst; - result[1U] = result0_3.snd; - result[2U] = result0_3.thd; - result[3U] = result0_3.f3; - result[4U] = result4_7.fst; - result[5U] = result4_7.snd; - result[6U] = result4_7.thd; - result[7U] = result4_7.f3; - memcpy(ret, result, (size_t)8U * sizeof(uint8_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)8U, (size_t)16U, + int16_t *)); + ret[0U] = result0_3.fst; + ret[1U] = result0_3.snd; + ret[2U] = result0_3.thd; + ret[3U] = result0_3.f3; + ret[4U] = result4_7.fst; + ret[5U] = result4_7.snd; + ret[6U] = result4_7.thd; + ret[7U] = result4_7.f3; +} + +static inline void libcrux_ml_kem_vector_portable_serialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[8U]) { + uint8_t ret0[8U]; + libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret0); + libcrux_secrets_int_public_integers_declassify_d8_76(ret0, ret); } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ -static inline void libcrux_ml_kem_vector_portable_serialize_4_0d( +static inline void libcrux_ml_kem_vector_portable_serialize_4_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); + libcrux_ml_kem_vector_portable_serialize_4(a, ret); } static KRML_MUSTINLINE int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_4_int( Eurydice_slice bytes) { - int16_t v0 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)0U, - uint8_t, uint8_t *) & - 15U); - int16_t v1 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)0U, - uint8_t, uint8_t *) >> - 4U & - 15U); - int16_t v2 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)1U, - uint8_t, uint8_t *) & - 15U); - int16_t v3 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)1U, - uint8_t, uint8_t *) >> - 4U & - 15U); - int16_t v4 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)2U, - uint8_t, uint8_t *) & - 15U); - int16_t v5 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)2U, - uint8_t, uint8_t *) >> - 4U & - 15U); - int16_t v6 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)3U, - uint8_t, uint8_t *) & - 15U); - int16_t v7 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)3U, - uint8_t, uint8_t *) >> - 4U & - 15U); - return (CLITERAL(int16_t_x8){.fst = v0, - .snd = v1, - .thd = v2, - .f3 = v3, - .f4 = v4, - .f5 = v5, - .f6 = v6, - .f7 = v7}); + int16_t v0 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) & + 15U); + int16_t v1 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) >> + 4U & + 15U); + int16_t v2 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) & + 15U); + int16_t v3 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) >> + 4U & + 15U); + int16_t v4 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) & + 15U); + int16_t v5 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) >> + 4U & + 15U); + int16_t v6 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) & + 15U); + int16_t v7 = libcrux_secrets_int_as_i16_59( + (uint32_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) >> + 4U & + 15U); + return (KRML_CLITERAL(int16_t_x8){.fst = v0, + .snd = v1, + .thd = v2, + .f3 = v3, + .f4 = v4, + .f5 = v5, + .f6 = v6, + .f7 = v7}); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) { int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_4_int( - Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)4U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)0U, (size_t)4U, uint8_t *)); int16_t_x8 v8_15 = libcrux_ml_kem_vector_portable_serialize_deserialize_4_int( - Eurydice_slice_subslice2(bytes, (size_t)4U, (size_t)8U, uint8_t)); - libcrux_ml_kem_vector_portable_vector_type_PortableVector v = - libcrux_ml_kem_vector_portable_vector_type_zero(); - v.elements[0U] = v0_7.fst; - v.elements[1U] = v0_7.snd; - v.elements[2U] = v0_7.thd; - v.elements[3U] = v0_7.f3; - v.elements[4U] = v0_7.f4; - v.elements[5U] = v0_7.f5; - v.elements[6U] = v0_7.f6; - v.elements[7U] = v0_7.f7; - v.elements[8U] = v8_15.fst; - v.elements[9U] = v8_15.snd; - v.elements[10U] = v8_15.thd; - v.elements[11U] = v8_15.f3; - v.elements[12U] = v8_15.f4; - v.elements[13U] = v8_15.f5; - v.elements[14U] = v8_15.f6; - v.elements[15U] = v8_15.f7; - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} + Eurydice_slice_subslice3(bytes, (size_t)4U, (size_t)8U, uint8_t *)); + return ( + KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){ + .elements = {v0_7.fst, v0_7.snd, v0_7.thd, v0_7.f3, v0_7.f4, v0_7.f5, + v0_7.f6, v0_7.f7, v8_15.fst, v8_15.snd, v8_15.thd, + v8_15.f3, v8_15.f4, v8_15.f5, v8_15.f6, v8_15.f7}}); +} + +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_4( + libcrux_secrets_int_classify_public_classify_ref_9b_90(a)); +} + +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_4_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); +libcrux_ml_kem_vector_portable_deserialize_4_b8(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_deserialize_4(a); } typedef struct uint8_t_x5_s { @@ -7565,184 +6586,34 @@ typedef struct uint8_t_x5_s { } uint8_t_x5; static KRML_MUSTINLINE uint8_t_x5 -libcrux_ml_kem_vector_portable_serialize_serialize_5_int(Eurydice_slice v) { - uint8_t r0 = - (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) | - Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) << 5U); +libcrux_ml_kem_vector_portable_serialize_serialize_10_int(Eurydice_slice v) { + uint8_t r0 = libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) & (int16_t)255); uint8_t r1 = - (uint8_t)((Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 3U | - Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) - << 2U) | - Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) << 7U); + (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) & (int16_t)63) + << 2U | + (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) >> 8U & + (int16_t)3); uint8_t r2 = - (uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) >> 1U | - Eurydice_slice_index(v, (size_t)4U, int16_t, int16_t *) << 4U); + (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) & (int16_t)15) + << 4U | + (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 6U & + (int16_t)15); uint8_t r3 = - (uint8_t)((Eurydice_slice_index(v, (size_t)4U, int16_t, int16_t *) >> 4U | - Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *) - << 1U) | - Eurydice_slice_index(v, (size_t)6U, int16_t, int16_t *) << 6U); - uint8_t r4 = - (uint8_t)(Eurydice_slice_index(v, (size_t)6U, int16_t, int16_t *) >> 2U | - Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *) << 3U); - return (CLITERAL(uint8_t_x5){ - .fst = r0, .snd = r1, .thd = r2, .f3 = r3, .f4 = r4}); -} - -static KRML_MUSTINLINE void -libcrux_ml_kem_vector_portable_serialize_serialize_5( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, - uint8_t ret[10U]) { - uint8_t_x5 r0_4 = libcrux_ml_kem_vector_portable_serialize_serialize_5_int( - Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)8U, int16_t)); - uint8_t_x5 r5_9 = libcrux_ml_kem_vector_portable_serialize_serialize_5_int( - Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)16U, - int16_t)); - uint8_t result[10U] = {0U}; - result[0U] = r0_4.fst; - result[1U] = r0_4.snd; - result[2U] = r0_4.thd; - result[3U] = r0_4.f3; - result[4U] = r0_4.f4; - result[5U] = r5_9.fst; - result[6U] = r5_9.snd; - result[7U] = r5_9.thd; - result[8U] = r5_9.f3; - result[9U] = r5_9.f4; - memcpy(ret, result, (size_t)10U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline void libcrux_ml_kem_vector_portable_serialize_5_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); -} - -static KRML_MUSTINLINE int16_t_x8 -libcrux_ml_kem_vector_portable_serialize_deserialize_5_int( - Eurydice_slice bytes) { - int16_t v0 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)0U, - uint8_t, uint8_t *) & - 31U); - int16_t v1 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)1U, - uint8_t, uint8_t *) & - 3U) << 3U | - (uint32_t)Eurydice_slice_index(bytes, (size_t)0U, - uint8_t, uint8_t *) >> - 5U); - int16_t v2 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)1U, - uint8_t, uint8_t *) >> - 2U & - 31U); - int16_t v3 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)2U, - uint8_t, uint8_t *) & - 15U) - << 1U | - (uint32_t)Eurydice_slice_index(bytes, (size_t)1U, - uint8_t, uint8_t *) >> - 7U); - int16_t v4 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)3U, - uint8_t, uint8_t *) & - 1U) << 4U | - (uint32_t)Eurydice_slice_index(bytes, (size_t)2U, - uint8_t, uint8_t *) >> - 4U); - int16_t v5 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)3U, - uint8_t, uint8_t *) >> - 1U & - 31U); - int16_t v6 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)4U, - uint8_t, uint8_t *) & - 7U) << 2U | - (uint32_t)Eurydice_slice_index(bytes, (size_t)3U, - uint8_t, uint8_t *) >> - 6U); - int16_t v7 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)4U, - uint8_t, uint8_t *) >> - 3U); - return (CLITERAL(int16_t_x8){.fst = v0, - .snd = v1, - .thd = v2, - .f3 = v3, - .f4 = v4, - .f5 = v5, - .f6 = v6, - .f7 = v7}); -} - -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) { - int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_5_int( - Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)5U, uint8_t)); - int16_t_x8 v8_15 = libcrux_ml_kem_vector_portable_serialize_deserialize_5_int( - Eurydice_slice_subslice2(bytes, (size_t)5U, (size_t)10U, uint8_t)); - libcrux_ml_kem_vector_portable_vector_type_PortableVector v = - libcrux_ml_kem_vector_portable_vector_type_zero(); - v.elements[0U] = v0_7.fst; - v.elements[1U] = v0_7.snd; - v.elements[2U] = v0_7.thd; - v.elements[3U] = v0_7.f3; - v.elements[4U] = v0_7.f4; - v.elements[5U] = v0_7.f5; - v.elements[6U] = v0_7.f6; - v.elements[7U] = v0_7.f7; - v.elements[8U] = v8_15.fst; - v.elements[9U] = v8_15.snd; - v.elements[10U] = v8_15.thd; - v.elements[11U] = v8_15.f3; - v.elements[12U] = v8_15.f4; - v.elements[13U] = v8_15.f5; - v.elements[14U] = v8_15.f6; - v.elements[15U] = v8_15.f7; - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_5_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); -} - -static KRML_MUSTINLINE uint8_t_x5 -libcrux_ml_kem_vector_portable_serialize_serialize_10_int(Eurydice_slice v) { - uint8_t r0 = - (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) & - (int16_t)255); - uint8_t r1 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t, - int16_t *) & - (int16_t)63) - << 2U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, - int16_t *) >> - 8U & - (int16_t)3); - uint8_t r2 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t, - int16_t *) & - (int16_t)15) - << 4U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t, - int16_t *) >> - 6U & - (int16_t)15); - uint8_t r3 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, - int16_t *) & - (int16_t)3) - << 6U | - (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t, - int16_t *) >> - 4U & - (int16_t)63); - uint8_t r4 = - (uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) >> 2U & - (int16_t)255); - return (CLITERAL(uint8_t_x5){ + (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) & (int16_t)3) + << 6U | + (uint32_t)libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) >> 4U & + (int16_t)63); + uint8_t r4 = libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) >> 2U & + (int16_t)255); + return (KRML_CLITERAL(uint8_t_x5){ .fst = r0, .snd = r1, .thd = r2, .f3 = r3, .f4 = r4}); } @@ -7751,143 +6622,159 @@ libcrux_ml_kem_vector_portable_serialize_serialize_10( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[20U]) { uint8_t_x5 r0_4 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int( - Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)4U, int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)0U, (size_t)4U, + int16_t *)); uint8_t_x5 r5_9 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int( - Eurydice_array_to_subslice2(v.elements, (size_t)4U, (size_t)8U, int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)4U, (size_t)8U, + int16_t *)); uint8_t_x5 r10_14 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int( - Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)12U, - int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)8U, (size_t)12U, + int16_t *)); uint8_t_x5 r15_19 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int( - Eurydice_array_to_subslice2(v.elements, (size_t)12U, (size_t)16U, - int16_t)); - uint8_t result[20U] = {0U}; - result[0U] = r0_4.fst; - result[1U] = r0_4.snd; - result[2U] = r0_4.thd; - result[3U] = r0_4.f3; - result[4U] = r0_4.f4; - result[5U] = r5_9.fst; - result[6U] = r5_9.snd; - result[7U] = r5_9.thd; - result[8U] = r5_9.f3; - result[9U] = r5_9.f4; - result[10U] = r10_14.fst; - result[11U] = r10_14.snd; - result[12U] = r10_14.thd; - result[13U] = r10_14.f3; - result[14U] = r10_14.f4; - result[15U] = r15_19.fst; - result[16U] = r15_19.snd; - result[17U] = r15_19.thd; - result[18U] = r15_19.f3; - result[19U] = r15_19.f4; - memcpy(ret, result, (size_t)20U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline void libcrux_ml_kem_vector_portable_serialize_10_0d( + Eurydice_array_to_subslice3(v.elements, (size_t)12U, (size_t)16U, + int16_t *)); + ret[0U] = r0_4.fst; + ret[1U] = r0_4.snd; + ret[2U] = r0_4.thd; + ret[3U] = r0_4.f3; + ret[4U] = r0_4.f4; + ret[5U] = r5_9.fst; + ret[6U] = r5_9.snd; + ret[7U] = r5_9.thd; + ret[8U] = r5_9.f3; + ret[9U] = r5_9.f4; + ret[10U] = r10_14.fst; + ret[11U] = r10_14.snd; + ret[12U] = r10_14.thd; + ret[13U] = r10_14.f3; + ret[14U] = r10_14.f4; + ret[15U] = r15_19.fst; + ret[16U] = r15_19.snd; + ret[17U] = r15_19.thd; + ret[18U] = r15_19.f3; + ret[19U] = r15_19.f4; +} + +static inline void libcrux_ml_kem_vector_portable_serialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[20U]) { + uint8_t ret0[20U]; + libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret0); + libcrux_secrets_int_public_integers_declassify_d8_57(ret0, ret); +} + +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} +*/ +static inline void libcrux_ml_kem_vector_portable_serialize_10_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); + libcrux_ml_kem_vector_portable_serialize_10(a, ret); } static KRML_MUSTINLINE int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_10_int( Eurydice_slice bytes) { - int16_t r0 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) & + int16_t r0 = libcrux_secrets_int_as_i16_f5( + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *)) & (int16_t)3) << 8U | - ((int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) & - (int16_t)255); - int16_t r1 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) & + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *)) & + (int16_t)255)); + int16_t r1 = libcrux_secrets_int_as_i16_f5( + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *)) & (int16_t)15) << 6U | - (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) >> - 2U; - int16_t r2 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) & + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *)) >> + 2U); + int16_t r2 = libcrux_secrets_int_as_i16_f5( + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *)) & (int16_t)63) << 4U | - (int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) >> - 4U; - int16_t r3 = - (int16_t)Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *) + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *)) >> + 4U); + int16_t r3 = libcrux_secrets_int_as_i16_f5( + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *)) << 2U | - (int16_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) >> - 6U; - int16_t r4 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) & + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *)) >> + 6U); + int16_t r4 = libcrux_secrets_int_as_i16_f5( + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *)) & (int16_t)3) << 8U | - ((int16_t)Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *) & - (int16_t)255); - int16_t r5 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *) & + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *)) & + (int16_t)255)); + int16_t r5 = libcrux_secrets_int_as_i16_f5( + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *)) & (int16_t)15) << 6U | - (int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) >> - 2U; - int16_t r6 = - ((int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) & + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *)) >> + 2U); + int16_t r6 = libcrux_secrets_int_as_i16_f5( + (libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *)) & (int16_t)63) << 4U | - (int16_t)Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *) >> - 4U; - int16_t r7 = - (int16_t)Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *) + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *)) >> + 4U); + int16_t r7 = libcrux_secrets_int_as_i16_f5( + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *)) << 2U | - (int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) >> - 6U; - return (CLITERAL(int16_t_x8){.fst = r0, - .snd = r1, - .thd = r2, - .f3 = r3, - .f4 = r4, - .f5 = r5, - .f6 = r6, - .f7 = r7}); + libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *)) >> + 6U); + return (KRML_CLITERAL(int16_t_x8){.fst = r0, + .snd = r1, + .thd = r2, + .f3 = r3, + .f4 = r4, + .f5 = r5, + .f6 = r6, + .f7 = r7}); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) { int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_10_int( - Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)10U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)0U, (size_t)10U, uint8_t *)); int16_t_x8 v8_15 = libcrux_ml_kem_vector_portable_serialize_deserialize_10_int( - Eurydice_slice_subslice2(bytes, (size_t)10U, (size_t)20U, uint8_t)); - libcrux_ml_kem_vector_portable_vector_type_PortableVector v = - libcrux_ml_kem_vector_portable_vector_type_zero(); - v.elements[0U] = v0_7.fst; - v.elements[1U] = v0_7.snd; - v.elements[2U] = v0_7.thd; - v.elements[3U] = v0_7.f3; - v.elements[4U] = v0_7.f4; - v.elements[5U] = v0_7.f5; - v.elements[6U] = v0_7.f6; - v.elements[7U] = v0_7.f7; - v.elements[8U] = v8_15.fst; - v.elements[9U] = v8_15.snd; - v.elements[10U] = v8_15.thd; - v.elements[11U] = v8_15.f3; - v.elements[12U] = v8_15.f4; - v.elements[13U] = v8_15.f5; - v.elements[14U] = v8_15.f6; - v.elements[15U] = v8_15.f7; - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} + Eurydice_slice_subslice3(bytes, (size_t)10U, (size_t)20U, uint8_t *)); + return ( + KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){ + .elements = {v0_7.fst, v0_7.snd, v0_7.thd, v0_7.f3, v0_7.f4, v0_7.f5, + v0_7.f6, v0_7.f7, v8_15.fst, v8_15.snd, v8_15.thd, + v8_15.f3, v8_15.f4, v8_15.f5, v8_15.f6, v8_15.f7}}); +} + +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_10( + libcrux_secrets_int_classify_public_classify_ref_9b_90(a)); +} + +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_10_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); +libcrux_ml_kem_vector_portable_deserialize_10_b8(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_deserialize_10(a); } typedef struct uint8_t_x3_s { @@ -7898,18 +6785,16 @@ typedef struct uint8_t_x3_s { static KRML_MUSTINLINE uint8_t_x3 libcrux_ml_kem_vector_portable_serialize_serialize_12_int(Eurydice_slice v) { - uint8_t r0 = - (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) & - (int16_t)255); - uint8_t r1 = - (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) >> 8U | - (Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) & - (int16_t)15) - << 4U); - uint8_t r2 = - (uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 4U & - (int16_t)255); - return (CLITERAL(uint8_t_x3){.fst = r0, .snd = r1, .thd = r2}); + uint8_t r0 = libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) & (int16_t)255); + uint8_t r1 = libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) >> 8U | + (Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) & (int16_t)15) + << 4U); + uint8_t r2 = libcrux_secrets_int_as_u8_f5( + Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 4U & + (int16_t)255); + return (KRML_CLITERAL(uint8_t_x3){.fst = r0, .snd = r1, .thd = r2}); } static KRML_MUSTINLINE void @@ -7917,61 +6802,71 @@ libcrux_ml_kem_vector_portable_serialize_serialize_12( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[24U]) { uint8_t_x3 r0_2 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)2U, int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)0U, (size_t)2U, + int16_t *)); uint8_t_x3 r3_5 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)2U, (size_t)4U, int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)2U, (size_t)4U, + int16_t *)); uint8_t_x3 r6_8 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)4U, (size_t)6U, int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)4U, (size_t)6U, + int16_t *)); uint8_t_x3 r9_11 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)6U, (size_t)8U, int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)6U, (size_t)8U, + int16_t *)); uint8_t_x3 r12_14 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)10U, - int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)8U, (size_t)10U, + int16_t *)); uint8_t_x3 r15_17 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)10U, (size_t)12U, - int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)10U, (size_t)12U, + int16_t *)); uint8_t_x3 r18_20 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)12U, (size_t)14U, - int16_t)); + Eurydice_array_to_subslice3(v.elements, (size_t)12U, (size_t)14U, + int16_t *)); uint8_t_x3 r21_23 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int( - Eurydice_array_to_subslice2(v.elements, (size_t)14U, (size_t)16U, - int16_t)); - uint8_t result[24U] = {0U}; - result[0U] = r0_2.fst; - result[1U] = r0_2.snd; - result[2U] = r0_2.thd; - result[3U] = r3_5.fst; - result[4U] = r3_5.snd; - result[5U] = r3_5.thd; - result[6U] = r6_8.fst; - result[7U] = r6_8.snd; - result[8U] = r6_8.thd; - result[9U] = r9_11.fst; - result[10U] = r9_11.snd; - result[11U] = r9_11.thd; - result[12U] = r12_14.fst; - result[13U] = r12_14.snd; - result[14U] = r12_14.thd; - result[15U] = r15_17.fst; - result[16U] = r15_17.snd; - result[17U] = r15_17.thd; - result[18U] = r18_20.fst; - result[19U] = r18_20.snd; - result[20U] = r18_20.thd; - result[21U] = r21_23.fst; - result[22U] = r21_23.snd; - result[23U] = r21_23.thd; - memcpy(ret, result, (size_t)24U * sizeof(uint8_t)); -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -static inline void libcrux_ml_kem_vector_portable_serialize_12_0d( + Eurydice_array_to_subslice3(v.elements, (size_t)14U, (size_t)16U, + int16_t *)); + ret[0U] = r0_2.fst; + ret[1U] = r0_2.snd; + ret[2U] = r0_2.thd; + ret[3U] = r3_5.fst; + ret[4U] = r3_5.snd; + ret[5U] = r3_5.thd; + ret[6U] = r6_8.fst; + ret[7U] = r6_8.snd; + ret[8U] = r6_8.thd; + ret[9U] = r9_11.fst; + ret[10U] = r9_11.snd; + ret[11U] = r9_11.thd; + ret[12U] = r12_14.fst; + ret[13U] = r12_14.snd; + ret[14U] = r12_14.thd; + ret[15U] = r15_17.fst; + ret[16U] = r15_17.snd; + ret[17U] = r15_17.thd; + ret[18U] = r18_20.fst; + ret[19U] = r18_20.snd; + ret[20U] = r18_20.thd; + ret[21U] = r21_23.fst; + ret[22U] = r21_23.snd; + ret[23U] = r21_23.thd; +} + +static inline void libcrux_ml_kem_vector_portable_serialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[24U]) { + uint8_t ret0[24U]; + libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret0); + libcrux_secrets_int_public_integers_declassify_d8_d2(ret0, ret); +} + +/** +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} +*/ +static inline void libcrux_ml_kem_vector_portable_serialize_12_b8( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); + libcrux_ml_kem_vector_portable_serialize_12(a, ret); } typedef struct int16_t_x2_s { @@ -7982,66 +6877,59 @@ typedef struct int16_t_x2_s { static KRML_MUSTINLINE int16_t_x2 libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( Eurydice_slice bytes) { - int16_t byte0 = - (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *); - int16_t byte1 = - (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *); - int16_t byte2 = - (int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *); + int16_t byte0 = libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *)); + int16_t byte1 = libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *)); + int16_t byte2 = libcrux_secrets_int_as_i16_59( + Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *)); int16_t r0 = (byte1 & (int16_t)15) << 8U | (byte0 & (int16_t)255); int16_t r1 = byte2 << 4U | (byte1 >> 4U & (int16_t)15); - return (CLITERAL(int16_t_x2){.fst = r0, .snd = r1}); + return (KRML_CLITERAL(int16_t_x2){.fst = r0, .snd = r1}); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) { int16_t_x2 v0_1 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)3U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)0U, (size_t)3U, uint8_t *)); int16_t_x2 v2_3 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)3U, (size_t)6U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)3U, (size_t)6U, uint8_t *)); int16_t_x2 v4_5 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)6U, (size_t)9U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)6U, (size_t)9U, uint8_t *)); int16_t_x2 v6_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)9U, (size_t)12U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)9U, (size_t)12U, uint8_t *)); int16_t_x2 v8_9 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)12U, (size_t)15U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)12U, (size_t)15U, uint8_t *)); int16_t_x2 v10_11 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)15U, (size_t)18U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)15U, (size_t)18U, uint8_t *)); int16_t_x2 v12_13 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)18U, (size_t)21U, uint8_t)); + Eurydice_slice_subslice3(bytes, (size_t)18U, (size_t)21U, uint8_t *)); int16_t_x2 v14_15 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( - Eurydice_slice_subslice2(bytes, (size_t)21U, (size_t)24U, uint8_t)); - libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_vector_portable_vector_type_zero(); - re.elements[0U] = v0_1.fst; - re.elements[1U] = v0_1.snd; - re.elements[2U] = v2_3.fst; - re.elements[3U] = v2_3.snd; - re.elements[4U] = v4_5.fst; - re.elements[5U] = v4_5.snd; - re.elements[6U] = v6_7.fst; - re.elements[7U] = v6_7.snd; - re.elements[8U] = v8_9.fst; - re.elements[9U] = v8_9.snd; - re.elements[10U] = v10_11.fst; - re.elements[11U] = v10_11.snd; - re.elements[12U] = v12_13.fst; - re.elements[13U] = v12_13.snd; - re.elements[14U] = v14_15.fst; - re.elements[15U] = v14_15.snd; - return re; + Eurydice_slice_subslice3(bytes, (size_t)21U, (size_t)24U, uint8_t *)); + return ( + KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){ + .elements = {v0_1.fst, v0_1.snd, v2_3.fst, v2_3.snd, v4_5.fst, + v4_5.snd, v6_7.fst, v6_7.snd, v8_9.fst, v8_9.snd, + v10_11.fst, v10_11.snd, v12_13.fst, v12_13.snd, + v14_15.fst, v14_15.snd}}); +} + +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_12( + libcrux_secrets_int_classify_public_classify_ref_9b_90(a)); } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_12_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); +libcrux_ml_kem_vector_portable_deserialize_12_b8(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_deserialize_12(a); } static KRML_MUSTINLINE size_t @@ -8059,46 +6947,16 @@ libcrux_ml_kem_vector_portable_sampling_rej_sample(Eurydice_slice a, uint8_t, uint8_t *); int16_t d1 = (b2 & (int16_t)15) << 8U | b1; int16_t d2 = b3 << 4U | b2 >> 4U; - bool uu____0; - int16_t uu____1; - bool uu____2; - size_t uu____3; - int16_t uu____4; - size_t uu____5; - int16_t uu____6; if (d1 < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS) { if (sampled < (size_t)16U) { Eurydice_slice_index(result, sampled, int16_t, int16_t *) = d1; sampled++; - uu____1 = d2; - uu____6 = LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; - uu____0 = uu____1 < uu____6; - if (uu____0) { - uu____3 = sampled; - uu____2 = uu____3 < (size_t)16U; - if (uu____2) { - uu____4 = d2; - uu____5 = sampled; - Eurydice_slice_index(result, uu____5, int16_t, int16_t *) = uu____4; - sampled++; - continue; - } - } - continue; } } - uu____1 = d2; - uu____6 = LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; - uu____0 = uu____1 < uu____6; - if (uu____0) { - uu____3 = sampled; - uu____2 = uu____3 < (size_t)16U; - if (uu____2) { - uu____4 = d2; - uu____5 = sampled; - Eurydice_slice_index(result, uu____5, int16_t, int16_t *) = uu____4; + if (d2 < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS) { + if (sampled < (size_t)16U) { + Eurydice_slice_index(result, sampled, int16_t, int16_t *) = d2; sampled++; - continue; } } } @@ -8106,45 +6964,45 @@ libcrux_ml_kem_vector_portable_sampling_rej_sample(Eurydice_slice a, } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ -static inline size_t libcrux_ml_kem_vector_portable_rej_sample_0d( +static inline size_t libcrux_ml_kem_vector_portable_rej_sample_b8( Eurydice_slice a, Eurydice_slice out) { return libcrux_ml_kem_vector_portable_sampling_rej_sample(a, out); } -#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR_768 ((size_t)10U) +#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR ((size_t)10U) -#define LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE_768 \ +#define LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE \ (LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \ - LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR_768 / (size_t)8U) + LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR / (size_t)8U) -#define LIBCRUX_ML_KEM_MLKEM768_RANK_768 ((size_t)3U) +#define LIBCRUX_ML_KEM_MLKEM768_RANK ((size_t)3U) -#define LIBCRUX_ML_KEM_MLKEM768_C1_SIZE_768 \ - (LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE_768 * LIBCRUX_ML_KEM_MLKEM768_RANK_768) +#define LIBCRUX_ML_KEM_MLKEM768_C1_SIZE \ + (LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE * LIBCRUX_ML_KEM_MLKEM768_RANK) -#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR_768 ((size_t)4U) +#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR ((size_t)4U) -#define LIBCRUX_ML_KEM_MLKEM768_C2_SIZE_768 \ +#define LIBCRUX_ML_KEM_MLKEM768_C2_SIZE \ (LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \ - LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR_768 / (size_t)8U) + LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR / (size_t)8U) -#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE_768 \ - (LIBCRUX_ML_KEM_MLKEM768_C1_SIZE_768 + LIBCRUX_ML_KEM_MLKEM768_C2_SIZE_768) +#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE \ + (LIBCRUX_ML_KEM_MLKEM768_C1_SIZE + LIBCRUX_ML_KEM_MLKEM768_C2_SIZE) -#define LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE_768 \ - (LIBCRUX_ML_KEM_MLKEM768_RANK_768 * \ +#define LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE \ + (LIBCRUX_ML_KEM_MLKEM768_RANK * \ LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \ LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_COEFFICIENT / (size_t)8U) -#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE_768 \ - (LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE_768 + (size_t)32U) +#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE \ + (LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE + (size_t)32U) -#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE_768 \ - (LIBCRUX_ML_KEM_MLKEM768_RANK_768 * \ - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \ +#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE \ + (LIBCRUX_ML_KEM_MLKEM768_RANK * \ + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \ LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_COEFFICIENT / (size_t)8U) #define LIBCRUX_ML_KEM_MLKEM768_ETA1 ((size_t)2U) @@ -8159,22 +7017,22 @@ static inline size_t libcrux_ml_kem_vector_portable_rej_sample_0d( #define LIBCRUX_ML_KEM_MLKEM768_IMPLICIT_REJECTION_HASH_INPUT_SIZE \ (LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE + \ - LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE_768) + LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE) -typedef libcrux_ml_kem_types_MlKemPrivateKey_55 +typedef libcrux_ml_kem_types_MlKemPrivateKey_d9 libcrux_ml_kem_mlkem768_MlKem768PrivateKey; -typedef libcrux_ml_kem_types_MlKemPublicKey_15 +typedef libcrux_ml_kem_types_MlKemPublicKey_30 libcrux_ml_kem_mlkem768_MlKem768PublicKey; -#define LIBCRUX_ML_KEM_MLKEM768_RANKED_BYTES_PER_RING_ELEMENT_768 \ - (LIBCRUX_ML_KEM_MLKEM768_RANK_768 * \ +#define LIBCRUX_ML_KEM_MLKEM768_RANKED_BYTES_PER_RING_ELEMENT \ + (LIBCRUX_ML_KEM_MLKEM768_RANK * \ LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_RING_ELEMENT / (size_t)8U) -#define LIBCRUX_ML_KEM_MLKEM768_SECRET_KEY_SIZE_768 \ - (LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE_768 + \ - LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE_768 + \ - LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE + \ +#define LIBCRUX_ML_KEM_MLKEM768_SECRET_KEY_SIZE \ + (LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE + \ + LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE + \ + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE + \ LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE) /** @@ -8182,51 +7040,65 @@ A monomorphic instance of libcrux_ml_kem.polynomial.PolynomialRingElement with types libcrux_ml_kem_vector_portable_vector_type_PortableVector */ -typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_f0_s { +typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_1d_s { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients[16U]; -} libcrux_ml_kem_polynomial_PolynomialRingElement_f0; +} libcrux_ml_kem_polynomial_PolynomialRingElement_1d; + +/** +A monomorphic instance of +libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- $3size_t +*/ +typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; +} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0; /** This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} */ /** -A monomorphic instance of libcrux_ml_kem.polynomial.ZERO_89 +A monomorphic instance of libcrux_ml_kem.polynomial.ZERO_d6 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ZERO_89_ea(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; - lit.coefficients[0U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[1U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[2U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[3U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[4U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[5U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[6U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[7U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[8U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[9U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[10U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[11U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[12U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[13U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[14U] = libcrux_ml_kem_vector_portable_ZERO_0d(); - lit.coefficients[15U] = libcrux_ml_kem_vector_portable_ZERO_0d(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_ZERO_d6_ea(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit; + libcrux_ml_kem_vector_portable_vector_type_PortableVector + repeat_expression[16U]; + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + repeat_expression[i] = libcrux_ml_kem_vector_portable_ZERO_b8(); + } + memcpy(lit.coefficients, repeat_expression, + (size_t)16U * + sizeof(libcrux_ml_kem_vector_portable_vector_type_PortableVector)); return lit; } /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.deserialize_secret_key.closure +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]> for libcrux_ml_kem::ind_cpa::decrypt::closure[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.decrypt.call_mut_0b with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 +- CIPHERTEXT_SIZE= 1088 +- VECTOR_U_ENCODED_SIZE= 960 +- U_COMPRESSION_FACTOR= 10 +- V_COMPRESSION_FACTOR= 4 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_6b(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_decrypt_call_mut_0b_42(void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); } /** @@ -8235,18 +7107,19 @@ libcrux_ml_kem.serialize.deserialize_to_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_af( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ea( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; - Eurydice_slice bytes = Eurydice_slice_subslice2( - serialized, i0 * (size_t)24U, i0 * (size_t)24U + (size_t)24U, uint8_t); + Eurydice_slice bytes = + Eurydice_slice_subslice3(serialized, i0 * (size_t)24U, + i0 * (size_t)24U + (size_t)24U, uint8_t *); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_deserialize_12_0d(bytes); + libcrux_ml_kem_vector_portable_deserialize_12_b8(bytes); re.coefficients[i0] = uu____0; } return re; @@ -8256,59 +7129,47 @@ libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_af( Call [`deserialize_to_uncompressed_ring_element`] for each ring element. */ /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.deserialize_secret_key +A monomorphic instance of libcrux_ml_kem.ind_cpa.deserialize_vector with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_24( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_vector_1b( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(secret_key, uint8_t) / - LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; - i++) { size_t i0 = i; - Eurydice_slice secret_bytes = Eurydice_slice_subslice2( - secret_key, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + - LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_af( - secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ea( + Eurydice_slice_subslice3( + secret_key, + i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, + (i0 + (size_t)1U) * + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, + uint8_t *)); secret_as_ntt[i0] = uu____0; } - memcpy( - ret, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } /** -A monomorphic instance of -libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- $3size_t +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]> for +libcrux_ml_kem::ind_cpa::deserialize_then_decompress_u::closure[TraitClause@0, TraitClause@1]} */ -typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; -} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8; - /** A monomorphic instance of -libcrux_ml_kem.ind_cpa.deserialize_then_decompress_u.closure with types +libcrux_ml_kem.ind_cpa.deserialize_then_decompress_u.call_mut_35 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_7c(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_call_mut_35_6c( + void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); } /** @@ -8318,35 +7179,38 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * - (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; + int32_t decompressed = + libcrux_secrets_int_as_i32_f5(a.elements[i0]) * + libcrux_secrets_int_as_i32_f5( + libcrux_secrets_int_public_integers_classify_27_39( + LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS)); decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = libcrux_secrets_int_as_i16_36(decompressed); } - return v; + return a; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ /** A monomorphic instance of -libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const +libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_b8 with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b( - v); +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_ef( + a); } /** @@ -8355,20 +7219,21 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_10 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_2c( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_10_ea( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; - Eurydice_slice bytes = Eurydice_slice_subslice2( - serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); + Eurydice_slice bytes = + Eurydice_slice_subslice3(serialized, i0 * (size_t)20U, + i0 * (size_t)20U + (size_t)20U, uint8_t *); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); + libcrux_ml_kem_vector_portable_deserialize_10_b8(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_ef( coefficient); re.coefficients[i0] = uu____0; } @@ -8377,78 +7242,14 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_2c( /** A monomorphic instance of -libcrux_ml_kem.vector.portable.compress.decompress_ciphertext_coefficient with -const generics -- COEFFICIENT_BITS= 11 +libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * - (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; - decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); - decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; - } - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -/** -A monomorphic instance of -libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const -generics -- COEFFICIENT_BITS= 11 -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b0( - v); -} - -/** -A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_then_decompress_11 with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_8d( - Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { - size_t i0 = i; - Eurydice_slice bytes = Eurydice_slice_subslice2( - serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); - libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a0( - coefficient); - re.coefficients[i0] = uu____0; - } - return re; -} - -/** -A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- COMPRESSION_FACTOR= 10 -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_34( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_0a( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_2c(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_ea(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -8456,19 +7257,6 @@ typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { libcrux_ml_kem_vector_portable_vector_type_PortableVector snd; } libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2; -/** -A monomorphic instance of libcrux_ml_kem.vector.traits.montgomery_multiply_fe -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics - -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe_67( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { - return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, - fer); -} - /** A monomorphic instance of libcrux_ml_kem.ntt.ntt_layer_int_vec_step with types libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -8477,17 +7265,18 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_0c( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_ea( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe_67(b, zeta_r); - b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); - a = libcrux_ml_kem_vector_portable_add_0d(a, &t); - return ( - CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ - .fst = a, .snd = b}); + libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(b, + zeta_r); + b = libcrux_ml_kem_vector_portable_sub_b8(a, &t); + a = libcrux_ml_kem_vector_portable_add_b8(a, &t); + return (KRML_CLITERAL( + libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){.fst = a, + .snd = b}); } /** @@ -8496,8 +7285,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -8509,9 +7298,9 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_0c( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_ea( re->coefficients[j], re->coefficients[j + step_vec], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + libcrux_ml_kem_polynomial_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; libcrux_ml_kem_vector_portable_vector_type_PortableVector y = uu____0.snd; re->coefficients[j] = x; @@ -8526,16 +7315,16 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_fd( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, - size_t _layer, size_t _initial_coefficient_bound) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, + size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_ntt_layer_3_step_0d( + libcrux_ml_kem_vector_portable_ntt_layer_3_step_b8( re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + libcrux_ml_kem_polynomial_zeta(zeta_i[0U])); re->coefficients[round] = uu____0; } } @@ -8546,18 +7335,16 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_ad( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, - size_t _layer, size_t _initial_coefficient_bound) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, + size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; re->coefficients[round] = - libcrux_ml_kem_vector_portable_ntt_layer_2_step_0d( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)1U]); + libcrux_ml_kem_vector_portable_ntt_layer_2_step_b8( + re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)1U)); zeta_i[0U] = zeta_i[0U] + (size_t)1U; } } @@ -8568,69 +7355,77 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_a2( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, - size_t _layer, size_t _initial_coefficient_bound) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, + size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; re->coefficients[round] = - libcrux_ml_kem_vector_portable_ntt_layer_1_step_0d( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)3U]); + libcrux_ml_kem_vector_portable_ntt_layer_1_step_b8( + re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)1U), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)2U), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)3U)); zeta_i[0U] = zeta_i[0U] + (size_t)3U; } } /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.poly_barrett_reduce_89 +A monomorphic instance of libcrux_ml_kem.polynomial.poly_barrett_reduce with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_barrett_reduce_0d( - self->coefficients[i0]); - self->coefficients[i0] = uu____0; + libcrux_ml_kem_vector_portable_barrett_reduce_b8( + myself->coefficients[i0]); + myself->coefficients[i0] = uu____0; } } +/** +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.poly_barrett_reduce_d6 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) { + libcrux_ml_kem_polynomial_poly_barrett_reduce_ea(self); +} + /** A monomorphic instance of libcrux_ml_kem.ntt.ntt_vector_u with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_9f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_0a( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)7U, - (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)6U, - (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)4U, - (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_fd(&zeta_i, re, (size_t)3U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_ad(&zeta_i, re, (size_t)2U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_a2(&zeta_i, re, (size_t)1U, (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(re); + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)6U, + (size_t)2U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)5U, + (size_t)3U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)4U, + (size_t)4U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_3_ea(&zeta_i, re, (size_t)5U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_2_ea(&zeta_i, re, (size_t)6U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_1_ea(&zeta_i, re, (size_t)7U * (size_t)3328U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(re); } /** @@ -8646,12 +7441,16 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + u_as_ntt[i] = + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_call_mut_35_6c( + &lvalue, i); } for (size_t i = (size_t)0U; i < Eurydice_slice_len( @@ -8661,7 +7460,7 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4( (size_t)10U / (size_t)8U); i++) { size_t i0 = i; - Eurydice_slice u_bytes = Eurydice_array_to_subslice2( + Eurydice_slice u_bytes = Eurydice_array_to_subslice3( ciphertext, i0 * (LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U), @@ -8669,15 +7468,15 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4( (size_t)10U / (size_t)8U) + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, - uint8_t); + uint8_t *); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_34( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_0a( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_9f(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_0a(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -8687,35 +7486,38 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * - (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; + int32_t decompressed = + libcrux_secrets_int_as_i32_f5(a.elements[i0]) * + libcrux_secrets_int_as_i32_f5( + libcrux_secrets_int_public_integers_classify_27_39( + LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS)); decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = libcrux_secrets_int_as_i16_36(decompressed); } - return v; + return a; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ /** A monomorphic instance of -libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const +libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_b8 with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b1( - v); +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_d1( + a); } /** @@ -8724,20 +7526,20 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_41( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_4_ea( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; - Eurydice_slice bytes = Eurydice_slice_subslice2( - serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); + Eurydice_slice bytes = Eurydice_slice_subslice3( + serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t *); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); + libcrux_ml_kem_vector_portable_deserialize_4_b8(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a1( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_d1( coefficient); re.coefficients[i0] = uu____0; } @@ -8746,78 +7548,35 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_41( /** A monomorphic instance of -libcrux_ml_kem.vector.portable.compress.decompress_ciphertext_coefficient with -const generics -- COEFFICIENT_BITS= 5 -*/ -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * - (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; - decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); - decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; - } - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -/** -A monomorphic instance of -libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const -generics -- COEFFICIENT_BITS= 5 +libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- K= 3 +- COMPRESSION_FACTOR= 4 */ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b2( - v); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_89( + Eurydice_slice serialized) { + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_ea(serialized); } /** -A monomorphic instance of libcrux_ml_kem.serialize.deserialize_then_decompress_5 +A monomorphic instance of libcrux_ml_kem.polynomial.ZERO with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_4e( - Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { - size_t i0 = i; - Eurydice_slice bytes = Eurydice_slice_subslice2( - serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); - re.coefficients[i0] = - libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a2( - re.coefficients[i0]); - re.coefficients[i0] = uu____1; +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_ZERO_ea(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit; + libcrux_ml_kem_vector_portable_vector_type_PortableVector + repeat_expression[16U]; + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + repeat_expression[i] = libcrux_ml_kem_vector_portable_ZERO_b8(); } - return re; -} - -/** -A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- COMPRESSION_FACTOR= 4 -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_56( - Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_41(serialized); + memcpy(lit.coefficients, repeat_expression, + (size_t)16U * + sizeof(libcrux_ml_kem_vector_portable_vector_type_PortableVector)); + return lit; } /** @@ -8848,97 +7607,115 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_56( . */ /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.ntt_multiply_89 +A monomorphic instance of libcrux_ml_kem.polynomial.ntt_multiply with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ntt_multiply_89_2a( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = - libcrux_ml_kem_polynomial_ZERO_89_ea(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_ntt_multiply_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d out = + libcrux_ml_kem_polynomial_ZERO_ea(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_ntt_multiply_0d( - &self->coefficients[i0], &rhs->coefficients[i0], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U + - (size_t)4U * i0], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U + - (size_t)4U * i0 + - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U + - (size_t)4U * i0 + - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U + - (size_t)4U * i0 + - (size_t)3U]); + libcrux_ml_kem_vector_portable_ntt_multiply_b8( + &myself->coefficients[i0], &rhs->coefficients[i0], + libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0), + libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0 + + (size_t)1U), + libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0 + + (size_t)2U), + libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0 + + (size_t)3U)); out.coefficients[i0] = uu____0; } return out; } /** - Given two polynomial ring elements `lhs` and `rhs`, compute the pointwise - sum of their constituent coefficients. +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} */ /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} +A monomorphic instance of libcrux_ml_kem.polynomial.ntt_multiply_d6 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_ntt_multiply_d6_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { + return libcrux_ml_kem_polynomial_ntt_multiply_ea(self, rhs); +} + +/** + Given two polynomial ring elements `lhs` and `rhs`, compute the pointwise + sum of their constituent coefficients. */ /** -A monomorphic instance of libcrux_ml_kem.polynomial.add_to_ring_element_89 +A monomorphic instance of libcrux_ml_kem.polynomial.add_to_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_89_84( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( - (size_t)16U, self->coefficients, + (size_t)16U, myself->coefficients, libcrux_ml_kem_vector_portable_vector_type_PortableVector), libcrux_ml_kem_vector_portable_vector_type_PortableVector); i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_add_0d(self->coefficients[i0], + libcrux_ml_kem_vector_portable_add_b8(myself->coefficients[i0], &rhs->coefficients[i0]); - self->coefficients[i0] = uu____0; + myself->coefficients[i0] = uu____0; } } +/** +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.add_to_ring_element_d6 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { + libcrux_ml_kem_polynomial_add_to_ring_element_1b(self, rhs); +} + /** A monomorphic instance of libcrux_ml_kem.invert_ntt.invert_ntt_at_layer_1 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_83( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, - size_t _layer) { +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; re->coefficients[round] = - libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_0d( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)3U]); + libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_b8( + re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)1U), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)2U), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)3U)); zeta_i[0U] = zeta_i[0U] - (size_t)3U; } } @@ -8949,18 +7726,15 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_c3( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, - size_t _layer) { +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; re->coefficients[round] = - libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_0d( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)1U]); + libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_b8( + re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]), + libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)1U)); zeta_i[0U] = zeta_i[0U] - (size_t)1U; } } @@ -8971,16 +7745,15 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_68( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, - size_t _layer) { +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d( + libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_b8( re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + libcrux_ml_kem_polynomial_zeta(zeta_i[0U])); re->coefficients[round] = uu____0; } } @@ -8993,18 +7766,19 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_65( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ea( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector a_minus_b = - libcrux_ml_kem_vector_portable_sub_0d(b, &a); - a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( - libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_67(a_minus_b, zeta_r); - return ( - CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ - .fst = a, .snd = b}); + libcrux_ml_kem_vector_portable_sub_b8(b, &a); + a = libcrux_ml_kem_vector_portable_barrett_reduce_b8( + libcrux_ml_kem_vector_portable_add_b8(a, &b)); + b = libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8( + a_minus_b, zeta_r); + return (KRML_CLITERAL( + libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){.fst = a, + .snd = b}); } /** @@ -9014,8 +7788,8 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -9029,9 +7803,9 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_65( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ea( re->coefficients[j], re->coefficients[j + step_vec], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + libcrux_ml_kem_polynomial_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; libcrux_ml_kem_vector_portable_vector_type_PortableVector y = uu____0.snd; re->coefficients[j] = x; @@ -9046,54 +7820,69 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_83(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_c3(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_68(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ea(&zeta_i, re); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_ea(&zeta_i, re); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_ea(&zeta_i, re); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(re); } /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.subtract_reduce_89 +A monomorphic instance of libcrux_ml_kem.polynomial.subtract_reduce with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_89_d4( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_subtract_reduce_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( + libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8( b.coefficients[i0], (int16_t)1441); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_barrett_reduce_0d( - libcrux_ml_kem_vector_portable_sub_0d(self->coefficients[i0], - &coefficient_normal_form)); - b.coefficients[i0] = uu____0; + libcrux_ml_kem_vector_portable_vector_type_PortableVector diff = + libcrux_ml_kem_vector_portable_sub_b8(myself->coefficients[i0], + &coefficient_normal_form); + libcrux_ml_kem_vector_portable_vector_type_PortableVector red = + libcrux_ml_kem_vector_portable_barrett_reduce_b8(diff); + b.coefficients[i0] = red; } return b; } +/** +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.subtract_reduce_d6 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_subtract_reduce_d6_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d b) { + return libcrux_ml_kem_polynomial_subtract_reduce_ea(self, b); +} + /** The following functions compute various expressions involving vectors and matrices. The computation of these expressions has been @@ -9106,71 +7895,34 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_b3( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_89_ea(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_matrix_compute_message_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_2a(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result, &product); - } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_89_d4(v, result); - return result; -} - -/** -A monomorphic instance of libcrux_ml_kem.vector.portable.arithmetic.shift_right -with const generics -- SHIFT_BY= 15 -*/ -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_94( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - v.elements[i0] = v.elements[i0] >> (uint32_t)(int32_t)15; + libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&result, &product); } - return v; + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result); + return libcrux_ml_kem_polynomial_subtract_reduce_d6_ea(v, result); } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -/** -A monomorphic instance of libcrux_ml_kem.vector.portable.shift_right_0d +A monomorphic instance of libcrux_ml_kem.serialize.to_unsigned_field_modulus +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- SHIFT_BY= 15 -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_19( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_94(v); -} - -/** -A monomorphic instance of -libcrux_ml_kem.vector.traits.to_unsigned_representative with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative_db( +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_19(a); - libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = - libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( - t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); - return libcrux_ml_kem_vector_portable_add_0d(a, &fm); + return libcrux_ml_kem_vector_portable_to_unsigned_representative_b8(a); } /** @@ -9180,24 +7932,24 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_aa( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { +libcrux_ml_kem_serialize_compress_then_serialize_message_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_db( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = - libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); + libcrux_ml_kem_vector_portable_compress_1_b8(coefficient); uint8_t bytes[2U]; - libcrux_ml_kem_vector_portable_serialize_1_0d(coefficient_compressed, + libcrux_ml_kem_vector_portable_serialize_1_b8(coefficient_compressed, bytes); - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t); Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t); + Eurydice_array_to_subslice3(serialized, (size_t)2U * i0, + (size_t)2U * i0 + (size_t)2U, uint8_t *), + Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t); } memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); } @@ -9236,20 +7988,21 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_decrypt_unpacked_42( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_56( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U]; + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_89( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, - (size_t)960U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_b3(&v, secret_key->secret_as_ntt, + (size_t)960U, uint8_t, size_t, + uint8_t[])); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message = + libcrux_ml_kem_matrix_compute_message_1b(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_aa(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_ea(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -9263,37 +8016,37 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_43(Eurydice_slice secret_key, - uint8_t *ciphertext, - uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_24(secret_key, secret_as_ntt); - /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; - memcpy( - copy_of_secret_as_ntt, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_decrypt_42( + Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 secret_key_unpacked; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + ret0[i] = libcrux_ml_kem_ind_cpa_decrypt_call_mut_0b_42(&lvalue, i); + } memcpy( - secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d(&secret_key_unpacked, ciphertext, - ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + secret_key_unpacked.secret_as_ntt, ret0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_ind_cpa_deserialize_vector_1b( + secret_key, secret_key_unpacked.secret_as_ntt); + uint8_t ret1[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_42(&secret_key_unpacked, ciphertext, + ret1); + memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t)); } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** -A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 +A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_4a with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G_f1_e4( +static inline void libcrux_ml_kem_hash_functions_portable_G_4a_e0( Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -9303,7 +8056,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b( +static inline void libcrux_ml_kem_hash_functions_portable_PRF_9e( Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( @@ -9312,31 +8065,69 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b( } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** -A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_f1 +A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_4a with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_ee( +static inline void libcrux_ml_kem_hash_functions_portable_PRF_4a_41( Eurydice_slice input, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_portable_PRF_2b(input, ret); + libcrux_ml_kem_hash_functions_portable_PRF_9e(input, ret); } /** A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_ring_elements_reduced.closure with types +libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- PUBLIC_KEY_SIZE= 1152 +- $3size_t +*/ +typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d t_as_ntt[3U]; + uint8_t seed_for_A[32U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U]; +} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0; + +/** +This function found in impl {core::default::Default for +libcrux_ml_kem::ind_cpa::unpacked::IndCpaPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.unpacked.default_8b +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics - K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_cd( - size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + uu____0[i] = libcrux_ml_kem_polynomial_ZERO_d6_ea(); + } + uint8_t uu____1[32U] = {0U}; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit; + memcpy( + lit.t_as_ntt, uu____0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d repeat_expression0[3U][3U]; + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d repeat_expression[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + repeat_expression[i] = libcrux_ml_kem_polynomial_ZERO_d6_ea(); + } + memcpy(repeat_expression0[i0], repeat_expression, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + } + memcpy(lit.A, repeat_expression0, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); + return lit; } /** @@ -9351,90 +8142,54 @@ libcrux_ml_kem.serialize.deserialize_to_reduced_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_4c( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ea( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; - Eurydice_slice bytes = Eurydice_slice_subslice2( - serialized, i0 * (size_t)24U, i0 * (size_t)24U + (size_t)24U, uint8_t); + Eurydice_slice bytes = + Eurydice_slice_subslice3(serialized, i0 * (size_t)24U, + i0 * (size_t)24U + (size_t)24U, uint8_t *); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_deserialize_12_0d(bytes); + libcrux_ml_kem_vector_portable_deserialize_12_b8(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_cond_subtract_3329_0d(coefficient); + libcrux_ml_kem_vector_portable_cond_subtract_3329_b8(coefficient); re.coefficients[i0] = uu____0; } return re; } /** - This function deserializes ring elements and reduces the result by the field - modulus. - - This function MUST NOT be used on secret inputs. + See [deserialize_ring_elements_reduced_out]. */ /** A monomorphic instance of libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- PUBLIC_KEY_SIZE= 1152 - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_33( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; i++) { size_t i0 = i; - Eurydice_slice ring_element = Eurydice_slice_subslice2( + Eurydice_slice ring_element = Eurydice_slice_subslice3( public_key, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_4c( + uint8_t *); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ea( ring_element); deserialized_pk[i0] = uu____0; } - memcpy( - ret, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); -} - -/** -A monomorphic instance of libcrux_ml_kem.matrix.sample_matrix_A.closure.closure -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const -generics -- K= 3 -*/ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_sample_matrix_A_closure_closure_78(size_t _j) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); -} - -/** -A monomorphic instance of libcrux_ml_kem.matrix.sample_matrix_A.closure -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const -generics -- K= 3 -*/ -static inline void libcrux_ml_kem_matrix_sample_matrix_A_closure_4b( - size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - ret[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } } /** @@ -9442,67 +8197,61 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PortableHash with const generics - $3size_t */ -typedef struct libcrux_ml_kem_hash_functions_portable_PortableHash_58_s { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; -} libcrux_ml_kem_hash_functions_portable_PortableHash_58; +typedef struct libcrux_ml_kem_hash_functions_portable_PortableHash_88_s { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[3U]; +} libcrux_ml_kem_hash_functions_portable_PortableHash_88; /** A monomorphic instance of -libcrux_ml_kem.hash_functions.portable.shake128_init_absorb with const generics +libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final with const +generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58 -libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_b7( - uint8_t input[3U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; +static inline libcrux_ml_kem_hash_functions_portable_PortableHash_88 +libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_e0( + uint8_t (*input)[34U]) { + libcrux_ml_kem_hash_functions_portable_PortableHash_88 shake128_state; + libcrux_sha3_generic_keccak_KeccakState_17 repeat_expression[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - shake128_state[i] = libcrux_sha3_portable_incremental_shake128_init(); + repeat_expression[i] = libcrux_sha3_portable_incremental_shake128_init(); } + memcpy(shake128_state.shake128_state, repeat_expression, + (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_sha3_portable_incremental_shake128_absorb_final( - &shake128_state[i0], + &shake128_state.shake128_state[i0], Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t)); } - /* Passing arrays by value in Rust generates a copy in C */ - libcrux_sha3_generic_keccak_KeccakState_48 copy_of_shake128_state[3U]; - memcpy(copy_of_shake128_state, shake128_state, - (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); - libcrux_ml_kem_hash_functions_portable_PortableHash_58 lit; - memcpy(lit.shake128_state, copy_of_shake128_state, - (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); - return lit; + return shake128_state; } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** A monomorphic instance of -libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_f1 with const +libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final_4a with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58 -libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_8c( - uint8_t input[3U][34U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_input[3U][34U]; - memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_b7( - copy_of_input); +static inline libcrux_ml_kem_hash_functions_portable_PortableHash_88 +libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_4a_e0( + uint8_t (*input)[34U]) { + return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_e0( + input); } /** A monomorphic instance of -libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks with const -generics +libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks with +const generics - K= 3 */ -static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_ca( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st, +static inline void +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -9515,21 +8264,21 @@ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_ca( } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** A monomorphic instance of -libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks_f1 with -const generics +libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks_4a +with const generics - K= 3 */ -static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_69( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self, +static inline void +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_4a_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *self, uint8_t ret[3U][504U]) { - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_ca(self, - ret); + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_e0( + self, ret); } /** @@ -9581,8 +8330,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 504 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db( - uint8_t randomness[3U][504U], size_t *sampled_coefficients, +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_89( + uint8_t (*randomness)[504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; @@ -9590,15 +8339,15 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db( size_t r = i; if (sampled_coefficients[i1] < LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - Eurydice_slice uu____0 = - Eurydice_array_to_subslice2(randomness[i1], r * (size_t)24U, - r * (size_t)24U + (size_t)24U, uint8_t); - size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_0d( - uu____0, Eurydice_array_to_subslice2( - out[i1], sampled_coefficients[i1], - sampled_coefficients[i1] + (size_t)16U, int16_t)); - size_t uu____1 = i1; - sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled; + size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_b8( + Eurydice_array_to_subslice3(randomness[i1], r * (size_t)24U, + r * (size_t)24U + (size_t)24U, + uint8_t *), + Eurydice_array_to_subslice3(out[i1], sampled_coefficients[i1], + sampled_coefficients[i1] + (size_t)16U, + int16_t *)); + size_t uu____0 = i1; + sampled_coefficients[uu____0] = sampled_coefficients[uu____0] + sampled; } } } @@ -9618,13 +8367,13 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db( /** A monomorphic instance of -libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block with const +libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block with const generics - K= 3 */ -static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_dd( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st, +static inline void +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -9637,20 +8386,21 @@ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_dd( } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** A monomorphic instance of -libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block_f1 with const +libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block_4a with const generics - K= 3 */ -static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_60( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self, +static inline void +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_4a_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *self, uint8_t ret[3U][168U]) { - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_dd(self, ret); + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_e0(self, + ret); } /** @@ -9702,8 +8452,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 168 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0( - uint8_t randomness[3U][168U], size_t *sampled_coefficients, +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_890( + uint8_t (*randomness)[168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; @@ -9711,15 +8461,15 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0( size_t r = i; if (sampled_coefficients[i1] < LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - Eurydice_slice uu____0 = - Eurydice_array_to_subslice2(randomness[i1], r * (size_t)24U, - r * (size_t)24U + (size_t)24U, uint8_t); - size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_0d( - uu____0, Eurydice_array_to_subslice2( - out[i1], sampled_coefficients[i1], - sampled_coefficients[i1] + (size_t)16U, int16_t)); - size_t uu____1 = i1; - sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled; + size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_b8( + Eurydice_array_to_subslice3(randomness[i1], r * (size_t)24U, + r * (size_t)24U + (size_t)24U, + uint8_t *), + Eurydice_array_to_subslice3(out[i1], sampled_coefficients[i1], + sampled_coefficients[i1] + (size_t)16U, + int16_t *)); + size_t uu____0 = i1; + sampled_coefficients[uu____0] = sampled_coefficients[uu____0] + sampled; } } } @@ -9738,42 +8488,64 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0( } /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.from_i16_array_89 +A monomorphic instance of libcrux_ml_kem.polynomial.from_i16_array with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_from_i16_array_89_c1(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_89_ea(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_from_i16_array_ea(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = + libcrux_ml_kem_polynomial_ZERO_ea(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_from_i16_array_0d( - Eurydice_slice_subslice2(a, i0 * (size_t)16U, - (i0 + (size_t)1U) * (size_t)16U, int16_t)); + libcrux_ml_kem_vector_portable_from_i16_array_b8( + Eurydice_slice_subslice3(a, i0 * (size_t)16U, + (i0 + (size_t)1U) * (size_t)16U, + int16_t *)); result.coefficients[i0] = uu____0; } return result; } /** -A monomorphic instance of libcrux_ml_kem.sampling.sample_from_xof.closure -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const -generics -- K= 3 +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.from_i16_array_d6 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_from_i16_array_d6_ea(Eurydice_slice a) { + return libcrux_ml_kem_polynomial_from_i16_array_ea(a); +} + +/** +This function found in impl {core::ops::function::FnMut<(@Array), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@2]> for libcrux_ml_kem::sampling::sample_from_xof::closure[TraitClause@0, TraitClause@1, TraitClause@2, TraitClause@3]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.sampling.sample_from_xof.call_mut_e7 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics +- K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_xof_closure_04(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_89_c1( - Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_xof_call_mut_e7_2b( + void **_, int16_t tupled_args[272U]) { + int16_t s[272U]; + memcpy(s, tupled_args, (size_t)272U * sizeof(int16_t)); + return libcrux_ml_kem_polynomial_from_i16_array_d6_ea( + Eurydice_array_to_subslice3(s, (size_t)0U, (size_t)256U, int16_t *)); } /** @@ -9783,51 +8555,43 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_3f( - uint8_t seeds[3U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_2b( + uint8_t (*seeds)[34U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { size_t sampled_coefficients[3U] = {0U}; int16_t out[3U][272U] = {{0U}}; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_seeds[3U][34U]; - memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_hash_functions_portable_PortableHash_58 xof_state = - libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_8c( - copy_of_seeds); + libcrux_ml_kem_hash_functions_portable_PortableHash_88 xof_state = + libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_4a_e0( + seeds); uint8_t randomness0[3U][504U]; - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_69( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_4a_e0( &xof_state, randomness0); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness0[3U][504U]; - memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db( - copy_of_randomness0, sampled_coefficients, out); + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_89( + randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_60( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_4a_e0( &xof_state, randomness); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[3U][168U]; - memcpy(copy_of_randomness, randomness, - (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0( - copy_of_randomness, sampled_coefficients, out); + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_890( + randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[3U][272U]; memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_04(copy_of_out[i]); + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + ret0[i] = libcrux_ml_kem_sampling_sample_from_xof_call_mut_e7_2b( + &lvalue, copy_of_out[i]); } memcpy( ret, ret0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -9837,41 +8601,32 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_38( - uint8_t seed[34U], bool transpose, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U][3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_matrix_sample_matrix_A_closure_4b(i, A_transpose[i]); - } +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_2b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*A_transpose)[3U], + uint8_t *seed, bool transpose) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_seed[34U]; - memcpy(copy_of_seed, seed, (size_t)34U * sizeof(uint8_t)); uint8_t seeds[3U][34U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - memcpy(seeds[i], copy_of_seed, (size_t)34U * sizeof(uint8_t)); + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)34U, seed, seeds[i], uint8_t, void *); } for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; seeds[j][32U] = (uint8_t)i1; seeds[j][33U] = (uint8_t)j; } - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_seeds[3U][34U]; - memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_3f(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sampled[3U]; + libcrux_ml_kem_sampling_sample_from_xof_2b(seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { @@ -9879,35 +8634,91 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_38( } } } - memcpy(ret, A_transpose, - (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); +} + +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.build_unpacked_public_key_mut +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics +- K= 3 +- T_AS_NTT_ENCODED_SIZE= 1152 +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cpa_build_unpacked_public_key_mut_3f( + Eurydice_slice public_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 + *unpacked_public_key) { + Eurydice_slice uu____0 = Eurydice_slice_subslice_to( + public_key, (size_t)1152U, uint8_t, size_t, uint8_t[]); + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( + uu____0, unpacked_public_key->t_as_ntt); + Eurydice_slice seed = Eurydice_slice_subslice_from( + public_key, (size_t)1152U, uint8_t, size_t, uint8_t[]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] = + unpacked_public_key->A; + uint8_t ret[34U]; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____1, ret, false); +} + +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.build_unpacked_public_key +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics +- K= 3 +- T_AS_NTT_ENCODED_SIZE= 1152 +*/ +static KRML_MUSTINLINE + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 + libcrux_ml_kem_ind_cpa_build_unpacked_public_key_3f( + Eurydice_slice public_key) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 + unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b(); + libcrux_ml_kem_ind_cpa_build_unpacked_public_key_mut_3f(public_key, + &unpacked_public_key); + return unpacked_public_key; } /** A monomorphic instance of K. with types libcrux_ml_kem_polynomial_PolynomialRingElement -libcrux_ml_kem_vector_portable_vector_type_PortableVector[3size_t], uint8_t +libcrux_ml_kem_vector_portable_vector_type_PortableVector[3size_t], +libcrux_ml_kem_polynomial_PolynomialRingElement +libcrux_ml_kem_vector_portable_vector_type_PortableVector */ -typedef struct tuple_b0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 fst[3U]; - uint8_t snd; -} tuple_b0; +typedef struct tuple_ed_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d fst[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d snd; +} tuple_ed; /** -A monomorphic instance of -libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt.closure with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector, +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@2]> for libcrux_ml_kem::ind_cpa::encrypt_c1::closure[TraitClause@0, TraitClause@1, TraitClause@2, +TraitClause@3]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c1.call_mut_f1 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 -- ETA= 2 -- ETA_RANDOMNESS_SIZE= 128 +- C1_LEN= 960 +- U_COMPRESSION_FACTOR= 10 +- BLOCK_LEN= 320 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +- ETA2= 2 +- ETA2_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure_f7(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_f1_85(void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); } /** @@ -9916,7 +8727,7 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_c5( +static inline void libcrux_ml_kem_hash_functions_portable_PRFxN_41( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -9929,18 +8740,18 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_c5( } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** -A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRFxN_f1 +A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRFxN_4a with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_f1_93( +static inline void libcrux_ml_kem_hash_functions_portable_PRFxN_4a_41( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - libcrux_ml_kem_hash_functions_portable_PRFxN_c5(input, ret); + libcrux_ml_kem_hash_functions_portable_PRFxN_41(input, ret); } /** @@ -9998,16 +8809,16 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_2 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { size_t chunk_number = i0; - Eurydice_slice byte_chunk = Eurydice_slice_subslice2( + Eurydice_slice byte_chunk = Eurydice_slice_subslice3( randomness, chunk_number * (size_t)4U, - chunk_number * (size_t)4U + (size_t)4U, uint8_t); + chunk_number * (size_t)4U + (size_t)4U, uint8_t *); uint32_t random_bits_as_u32 = (((uint32_t)Eurydice_slice_index(byte_chunk, (size_t)0U, uint8_t, uint8_t *) | @@ -10023,7 +8834,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85( uint32_t even_bits = random_bits_as_u32 & 1431655765U; uint32_t odd_bits = random_bits_as_u32 >> 1U & 1431655765U; uint32_t coin_toss_outcomes = even_bits + odd_bits; - for (uint32_t i = 0U; i < CORE_NUM__U32_8__BITS / 4U; i++) { + for (uint32_t i = 0U; i < 32U / 4U; i++) { uint32_t outcome_set = i; uint32_t outcome_set0 = outcome_set * 4U; int16_t outcome_1 = @@ -10034,52 +8845,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_89_c1( - Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); -} - -/** -A monomorphic instance of -libcrux_ml_kem.sampling.sample_from_binomial_distribution_3 with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_eb( - Eurydice_slice randomness) { - int16_t sampled_i16s[256U] = {0U}; - for (size_t i0 = (size_t)0U; - i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { - size_t chunk_number = i0; - Eurydice_slice byte_chunk = Eurydice_slice_subslice2( - randomness, chunk_number * (size_t)3U, - chunk_number * (size_t)3U + (size_t)3U, uint8_t); - uint32_t random_bits_as_u24 = - ((uint32_t)Eurydice_slice_index(byte_chunk, (size_t)0U, uint8_t, - uint8_t *) | - (uint32_t)Eurydice_slice_index(byte_chunk, (size_t)1U, uint8_t, - uint8_t *) - << 8U) | - (uint32_t)Eurydice_slice_index(byte_chunk, (size_t)2U, uint8_t, - uint8_t *) - << 16U; - uint32_t first_bits = random_bits_as_u24 & 2396745U; - uint32_t second_bits = random_bits_as_u24 >> 1U & 2396745U; - uint32_t third_bits = random_bits_as_u24 >> 2U & 2396745U; - uint32_t coin_toss_outcomes = first_bits + second_bits + third_bits; - for (int32_t i = (int32_t)0; i < (int32_t)24 / (int32_t)6; i++) { - int32_t outcome_set = i; - int32_t outcome_set0 = outcome_set * (int32_t)6; - int16_t outcome_1 = - (int16_t)(coin_toss_outcomes >> (uint32_t)outcome_set0 & 7U); - int16_t outcome_2 = (int16_t)(coin_toss_outcomes >> - (uint32_t)(outcome_set0 + (int32_t)3) & - 7U); - size_t offset = (size_t)(outcome_set0 / (int32_t)6); - sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; - } - } - return libcrux_ml_kem_polynomial_from_i16_array_89_c1( + return libcrux_ml_kem_polynomial_from_i16_array_d6_ea( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -10089,10 +8855,10 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea( randomness); } @@ -10102,18 +8868,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_f4( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_multiply_by_constant_0d( + libcrux_ml_kem_vector_portable_multiply_by_constant_b8( re->coefficients[j + step], (int16_t)-1600); re->coefficients[j + step] = - libcrux_ml_kem_vector_portable_sub_0d(re->coefficients[j], &t); + libcrux_ml_kem_vector_portable_sub_b8(re->coefficients[j], &t); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_add_0d(re->coefficients[j], &t); + libcrux_ml_kem_vector_portable_add_b8(re->coefficients[j], &t); re->coefficients[j] = uu____1; } } @@ -10125,20 +8891,23 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_0f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_f4(re); +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { + libcrux_ml_kem_ntt_ntt_at_layer_7_ea(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)6U, - (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)5U, - (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)4U, - (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_3_fd(&zeta_i, re, (size_t)3U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_2_ad(&zeta_i, re, (size_t)2U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_1_a2(&zeta_i, re, (size_t)1U, (size_t)3U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(re); + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)6U, + (size_t)11207U); + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)5U, + (size_t)11207U + (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea( + &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_3_ea( + &zeta_i, re, (size_t)11207U + (size_t)3U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_2_ea( + &zeta_i, re, (size_t)11207U + (size_t)4U * (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_1_ea( + &zeta_i, re, (size_t)11207U + (size_t)5U * (size_t)3328U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(re); } /** @@ -10154,59 +8923,54 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(uint8_t prf_input[33U], - uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input[33U]; - memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); +static KRML_MUSTINLINE uint8_t +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re_as_ntt, + uint8_t *prf_input, uint8_t domain_separator) { uint8_t prf_inputs[3U][33U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); - } - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - size_t i0 = i; - prf_inputs[i0][32U] = domain_separator; - domain_separator = (uint32_t)domain_separator + 1U; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)33U, prf_input, prf_inputs[i], uint8_t, void *); } + domain_separator = + libcrux_ml_kem_utils_prf_input_inc_e0(prf_inputs, domain_separator); uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_portable_PRFxN_f1_93(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_portable_PRFxN_4a_41(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_0f(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ea(&re_as_ntt[i0]); } - /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; - memcpy( - copy_of_re_as_ntt, re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 lit; - memcpy( - lit.fst, copy_of_re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + return domain_separator; } /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_ring_element_cbd.closure +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@2]> for libcrux_ml_kem::ind_cpa::encrypt_c1::closure#1[TraitClause@0, TraitClause@1, TraitClause@2, +TraitClause@3]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c1.call_mut_dd with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 -- ETA2_RANDOMNESS_SIZE= 128 +- C1_LEN= 960 +- U_COMPRESSION_FACTOR= 10 +- BLOCK_LEN= 320 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 - ETA2= 2 +- ETA2_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_77(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_dd_85(void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); } /** @@ -10221,45 +8985,27 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_ac(uint8_t prf_input[33U], - uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - error_1[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input[33U]; - memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); +static KRML_MUSTINLINE uint8_t +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_3b( + uint8_t *prf_input, uint8_t domain_separator, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1) { uint8_t prf_inputs[3U][33U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); - } - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - size_t i0 = i; - prf_inputs[i0][32U] = domain_separator; - domain_separator = (uint32_t)domain_separator + 1U; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)33U, prf_input, prf_inputs[i], uint8_t, void *); } + domain_separator = + libcrux_ml_kem_utils_prf_input_inc_e0(prf_inputs, domain_separator); uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_portable_PRFxN_f1_93(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_portable_PRFxN_4a_41(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - error_1[i0] = uu____1; + error_1[i0] = uu____0; } - /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_error_1[3U]; - memcpy( - copy_of_error_1, error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 lit; - memcpy( - lit.fst, copy_of_error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + return domain_separator; } /** @@ -10267,7 +9013,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b0( +static inline void libcrux_ml_kem_hash_functions_portable_PRF_a6( Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( @@ -10276,59 +9022,80 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b0( } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** -A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_f1 +A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_4a with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_ee0( +static inline void libcrux_ml_kem_hash_functions_portable_PRF_4a_410( Eurydice_slice input, uint8_t ret[128U]) { - libcrux_ml_kem_hash_functions_portable_PRF_2b0(input, ret); + libcrux_ml_kem_hash_functions_portable_PRF_a6(input, ret); } /** -A monomorphic instance of libcrux_ml_kem.matrix.compute_vector_u.closure +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]> for libcrux_ml_kem::matrix::compute_vector_u::closure[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.matrix.compute_vector_u.call_mut_a8 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_d6(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_matrix_compute_vector_u_call_mut_a8_1b(void **_, + size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); } /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.add_error_reduce_89 +A monomorphic instance of libcrux_ml_kem.polynomial.add_error_reduce with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_89_38( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( - self->coefficients[j], (int16_t)1441); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_barrett_reduce_0d( - libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, - &error->coefficients[j])); - self->coefficients[j] = uu____0; + libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8( + myself->coefficients[j], (int16_t)1441); + libcrux_ml_kem_vector_portable_vector_type_PortableVector sum = + libcrux_ml_kem_vector_portable_add_b8(coefficient_normal_form, + &error->coefficients[j]); + libcrux_ml_kem_vector_portable_vector_type_PortableVector red = + libcrux_ml_kem_vector_portable_barrett_reduce_b8(sum); + myself->coefficients[j] = red; } } +/** +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.add_error_reduce_d6 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_d6_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { + libcrux_ml_kem_polynomial_add_error_reduce_ea(self, error); +} + /** Compute u := InvertNTT(Aᵀ ◦ r̂) + e₁ */ @@ -10338,149 +9105,47 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*a_as_ntt)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + result[i] = + libcrux_ml_kem_matrix_compute_vector_u_call_mut_a8_1b(&lvalue, i); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_2a(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result[i1], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_89_38(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_d6_ea(&result[i1], &error_1[i1]); } memcpy( ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); -} - -/** -A monomorphic instance of libcrux_ml_kem.vector.traits.decompress_1 -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics - -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_63( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_ZERO_0d(); - return libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( - libcrux_ml_kem_vector_portable_sub_0d(uu____0, &v), (int16_t)1665); -} - -/** -A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_then_decompress_message with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_0d( - uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_ea(); - for (size_t i = (size_t)0U; i < (size_t)16U; i++) { - size_t i0 = i; - libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_compressed = - libcrux_ml_kem_vector_portable_deserialize_1_0d( - Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, - (size_t)2U * i0 + (size_t)2U, - uint8_t)); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_63(coefficient_compressed); - re.coefficients[i0] = uu____0; - } - return re; -} - -/** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.add_message_error_reduce_89 -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics - -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_89_ea( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { - size_t i0 = i; - libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_normal_form = - libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( - result.coefficients[i0], (int16_t)1441); - libcrux_ml_kem_vector_portable_vector_type_PortableVector tmp = - libcrux_ml_kem_vector_portable_add_0d(self->coefficients[i0], - &message->coefficients[i0]); - libcrux_ml_kem_vector_portable_vector_type_PortableVector tmp0 = - libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, &tmp); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_barrett_reduce_0d(tmp0); - result.coefficients[i0] = uu____0; - } - return result; -} - -/** - Compute InverseNTT(tᵀ ◦ r̂) + e₂ + message -*/ -/** -A monomorphic instance of libcrux_ml_kem.matrix.compute_ring_element_v -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics -- K= 3 -*/ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_54( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_89_ea(); - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_2a(&t_as_ntt[i0], - &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result, &product); - } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_89_ea( - error_2, message, result); - return result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -10489,32 +9154,33 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_02( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_compress_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int16_t uu____0 = + int16_t uu____0 = libcrux_secrets_int_as_i16_f5( libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)10, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)10, + libcrux_secrets_int_as_u16_f5(a.elements[i0]))); + a.elements[i0] = uu____0; } - return v; + return a; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ /** -A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d +A monomorphic instance of libcrux_ml_kem.vector.portable.compress_b8 with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_28( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_02(v); +libcrux_ml_kem_vector_portable_compress_b8_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_ef(a); } /** @@ -10524,83 +9190,22 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_fc( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { +libcrux_ml_kem_serialize_compress_then_serialize_10_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_28( - libcrux_ml_kem_vector_traits_to_unsigned_representative_db( + libcrux_ml_kem_vector_portable_compress_b8_ef( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea( re->coefficients[i0])); uint8_t bytes[20U]; - libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - serialized, (size_t)20U * i0, (size_t)20U * i0 + (size_t)20U, uint8_t); + libcrux_ml_kem_vector_portable_serialize_10_b8(coefficient, bytes); Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t); - } - memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); -} - -/** -A monomorphic instance of libcrux_ml_kem.vector.portable.compress.compress -with const generics -- COEFFICIENT_BITS= 11 -*/ -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_020( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - int16_t uu____0 = - libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)11, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; - } - return v; -} - -/** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} -*/ -/** -A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d -with const generics -- COEFFICIENT_BITS= 11 -*/ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_280( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_020(v); -} - -/** -A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_11 -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics -- OUT_LEN= 320 -*/ -static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_e1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t serialized[320U] = {0U}; - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { - size_t i0 = i; - libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_280( - libcrux_ml_kem_vector_traits_to_unsigned_representative_db( - re->coefficients[i0])); - uint8_t bytes[22U]; - libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - serialized, (size_t)22U * i0, (size_t)22U * i0 + (size_t)22U, uint8_t); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)22U, bytes, uint8_t), uint8_t); + Eurydice_array_to_subslice3(serialized, (size_t)20U * i0, + (size_t)20U * i0 + (size_t)20U, uint8_t *), + Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t); } memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); } @@ -10613,10 +9218,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_5f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_fe( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_fc(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_ff(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -10632,23 +9237,23 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_a7( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_43( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = input[i0]; - Eurydice_slice uu____0 = Eurydice_slice_subslice2( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = input[i0]; + Eurydice_slice uu____0 = Eurydice_slice_subslice3( out, i0 * ((size_t)960U / (size_t)3U), - (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); + (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t *); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_5f(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_fe(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -10656,122 +9261,232 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_a7( } /** -A monomorphic instance of libcrux_ml_kem.vector.portable.compress.compress -with const generics -- COEFFICIENT_BITS= 4 +A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c1 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics +- K= 3 +- C1_LEN= 960 +- U_COMPRESSION_FACTOR= 10 +- BLOCK_LEN= 320 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +- ETA2= 2 +- ETA2_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_021( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { - size_t i0 = i; - int16_t uu____0 = - libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)4, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; +static KRML_MUSTINLINE tuple_ed libcrux_ml_kem_ind_cpa_encrypt_c1_85( + Eurydice_slice randomness, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix)[3U], + Eurydice_slice ciphertext) { + uint8_t prf_input[33U]; + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + r_as_ntt[i] = libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_f1_85(&lvalue, i); + } + uint8_t domain_separator0 = + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b(r_as_ntt, prf_input, + 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + error_1[i] = libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_dd_85(&lvalue, i); } - return v; -} - + uint8_t domain_separator = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_3b( + prf_input, domain_separator0, error_1); + prf_input[32U] = domain_separator; + uint8_t prf_output[128U]; + libcrux_ml_kem_hash_functions_portable_PRF_4a_410( + Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( + Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u[3U]; + libcrux_ml_kem_matrix_compute_vector_u_1b(matrix, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U]; + memcpy( + uu____0, u, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_43(uu____0, ciphertext); + /* Passing arrays by value in Rust generates a copy in C */ + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_r_as_ntt[3U]; + memcpy( + copy_of_r_as_ntt, r_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_ed lit; + memcpy( + lit.fst, copy_of_r_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = error_2; + return lit; +} + /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +A monomorphic instance of +libcrux_ml_kem.serialize.deserialize_then_decompress_message with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics + */ +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_message_ea( + uint8_t *serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t i0 = i; + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_compressed = + libcrux_ml_kem_vector_portable_deserialize_1_b8( + Eurydice_array_to_subslice3(serialized, (size_t)2U * i0, + (size_t)2U * i0 + (size_t)2U, + uint8_t *)); + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable_decompress_1_b8(coefficient_compressed); + re.coefficients[i0] = uu____0; + } + return re; +} + /** -A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d +A monomorphic instance of libcrux_ml_kem.polynomial.add_message_error_reduce +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- COEFFICIENT_BITS= 4 + */ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_281( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_021(v); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_add_message_error_reduce_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result) { + for (size_t i = (size_t)0U; + i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { + size_t i0 = i; + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_normal_form = + libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8( + result.coefficients[i0], (int16_t)1441); + libcrux_ml_kem_vector_portable_vector_type_PortableVector sum1 = + libcrux_ml_kem_vector_portable_add_b8(myself->coefficients[i0], + &message->coefficients[i0]); + libcrux_ml_kem_vector_portable_vector_type_PortableVector sum2 = + libcrux_ml_kem_vector_portable_add_b8(coefficient_normal_form, &sum1); + libcrux_ml_kem_vector_portable_vector_type_PortableVector red = + libcrux_ml_kem_vector_portable_barrett_reduce_b8(sum2); + result.coefficients[i0] = red; + } + return result; } /** -A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_4 +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.add_message_error_reduce_d6 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_9a( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, - Eurydice_slice serialized) { - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_add_message_error_reduce_d6_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result) { + return libcrux_ml_kem_polynomial_add_message_error_reduce_ea(self, message, + result); +} + +/** + Compute InverseNTT(tᵀ ◦ r̂) + e₂ + message +*/ +/** +A monomorphic instance of libcrux_ml_kem.matrix.compute_ring_element_v +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_matrix_compute_ring_element_v_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_281( - libcrux_ml_kem_vector_traits_to_unsigned_representative_db( - re.coefficients[i0])); - uint8_t bytes[8U]; - libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); - Eurydice_slice_copy( - Eurydice_slice_subslice2(serialized, (size_t)8U * i0, - (size_t)8U * i0 + (size_t)8U, uint8_t), - Eurydice_array_to_slice((size_t)8U, bytes, uint8_t), uint8_t); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(&t_as_ntt[i0], + &r_as_ntt[i0]); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&result, &product); } + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result); + return libcrux_ml_kem_polynomial_add_message_error_reduce_d6_ea( + error_2, message, result); } /** A monomorphic instance of libcrux_ml_kem.vector.portable.compress.compress with const generics -- COEFFICIENT_BITS= 5 +- COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_022( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_compress_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int16_t uu____0 = + int16_t uu____0 = libcrux_secrets_int_as_i16_f5( libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)5, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)4, + libcrux_secrets_int_as_u16_f5(a.elements[i0]))); + a.elements[i0] = uu____0; } - return v; + return a; } /** -This function found in impl {(libcrux_ml_kem::vector::traits::Operations for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +This function found in impl {libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector} */ /** -A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d +A monomorphic instance of libcrux_ml_kem.vector.portable.compress_b8 with const generics -- COEFFICIENT_BITS= 5 +- COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_282( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_022(v); +libcrux_ml_kem_vector_portable_compress_b8_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_d1(a); } /** -A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_5 +A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_4 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_1f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, +libcrux_ml_kem_serialize_compress_then_serialize_4_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_282( - libcrux_ml_kem_vector_traits_to_unsigned_representative_db( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable_compress_b8_d1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea( re.coefficients[i0])); - uint8_t bytes[10U]; - libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); + uint8_t bytes[8U]; + libcrux_ml_kem_vector_portable_serialize_4_b8(coefficient, bytes); Eurydice_slice_copy( - Eurydice_slice_subslice2(serialized, (size_t)10U * i0, - (size_t)10U * i0 + (size_t)10U, uint8_t), - Eurydice_array_to_slice((size_t)10U, bytes, uint8_t), uint8_t); + Eurydice_slice_subslice3(serialized, (size_t)8U * i0, + (size_t)8U * i0 + (size_t)8U, uint8_t *), + Eurydice_array_to_slice((size_t)8U, bytes, uint8_t), uint8_t); } } @@ -10779,17 +9494,81 @@ libcrux_ml_kem_serialize_compress_then_serialize_5_1f( A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_ring_element_v with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- K= 3 - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_4e( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_9a(re, out); +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice out) { + libcrux_ml_kem_serialize_compress_then_serialize_4_ea(re, out); } /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt +A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c2 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +- V_COMPRESSION_FACTOR= 4 +- C2_LEN= 128 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_encrypt_c2_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2, + uint8_t *message, Eurydice_slice ciphertext) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message_as_ring_element = + libcrux_ml_kem_serialize_deserialize_then_decompress_message_ea(message); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + libcrux_ml_kem_matrix_compute_ring_element_v_1b( + t_as_ntt, r_as_ntt, error_2, &message_as_ring_element); + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_6c( + v, ciphertext); +} + +/** + This function implements Algorithm 13 of the + NIST FIPS 203 specification; this is the Kyber CPA-PKE encryption algorithm. + + Algorithm 13 is reproduced below: + + ```plaintext + Input: encryption key ekₚₖₑ ∈ 𝔹^{384k+32}. + Input: message m ∈ 𝔹^{32}. + Input: encryption randomness r ∈ 𝔹^{32}. + Output: ciphertext c ∈ 𝔹^{32(dᵤk + dᵥ)}. + + N ← 0 + t̂ ← ByteDecode₁₂(ekₚₖₑ[0:384k]) + ρ ← ekₚₖₑ[384k: 384k + 32] + for (i ← 0; i < k; i++) + for(j ← 0; j < k; j++) + Â[i,j] ← SampleNTT(XOF(ρ, i, j)) + end for + end for + for(i ← 0; i < k; i++) + r[i] ← SamplePolyCBD_{η₁}(PRF_{η₁}(r,N)) + N ← N + 1 + end for + for(i ← 0; i < k; i++) + e₁[i] ← SamplePolyCBD_{η₂}(PRF_{η₂}(r,N)) + N ← N + 1 + end for + e₂ ← SamplePolyCBD_{η₂}(PRF_{η₂}(r,N)) + r̂ ← NTT(r) + u ← NTT-¹(Âᵀ ◦ r̂) + e₁ + μ ← Decompress₁(ByteDecode₁(m))) + v ← NTT-¹(t̂ᵀ ◦ rˆ) + e₂ + μ + c₁ ← ByteEncode_{dᵤ}(Compress_{dᵤ}(u)) + c₂ ← ByteEncode_{dᵥ}(Compress_{dᵥ}(v)) + return c ← (c₁ ‖ c₂) + ``` + + The NIST FIPS 203 standard can be found at + . +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_unpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics @@ -10806,95 +9585,83 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_60(Eurydice_slice public_key, - uint8_t message[32U], - Eurydice_slice randomness, - uint8_t ret[1088U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_33( - Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), - t_as_ntt); - Eurydice_slice seed = - Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; - uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_ea1(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_38(ret0, false, A); - uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_ea2(randomness, prf_input); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input0[33U]; - memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc( - copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; - memcpy( - r_as_ntt, uu____1.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t domain_separator0 = uu____1.snd; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input[33U]; - memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_ac( - copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; - memcpy( - error_1, uu____3.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t domain_separator = uu____3.snd; - prf_input[32U] = domain_separator; - uint8_t prf_output[128U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_ee0( - Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6( - Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_59(A, r_as_ntt, error_1, u); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_message[32U]; - memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_0d( - copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_54( - t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, + uint8_t *message, Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t ciphertext[1088U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; + tuple_ed uu____0 = libcrux_ml_kem_ind_cpa_encrypt_c1_85( + randomness, public_key->A, + Eurydice_array_to_subslice3(ciphertext, (size_t)0U, (size_t)960U, + uint8_t *)); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[3U]; memcpy( - uu____5, u, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_a7( - uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, - uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_4e( - uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, - (size_t)960U, uint8_t, size_t)); + r_as_ntt, uu____0.fst, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = uu____0.snd; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____1 = + public_key->t_as_ntt; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = r_as_ntt; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____3 = &error_2; + uint8_t *uu____4 = message; + libcrux_ml_kem_ind_cpa_encrypt_c2_6c( + uu____1, uu____2, uu____3, uu____4, + Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, + uint8_t, size_t, uint8_t[])); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); } /** -This function found in impl {(libcrux_ml_kem::variant::Variant for -libcrux_ml_kem::variant::MlKem)#1} +A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics +- K= 3 +- CIPHERTEXT_SIZE= 1088 +- T_AS_NTT_ENCODED_SIZE= 1152 +- C1_LEN= 960 +- C2_LEN= 128 +- U_COMPRESSION_FACTOR= 10 +- V_COMPRESSION_FACTOR= 4 +- BLOCK_LEN= 320 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +- ETA2= 2 +- ETA2_RANDOMNESS_SIZE= 128 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_encrypt_2a( + Eurydice_slice public_key, uint8_t *message, Eurydice_slice randomness, + uint8_t ret[1088U]) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 + unpacked_public_key = + libcrux_ml_kem_ind_cpa_build_unpacked_public_key_3f(public_key); + uint8_t ret0[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(&unpacked_public_key, message, + randomness, ret0); + memcpy(ret, ret0, (size_t)1088U * sizeof(uint8_t)); +} + +/** +This function found in impl {libcrux_ml_kem::variant::Variant for +libcrux_ml_kem::variant::MlKem} */ /** -A monomorphic instance of libcrux_ml_kem.variant.kdf_d8 +A monomorphic instance of libcrux_ml_kem.variant.kdf_39 with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_41( - Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, - uint8_t ret[32U]) { +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_39_d6( + Eurydice_slice shared_secret, uint8_t *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), shared_secret, uint8_t); memcpy(ret, out, (size_t)32U * sizeof(uint8_t)); } +/** + This code verifies on some machines, runs out of memory on others +*/ /** A monomorphic instance of libcrux_ml_kem.ind_cca.decapsulate with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, @@ -10917,71 +9684,63 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_70( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_decapsulate_62( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( - Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), - (size_t)1152U, uint8_t, Eurydice_slice_uint8_t_x2); + Eurydice_slice_uint8_t_x4 uu____0 = + libcrux_ml_kem_types_unpack_private_key_b4( + Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t)); Eurydice_slice ind_cpa_secret_key = uu____0.fst; - Eurydice_slice secret_key0 = uu____0.snd; - Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( - secret_key0, (size_t)1184U, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice ind_cpa_public_key = uu____1.fst; - Eurydice_slice secret_key = uu____1.snd; - Eurydice_slice_uint8_t_x2 uu____2 = Eurydice_slice_split_at( - secret_key, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, - Eurydice_slice_uint8_t_x2); - Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; - Eurydice_slice implicit_rejection_value = uu____2.snd; + Eurydice_slice ind_cpa_public_key = uu____0.snd; + Eurydice_slice ind_cpa_public_key_hash = uu____0.thd; + Eurydice_slice implicit_rejection_value = uu____0.f3; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_43(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_42(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_ea( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, - uint8_t, size_t), + uint8_t, size_t, uint8_t[]), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_e4( + libcrux_ml_kem_hash_functions_portable_G_4a_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); - Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( + Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice shared_secret0 = uu____3.fst; - Eurydice_slice pseudorandomness = uu____3.snd; + Eurydice_slice shared_secret0 = uu____1.fst; + Eurydice_slice pseudorandomness = uu____1.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_ea0(implicit_rejection_value, to_hash); - Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); + Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, - uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_24(ciphertext), + uint8_t, size_t, uint8_t[]); + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_d3_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_ee( + libcrux_ml_kem_hash_functions_portable_PRF_4a_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); - Eurydice_slice uu____5 = ind_cpa_public_key; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_decrypted[32U]; - memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_60(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_2a(ind_cpa_public_key, decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_41( + libcrux_ml_kem_variant_kdf_39_d6( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), - ciphertext, implicit_rejection_shared_secret); + libcrux_ml_kem_types_as_slice_a9_80(ciphertext), + implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_41(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_39_d6( + shared_secret0, libcrux_ml_kem_types_as_slice_a9_80(ciphertext), + shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_24(ciphertext), + libcrux_ml_kem_types_as_ref_d3_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -11014,10 +9773,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_2e( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_70(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_62(private_key, ciphertext, ret); } /** @@ -11028,23 +9787,23 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_2e( [`MlKem768Ciphertext`]. */ static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_2e( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_35( private_key, ciphertext, ret); } /** -This function found in impl {(libcrux_ml_kem::variant::Variant for -libcrux_ml_kem::variant::MlKem)#1} +This function found in impl {libcrux_ml_kem::variant::Variant for +libcrux_ml_kem::variant::MlKem} */ /** -A monomorphic instance of libcrux_ml_kem.variant.entropy_preprocess_d8 +A monomorphic instance of libcrux_ml_kem.variant.entropy_preprocess_39 with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_63( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_39_9c( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -11053,15 +9812,15 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_63( } /** -This function found in impl {(libcrux_ml_kem::hash_functions::Hash for -libcrux_ml_kem::hash_functions::portable::PortableHash)} +This function found in impl {libcrux_ml_kem::hash_functions::Hash for +libcrux_ml_kem::hash_functions::portable::PortableHash} */ /** -A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 +A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_4a with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H_f1_1a( +static inline void libcrux_ml_kem_hash_functions_portable_H_4a_e0( Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -11079,34 +9838,33 @@ libcrux_ml_kem_variant_MlKem with const generics - C2_SIZE= 128 - VECTOR_U_COMPRESSION_FACTOR= 10 - VECTOR_V_COMPRESSION_FACTOR= 4 -- VECTOR_U_BLOCK_LEN= 320 +- C1_BLOCK_SIZE= 320 - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cd( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - uint8_t randomness[32U]) { +static KRML_MUSTINLINE tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_ca( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t *randomness) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_63( + libcrux_ml_kem_variant_entropy_preprocess_39_9c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_ea( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, - size_t); - uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_1a( + size_t, uint8_t[]); + uint8_t ret0[32U]; + libcrux_ml_kem_hash_functions_portable_H_4a_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_cb_50(public_key), + libcrux_ml_kem_types_as_slice_e6_d0(public_key), uint8_t), - ret); + ret0); Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); + uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_e4( + libcrux_ml_kem_hash_functions_portable_G_4a_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -11114,30 +9872,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cd( Eurydice_slice_uint8_t_x2); Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; - Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_50(public_key), uint8_t); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[32U]; - memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_60(uu____2, copy_of_randomness, - pseudorandomness, ciphertext); + libcrux_ml_kem_ind_cpa_encrypt_2a( + Eurydice_array_to_slice((size_t)1184U, + libcrux_ml_kem_types_as_slice_e6_d0(public_key), + uint8_t), + randomness0, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); - libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_9f(copy_of_ciphertext); - uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_41(shared_secret, &ciphertext0, - shared_secret_array); - libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_shared_secret_array[32U]; - memcpy(copy_of_shared_secret_array, shared_secret_array, - (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; - lit.fst = uu____5; - memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); + tuple_c2 lit; + lit.fst = libcrux_ml_kem_types_from_e0_80(copy_of_ciphertext); + uint8_t ret[32U]; + libcrux_ml_kem_variant_kdf_39_d6(shared_secret, ciphertext, ret); + memcpy(lit.snd, ret, (size_t)32U * sizeof(uint8_t)); return lit; } @@ -11152,21 +9900,16 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - C2_SIZE= 128 - VECTOR_U_COMPRESSION_FACTOR= 10 - VECTOR_V_COMPRESSION_FACTOR= 4 -- VECTOR_U_BLOCK_LEN= 320 +- C1_BLOCK_SIZE= 320 - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_c6( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[32U]; - memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cd(uu____0, copy_of_randomness); +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t *randomness) { + return libcrux_ml_kem_ind_cca_encapsulate_ca(public_key, randomness); } /** @@ -11176,298 +9919,413 @@ libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_c6( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[32U]; - memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_c6( - uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_cd( + public_key, randomness); +} + +/** +This function found in impl {core::default::Default for +libcrux_ml_kem::ind_cpa::unpacked::IndCpaPrivateKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.unpacked.default_70 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 +libcrux_ml_kem_ind_cpa_unpacked_default_70_1b(void) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 lit; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d repeat_expression[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + repeat_expression[i] = libcrux_ml_kem_polynomial_ZERO_d6_ea(); + } + memcpy( + lit.secret_as_ntt, repeat_expression, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + return lit; } /** -This function found in impl {(libcrux_ml_kem::variant::Variant for -libcrux_ml_kem::variant::MlKem)#1} +This function found in impl {libcrux_ml_kem::variant::Variant for +libcrux_ml_kem::variant::MlKem} */ /** -A monomorphic instance of libcrux_ml_kem.variant.cpa_keygen_seed_d8 +A monomorphic instance of libcrux_ml_kem.variant.cpa_keygen_seed_39 with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_0e( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_39_9c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( - Eurydice_array_to_subslice2( + Eurydice_array_to_subslice3( seed, (size_t)0U, - LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t), + LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t *), key_generation_seed, uint8_t); seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_e4( + libcrux_ml_kem_hash_functions_portable_G_4a_e0( Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } /** -A monomorphic instance of libcrux_ml_kem.matrix.compute_As_plus_e.closure -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@3]> for +libcrux_ml_kem::ind_cpa::generate_keypair_unpacked::closure[TraitClause@0, TraitClause@1, +TraitClause@2, TraitClause@3, TraitClause@4, TraitClause@5]} +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cpa.generate_keypair_unpacked.call_mut_73 with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], +libcrux_ml_kem_variant_MlKem with const generics - K= 3 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_As_plus_e_closure_87(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_call_mut_73_1c( + void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); } /** -A monomorphic instance of libcrux_ml_kem.vector.traits.to_standard_domain +A monomorphic instance of libcrux_ml_kem.polynomial.to_standard_domain with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain_59( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( - v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_polynomial_to_standard_domain_ea( + libcrux_ml_kem_vector_portable_vector_type_PortableVector vector) { + return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8( + vector, + LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } /** -This function found in impl -{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0]} -*/ -/** -A monomorphic instance of libcrux_ml_kem.polynomial.add_standard_error_reduce_89 +A monomorphic instance of libcrux_ml_kem.polynomial.add_standard_error_reduce with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_89_03( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { +libcrux_ml_kem_polynomial_add_standard_error_reduce_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_59( - self->coefficients[j]); - libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_barrett_reduce_0d( - libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, - &error->coefficients[j])); - self->coefficients[j] = uu____0; + libcrux_ml_kem_polynomial_to_standard_domain_ea( + myself->coefficients[j]); + libcrux_ml_kem_vector_portable_vector_type_PortableVector sum = + libcrux_ml_kem_vector_portable_add_b8(coefficient_normal_form, + &error->coefficients[j]); + libcrux_ml_kem_vector_portable_vector_type_PortableVector red = + libcrux_ml_kem_vector_portable_barrett_reduce_b8(sum); + myself->coefficients[j] = red; } } /** - Compute  ◦ ŝ + ê +This function found in impl +{libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]} */ /** -A monomorphic instance of libcrux_ml_kem.matrix.compute_As_plus_e +A monomorphic instance of libcrux_ml_kem.polynomial.add_standard_error_reduce_d6 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- K= 3 -*/ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_60( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } - for (size_t i0 = (size_t)0U; - i0 < Eurydice_slice_len( - Eurydice_array_to_slice( - (size_t)3U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); - i0++) { - size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = matrix_A[i1]; - for (size_t i = (size_t)0U; - i < Eurydice_slice_len( - Eurydice_array_to_slice( - (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); - i++) { - size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = - &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_2a(matrix_element, - &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result[i1], - &product); - } - libcrux_ml_kem_polynomial_add_standard_error_reduce_89_03( - &result[i1], &error_as_ntt[i1]); - } - memcpy( - ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); -} - -/** -A monomorphic instance of -libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_5b( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { - uint8_t serialized[384U] = {0U}; - for (size_t i = (size_t)0U; - i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { - size_t i0 = i; - libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_db( - re->coefficients[i0]); - uint8_t bytes[24U]; - libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - serialized, (size_t)24U * i0, (size_t)24U * i0 + (size_t)24U, uint8_t); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t); - } - memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t)); +libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { + libcrux_ml_kem_polynomial_add_standard_error_reduce_ea(self, error); } /** - Call [`serialize_uncompressed_ring_element`] for each ring element. + Compute  ◦ ŝ + ê */ /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_secret_key +A monomorphic instance of libcrux_ml_kem.matrix.compute_As_plus_e with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 -- OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_b5( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, - uint8_t ret[1152U]) { - uint8_t out[1152U] = {0U}; +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix_A)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( - (size_t)3U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + (size_t)3U, matrix_A, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = key[i0]; - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - uint8_t); - uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_5b(&re, ret0); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_polynomial_ZERO_d6_ea(); + t_as_ntt[i0] = uu____0; + for (size_t i1 = (size_t)0U; + i1 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, row, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); + i1++) { + size_t j = i1; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *matrix_element = + &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(matrix_element, + &s_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&t_as_ntt[i0], + &product); + } + libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_ea( + &t_as_ntt[i0], &error_as_ntt[i0]); } - memcpy(ret, out, (size_t)1152U * sizeof(uint8_t)); } /** - Concatenate `t` and `ρ` into the public key. -*/ -/** -A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_public_key -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector -with const generics -- K= 3 -- RANKED_BYTES_PER_RING_ELEMENT= 1152 -- PUBLIC_KEY_SIZE= 1184 -*/ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_79( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - Eurydice_slice seed_for_a, uint8_t ret[1184U]) { - uint8_t public_key_serialized[1184U] = {0U}; - Eurydice_slice uu____0 = Eurydice_array_to_subslice2( - public_key_serialized, (size_t)0U, (size_t)1152U, uint8_t); - uint8_t ret0[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(t_as_ntt, ret0); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)1152U, ret0, uint8_t), uint8_t); - Eurydice_slice_copy( - Eurydice_array_to_subslice_from((size_t)1184U, public_key_serialized, - (size_t)1152U, uint8_t, size_t), - seed_for_a, uint8_t); - memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); -} + This function implements most of Algorithm 12 of the + NIST FIPS 203 specification; this is the Kyber CPA-PKE key generation + algorithm. + + We say "most of" since Algorithm 12 samples the required randomness within + the function itself, whereas this implementation expects it to be provided + through the `key_generation_seed` parameter. + + Algorithm 12 is reproduced below: + + ```plaintext + Output: encryption key ekₚₖₑ ∈ 𝔹^{384k+32}. + Output: decryption key dkₚₖₑ ∈ 𝔹^{384k}. + + d ←$ B + (ρ,σ) ← G(d) + N ← 0 + for (i ← 0; i < k; i++) + for(j ← 0; j < k; j++) + Â[i,j] ← SampleNTT(XOF(ρ, i, j)) + end for + end for + for(i ← 0; i < k; i++) + s[i] ← SamplePolyCBD_{η₁}(PRF_{η₁}(σ,N)) + N ← N + 1 + end for + for(i ← 0; i < k; i++) + e[i] ← SamplePolyCBD_{η₂}(PRF_{η₂}(σ,N)) + N ← N + 1 + end for + ŝ ← NTT(s) + ê ← NTT(e) + t̂ ← Â◦ŝ + ê + ekₚₖₑ ← ByteEncode₁₂(t̂) ‖ ρ + dkₚₖₑ ← ByteEncode₁₂(ŝ) + ``` + The NIST FIPS 203 standard can be found at + . +*/ /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair +A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair_unpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], libcrux_ml_kem_variant_MlKem with const generics - K= 3 -- PRIVATE_KEY_SIZE= 1152 -- PUBLIC_KEY_SIZE= 1184 -- RANKED_BYTES_PER_RING_ELEMENT= 1152 - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_fc(Eurydice_slice key_generation_seed) { +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c( + Eurydice_slice key_generation_seed, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_0e(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_39_9c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice seed_for_A0 = uu____0.fst; + Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] = + public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_ea1(seed_for_A0, ret); - libcrux_ml_kem_matrix_sample_matrix_A_38(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_ea2(seed_for_secret_and_error, - prf_input); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input0[33U]; - memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc( - copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - memcpy( - secret_as_ntt, uu____2.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t domain_separator = uu____2.snd; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input[33U]; - memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; - memcpy( - error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(copy_of_prf_input, - domain_separator) - .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e_60(A_transpose, secret_as_ntt, - error_as_ntt, t_as_ntt); - uint8_t seed_for_A[32U]; - Result_00 dst; - Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); - unwrap_41_83(dst, seed_for_A); + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + uint8_t domain_separator = + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b( + private_key->secret_as_ntt, prf_input, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + error_as_ntt[i] = + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_call_mut_73_1c(&lvalue, + i); + } + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b(error_as_ntt, prf_input, + domain_separator); + libcrux_ml_kem_matrix_compute_As_plus_e_1b( + public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, + error_as_ntt); + uint8_t uu____2[32U]; + Result_fb dst; + Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U], + TryFromSliceError); + unwrap_26_b3(dst, uu____2); + memcpy(public_key->seed_for_A, uu____2, (size_t)32U * sizeof(uint8_t)); +} + +/** +A monomorphic instance of +libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics + +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[384U]) { + uint8_t serialized[384U] = {0U}; + for (size_t i = (size_t)0U; + i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { + size_t i0 = i; + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea( + re->coefficients[i0]); + uint8_t bytes[24U]; + libcrux_ml_kem_vector_portable_serialize_12_b8(coefficient, bytes); + Eurydice_slice_copy( + Eurydice_array_to_subslice3(serialized, (size_t)24U * i0, + (size_t)24U * i0 + (size_t)24U, uint8_t *), + Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t); + } + memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t)); +} + +/** + Call [`serialize_uncompressed_ring_element`] for each ring element. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_vector +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_vector_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *key, + Eurydice_slice out) { + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, key, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); + i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = key[i0]; + Eurydice_slice uu____0 = Eurydice_slice_subslice3( + out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, + (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, + uint8_t *); + uint8_t ret[384U]; + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_ea(&re, ret); + Eurydice_slice_copy( + uu____0, Eurydice_array_to_slice((size_t)384U, ret, uint8_t), uint8_t); + } +} + +/** + Concatenate `t` and `ρ` into the public key. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_public_key_mut +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +- PUBLIC_KEY_SIZE= 1184 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + Eurydice_slice seed_for_a, uint8_t *serialized) { + libcrux_ml_kem_ind_cpa_serialize_vector_1b( + t_as_ntt, + Eurydice_array_to_subslice3( + serialized, (size_t)0U, + libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U), + uint8_t *)); + Eurydice_slice_copy( + Eurydice_array_to_subslice_from( + (size_t)1184U, serialized, + libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U), + uint8_t, size_t, uint8_t[]), + seed_for_a, uint8_t); +} + +/** + Concatenate `t` and `ρ` into the public key. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_public_key +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +- PUBLIC_KEY_SIZE= 1184 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + Eurydice_slice seed_for_a, uint8_t ret[1184U]) { + uint8_t public_key_serialized[1184U] = {0U}; + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_89(t_as_ntt, seed_for_a, + public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); +} + +/** + Serialize the secret key from the unpacked key pair generation. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_unpacked_secret_key +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +- PRIVATE_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +*/ +static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 +libcrux_ml_kem_ind_cpa_serialize_unpacked_secret_key_6c( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key) { uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_79( - t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), + libcrux_ml_kem_ind_cpa_serialize_public_key_89( + public_key->t_as_ntt, + Eurydice_array_to_slice((size_t)32U, public_key->seed_for_A, uint8_t), public_key_serialized); - uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(secret_as_ntt, - secret_key_serialized); + uint8_t secret_key_serialized[1152U] = {0U}; + libcrux_ml_kem_ind_cpa_serialize_vector_1b( + private_key->secret_as_ntt, + Eurydice_array_to_slice((size_t)1152U, secret_key_serialized, uint8_t)); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -11484,55 +10342,94 @@ libcrux_ml_kem_ind_cpa_generate_keypair_fc(Eurydice_slice key_generation_seed) { return lit; } +/** +A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], +libcrux_ml_kem_variant_MlKem with const generics +- K= 3 +- PRIVATE_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +*/ +static KRML_MUSTINLINE libcrux_ml_kem_utils_extraction_helper_Keypair768 +libcrux_ml_kem_ind_cpa_generate_keypair_ea(Eurydice_slice key_generation_seed) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = + libcrux_ml_kem_ind_cpa_unpacked_default_70_1b(); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = + libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c( + key_generation_seed, &private_key, &public_key); + return libcrux_ml_kem_ind_cpa_serialize_unpacked_secret_key_6c(&public_key, + &private_key); +} + /** Serialize the secret key. */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.serialize_kem_secret_key +A monomorphic instance of libcrux_ml_kem.ind_cca.serialize_kem_secret_key_mut with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_48( +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_serialize_kem_secret_key_mut_d6( Eurydice_slice private_key, Eurydice_slice public_key, - Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { - uint8_t out[2400U] = {0U}; + Eurydice_slice implicit_rejection_value, uint8_t *serialized) { size_t pointer = (size_t)0U; - uint8_t *uu____0 = out; + uint8_t *uu____0 = serialized; size_t uu____1 = pointer; size_t uu____2 = pointer; Eurydice_slice_copy( - Eurydice_array_to_subslice2( + Eurydice_array_to_subslice3( uu____0, uu____1, uu____2 + Eurydice_slice_len(private_key, uint8_t), - uint8_t), + uint8_t *), private_key, uint8_t); pointer = pointer + Eurydice_slice_len(private_key, uint8_t); - uint8_t *uu____3 = out; + uint8_t *uu____3 = serialized; size_t uu____4 = pointer; size_t uu____5 = pointer; Eurydice_slice_copy( - Eurydice_array_to_subslice2( + Eurydice_array_to_subslice3( uu____3, uu____4, uu____5 + Eurydice_slice_len(public_key, uint8_t), - uint8_t), + uint8_t *), public_key, uint8_t); pointer = pointer + Eurydice_slice_len(public_key, uint8_t); - Eurydice_slice uu____6 = Eurydice_array_to_subslice2( - out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); - uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_1a(public_key, ret0); + Eurydice_slice uu____6 = Eurydice_array_to_subslice3( + serialized, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, + uint8_t *); + uint8_t ret[32U]; + libcrux_ml_kem_hash_functions_portable_H_4a_e0(public_key, ret); Eurydice_slice_copy( - uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); + uu____6, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; - uint8_t *uu____7 = out; + uint8_t *uu____7 = serialized; size_t uu____8 = pointer; size_t uu____9 = pointer; Eurydice_slice_copy( - Eurydice_array_to_subslice2( + Eurydice_array_to_subslice3( uu____7, uu____8, uu____9 + Eurydice_slice_len(implicit_rejection_value, uint8_t), - uint8_t), + uint8_t *), implicit_rejection_value, uint8_t); +} + +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.serialize_kem_secret_key +with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] +with const generics +- K= 3 +- SERIALIZED_KEY_LEN= 2400 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6( + Eurydice_slice private_key, Eurydice_slice public_key, + Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { + uint8_t out[2400U] = {0U}; + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_mut_d6( + private_key, public_key, implicit_rejection_value, out); memcpy(ret, out, (size_t)2400U * sizeof(uint8_t)); } @@ -11553,27 +10450,26 @@ libcrux_ml_kem_variant_MlKem with const generics - CPA_PRIVATE_KEY_SIZE= 1152 - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 -- BYTES_PER_RING_ELEMENT= 1152 - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_8c(uint8_t randomness[64U]) { - Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( +static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_MlKem768KeyPair +libcrux_ml_kem_ind_cca_generate_keypair_15(uint8_t *randomness) { + Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice3( randomness, (size_t)0U, - LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); + LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t *); Eurydice_slice implicit_rejection_value = Eurydice_array_to_subslice_from( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, - size_t); + size_t, uint8_t[]); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_fc(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_ea(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_48( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -11581,14 +10477,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_8c(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_f2(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_77_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_35( - uu____2, libcrux_ml_kem_types_from_b6_da(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_74( + uu____2, libcrux_ml_kem_types_from_fd_d0(copy_of_public_key)); } /** @@ -11602,17 +10498,13 @@ generics - CPA_PRIVATE_KEY_SIZE= 1152 - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 -- BYTES_PER_RING_ELEMENT= 1152 - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d5( - uint8_t randomness[64U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[64U]; - memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_8c(copy_of_randomness); +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_ce( + uint8_t *randomness) { + return libcrux_ml_kem_ind_cca_generate_keypair_15(randomness); } /** @@ -11620,155 +10512,273 @@ libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d5( */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[64U]; - memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d5( - copy_of_randomness); + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_ce( + randomness); } /** -This function found in impl {(libcrux_ml_kem::variant::Variant for -libcrux_ml_kem::variant::Kyber)} + Validate an ML-KEM private key. + + This implements the Hash check in 7.3 3. */ /** -A monomorphic instance of libcrux_ml_kem.variant.kdf_33 +A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key_only with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 -- CIPHERTEXT_SIZE= 1088 +- SECRET_KEY_SIZE= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_f0( - Eurydice_slice shared_secret, - libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - uint8_t kdf_input[64U]; - libcrux_ml_kem_utils_into_padded_array_ea(shared_secret, kdf_input); - Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( - (size_t)64U, kdf_input, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, - size_t); - uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_1a( - Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_1d(ciphertext), - uint8_t), - ret0); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); - uint8_t ret1[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_ee( - Eurydice_array_to_slice((size_t)64U, kdf_input, uint8_t), ret1); - memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t)); +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_only_d6( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key) { + uint8_t t[32U]; + libcrux_ml_kem_hash_functions_portable_H_4a_e0( + Eurydice_array_to_subslice3(private_key->value, (size_t)384U * (size_t)3U, + (size_t)768U * (size_t)3U + (size_t)32U, + uint8_t *), + t); + Eurydice_slice expected = Eurydice_array_to_subslice3( + private_key->value, (size_t)768U * (size_t)3U + (size_t)32U, + (size_t)768U * (size_t)3U + (size_t)64U, uint8_t *); + return Eurydice_array_eq_slice((size_t)32U, t, &expected, uint8_t, bool); } /** -A monomorphic instance of libcrux_ml_kem.ind_cca.decapsulate -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], -libcrux_ml_kem_variant_Kyber with const generics + Validate an ML-KEM private key. + + This implements the Hash check in 7.3 3. + Note that the size checks in 7.2 1 and 2 are covered by the `SECRET_KEY_SIZE` + and `CIPHERTEXT_SIZE` in the `private_key` and `ciphertext` types. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key +with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] +with const generics - K= 3 - SECRET_KEY_SIZE= 2400 -- CPA_SECRET_KEY_SIZE= 1152 -- PUBLIC_KEY_SIZE= 1184 - CIPHERTEXT_SIZE= 1088 -- T_AS_NTT_ENCODED_SIZE= 1152 -- C1_SIZE= 960 -- C2_SIZE= 128 -- VECTOR_U_COMPRESSION_FACTOR= 10 -- VECTOR_V_COMPRESSION_FACTOR= 4 -- C1_BLOCK_SIZE= 320 -- ETA1= 2 -- ETA1_RANDOMNESS_SIZE= 128 -- ETA2= 2 -- ETA2_RANDOMNESS_SIZE= 128 -- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_700( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, - libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( - Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), - (size_t)1152U, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice ind_cpa_secret_key = uu____0.fst; - Eurydice_slice secret_key0 = uu____0.snd; - Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( - secret_key0, (size_t)1184U, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice ind_cpa_public_key = uu____1.fst; - Eurydice_slice secret_key = uu____1.snd; - Eurydice_slice_uint8_t_x2 uu____2 = Eurydice_slice_split_at( - secret_key, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, - Eurydice_slice_uint8_t_x2); - Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; - Eurydice_slice implicit_rejection_value = uu____2.snd; - uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_43(ind_cpa_secret_key, ciphertext->value, - decrypted); - uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_ea( - Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); - Eurydice_slice_copy( - Eurydice_array_to_subslice_from( - (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, - uint8_t, size_t), - ind_cpa_public_key_hash, uint8_t); - uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_e4( - Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); - Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( - Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), - LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, - Eurydice_slice_uint8_t_x2); - Eurydice_slice shared_secret0 = uu____3.fst; - Eurydice_slice pseudorandomness = uu____3.snd; - uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_ea0(implicit_rejection_value, to_hash); - Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( - (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, - uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_24(ciphertext), - uint8_t); - uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_ee( - Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), - implicit_rejection_shared_secret0); - Eurydice_slice uu____5 = ind_cpa_public_key; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_decrypted[32U]; - memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); - uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_60(uu____5, copy_of_decrypted, - pseudorandomness, expected_ciphertext); - uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_f0( - Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, - uint8_t), - ciphertext, implicit_rejection_shared_secret); - uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_f0(shared_secret0, ciphertext, shared_secret); - uint8_t ret0[32U]; - libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_24(ciphertext), - Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), - Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), - Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, - uint8_t), - ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_37( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, + libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { + return libcrux_ml_kem_ind_cca_validate_private_key_only_d6(private_key); } /** - Portable decapsulate + Private key validation */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.instantiations.portable.kyber_decapsulate with const +libcrux_ml_kem.ind_cca.instantiations.portable.validate_private_key with const generics - K= 3 - SECRET_KEY_SIZE= 2400 -- CPA_SECRET_KEY_SIZE= 1152 -- PUBLIC_KEY_SIZE= 1184 - CIPHERTEXT_SIZE= 1088 -- T_AS_NTT_ENCODED_SIZE= 1152 -- C1_SIZE= 960 +*/ +static KRML_MUSTINLINE bool +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_31( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, + libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { + return libcrux_ml_kem_ind_cca_validate_private_key_37(private_key, + ciphertext); +} + +/** + Validate a private key. + + Returns `true` if valid, and `false` otherwise. +*/ +static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, + libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_31( + private_key, ciphertext); +} + +/** + Private key validation +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.instantiations.portable.validate_private_key_only with +const generics +- K= 3 +- SECRET_KEY_SIZE= 2400 +*/ +static KRML_MUSTINLINE bool +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_only_41( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key) { + return libcrux_ml_kem_ind_cca_validate_private_key_only_d6(private_key); +} + +/** + Validate the private key only. + + Returns `true` if valid, and `false` otherwise. +*/ +static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key_only( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key) { + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_only_41( + private_key); +} + +/** +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]> for +libcrux_ml_kem::serialize::deserialize_ring_elements_reduced_out::closure[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of +libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out.call_mut_0b with +types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const +generics +- K= 3 +*/ +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_call_mut_0b_1b( + void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); +} + +/** + This function deserializes ring elements and reduces the result by the field + modulus. + + This function MUST NOT be used on secret inputs. +*/ +/** +A monomorphic instance of +libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- K= 3 +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_1b( + Eurydice_slice public_key, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + deserialized_pk[i] = + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_call_mut_0b_1b( + &lvalue, i); + } + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( + public_key, deserialized_pk); + memcpy( + ret, deserialized_pk, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); +} + +/** + Validate an ML-KEM public key. + + This implements the Modulus check in 7.2 2. + Note that the size check in 7.2 1 is covered by the `PUBLIC_KEY_SIZE` in the + `public_key` type. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +- PUBLIC_KEY_SIZE= 1184 +*/ +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_89( + uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U]; + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_1b( + Eurydice_array_to_subslice_to( + (size_t)1184U, public_key, + libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U), + uint8_t, size_t, uint8_t[]), + deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = deserialized_pk; + uint8_t public_key_serialized[1184U]; + libcrux_ml_kem_ind_cpa_serialize_public_key_89( + uu____0, + Eurydice_array_to_subslice_from( + (size_t)1184U, public_key, + libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U), + uint8_t, size_t, uint8_t[]), + public_key_serialized); + return Eurydice_array_eq((size_t)1184U, public_key, public_key_serialized, + uint8_t); +} + +/** + Public key validation +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.instantiations.portable.validate_public_key with const +generics +- K= 3 +- PUBLIC_KEY_SIZE= 1184 +*/ +static KRML_MUSTINLINE bool +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_41( + uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_89(public_key); +} + +/** + Validate a public key. + + Returns `true` if valid, and `false` otherwise. +*/ +static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key) { + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_41( + public_key->value); +} + +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.MlKemPublicKeyUnpacked +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- $3size_t +*/ +typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0_s { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 ind_cpa_public_key; + uint8_t public_key_hash[32U]; +} libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0; + +typedef libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768PublicKeyUnpacked; + +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.unpacked.MlKemPrivateKeyUnpacked with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- $3size_t +*/ +typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0_s { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 + ind_cpa_private_key; + uint8_t implicit_rejection_value[32U]; +} libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0; + +typedef struct + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked_s { + libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 private_key; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 public_key; +} libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked; + +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.decapsulate +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics +- K= 3 +- SECRET_KEY_SIZE= 2400 +- CPA_SECRET_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +- CIPHERTEXT_SIZE= 1088 +- T_AS_NTT_ENCODED_SIZE= 1152 +- C1_SIZE= 960 - C2_SIZE= 128 - VECTOR_U_COMPRESSION_FACTOR= 10 - VECTOR_V_COMPRESSION_FACTOR= 4 @@ -11779,47 +10789,135 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_fc( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_unpacked_decapsulate_51( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, + libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { + uint8_t decrypted[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_42( + &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); + uint8_t to_hash0[64U]; + libcrux_ml_kem_utils_into_padded_array_24( + Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); + Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( + (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, + uint8_t, size_t, uint8_t[]); + Eurydice_slice_copy( + uu____0, + Eurydice_array_to_slice((size_t)32U, key_pair->public_key.public_key_hash, + uint8_t), + uint8_t); + uint8_t hashed[64U]; + libcrux_ml_kem_hash_functions_portable_G_4a_e0( + Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( + Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), + LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, + Eurydice_slice_uint8_t_x2); + Eurydice_slice shared_secret = uu____1.fst; + Eurydice_slice pseudorandomness = uu____1.snd; + uint8_t to_hash[1120U]; + libcrux_ml_kem_utils_into_padded_array_15( + Eurydice_array_to_slice( + (size_t)32U, key_pair->private_key.implicit_rejection_value, uint8_t), + to_hash); + Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( + (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, + uint8_t, size_t, uint8_t[]); + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_d3_80(ciphertext), + uint8_t); + uint8_t implicit_rejection_shared_secret[32U]; + libcrux_ml_kem_hash_functions_portable_PRF_4a_41( + Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), + implicit_rejection_shared_secret); + uint8_t expected_ciphertext[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a( + &key_pair->public_key.ind_cpa_public_key, decrypted, pseudorandomness, + expected_ciphertext); + uint8_t selector = + libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( + libcrux_ml_kem_types_as_ref_d3_80(ciphertext), + Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); + uint8_t ret0[32U]; + libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( + shared_secret, + Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, + uint8_t), + selector, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); +} + +/** + Unpacked decapsulate +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.decapsulate with const +generics +- K= 3 +- SECRET_KEY_SIZE= 2400 +- CPA_SECRET_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +- CIPHERTEXT_SIZE= 1088 +- T_AS_NTT_ENCODED_SIZE= 1152 +- C1_SIZE= 960 +- C2_SIZE= 128 +- VECTOR_U_COMPRESSION_FACTOR= 10 +- VECTOR_V_COMPRESSION_FACTOR= 4 +- C1_BLOCK_SIZE= 320 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +- ETA2= 2 +- ETA2_RANDOMNESS_SIZE= 128 +- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_35( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_700(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_51(key_pair, ciphertext, ret); } /** - Decapsulate Kyber 768 + Decapsulate ML-KEM 768 (unpacked) Generates an [`MlKemSharedSecret`]. - The input is a reference to an [`MlKem768PrivateKey`] and an - [`MlKem768Ciphertext`]. + The input is a reference to an unpacked key pair of type + [`MlKem768KeyPairUnpacked`] and an [`MlKem768Ciphertext`]. */ -static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_fc( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_35( private_key, ciphertext, ret); } /** -This function found in impl {(libcrux_ml_kem::variant::Variant for -libcrux_ml_kem::variant::Kyber)} -*/ -/** -A monomorphic instance of libcrux_ml_kem.variant.entropy_preprocess_33 +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.encaps_prepare with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_8a( - Eurydice_slice randomness, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_portable_H_f1_1a(randomness, ret); +static inline void libcrux_ml_kem_ind_cca_unpacked_encaps_prepare_9c( + Eurydice_slice randomness, Eurydice_slice pk_hash, uint8_t ret[64U]) { + uint8_t to_hash[64U]; + libcrux_ml_kem_utils_into_padded_array_24(randomness, to_hash); + Eurydice_slice_copy( + Eurydice_array_to_subslice_from((size_t)64U, to_hash, + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, + uint8_t, size_t, uint8_t[]), + pk_hash, uint8_t); + uint8_t ret0[64U]; + libcrux_ml_kem_hash_functions_portable_G_4a_e0( + Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), ret0); + memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } /** -A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.encapsulate with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], -libcrux_ml_kem_variant_Kyber with const generics +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const +generics - K= 3 - CIPHERTEXT_SIZE= 1088 - PUBLIC_KEY_SIZE= 1184 @@ -11834,68 +10932,50 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cd0( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - uint8_t randomness[32U]) { - uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_8a( - Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); - uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_ea( - Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); - Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( - (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, - size_t); - uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_1a( - Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_cb_50(public_key), - uint8_t), - ret); - Eurydice_slice_copy( - uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); +static KRML_MUSTINLINE tuple_c2 libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, + uint8_t *randomness) { uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_e4( - Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); - Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( + libcrux_ml_kem_ind_cca_unpacked_encaps_prepare_9c( + Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), + Eurydice_array_to_slice((size_t)32U, public_key->public_key_hash, + uint8_t), + hashed); + Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice shared_secret = uu____1.fst; - Eurydice_slice pseudorandomness = uu____1.snd; - Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_50(public_key), uint8_t); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[32U]; - memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); + Eurydice_slice shared_secret = uu____0.fst; + Eurydice_slice pseudorandomness = uu____0.snd; uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_60(uu____2, copy_of_randomness, - pseudorandomness, ciphertext); + libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(&public_key->ind_cpa_public_key, + randomness, pseudorandomness, + ciphertext); + uint8_t shared_secret_array[32U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, shared_secret_array, uint8_t), + shared_secret, uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); - libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_9f(copy_of_ciphertext); - uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_f0(shared_secret, &ciphertext0, - shared_secret_array); - libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; + libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____2 = + libcrux_ml_kem_types_from_e0_80(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; - lit.fst = uu____5; + tuple_c2 lit; + lit.fst = uu____2; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; } /** - Portable encapsulate + Unpacked encapsulate */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.instantiations.portable.kyber_encapsulate with const +libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.encapsulate with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 @@ -11911,428 +10991,761 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_7a( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static KRML_MUSTINLINE tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_cd( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, + uint8_t *randomness) { + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c(public_key, randomness); +} + +/** + Encapsulate ML-KEM 768 (unpacked) + + Generates an ([`MlKem768Ciphertext`], [`MlKemSharedSecret`]) tuple. + The input is a reference to an unpacked public key of type + [`MlKem768PublicKeyUnpacked`], the SHA3-256 hash of this public key, and + [`SHARED_SECRET_SIZE`] bytes of `randomness`. +*/ +static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_cd( + public_key, randomness); +} + +/** +This function found in impl {core::ops::function::FnMut<(usize), +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@1]> for +libcrux_ml_kem::ind_cca::unpacked::transpose_a::closure::closure[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.unpacked.transpose_a.closure.call_mut_b4 with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- K= 3 +*/ +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cca_unpacked_transpose_a_closure_call_mut_b4_1b( + void **_, size_t tupled_args) { + return libcrux_ml_kem_polynomial_ZERO_d6_ea(); +} + +/** +This function found in impl {core::ops::function::FnMut<(usize), +@Array[TraitClause@0, +TraitClause@1], K>> for +libcrux_ml_kem::ind_cca::unpacked::transpose_a::closure[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.unpacked.transpose_a.call_mut_7b with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- K= 3 +*/ +static inline void libcrux_ml_kem_ind_cca_unpacked_transpose_a_call_mut_7b_1b( + void **_, size_t tupled_args, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + ret[i] = libcrux_ml_kem_ind_cca_unpacked_transpose_a_closure_call_mut_b4_1b( + &lvalue, i); + } +} + +/** +This function found in impl {core::clone::Clone for +libcrux_ml_kem::polynomial::PolynomialRingElement[TraitClause@0, +TraitClause@2]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.polynomial.clone_c1 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_clone_c1_ea( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit; + libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U]; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)16U, self->coefficients, ret, + libcrux_ml_kem_vector_portable_vector_type_PortableVector, void *); + memcpy(lit.coefficients, ret, + (size_t)16U * + sizeof(libcrux_ml_kem_vector_portable_vector_type_PortableVector)); + return lit; +} + +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.transpose_a +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static inline void libcrux_ml_kem_ind_cca_unpacked_transpose_a_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ind_cpa_a[3U][3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U][3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + /* original Rust expression is not an lvalue in C */ + void *lvalue = (void *)0U; + libcrux_ml_kem_ind_cca_unpacked_transpose_a_call_mut_7b_1b(&lvalue, i, + A[i]); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d _a_i[3U][3U]; + memcpy(_a_i, A, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); + for (size_t i1 = (size_t)0U; i1 < (size_t)3U; i1++) { + size_t j = i1; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_polynomial_clone_c1_ea(&ind_cpa_a[j][i0]); + A[i0][j] = uu____0; + } + } + memcpy(ret, A, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); +} + +/** + Generate Unpacked Keys +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.generate_keypair +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, +libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], +libcrux_ml_kem_variant_MlKem with const generics +- K= 3 +- CPA_PRIVATE_KEY_SIZE= 1152 +- PRIVATE_KEY_SIZE= 2400 +- PUBLIC_KEY_SIZE= 1184 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +*/ +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15( + uint8_t randomness[64U], + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { + Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice3( + randomness, (size_t)0U, + LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t *); + Eurydice_slice implicit_rejection_value = Eurydice_array_to_subslice_from( + (size_t)64U, randomness, + LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, + size_t, uint8_t[]); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c( + ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, + &out->public_key.ind_cpa_public_key); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U][3U]; + memcpy(uu____0, out->public_key.ind_cpa_public_key.A, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U]; + libcrux_ml_kem_ind_cca_unpacked_transpose_a_1b(uu____0, A); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1[3U][3U]; + memcpy(uu____1, A, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); + memcpy(out->public_key.ind_cpa_public_key.A, uu____1, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); + uint8_t pk_serialized[1184U]; + libcrux_ml_kem_ind_cpa_serialize_public_key_89( + out->public_key.ind_cpa_public_key.t_as_ntt, + Eurydice_array_to_slice( + (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), + pk_serialized); + uint8_t uu____2[32U]; + libcrux_ml_kem_hash_functions_portable_H_4a_e0( + Eurydice_array_to_slice((size_t)1184U, pk_serialized, uint8_t), uu____2); + memcpy(out->public_key.public_key_hash, uu____2, + (size_t)32U * sizeof(uint8_t)); + uint8_t uu____3[32U]; + Result_fb dst; + Eurydice_slice_to_array2(&dst, implicit_rejection_value, Eurydice_slice, + uint8_t[32U], TryFromSliceError); + unwrap_26_b3(dst, uu____3); + memcpy(out->private_key.implicit_rejection_value, uu____3, + (size_t)32U * sizeof(uint8_t)); +} + +/** + Generate a key pair +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.generate_keypair with +const generics +- K= 3 +- CPA_PRIVATE_KEY_SIZE= 1152 +- PRIVATE_KEY_SIZE= 2400 +- PUBLIC_KEY_SIZE= 1184 +- ETA1= 2 +- ETA1_RANDOMNESS_SIZE= 128 +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_ce( + uint8_t randomness[64U], + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[32U]; - memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cd0(uu____0, copy_of_randomness); + uint8_t copy_of_randomness[64U]; + memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15(copy_of_randomness, out); } /** - Encapsulate Kyber 768 + Generate ML-KEM 768 Key Pair in "unpacked" form. +*/ +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair_mut( + uint8_t randomness[64U], + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *key_pair) { + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_randomness[64U]; + memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_ce( + copy_of_randomness, key_pair); +} - Generates an ([`MlKem768Ciphertext`], [`MlKemSharedSecret`]) tuple. - The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] - bytes of `randomness`. +/** +This function found in impl {core::default::Default for +libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_30 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_unpacked_default_30_1b(void) { + return ( + KRML_CLITERAL(libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0){ + .ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b(), + .public_key_hash = {0U}}); +} + +/** +This function found in impl {core::default::Default for +libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_7b +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + libcrux_ml_kem_ind_cca_unpacked_default_7b_1b(void) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0 = { + .ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_70_1b(), + .implicit_rejection_value = {0U}}; + return (KRML_CLITERAL( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){ + .private_key = uu____0, + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_30_1b()}); +} + +/** + Generate ML-KEM 768 Key Pair in "unpacked" form. +*/ +static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair( + uint8_t randomness[64U]) { + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked key_pair = + libcrux_ml_kem_ind_cca_unpacked_default_7b_1b(); + uint8_t uu____0[64U]; + memcpy(uu____0, randomness, (size_t)64U * sizeof(uint8_t)); + libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair_mut(uu____0, + &key_pair); + return key_pair; +} + +/** + Create a new, empty unpacked key. +*/ +static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { + return libcrux_ml_kem_ind_cca_unpacked_default_7b_1b(); +} + +/** + Create a new, empty unpacked public key. +*/ +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { + return libcrux_ml_kem_ind_cca_unpacked_default_30_1b(); +} + +/** + Take a serialized private key and generate an unpacked key pair from it. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.keys_from_private_key +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +- SECRET_KEY_SIZE= 2400 +- CPA_SECRET_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +- T_AS_NTT_ENCODED_SIZE= 1152 */ -static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[32U]; - memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_7a( - uu____0, copy_of_randomness); +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_unpacked_keys_from_private_key_42( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *key_pair) { + Eurydice_slice_uint8_t_x4 uu____0 = + libcrux_ml_kem_types_unpack_private_key_b4( + Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t)); + Eurydice_slice ind_cpa_secret_key = uu____0.fst; + Eurydice_slice ind_cpa_public_key = uu____0.snd; + Eurydice_slice ind_cpa_public_key_hash = uu____0.thd; + Eurydice_slice implicit_rejection_value = uu____0.f3; + libcrux_ml_kem_ind_cpa_deserialize_vector_1b( + ind_cpa_secret_key, + key_pair->private_key.ind_cpa_private_key.secret_as_ntt); + libcrux_ml_kem_ind_cpa_build_unpacked_public_key_mut_3f( + ind_cpa_public_key, &key_pair->public_key.ind_cpa_public_key); + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, key_pair->public_key.public_key_hash, + uint8_t), + ind_cpa_public_key_hash, uint8_t); + Eurydice_slice_copy( + Eurydice_array_to_slice( + (size_t)32U, key_pair->private_key.implicit_rejection_value, uint8_t), + implicit_rejection_value, uint8_t); + Eurydice_slice_copy( + Eurydice_array_to_slice( + (size_t)32U, key_pair->public_key.ind_cpa_public_key.seed_for_A, + uint8_t), + Eurydice_slice_subslice_from(ind_cpa_public_key, (size_t)1152U, uint8_t, + size_t, uint8_t[]), + uint8_t); } /** -This function found in impl {(libcrux_ml_kem::variant::Variant for -libcrux_ml_kem::variant::Kyber)} + Take a serialized private key and generate an unpacked key pair from it. */ /** -A monomorphic instance of libcrux_ml_kem.variant.cpa_keygen_seed_33 -with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] +A monomorphic instance of +libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.keypair_from_private_key with const generics - K= 3 +- SECRET_KEY_SIZE= 2400 +- CPA_SECRET_KEY_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +- T_AS_NTT_ENCODED_SIZE= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_b6( - Eurydice_slice key_generation_seed, uint8_t ret[64U]) { - libcrux_ml_kem_hash_functions_portable_G_f1_e4(key_generation_seed, ret); +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_keypair_from_private_key_fd( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *key_pair) { + libcrux_ml_kem_ind_cca_unpacked_keys_from_private_key_42(private_key, + key_pair); } /** -A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], -libcrux_ml_kem_variant_Kyber with const generics -- K= 3 -- PRIVATE_KEY_SIZE= 1152 -- PUBLIC_KEY_SIZE= 1184 -- RANKED_BYTES_PER_RING_ELEMENT= 1152 -- ETA1= 2 -- ETA1_RANDOMNESS_SIZE= 128 + Get an unpacked key from a private key. */ -static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_fc0( - Eurydice_slice key_generation_seed) { - uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_b6(key_generation_seed, hashed); - Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( - Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, - uint8_t, Eurydice_slice_uint8_t_x2); - Eurydice_slice seed_for_A0 = uu____0.fst; - Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; - uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_ea1(seed_for_A0, ret); - libcrux_ml_kem_matrix_sample_matrix_A_38(ret, true, A_transpose); - uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_ea2(seed_for_secret_and_error, - prf_input); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input0[33U]; - memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc( - copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - memcpy( - secret_as_ntt, uu____2.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t domain_separator = uu____2.snd; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_prf_input[33U]; - memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; - memcpy( - error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(copy_of_prf_input, - domain_separator) - .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e_60(A_transpose, secret_as_ntt, - error_as_ntt, t_as_ntt); - uint8_t seed_for_A[32U]; - Result_00 dst; - Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); - unwrap_41_83(dst, seed_for_A); - uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_79( - t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), - public_key_serialized); - uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(secret_as_ntt, - secret_key_serialized); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_secret_key_serialized[1152U]; - memcpy(copy_of_secret_key_serialized, secret_key_serialized, - (size_t)1152U * sizeof(uint8_t)); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_public_key_serialized[1184U]; - memcpy(copy_of_public_key_serialized, public_key_serialized, - (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, - (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, - (size_t)1184U * sizeof(uint8_t)); - return lit; +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_from_private_mut( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *key_pair) { + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_keypair_from_private_key_fd( + private_key, key_pair); } /** - Packed API - - Generate a key pair. - - Depending on the `Vector` and `Hasher` used, this requires different hardware - features +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.generate_keypair -with types libcrux_ml_kem_vector_portable_vector_type_PortableVector, -libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], -libcrux_ml_kem_variant_Kyber with const generics +A monomorphic instance of +libcrux_ml_kem.ind_cca.unpacked.serialized_private_key_mut_11 with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - CPA_PRIVATE_KEY_SIZE= 1152 - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 -- BYTES_PER_RING_ELEMENT= 1152 -- ETA1= 2 -- ETA1_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_8c0(uint8_t randomness[64U]) { - Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( - randomness, (size_t)0U, - LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); - Eurydice_slice implicit_rejection_value = Eurydice_array_to_subslice_from( - (size_t)64U, randomness, - LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, - size_t); +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_mut_11_43( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *serialized) { libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_fc0(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_serialize_unpacked_secret_key_6c( + &self->public_key.ind_cpa_public_key, + &self->private_key.ind_cpa_private_key); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); - uint8_t public_key[1184U]; - memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); - uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_48( + uint8_t ind_cpa_public_key[1184U]; + memcpy(ind_cpa_public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_mut_d6( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), - Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), - implicit_rejection_value, secret_key_serialized); - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_secret_key_serialized[2400U]; - memcpy(copy_of_secret_key_serialized, secret_key_serialized, - (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_f2(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_public_key[1184U]; - memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_35( - uu____2, libcrux_ml_kem_types_from_b6_da(copy_of_public_key)); + Eurydice_array_to_slice((size_t)1184U, ind_cpa_public_key, uint8_t), + Eurydice_array_to_slice( + (size_t)32U, self->private_key.implicit_rejection_value, uint8_t), + serialized->value); } +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]} +*/ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.instantiations.portable.kyber_generate_keypair with const -generics +libcrux_ml_kem.ind_cca.unpacked.serialized_private_key_11 with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - CPA_PRIVATE_KEY_SIZE= 1152 - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 -- BYTES_PER_RING_ELEMENT= 1152 -- ETA1= 2 -- ETA1_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_9b( - uint8_t randomness[64U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[64U]; - memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_8c0(copy_of_randomness); +static KRML_MUSTINLINE libcrux_ml_kem_types_MlKemPrivateKey_d9 +libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_11_43( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { + libcrux_ml_kem_types_MlKemPrivateKey_d9 sk = + libcrux_ml_kem_types_default_d3_28(); + libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_mut_11_43(self, &sk); + return sk; } /** - Generate Kyber 768 Key Pair + Get the serialized private key. */ -static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( - uint8_t randomness[64U]) { - /* Passing arrays by value in Rust generates a copy in C */ - uint8_t copy_of_randomness[64U]; - memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_9b( - copy_of_randomness); +static inline libcrux_ml_kem_types_MlKemPrivateKey_d9 +libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_private_key( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *key_pair) { + return libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_11_43(key_pair); } /** - Validate an ML-KEM private key. + Get the serialized private key. +*/ +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_private_key_mut( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_mut_11_43(key_pair, + serialized); +} - This implements the Hash check in 7.3 3. - Note that the size checks in 7.2 1 and 2 are covered by the `SECRET_KEY_SIZE` - and `CIPHERTEXT_SIZE` in the `private_key` and `ciphertext` types. +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key -with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.serialized_dd +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 -- SECRET_KEY_SIZE= 2400 -- CIPHERTEXT_SIZE= 1088 +- PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_e7( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, - libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { - uint8_t t[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_1a( - Eurydice_array_to_subslice2(private_key->value, (size_t)384U * (size_t)3U, - (size_t)768U * (size_t)3U + (size_t)32U, - uint8_t), - t); - Eurydice_slice expected = Eurydice_array_to_subslice2( - private_key->value, (size_t)768U * (size_t)3U + (size_t)32U, - (size_t)768U * (size_t)3U + (size_t)64U, uint8_t); - return core_array_equality___core__cmp__PartialEq__0___Slice_U____for__Array_T__N___3__eq( - (size_t)32U, t, &expected, uint8_t, uint8_t, bool); +static KRML_MUSTINLINE libcrux_ml_kem_types_MlKemPublicKey_30 +libcrux_ml_kem_ind_cca_unpacked_serialized_dd_89( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { + uint8_t ret[1184U]; + libcrux_ml_kem_ind_cpa_serialize_public_key_89( + self->ind_cpa_public_key.t_as_ntt, + Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, + uint8_t), + ret); + return libcrux_ml_kem_types_from_fd_d0(ret); } /** - Portable private key validation +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]} */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.instantiations.portable.validate_private_key with const -generics +libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_11 with types +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 -- SECRET_KEY_SIZE= 2400 -- CIPHERTEXT_SIZE= 1088 +- PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_9c( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, - libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_e7(private_key, - ciphertext); +static KRML_MUSTINLINE libcrux_ml_kem_types_MlKemPublicKey_30 +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_11_89( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { + return libcrux_ml_kem_ind_cca_unpacked_serialized_dd_89(&self->public_key); } /** - Validate a private key. - - Returns `true` if valid, and `false` otherwise. + Get the serialized public key. */ -static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, - libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_9c( - private_key, ciphertext); +static inline libcrux_ml_kem_types_MlKemPublicKey_30 +libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked + *key_pair) { + return libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_11_89(key_pair); } /** -A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_ring_elements_reduced.closure with types -libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- PUBLIC_KEY_SIZE= 1184 +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.serialized_mut_dd +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics - K= 3 +- PUBLIC_KEY_SIZE= 1184 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_cd0( - size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_ea(); +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_unpacked_serialized_mut_dd_89( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_89( + self->ind_cpa_public_key.t_as_ntt, + Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, + uint8_t), + serialized->value); } /** - This function deserializes ring elements and reduces the result by the field - modulus. - - This function MUST NOT be used on secret inputs. +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]} */ /** A monomorphic instance of -libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types +libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_11 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics -- PUBLIC_KEY_SIZE= 1184 - K= 3 +- PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_330( - Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_ea(); - } - for (size_t i = (size_t)0U; - i < Eurydice_slice_len(public_key, uint8_t) / - LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; - i++) { - size_t i0 = i; - Eurydice_slice ring_element = Eurydice_slice_subslice2( - public_key, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + - LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, - uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_4c( - ring_element); - deserialized_pk[i0] = uu____0; - } - memcpy( - ret, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_11_89( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_mut_dd_89(&self->public_key, + serialized); } /** - Validate an ML-KEM public key. + Get the serialized public key. +*/ +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key_mut( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_11_89(key_pair, + serialized); +} - This implements the Modulus check in 7.2 2. - Note that the size check in 7.2 1 is covered by the `PUBLIC_KEY_SIZE` in the - `public_key` type. +/** +This function found in impl {core::clone::Clone for +libcrux_ml_kem::ind_cpa::unpacked::IndCpaPublicKeyUnpacked[TraitClause@0, TraitClause@2]} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key +A monomorphic instance of libcrux_ml_kem.ind_cpa.unpacked.clone_91 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 -- RANKED_BYTES_PER_RING_ELEMENT= 1152 -- PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_19( - uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_330( - Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, - uint8_t, size_t), - deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; - uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_79( - uu____0, - Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, - uint8_t, size_t), - public_key_serialized); - return core_array_equality___core__cmp__PartialEq__Array_U__N___for__Array_T__N____eq( - (size_t)1184U, public_key, public_key_serialized, uint8_t, uint8_t, bool); +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cpa_unpacked_clone_91_1b( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U]; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)3U, self->t_as_ntt, uu____0, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d, void *); + uint8_t uu____1[32U]; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)32U, self->seed_for_A, uu____1, uint8_t, void *); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit; + memcpy( + lit.t_as_ntt, uu____0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U][3U]; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)3U, self->A, ret, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U], void *); + memcpy(lit.A, ret, + (size_t)3U * + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); + return lit; } /** - Portable public key validation +This function found in impl {core::clone::Clone for +libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@2]} */ /** -A monomorphic instance of -libcrux_ml_kem.ind_cca.instantiations.portable.validate_public_key with const -generics +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.clone_d7 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics - K= 3 -- RANKED_BYTES_PER_RING_ELEMENT= 1152 -- PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4b( - uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_19(public_key); +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_unpacked_clone_d7_1b( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; + lit.ind_cpa_public_key = + libcrux_ml_kem_ind_cpa_unpacked_clone_91_1b(&self->ind_cpa_public_key); + uint8_t ret[32U]; + core_array__core__clone__Clone_for__Array_T__N___clone( + (size_t)32U, self->public_key_hash, ret, uint8_t, void *); + memcpy(lit.public_key_hash, ret, (size_t)32U * sizeof(uint8_t)); + return lit; } /** - Validate a public key. +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.public_key_11 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * +libcrux_ml_kem_ind_cca_unpacked_public_key_11_1b( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { + return &self->public_key; +} - Returns `true` if valid, and `false` otherwise. +/** + Get the unpacked public key. */ -static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4b( - public_key->value); +static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = + libcrux_ml_kem_ind_cca_unpacked_clone_d7_1b( + libcrux_ml_kem_ind_cca_unpacked_public_key_11_1b(key_pair)); + pk[0U] = uu____0; } /** -This function found in impl {(core::clone::Clone for -libcrux_ml_kem::vector::portable::vector_type::PortableVector)} + Get the serialized public key. */ -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_vector_type_clone_3b( - libcrux_ml_kem_vector_portable_vector_type_PortableVector *self) { - return self[0U]; +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_mut_dd_89(public_key, serialized); } -typedef int16_t libcrux_ml_kem_vector_portable_vector_type_FieldElement; +/** + Generate an unpacked key from a serialized key. +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.unpack_public_key +with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]], +libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics +- K= 3 +- T_AS_NTT_ENCODED_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_0a( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 + *unpacked_public_key) { + Eurydice_slice uu____0 = + Eurydice_array_to_subslice_to((size_t)1184U, public_key->value, + (size_t)1152U, uint8_t, size_t, uint8_t[]); + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( + uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); + uint8_t uu____1[32U]; + libcrux_ml_kem_utils_into_padded_array_9e( + Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, + (size_t)1152U, uint8_t, size_t, + uint8_t[]), + uu____1); + memcpy(unpacked_public_key->ind_cpa_public_key.seed_for_A, uu____1, + (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____2)[3U] = + unpacked_public_key->ind_cpa_public_key.A; + uint8_t ret[34U]; + libcrux_ml_kem_utils_into_padded_array_b6( + Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, + (size_t)1152U, uint8_t, size_t, + uint8_t[]), + ret); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____2, ret, false); + uint8_t uu____3[32U]; + libcrux_ml_kem_hash_functions_portable_H_4a_e0( + Eurydice_array_to_slice((size_t)1184U, + libcrux_ml_kem_types_as_slice_e6_d0(public_key), + uint8_t), + uu____3); + memcpy(unpacked_public_key->public_key_hash, uu____3, + (size_t)32U * sizeof(uint8_t)); +} -typedef int16_t - libcrux_ml_kem_vector_portable_arithmetic_MontgomeryFieldElement; +/** + Get the unpacked public key. +*/ +/** +A monomorphic instance of +libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.unpack_public_key with +const generics +- K= 3 +- T_AS_NTT_ENCODED_SIZE= 1152 +- PUBLIC_KEY_SIZE= 1184 +*/ +static KRML_MUSTINLINE void +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_31( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 + *unpacked_public_key) { + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_0a(public_key, + unpacked_public_key); +} -typedef int16_t - libcrux_ml_kem_vector_portable_arithmetic_FieldElementTimesMontgomeryR; +/** + Get the unpacked public key. +*/ +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 + *unpacked_public_key) { + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_31( + public_key, unpacked_public_key); +} #if defined(__cplusplus) } #endif -#define __libcrux_mlkem768_portable_H_DEFINED -#endif +#define libcrux_mlkem768_portable_H_DEFINED +#endif /* libcrux_mlkem768_portable_H */ /* rename some types to be a bit more ergonomic */ #define libcrux_mlkem768_keypair libcrux_ml_kem_mlkem768_MlKem768KeyPair_s -#define libcrux_mlkem768_pk_valid_result Option_92_s -#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_15_s -#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_55_s +#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_30_s +#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_d9_s #define libcrux_mlkem768_ciphertext libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s -#define libcrux_mlkem768_enc_result tuple_3c_s +#define libcrux_mlkem768_enc_result tuple_c2_s /* defines for PRNG inputs */ -#define LIBCRUX_ML_KEM_KEY_PAIR_PRNG_LEN 64 +#define LIBCRUX_ML_KEM_KEY_PAIR_PRNG_LEN 64U #define LIBCRUX_ML_KEM_ENC_PRNG_LEN 32 diff --git a/mlkem768.sh b/mlkem768.sh index cbc3d14da2ed..5e39e84a91fb 100644 --- a/mlkem768.sh +++ b/mlkem768.sh @@ -1,17 +1,18 @@ #!/bin/sh -# $OpenBSD: mlkem768.sh,v 1.3 2024/10/27 02:06:01 djm Exp $ +# $OpenBSD: mlkem768.sh,v 1.4 2025/11/13 04:56:23 djm Exp $ # Placed in the Public Domain. # #WANT_LIBCRUX_REVISION="origin/main" -WANT_LIBCRUX_REVISION="84c5d87b3092c59294345aa269ceefe0eb97cc35" +WANT_LIBCRUX_REVISION="core-models-v0.0.4" +BASE="libcrux/libcrux-ml-kem/extracts/c_header_only/generated" FILES=" - libcrux/libcrux-ml-kem/cg/eurydice_glue.h - libcrux/libcrux-ml-kem/cg/libcrux_core.h - libcrux/libcrux-ml-kem/cg/libcrux_ct_ops.h - libcrux/libcrux-ml-kem/cg/libcrux_sha3_portable.h - libcrux/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h + $BASE/eurydice_glue.h + $BASE/libcrux_mlkem_core.h + $BASE/libcrux_ct_ops.h + $BASE/libcrux_sha3_portable.h + $BASE/libcrux_mlkem768_portable.h " START="$PWD" @@ -40,19 +41,79 @@ echo '/*' cat libcrux/LICENSE-MIT | sed 's/^/ * /;s/ *$//' echo ' */' echo -echo '#if !defined(__GNUC__) || (__GNUC__ < 2)' -echo '# define __attribute__(x)' -echo '#endif' -echo '#define KRML_MUSTINLINE inline' -echo '#define KRML_NOINLINE __attribute__((noinline, unused))' -echo '#define KRML_HOST_EPRINTF(...)' -echo '#define KRML_HOST_EXIT(x) fatal_f("internal error")' -echo -__builtin_popcount_replacement=' - const uint8_t v[16] = { 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4 }; - return v[x0 & 0xf] + v[(x0 >> 4) & 0xf]; -' +LSHIFT="<<" +cat << _EOF +#if !defined(__GNUC__) || (__GNUC__ < 2) +# define __attribute__(x) +#endif +#define KRML_MUSTINLINE inline +#define KRML_NOINLINE __attribute__((noinline, unused)) +#define KRML_HOST_EPRINTF(...) +#define KRML_HOST_EXIT(x) fatal_f("internal error") + +static inline void +store64_le(uint8_t dst[8], uint64_t src) +{ + dst[0] = src & 0xff; + dst[1] = (src >> 8) & 0xff; + dst[2] = (src >> 16) & 0xff; + dst[3] = (src >> 24) & 0xff; + dst[4] = (src >> 32) & 0xff; + dst[5] = (src >> 40) & 0xff; + dst[6] = (src >> 48) & 0xff; + dst[7] = (src >> 56) & 0xff; +} + +static inline void +store32_le(uint8_t dst[4], uint32_t src) +{ + dst[0] = src & 0xff; + dst[1] = (src >> 8) & 0xff; + dst[2] = (src >> 16) & 0xff; + dst[3] = (src >> 24) & 0xff; +} + +static inline void +store32_be(uint8_t dst[4], uint32_t src) +{ + dst[0] = (src >> 24) & 0xff; + dst[1] = (src >> 16) & 0xff; + dst[2] = (src >> 8) & 0xff; + dst[3] = src & 0xff; +} + +static inline uint64_t +load64_le(uint8_t src[8]) +{ + return (uint64_t)(src[0]) | + ((uint64_t)(src[1]) $LSHIFT 8) | + ((uint64_t)(src[2]) $LSHIFT 16) | + ((uint64_t)(src[3]) $LSHIFT 24) | + ((uint64_t)(src[4]) $LSHIFT 32) | + ((uint64_t)(src[5]) $LSHIFT 40) | + ((uint64_t)(src[6]) $LSHIFT 48) | + ((uint64_t)(src[7]) $LSHIFT 56); +} + +static inline uint32_t +load32_le(uint8_t src[4]) +{ + return (uint32_t)(src[0]) | + ((uint32_t)(src[1]) $LSHIFT 8) | + ((uint32_t)(src[2]) $LSHIFT 16) | + ((uint32_t)(src[3]) $LSHIFT 24); +} + +#ifdef MISSING_BUILTIN_POPCOUNT +static inline unsigned int +__builtin_popcount(unsigned int num) +{ + const int v[16] = { 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4 }; + return v[num & 0xf] + v[(num >> 4) & 0xf]; +} +#endif +_EOF for i in $FILES; do echo "/* from $i */" @@ -63,14 +124,9 @@ for i in $FILES; do -e 's/[ ]*$//' \ $i | \ case "$i" in - */libcrux-ml-kem/cg/eurydice_glue.h) - # Replace endian functions with versions that work. - perl -0777 -pe 's/(static inline void core_num__u64_9__to_le_bytes.*\n)([^}]*\n)/\1 v = htole64(v);\n\2/' | - perl -0777 -pe 's/(static inline uint64_t core_num__u64_9__from_le_bytes.*?)return v;/\1return le64toh(v);/s' | - perl -0777 -pe 's/(static inline uint32_t core_num__u32_8__from_le_bytes.*?)return v;/\1return le32toh(v);/s' | - # Compat for popcount. - perl -0777 -pe 's/\#ifdef (_MSC_VER)(.*?return __popcnt\(x0\);)/\#if defined(\1)\2/s' | - perl -0777 -pe "s/\\#else(\\n\\s+return __builtin_popcount\\(x0\\);)/\\#elif !defined(MISSING_BUILTIN_POPCOUNT)\\1\\n#else$__builtin_popcount_replacement/s" + */eurydice_glue.h) + # Replace endian function for consistency. + perl -0777 -pe 's/(static inline void core_num__u32__to_be_bytes.*\n)([^}]*\n)/\1 store32_be(dst, src);\n/' ;; # Default: pass through. *) @@ -83,11 +139,10 @@ done echo echo '/* rename some types to be a bit more ergonomic */' echo '#define libcrux_mlkem768_keypair libcrux_ml_kem_mlkem768_MlKem768KeyPair_s' -echo '#define libcrux_mlkem768_pk_valid_result Option_92_s' -echo '#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_15_s' -echo '#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_55_s' +echo '#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_30_s' +echo '#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_d9_s' echo '#define libcrux_mlkem768_ciphertext libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s' -echo '#define libcrux_mlkem768_enc_result tuple_3c_s' +echo '#define libcrux_mlkem768_enc_result tuple_c2_s' ) > libcrux_mlkem768_sha3.h_new # Do some checks on the resultant file @@ -140,13 +195,13 @@ int main(void) { return 0; } _EOF -cc -Wall -Wextra -Wno-unused-parameter -o libcrux_mlkem768_sha3_check \ +cc -Wall -Wextra -Wno-unused-parameter -I . -o libcrux_mlkem768_sha3_check \ libcrux_mlkem768_sha3_check.c ./libcrux_mlkem768_sha3_check # Extract PRNG inputs; there's no nice #defines for these -key_pair_rng_len=`sed -e '/^libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair[(]$/,/[)] {$/!d' < libcrux_mlkem768_sha3.h_new | grep 'uint8_t randomness\[[0-9]*U\][)]' | sed 's/.*randomness\[\([0-9]*\)U\].*/\1/'` -enc_rng_len=`sed -e '/^static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate[(]$/,/[)] {$/!d' < libcrux_mlkem768_sha3.h_new | grep 'uint8_t randomness\[[0-9]*U\][)]' | sed 's/.*randomness\[\([0-9]*\)U\].*/\1/'` +key_pair_rng_len=`grep '^libcrux_ml_kem_mlkem768_portable_generate_key_pair.*randomness' libcrux_mlkem768_sha3.h_new | sed 's/.*randomness[[]//;s/\].*//'` +enc_rng_len=`sed -e '/^static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate[(]$/,/[)] {$/!d' < libcrux_mlkem768_sha3.h_new | grep 'uint8_t randomness\[[0-9]*U\][)]' | sed 's/.*randomness\[\([0-9]*\)U\].*/\1/'` test -z "$key_pair_rng_len" && die "couldn't find size of libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair randomness argument" test -z "$enc_rng_len" && die "couldn't find size of libcrux_ml_kem_mlkem768_portable_kyber_encapsulate randomness argument" From 6aba7008e6451ae3f9298214b13b8eded5fd9ff0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 13 Nov 2025 05:13:06 +0000 Subject: [PATCH 423/687] upstream: sync support for systems that lack __builtin_popcount() from portable unused on OpenBSD (nothing sets MISSING_BUILTIN_POPCOUNT), but it makes syncing much easier. OpenBSD-Commit-ID: 496446300d82615b24f83eca886b8fabdbee445b --- libcrux_mlkem768_sha3.h | 3 ++- mlkem768.sh | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/libcrux_mlkem768_sha3.h b/libcrux_mlkem768_sha3.h index a0e79a2a7f2d..1e3dc45744d2 100644 --- a/libcrux_mlkem768_sha3.h +++ b/libcrux_mlkem768_sha3.h @@ -1,4 +1,4 @@ -/* $OpenBSD$ */ +/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.4 2025/11/13 05:13:06 djm Exp $ */ /* Extracted from libcrux revision 026a87ab6d88ad3626b9fbbf3710d1e0483c1849 */ @@ -95,6 +95,7 @@ __builtin_popcount(unsigned int num) return v[num & 0xf] + v[(num >> 4) & 0xf]; } #endif + /* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/eurydice_glue.h */ #pragma once diff --git a/mlkem768.sh b/mlkem768.sh index 5e39e84a91fb..bec372a5fc7b 100644 --- a/mlkem768.sh +++ b/mlkem768.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: mlkem768.sh,v 1.4 2025/11/13 04:56:23 djm Exp $ +# $OpenBSD: mlkem768.sh,v 1.5 2025/11/13 05:13:06 djm Exp $ # Placed in the Public Domain. # @@ -113,6 +113,7 @@ __builtin_popcount(unsigned int num) return v[num & 0xf] + v[(num >> 4) & 0xf]; } #endif + _EOF for i in $FILES; do From d9955e4571ec356ba4f2e99d01f7fa88f6e20a63 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 13 Nov 2025 10:35:14 +0000 Subject: [PATCH 424/687] upstream: Remove calls to OpenSSL_add_all_algorithms() and ERR_load_crypto_strings(). These are no-ops in LibreSSL, and in Portable have been mostly replaced by a call to OPENSSL_init_crypto() in the compat layer. ok tb@ OpenBSD-Commit-ID: 4c3e0af10fe276766054eda34428a37a5606d3ea --- ssh-add.c | 2 +- ssh-agent.c | 2 +- ssh-keygen.c | 2 +- ssh-keysign.c | 2 +- ssh.c | 2 +- ssh_api.c | 2 +- sshd-auth.c | 6 +----- sshd-session.c | 2 +- sshd.c | 2 +- 9 files changed, 9 insertions(+), 13 deletions(-) diff --git a/ssh-add.c b/ssh-add.c index 412635b29cce..dc1c53ae0130 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.182 2025/11/06 01:31:11 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.183 2025/11/13 10:35:14 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/ssh-agent.c b/ssh-agent.c index 6e9723c841e9..cd569c33ac10 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.314 2025/11/07 04:33:52 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.315 2025/11/13 10:35:14 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/ssh-keygen.c b/ssh-keygen.c index 2f21e42671df..1a05876ab845 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.486 2025/10/09 23:26:47 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.487 2025/11/13 10:35:14 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland diff --git a/ssh-keysign.c b/ssh-keysign.c index 8d6bcda10919..167141c55b0c 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.78 2025/09/25 06:25:38 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.79 2025/11/13 10:35:14 dtucker Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * diff --git a/ssh.c b/ssh.c index 3b03108db156..df302c34ba98 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.619 2025/09/25 07:05:11 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.620 2025/11/13 10:35:14 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/ssh_api.c b/ssh_api.c index 7bdcee148213..c66a2964c00b 100644 --- a/ssh_api.c +++ b/ssh_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.32 2024/10/18 05:14:51 djm Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.33 2025/11/13 10:35:14 dtucker Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * diff --git a/sshd-auth.c b/sshd-auth.c index 9c31515de18f..0fff1b33fd0f 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.9 2025/09/15 04:52:12 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.10 2025/11/13 10:35:14 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -588,10 +588,6 @@ main(int ac, char **av) if (!rexeced_flag) fatal("sshd-auth should not be executed directly"); -#ifdef WITH_OPENSSL - OpenSSL_add_all_algorithms(); -#endif - log_init(__progname, options.log_level == SYSLOG_LEVEL_NOT_SET ? SYSLOG_LEVEL_INFO : options.log_level, diff --git a/sshd-session.c b/sshd-session.c index 8979f743bfdf..70a8766831fe 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.16 2025/09/25 06:45:50 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.17 2025/11/13 10:35:14 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: diff --git a/sshd.c b/sshd.c index 3c76b60b0f03..8a84ff69b78e 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.622 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.623 2025/11/13 10:35:14 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. From 90501bc30ca94fa5443e2b7e2072d5d454587ef8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 13 Nov 2025 22:04:19 +1100 Subject: [PATCH 425/687] Remove remaining OpenSSL_add_all_algorithms() calls. We already have OPENSSL_init_crypto() in the compat layer (now with a check of its return code, prompted by tb@). Prompted by github PR#606 from Dimitri John Ledkov. ok beck@ --- configure.ac | 9 --------- openbsd-compat/openssl-compat.c | 22 +++++++--------------- 2 files changed, 7 insertions(+), 24 deletions(-) diff --git a/configure.ac b/configure.ac index f7e9d4184c9b..60d45716bdef 100644 --- a/configure.ac +++ b/configure.ac @@ -3160,15 +3160,6 @@ if test "x$openssl" = "xyes" ; then RSA_get_default_method \ ]) - # OpenSSL_add_all_algorithms may be a macro. - AC_CHECK_FUNC(OpenSSL_add_all_algorithms, - AC_DEFINE(HAVE_OPENSSL_ADD_ALL_ALGORITHMS, 1, [as a function]), - AC_CHECK_DECL(OpenSSL_add_all_algorithms, - AC_DEFINE(HAVE_OPENSSL_ADD_ALL_ALGORITHMS, 1, [as a macro]), , - [[#include ]] - ) - ) - # LibreSSL/OpenSSL API differences AC_CHECK_FUNCS([ \ EC_POINT_get_affine_coordinates \ diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index 48938920cda7..ffbb4439dc23 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -72,28 +72,20 @@ ssh_compatible_openssl(long headerver, long libver) void ssh_libcrypto_init(void) { -#if defined(HAVE_OPENSSL_INIT_CRYPTO) && \ - defined(OPENSSL_INIT_ADD_ALL_CIPHERS) && \ - defined(OPENSSL_INIT_ADD_ALL_DIGESTS) - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | - OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); -#elif defined(HAVE_OPENSSL_ADD_ALL_ALGORITHMS) - OpenSSL_add_all_algorithms(); -#endif + uint64_t opts = OPENSSL_INIT_ADD_ALL_CIPHERS | + OPENSSL_INIT_ADD_ALL_DIGESTS; #ifdef USE_OPENSSL_ENGINE /* Enable use of crypto hardware */ ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); - /* Load the libcrypto config file to pick up engines defined there */ -# if defined(HAVE_OPENSSL_INIT_CRYPTO) && defined(OPENSSL_INIT_LOAD_CONFIG) - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | - OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); -# else - OPENSSL_config(NULL); -# endif + /* Tell libcrypto config file to pick up engines defined there */ + opts |= OPENSSL_INIT_LOAD_CONFIG; #endif /* USE_OPENSSL_ENGINE */ + + if (OPENSSL_init_crypto(opts, NULL) != 1) + fatal("OPENSSL_init_crypto failed"); } #ifndef HAVE_EVP_DIGESTSIGN From ec41739bd68d639b0847b366697706e7dab3498d Mon Sep 17 00:00:00 2001 From: Icenowy Zheng Date: Fri, 7 Nov 2025 14:27:35 +0800 Subject: [PATCH 426/687] seccomp sandbox: allow uname(3) The uname(3) syscall is utilized by zlib-ng on RISC-V to decide whether the kernel handles VILL bit of V extension properly (by checking the kernel version against 6.5). Allow it in the seccomp sandbox. Signed-off-by: Icenowy Zheng --- sandbox-seccomp-filter.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index a0692dd2f5bd..b3da8d5877b1 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -435,6 +435,9 @@ static const struct sock_filter preauth_insns[] = { #ifdef __NR_getpeername SC_ALLOW(__NR_getpeername), #endif +#ifdef __NR_uname + SC_ALLOW(__NR_uname), +#endif #ifdef __NR_setsockopt SC_ALLOW_SETSOCKOPT(IPPROTO_IPV6, IPV6_TCLASS), SC_ALLOW_SETSOCKOPT(IPPROTO_IP, IP_TOS), From e2b93e16232834c61c9dcff5b20e4c55a26b324d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 13 Nov 2025 23:30:48 +1100 Subject: [PATCH 427/687] Move libcrypto init check into entropy.c. This prevents link errors with the openbsd-compat tests when the linker tries to bring in all the logging bits. --- entropy.c | 3 ++- openbsd-compat/openssl-compat.c | 5 ++--- openbsd-compat/openssl-compat.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/entropy.c b/entropy.c index 842c66fd6d0f..65ef922379a1 100644 --- a/entropy.c +++ b/entropy.c @@ -64,7 +64,8 @@ seed_rng(void) unsigned char buf[RANDOM_SEED_SIZE]; /* Initialise libcrypto */ - ssh_libcrypto_init(); + if (ssh_libcrypto_init() != 1) + fatal("libcrypto failed to initialize."); if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, OpenSSL_version_num())) diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index ffbb4439dc23..e0cd4720451e 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -69,7 +69,7 @@ ssh_compatible_openssl(long headerver, long libver) return 0; } -void +int ssh_libcrypto_init(void) { uint64_t opts = OPENSSL_INIT_ADD_ALL_CIPHERS | @@ -84,8 +84,7 @@ ssh_libcrypto_init(void) opts |= OPENSSL_INIT_LOAD_CONFIG; #endif /* USE_OPENSSL_ENGINE */ - if (OPENSSL_init_crypto(opts, NULL) != 1) - fatal("OPENSSL_init_crypto failed"); + return OPENSSL_init_crypto(opts, NULL); } #ifndef HAVE_EVP_DIGESTSIGN diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index d07928b17b6d..42e2e2833301 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -31,7 +31,7 @@ #include int ssh_compatible_openssl(long, long); -void ssh_libcrypto_init(void); +int ssh_libcrypto_init(void); #if (OPENSSL_VERSION_NUMBER < 0x10100000L) # error OpenSSL 1.1.0 or greater is required From 2fe6e406b496b54351dab923f9be95579d39d071 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 17 Nov 2025 09:59:13 +0000 Subject: [PATCH 428/687] upstream: Ensure both sides of the test are non-NULL instead of just either. Coverity CID 443285. OpenBSD-Regress-ID: aa90e57b1bc8efce9e50734a07a8ffec0680059a --- regress/unittests/hostkeys/test_iterate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 65d6d1f43557..a330adce53a9 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_iterate.c,v 1.10 2025/05/06 06:05:48 djm Exp $ */ +/* $OpenBSD: test_iterate.c,v 1.11 2025/11/17 09:59:13 dtucker Exp $ */ /* * Regress test for hostfile.h hostkeys_foreach() * @@ -133,7 +133,7 @@ check(struct hostkey_foreach_line *l, void *_ctx) ASSERT_INT_EQ(sshkey_equal(l->key, expected->l.key), 1); } } - if (parse_key && !(l->comment == NULL && expected->l.comment == NULL)) + if (parse_key && l->comment != NULL && expected->l.comment != NULL) ASSERT_STRING_EQ(l->comment, expected->l.comment); return 0; } From bad220decb95d3b5cc6e30f843c4fc9d9b0b7a67 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 17 Nov 2025 21:36:45 +1100 Subject: [PATCH 429/687] Remove obsolete CVSID. --- regress/check-perm.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/regress/check-perm.c b/regress/check-perm.c index dac307d24464..5e5941ab393f 100644 --- a/regress/check-perm.c +++ b/regress/check-perm.c @@ -2,8 +2,6 @@ * Placed in the public domain */ -/* $OpenBSD: modpipe.c,v 1.6 2013/11/21 03:16:47 djm Exp $ */ - #include "includes.h" #include From e4cc5ab0efd85f01c0e1ae46825ffc0c7a8f44ce Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 17 Nov 2025 05:24:42 +0000 Subject: [PATCH 430/687] upstream: don't strnvis() log messages that are going to be logged by sshd-auth via its parent sshd-session process, as the parent will also run them though strnvis(). Prevents double-escaping of non-printing characters in some log messages. bz3896 ok dtucker@ OpenBSD-Commit-ID: d78faad96a98af5269d66ddceee553cf7d396dfe --- log.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/log.c b/log.c index 5969c4a16392..679c24356397 100644 --- a/log.c +++ b/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.65 2025/09/02 09:34:48 djm Exp $ */ +/* $OpenBSD: log.c,v 1.66 2025/11/17 05:24:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -403,7 +403,8 @@ do_log(LogLevel level, int force, const char *suffix, const char *fmt, /* Avoid recursion */ tmp_handler = log_handler; log_handler = NULL; - tmp_handler(level, force, fmtbuf, log_handler_ctx); + /* Note: this sends the raw (i.e. no strnvis) log message */ + tmp_handler(level, force, msgbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { snprintf(msgbuf, sizeof msgbuf, "%s%s%.*s\r\n", From 58533bbdf7aa0548de8e2abd3cb2de0593fa9fdc Mon Sep 17 00:00:00 2001 From: "jca@openbsd.org" Date: Mon, 17 Nov 2025 12:59:29 +0000 Subject: [PATCH 431/687] upstream: Export XDG_RUNTIME_DIR to child ssh sessions Currently setusercontext(LOGIN_SETALL) does create the directory in /tmp/run/user, since LOGIN_SETXDGENV is part of LOGIN_SETALL, but the env variable wasn't exported. ok djm@ OpenBSD-Commit-ID: 02b8433f72759b3a07b55cbc5a7cdb84391b0017 --- session.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/session.c b/session.c index f265fdc3ed3b..34b049a0f5d9 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.344 2025/09/25 02:15:39 jsg Exp $ */ +/* $OpenBSD: session.c,v 1.345 2025/11/17 12:59:29 jca Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1012,6 +1012,12 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) if (getenv("TZ")) child_set_env(&env, &envsize, "TZ", getenv("TZ")); +#ifdef HAVE_LOGIN_CAP + if (getenv("XDG_RUNTIME_DIR")) { + child_set_env(&env, &envsize, "XDG_RUNTIME_DIR", + getenv("XDG_RUNTIME_DIR")); + } +#endif /* HAVE_LOGIN_CAP */ if (s->term) child_set_env(&env, &envsize, "TERM", s->term); if (s->display) From ccad76e9e1e4f06889ee023893cea98bc165858b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 18 Nov 2025 20:14:44 +1100 Subject: [PATCH 432/687] Pull in rev 1.17 for spelling fix. Prompted by github PR#609 from Edge-Seven. --- openbsd-compat/bcrypt_pbkdf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openbsd-compat/bcrypt_pbkdf.c b/openbsd-compat/bcrypt_pbkdf.c index 5a22ba3b4258..c41c2d68b2e9 100644 --- a/openbsd-compat/bcrypt_pbkdf.c +++ b/openbsd-compat/bcrypt_pbkdf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt_pbkdf.c,v 1.16 2020/08/02 18:35:48 tb Exp $ */ +/* $OpenBSD: bcrypt_pbkdf.c,v 1.17 2022/12/27 17:10:08 jmc Exp $ */ /* * Copyright (c) 2013 Ted Unangst * @@ -49,7 +49,7 @@ * function with the following modifications: * 1. The input password and salt are preprocessed with SHA512. * 2. The output length is expanded to 256 bits. - * 3. Subsequently the magic string to be encrypted is lengthened and modifed + * 3. Subsequently the magic string to be encrypted is lengthened and modified * to "OxychromaticBlowfishSwatDynamite" * 4. The hash function is defined to perform 64 rounds of initial state * expansion. (More rounds are performed by iterating the hash.) From e3f1fbb427df898d70083b42caab72baaa715400 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 20 Nov 2025 05:10:11 +0000 Subject: [PATCH 433/687] upstream: Plug leaks while parsing Match blocks. Coverity CID 515634, ok miod@ djm@ OpenBSD-Commit-ID: c7932eddecd47e5122e945246a40c56ffa42a546 --- readconf.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/readconf.c b/readconf.c index d99205944ecb..eca1e780896d 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.406 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.407 2025/11/20 05:10:11 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -732,12 +732,12 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, debug2("checking match for '%s' host %s originally %s", full_line, host, original_host); while ((attrib = argv_next(acp, avp)) != NULL) { - attrib = oattrib = xstrdup(attrib); /* Terminate on comment */ if (*attrib == '#') { argv_consume(acp); break; } + attrib = oattrib = xstrdup(attrib); arg = criteria = NULL; this_result = 1; if ((negate = (attrib[0] == '!'))) @@ -777,7 +777,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, debug3("%.200s line %d: %smatched '%s'", filename, linenum, this_result ? "" : "not ", oattrib); - continue; + goto next; } /* Keep this list in sync with below */ @@ -888,7 +888,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, debug3("%.200s line %d: skipped exec " "\"%.100s\"", filename, linenum, cmd); free(cmd); - continue; + goto next; } r = execute_in_shell(cmd); if (r == -1) { @@ -912,6 +912,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, criteria == NULL ? "" : " \"", criteria == NULL ? "" : criteria, criteria == NULL ? "" : "\""); + next: free(criteria); free(oattrib); oattrib = attrib = NULL; From d68d528fefeca1e331696296ef5db7c4db246f9a Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 20 Nov 2025 05:10:56 +0000 Subject: [PATCH 434/687] upstream: Plug leaks while parsing Match blocks. Coverity CID 469304, ok djm@ OpenBSD-Commit-ID: f9b79b86879a953ad034e6b92a398265b251bea7 --- servconf.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/servconf.c b/servconf.c index 48ec8c4ecd43..6d23c3686fb3 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.435 2025/09/25 06:31:42 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.436 2025/11/20 05:10:56 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1048,12 +1048,12 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, } while ((oattrib = argv_next(acp, avp)) != NULL) { - attrib = xstrdup(oattrib); /* Terminate on comment */ - if (*attrib == '#') { + if (*oattrib == '#') { argv_consume(acp); /* mark all arguments consumed */ break; } + attrib = xstrdup(oattrib); arg = NULL; attributes++; /* Criterion "all" has no argument and must appear alone */ @@ -1075,13 +1075,13 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, if (strcasecmp(attrib, "invalid-user") == 0) { if (ci == NULL) { result = 0; - continue; + goto next; } if (ci->user_invalid == 0) result = 0; else debug("matched invalid-user at line %d", line); - continue; + goto next; } /* Keep this list in sync with below */ @@ -1108,7 +1108,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, if (strcasecmp(attrib, "user") == 0) { if (ci == NULL || (ci->test && ci->user == NULL)) { result = 0; - continue; + goto next; } if (ci->user == NULL) match_test_missing_fatal("User", "user"); @@ -1120,7 +1120,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, } else if (strcasecmp(attrib, "group") == 0) { if (ci == NULL || (ci->test && ci->user == NULL)) { result = 0; - continue; + goto next; } if (ci->user == NULL) match_test_missing_fatal("Group", "user"); @@ -1134,7 +1134,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, } else if (strcasecmp(attrib, "host") == 0) { if (ci == NULL || (ci->test && ci->host == NULL)) { result = 0; - continue; + goto next; } if (ci->host == NULL) match_test_missing_fatal("Host", "host"); @@ -1149,7 +1149,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, fatal("Invalid Match address argument " "'%s' at line %d", arg, line); result = 0; - continue; + goto next; } if (ci->address == NULL) match_test_missing_fatal("Address", "addr"); @@ -1173,7 +1173,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, "argument '%s' at line %d", arg, line); result = 0; - continue; + goto next; } if (ci->laddress == NULL) match_test_missing_fatal("LocalAddress", @@ -1201,7 +1201,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, } if (ci == NULL || (ci->test && ci->lport == -1)) { result = 0; - continue; + goto next; } if (ci->lport == 0) match_test_missing_fatal("LocalPort", "lport"); @@ -1215,7 +1215,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, } else if (strcasecmp(attrib, "rdomain") == 0) { if (ci == NULL || (ci->test && ci->rdomain == NULL)) { result = 0; - continue; + goto next; } if (ci->rdomain == NULL) match_test_missing_fatal("RDomain", "rdomain"); @@ -1237,6 +1237,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, result = -1; goto out; } + next: free(attrib); attrib = NULL; } From a8718c3fc52511e5237f1cbe10c210948c5616ea Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 20 Nov 2025 05:07:57 +0000 Subject: [PATCH 435/687] upstream: Free opts in FAIL_TEST. It should always be NULL anyway so this is a no-op, but it should placate Coverity CID 405064. OpenBSD-Regress-ID: 06789754de0741f26432c668fad8b9881c14c153 --- regress/unittests/authopt/tests.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/regress/unittests/authopt/tests.c b/regress/unittests/authopt/tests.c index a81dffbf7ba3..2376b47dc48c 100644 --- a/regress/unittests/authopt/tests.c +++ b/regress/unittests/authopt/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.4 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: tests.c,v 1.5 2025/11/20 05:07:57 dtucker Exp $ */ /* * Regress test for keys options functions. @@ -141,6 +141,7 @@ test_authkeys_parse(void) opts = sshauthopt_parse(keywords, &errstr); \ ASSERT_PTR_EQ(opts, NULL); \ ASSERT_PTR_NE(errstr, NULL); \ + sshauthopt_free(opts); \ TEST_DONE(); \ } while (0) #define CHECK_SUCCESS_AND_CLEANUP() \ From dec6334aaf6f542f34a0aca27dc2f535e9161a67 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 21 Nov 2025 01:29:06 +0000 Subject: [PATCH 436/687] upstream: add a sshbuf_get_nulterminated_string() function to pull a \0- terminated string from a sshbuf. Intended to be used to improve parsing of SOCKS headers for dynamic forwarding. ok deraadt; feedback Tim van der Molen OpenBSD-Commit-ID: cf93d6db4730f7518d5269c279e16b172b484b36 --- sshbuf-getput-basic.c | 40 +++++++++++++++++++++++++++++++++++++++- sshbuf.h | 6 +++++- 2 files changed, 44 insertions(+), 2 deletions(-) diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 2cc562b244f2..405f7eb60e02 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.13 2022/05/25 06:03:44 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.14 2025/11/21 01:29:06 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -629,3 +629,41 @@ sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, } return 0; } + +int +sshbuf_get_nulterminated_string(struct sshbuf *buf, size_t maxlen, + char **valp, size_t *lenp) +{ + const u_char zero = 0; + char *val = NULL; + size_t len = 0; + int r; + + if (valp != NULL) + *valp = NULL; + if (lenp != NULL) + *lenp = 0; + if ((r = sshbuf_find(buf, 0, &zero, sizeof(zero), &len)) != 0) { + if (r == SSH_ERR_INVALID_FORMAT && sshbuf_len(buf) < maxlen) + return SSH_ERR_MESSAGE_INCOMPLETE; + return r; + } + if (len > maxlen) + return SSH_ERR_INVALID_FORMAT; + /* can strdup() because it's definitely nul-terminated */ + if ((val = strdup(sshbuf_ptr(buf))) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshbuf_consume(buf, len + 1)) != 0) + goto out; + /* success */ + r = 0; + if (valp != NULL) { + *valp = val; + val = NULL; + } + if (lenp != NULL) + *lenp = len; + out: + free(val); + return r; +} diff --git a/sshbuf.h b/sshbuf.h index 0c82f120c422..8c18ded02fd0 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.32 2025/09/02 09:41:23 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.33 2025/11/21 01:29:06 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -229,6 +229,10 @@ int sshbuf_put_ec_pkey(struct sshbuf *buf, EVP_PKEY *pkey); # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ +/* Functions to extract or store various non-SSH wire encoded values */ +int sshbuf_get_nulterminated_string(struct sshbuf *buf, size_t maxlen, + char **valp, size_t *lenp); + /* Dump the contents of the buffer in a human-readable format */ void sshbuf_dump(const struct sshbuf *buf, FILE *f); From 71e8779113965d60d91ba2d15cdeeb43ecf230a7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 21 Nov 2025 01:29:27 +0000 Subject: [PATCH 437/687] upstream: unit tests for sshbuf_get_nulterminated_string() OpenBSD-Regress-ID: cb0af1e4d6dcc94e263942bc4dcf5f4466d1f086 --- .../sshbuf/test_sshbuf_getput_basic.c | 117 +++++++++++++++++- 1 file changed, 116 insertions(+), 1 deletion(-) diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c index bfe61a8773bc..d9ed194b063f 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.5 2025/09/15 03:00:22 djm Exp $ */ +/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.6 2025/11/21 01:29:27 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -712,4 +712,119 @@ sshbuf_getput_basic_tests(void) sshbuf_free(p1); free(s2); TEST_DONE(); + + TEST_START("sshbuf_get_nulterminated_string"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + ASSERT_INT_EQ(sshbuf_put(p1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_put_u8(p1, 0), 0); /* hello\0 */ + ASSERT_INT_EQ(sshbuf_put(p1, "there", 5), 0); /* hello\0there */ + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 11); + /* short maxlen */ + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 1, &s2, &s), + SSH_ERR_INVALID_FORMAT); + ASSERT_PTR_EQ(s2, NULL); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 11); /* Buffer should be unchanged */ + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 4, &s2, &s), + SSH_ERR_INVALID_FORMAT); + ASSERT_PTR_EQ(s2, NULL); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 11); /* Buffer should be unchanged */ + /* minimum usable maxlen */ + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 5, &s2, &s), 0); + ASSERT_STRING_EQ(s2, "hello"); + ASSERT_SIZE_T_EQ(s, 5); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 5); /* "there" remains */ + free(s2); + sshbuf_free(p1); + TEST_DONE(); + + TEST_START("sshbuf_get_nulterminated_string un-terminated string"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + ASSERT_INT_EQ(sshbuf_put(p1, "there", 5), 0); /* "there" */ + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 5); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 5, &s2, &s), + SSH_ERR_INVALID_FORMAT); + ASSERT_PTR_EQ(s2, NULL); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 5); /* Buffer should be unchanged */ + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 6, &s2, &s), + SSH_ERR_MESSAGE_INCOMPLETE); + ASSERT_PTR_EQ(s2, NULL); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 5); /* Buffer should be unchanged */ + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, SIZE_MAX, &s2, &s), + SSH_ERR_MESSAGE_INCOMPLETE); + ASSERT_PTR_EQ(s2, NULL); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 5); + sshbuf_free(p1); + TEST_DONE(); + + TEST_START("sshbuf_get_nulterminated_string subsequent strings"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + ASSERT_INT_EQ(sshbuf_put(p1, "there", 5), 0); + ASSERT_INT_EQ(sshbuf_put_u8(p1, 0), 0); /* "there\0" */ + ASSERT_INT_EQ(sshbuf_put(p1, "it is", 5), 0); + ASSERT_INT_EQ(sshbuf_put_u8(p1, 0), 0); /* "it is\0" */ + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 12); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 6, &s2, &s), 0); + ASSERT_STRING_EQ(s2, "there"); + ASSERT_SIZE_T_EQ(s, 5); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 6); + free(s2); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, SIZE_MAX, &s2, &s), 0); + ASSERT_STRING_EQ(s2, "it is"); + ASSERT_SIZE_T_EQ(s, 5); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0); + free(s2); + sshbuf_free(p1); + TEST_DONE(); + + TEST_START("sshbuf_get_nulterminated_string empty buffer"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, SIZE_MAX, &s2, &s), + SSH_ERR_MESSAGE_INCOMPLETE); + ASSERT_PTR_EQ(s2, NULL); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0); + sshbuf_free(p1); + TEST_DONE(); + + TEST_START("sshbuf_get_nulterminated_string: single nul byte"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + ASSERT_INT_EQ(sshbuf_put_u8(p1, 0), 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 1); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, 0, &s2, &s), 0); + ASSERT_STRING_EQ(s2, ""); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0); + free(s2); + sshbuf_free(p1); + TEST_DONE(); + + TEST_START("sshbuf_get_nulterminated_string starts with nul"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + ASSERT_INT_EQ(sshbuf_put_u8(p1, 0), 0); + ASSERT_INT_EQ(sshbuf_put(p1, "hello", 5), 0); + ASSERT_INT_EQ(sshbuf_put_u8(p1, 0), 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 7); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, SIZE_MAX, &s2, &s), 0); + ASSERT_STRING_EQ(s2, ""); + ASSERT_SIZE_T_EQ(s, 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 6); + free(s2); + ASSERT_INT_EQ(sshbuf_get_nulterminated_string(p1, SIZE_MAX, &s2, &s), 0); + ASSERT_STRING_EQ(s2, "hello"); + ASSERT_SIZE_T_EQ(s, 5); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0); + free(s2); + sshbuf_free(p1); + TEST_DONE(); } From 2efdfbb4d78b9bbb73f55af150e8f985d4fe4c0f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 21 Nov 2025 14:21:07 +1100 Subject: [PATCH 438/687] Add VM CI and CIFuzz status badges. --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2ad6471386e2..800ddaaf2719 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,8 @@ # Portable OpenSSH -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml) +[![C/C++ CI](../../actions/workflows/c-cpp.yml/badge.svg)](../../actions/workflows/c-cpp.yml) +[![VM CI](../../actions/workflows/vm.yml/badge.svg)](../../actions/workflows/vm.yml) +[![CIFuzz](../../actions/workflows/cifuzz.yml/badge.svg)](../../actions/workflows/cifuzz.yml) [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) From 643222df689c95efff9e9506b76de458f69dd9c7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 21 Nov 2025 14:28:20 +1100 Subject: [PATCH 439/687] Update OSSFuzz link to current bug tracker. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 800ddaaf2719..e52de692656e 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![C/C++ CI](../../actions/workflows/c-cpp.yml/badge.svg)](../../actions/workflows/c-cpp.yml) [![VM CI](../../actions/workflows/vm.yml/badge.svg)](../../actions/workflows/vm.yml) [![CIFuzz](../../actions/workflows/cifuzz.yml/badge.svg)](../../actions/workflows/cifuzz.yml) -[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) +[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://issues.oss-fuzz.com/issues?q="Project:+openssh"+is:open) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``ssh`` and server ``sshd``, file transfer utilities ``scp`` and ``sftp`` as well as tools for key generation (``ssh-keygen``), run-time key storage (``ssh-agent``) and a number of supporting programs. From 2238c48dc90dc56af1d86b298d2cb25fa0c7ef14 Mon Sep 17 00:00:00 2001 From: "tb@openbsd.org" Date: Sun, 23 Nov 2025 07:04:18 +0000 Subject: [PATCH 440/687] upstream: pkcs11_fetch_ecdsa_pubkey: use ASN1_STRING accessors In anticipation of davidben and beck making ASN1_STRING opaque in OpenSSL 4 with the aim of enabling surgery to make the X509 data structure less bad [1], we need to use dumb accessors to avoid build breakage. Fortunately only in one spot. This is OpenSSL 1.1 API and available in all members of the fork family. ok beck djm [1]: https://github.com/openssl/openssl/issues/29117 OpenBSD-Commit-ID: 0bcaf691d20624ef43f3515c983cd5aa69547d4f --- ssh-pkcs11.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 5e956208bb72..0691b618e77c 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.74 2025/10/09 23:25:23 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.75 2025/11/23 07:04:18 tb Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -935,8 +935,8 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, ossl_error("d2i_ASN1_OCTET_STRING failed"); goto fail; } - attrp = octet->data; - if (o2i_ECPublicKey(&ec, &attrp, octet->length) == NULL) { + attrp = ASN1_STRING_get0_data(octet); + if (o2i_ECPublicKey(&ec, &attrp, ASN1_STRING_length(octet)) == NULL) { ossl_error("o2i_ECPublicKey failed"); goto fail; } From 69965aefe3355488e0462291be13a233b8405091 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 24 Nov 2025 23:43:10 +0000 Subject: [PATCH 441/687] upstream: When loading FIDO2 resident keys, set the comment to the FIDO application string. This matches the behaviour of ssh-keygen -K From Arian van Putten via GHPR608 OpenBSD-Commit-ID: 3fda54b44ed6a8a6f94cd3e39e69c1e672095712 --- ssh-add.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-add.c b/ssh-add.c index dc1c53ae0130..ac1891f62788 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.183 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.184 2025/11/24 23:43:10 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -601,8 +601,8 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag, if ((fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT)) == NULL) fatal_f("sshkey_fingerprint failed"); - if ((r = ssh_add_identity_constrained(agent_fd, key, "", - lifetime, confirm, skprovider, + if ((r = ssh_add_identity_constrained(agent_fd, key, + key->sk_application, lifetime, confirm, skprovider, dest_constraints, ndest_constraints)) != 0) { error("Unable to add key %s %s", sshkey_type(key), fp); From 5e7c3f33b2693b668ecfbac84b85f2c0c84410c2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 24 Nov 2025 23:54:15 +0000 Subject: [PATCH 442/687] upstream: When testing PKCS11, explicitly allow the module path in ssh-agent. Allows testing of PKCS11 modules outside system directories. From Morgan Jones via GHPR602 OpenBSD-Regress-ID: 548d6e0362a8d9f7d1cc01444b697a00811ff488 --- regress/test-exec.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index b38908cee086..a47cc51dd50c 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.133 2025/10/21 07:18:27 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.134 2025/11/24 23:54:15 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -1026,6 +1026,9 @@ p11_ssh_add() { start_ssh_agent() { EXTRA_AGENT_ARGS="$1" + if [ "$PKCS11_OK" = "yes" ]; then + EXTRA_AGENT_ARGS="${EXTRA_AGENT_ARGS} -P${TEST_SSH_PKCS11}" + fi SSH_AUTH_SOCK="$OBJ/agent.sock" export SSH_AUTH_SOCK rm -f $SSH_AUTH_SOCK $OBJ/agent.log From 1fdc3c61194819c16063dc430eeb84b81bf42dcf Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 24 Nov 2025 23:56:58 +0000 Subject: [PATCH 443/687] upstream: give ssh-agent more time to start in tests; requested in GHPR602 OpenBSD-Regress-ID: 7d771db2c1d4a422e83c3f632ba1e96f72a262b8 --- regress/test-exec.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index a47cc51dd50c..f7f562aef5cc 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.134 2025/11/24 23:54:15 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.135 2025/11/24 23:56:58 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -1037,7 +1037,7 @@ start_ssh_agent() { > $OBJ/agent.log 2>&1 & AGENT_PID=$! trap "kill $AGENT_PID" EXIT - for x in 0 1 2 3 4 ; do + for x in 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ; do # Give it a chance to start ${SSHADD} -l > /dev/null 2>&1 r=$? From 6157e1c41071fb0f5621868c38861934284268b1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 25 Nov 2025 00:52:00 +0000 Subject: [PATCH 444/687] upstream: don't set the PerSourceNetBlockSize IPv6 mask if sscanf didn't decode it. From Mingjie Shen via GHPR598 OpenBSD-Commit-ID: c722014e735cbd87adb2fa968ce4c47b43cf98b0 --- servconf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/servconf.c b/servconf.c index 6d23c3686fb3..6cdfb3cb6814 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.436 2025/11/20 05:10:56 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.437 2025/11/25 00:52:00 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2044,7 +2044,8 @@ process_server_config_line_depth(ServerOptions *options, char *line, filename, linenum, keyword); if (*activep && options->per_source_masklen_ipv4 == -1) { options->per_source_masklen_ipv4 = value; - options->per_source_masklen_ipv6 = value2; + if (n == 2) + options->per_source_masklen_ipv6 = value2; } break; From c23122c5ea7348b7b6daa2982e53c201a5354007 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 25 Nov 2025 00:57:04 +0000 Subject: [PATCH 445/687] upstream: avoid leak of fingerprint on error path; from Lidong Yan via GHPR611 OpenBSD-Commit-ID: 253f6f7d729d8636da23ac9925b60b494e85a810 --- hostfile.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hostfile.c b/hostfile.c index 4cec57da50c6..033b29104879 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.99 2025/05/06 05:40:56 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.100 2025/11/25 00:57:04 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -626,7 +626,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, int r, fd, oerrno = 0; int loglevel = quiet ? SYSLOG_LEVEL_DEBUG1 : SYSLOG_LEVEL_VERBOSE; struct host_delete_ctx ctx; - char *fp, *temp = NULL, *back = NULL; + char *fp = NULL, *temp = NULL, *back = NULL; const char *what; mode_t omask; size_t i; @@ -715,6 +715,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, host, ip == NULL ? "" : ",", ip == NULL ? "" : ip, filename, sshkey_ssh_name(keys[i]), fp); free(fp); + fp = NULL; ctx.modified = 1; } fclose(ctx.out); @@ -755,6 +756,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, unlink(temp); free(temp); free(back); + free(fp); if (ctx.out != NULL) fclose(ctx.out); free(ctx.match_keys); From 2d0d26602f739b4a3ddde6c4dbc8f3ddab38ac0d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 25 Nov 2025 01:08:35 +0000 Subject: [PATCH 446/687] upstream: Support writing ED25519 keys in PKCS8 format. GHPR570 from Josh Brobst OpenBSD-Commit-ID: 4f36019a38074b2929335fbe9cb8d9801e3177af --- sshkey.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/sshkey.c b/sshkey.c index e9a287480a1b..791361474d6f 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.157 2025/11/07 06:29:45 tb Exp $ */ +/* $OpenBSD: sshkey.c,v 1.158 2025/11/25 01:08:35 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -3311,6 +3311,19 @@ sshkey_private_to_blob_pem_pkcs8(struct sshkey *key, struct sshbuf *buf, success = 1; } break; +#ifdef OPENSSL_HAS_ED25519 + case KEY_ED25519: + if (format == SSHKEY_PRIVATE_PEM) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } else { + pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, + NULL, key->ed25519_sk, + ED25519_SK_SZ - ED25519_PK_SZ); + success = pkey != NULL; + } + break; +#endif default: success = 0; break; @@ -3356,9 +3369,11 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, #ifdef WITH_OPENSSL case KEY_ECDSA: case KEY_RSA: + case KEY_ED25519: break; /* see below */ -#endif /* WITH_OPENSSL */ +#else /* WITH_OPENSSL */ case KEY_ED25519: +#endif /* WITH_OPENSSL */ case KEY_ED25519_SK: #ifdef WITH_OPENSSL case KEY_ECDSA_SK: From 0fb1f3c9955d78fb0959842202b9ecfc36e37486 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 25 Nov 2025 01:14:33 +0000 Subject: [PATCH 447/687] upstream: move mention of default MaxStartups (which uses the form. GHPR568 from Santiago Vila OpenBSD-Commit-ID: 7e68771f3cad61ec67303607afb3b85639288b29 --- sshd_config.5 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 6ae606f1e04f..1b01415cbfe6 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.385 2025/10/04 21:41:35 naddy Exp $ -.Dd $Mdocdate: October 4 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.386 2025/11/25 01:14:33 djm Exp $ +.Dd $Mdocdate: November 25 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1366,11 +1366,11 @@ SSH daemon. Additional connections will be dropped until authentication succeeds or the .Cm LoginGraceTime expires for a connection. -The default is 10:30:100. .Pp Alternatively, random early drop can be enabled by specifying the three colon separated values start:rate:full (e.g. "10:30:60"). +The default is 10:30:100. .Xr sshd 8 will refuse connection attempts with a probability of rate/100 (30%) if there are currently start (10) unauthenticated connections. From 52037ed910a9dcb669b9c9f612ccac711ac586f2 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 27 Nov 2025 02:18:48 +0000 Subject: [PATCH 448/687] upstream: Add Escape option ~I that shows information about the current SSH connection. ok djm@, "I like/want" sthen@ florian@ OpenBSD-Commit-ID: 0483fc0188ec899077e4bc8e1e353f7dfa9f5c1d --- clientloop.c | 13 ++++++- packet.c | 108 ++++++++++++++++++++++++++++++++++++++++++++++++++- packet.h | 3 +- ssh.1 | 6 ++- 4 files changed, 125 insertions(+), 5 deletions(-) diff --git a/clientloop.c b/clientloop.c index 1f2dad3f1c85..a78dfa6e04b2 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.417 2025/10/16 00:00:36 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.418 2025/11/27 02:18:48 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1125,6 +1125,7 @@ static struct escape_help_text esc_txt[] = { SUPPRESS_MUXCLIENT}, {"B", "send a BREAK to the remote system", SUPPRESS_NEVER}, {"C", "open a command line", SUPPRESS_MUXCLIENT|SUPPRESS_NOCMDLINE}, + {"I", "show connection information", SUPPRESS_NEVER}, {"R", "request rekey", SUPPRESS_NEVER}, {"V/v", "decrease/increase verbosity (LogLevel)", SUPPRESS_MUXCLIENT}, {"^Z", "suspend ssh", SUPPRESS_MUXCLIENT}, @@ -1247,6 +1248,16 @@ process_escapes(struct ssh *ssh, Channel *c, fatal_fr(r, "send packet"); continue; + case 'I': + if ((r = sshbuf_putf(berr, "%cI\r\n", + efc->escape_char)) != 0) + fatal_fr(r, "sshbuf_putf"); + s = connection_info_message(ssh); + if ((r = sshbuf_put(berr, s, strlen(s))) != 0) + fatal_fr(r, "sshbuf_put"); + free(s); + continue; + case 'R': if (ssh->compat & SSH_BUG_NOREKEY) logit("Server does not " diff --git a/packet.c b/packet.c index 5dd8269c218a..361c4f2fead4 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.323 2025/09/25 06:33:19 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.324 2025/11/27 02:18:48 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -59,6 +59,7 @@ #include #include #include +#include /* * Explicitly include OpenSSL before zlib as some versions of OpenSSL have @@ -2902,3 +2903,108 @@ sshpkt_add_padding(struct ssh *ssh, u_char pad) ssh->state->extra_pad = pad; return 0; } + +static char * +format_traffic_stats(struct packet_state *ps) +{ + char *stats = NULL, bytes[FMT_SCALED_STRSIZE]; + + if (ps->bytes > LLONG_MAX || fmt_scaled(ps->bytes, bytes) != 0) + strlcpy(bytes, "OVERFLOW", sizeof(bytes)); + + xasprintf(&stats, "%lu pkts %llu blks %sB", + (unsigned long)ps->packets, (unsigned long long)ps->blocks, bytes); + return stats; +} + +static char * +dedupe_alg_names(const char *in, const char *out) +{ + char *names = NULL; + + if (in == NULL) + in = ""; + if (out == NULL) + out = ""; + + if (strcmp(in, out) == 0) { + names = xstrdup(in); + } else { + xasprintf(&names, "%s in, %s out", in, out); + } + return names; +} + +char * +connection_info_message(struct ssh *ssh) +{ + char *ret = NULL, *cipher = NULL, *mac = NULL, *comp = NULL; + char *rekey_volume = NULL, *rekey_time = NULL; + struct kex *kex; + struct session_state *state; + struct newkeys *nk_in, *nk_out; + char *stats_in = NULL, *stats_out = NULL; + u_int64_t epoch = (u_int64_t)time(NULL) - monotime(); + + if (ssh == NULL) + return NULL; + state = ssh->state; + kex = ssh->kex; + + nk_in = ssh->state->newkeys[MODE_IN]; + nk_out = ssh->state->newkeys[MODE_OUT]; + stats_in = format_traffic_stats(&ssh->state->p_read); + stats_out = format_traffic_stats(&ssh->state->p_send); + + cipher = dedupe_alg_names(nk_in->enc.name, nk_out->enc.name); + mac = dedupe_alg_names(nk_in->mac.name, nk_out->mac.name); + comp = dedupe_alg_names(nk_in->comp.name, nk_out->comp.name); + + /* Volume based rekeying. */ + if (state->rekey_limit == 0) { + xasprintf(&rekey_volume, "limit none"); + } else { + char *volumes = NULL, in[32], out[32]; + + snprintf(in, sizeof(in), "%llu", + (unsigned long long)state->max_blocks_in); + snprintf(out, sizeof(out), "%llu", + (unsigned long long)state->max_blocks_out); + volumes = dedupe_alg_names(in, out); + xasprintf(&rekey_volume, "limit blocks %s", volumes); + free(volumes); + } + + /* Time based rekeying. */ + if (state->rekey_interval == 0) { + rekey_time = xstrdup("interval none"); + } else { + char rekey_next[64]; + + format_absolute_time(epoch + state->rekey_time + + state->rekey_interval, rekey_next, sizeof(rekey_next)); + xasprintf(&rekey_time, "interval %s, next %s", + fmt_timeframe(state->rekey_interval), rekey_next); + } + + xasprintf(&ret, "Connection information for peer %s port %d:\r\n" + " kexalgorithm %s\r\n hostkeyalgorithm %s\r\n" + " cipher %s\r\n mac %s\r\n compression %s\r\n" + " rekey %s %s\r\n" + " traffic %s in, %s out\r\n", + ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), + kex->name, kex->hostkey_alg, + cipher, mac, comp, + rekey_volume, rekey_time, + stats_in, stats_out + ); + free(cipher); + free(mac); + free(comp); + free(stats_in); + free(stats_out); + free(rekey_volume); + free(rekey_time); + return ret; +} + diff --git a/packet.h b/packet.h index 072f274259ee..355fd6bd8fa2 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.103 2025/09/25 06:33:19 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.104 2025/11/27 02:18:48 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -210,6 +210,7 @@ int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp); int sshpkt_get_end(struct ssh *ssh); void sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l); const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); +char *connection_info_message(struct ssh *ssh); #if !defined(WITH_OPENSSL) # undef BIGNUM diff --git a/ssh.1 b/ssh.1 index 697f4e42a4a3..391bcdbb6187 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.444 2024/12/04 14:37:55 djm Exp $ -.Dd $Mdocdate: December 4 2024 $ +.\" $OpenBSD: ssh.1,v 1.445 2025/11/27 02:18:48 dtucker Exp $ +.Dd $Mdocdate: November 27 2025 $ .Dt SSH 1 .Os .Sh NAME @@ -1156,6 +1156,8 @@ option is enabled in Basic help is available, using the .Fl h option. +.It Cm ~I +Show information about the current SSH connection. .It Cm ~R Request rekeying of the connection (only useful if the peer supports it). From 2e8b5de4a79fb393482465531be1e347b81699f3 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 29 Nov 2025 05:00:50 +0000 Subject: [PATCH 449/687] upstream: Add compression stats to ~I connection info escape option. OpenBSD-Commit-ID: 83424b71fc226ea6b3dc8dda39f993475fdbd775 --- packet.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 4 deletions(-) diff --git a/packet.c b/packet.c index 361c4f2fead4..d0d2560dd577 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.324 2025/11/27 02:18:48 dtucker Exp $ */ +/* $OpenBSD: packet.c,v 1.325 2025/11/29 05:00:50 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2935,11 +2935,49 @@ dedupe_alg_names(const char *in, const char *out) return names; } +static char * +comp_status_message(struct ssh *ssh) +{ +#ifdef WITH_ZLIB + char *ret = NULL; + struct session_state *state = ssh->state; + unsigned long long iraw = 0, icmp = 0, oraw = 0, ocmp = 0; + char iraw_f[FMT_SCALED_STRSIZE] = "", oraw_f[FMT_SCALED_STRSIZE] = ""; + char icmp_f[FMT_SCALED_STRSIZE] = "", ocmp_f[FMT_SCALED_STRSIZE] = ""; + + if (state->compression_buffer) { + if (state->compression_in_started) { + iraw = state->compression_in_stream.total_out; + icmp = state->compression_in_stream.total_in; + if (fmt_scaled(iraw, iraw_f) != 0) + strlcpy(iraw_f, "OVERFLOW", sizeof(iraw_f)); + if (fmt_scaled(icmp, icmp_f) != 0) + strlcpy(icmp_f, "OVERFLOW", sizeof(icmp_f)); + } + if (state->compression_out_started) { + oraw = state->compression_out_stream.total_in; + ocmp = state->compression_out_stream.total_out; + if (fmt_scaled(oraw, oraw_f) != 0) + strlcpy(oraw_f, "OVERFLOW", sizeof(oraw_f)); + if (fmt_scaled(ocmp, ocmp_f) != 0) + strlcpy(ocmp_f, "OVERFLOW", sizeof(ocmp_f)); + } + xasprintf(&ret, + " compressed %s/%s (*%.3f) in," + " %s/%s (*%.3f) out\r\n", + icmp_f, iraw_f, iraw == 0 ? 0.0 : (double)icmp / iraw, + ocmp_f, oraw_f, oraw == 0 ? 0.0 : (double)ocmp / oraw); + return ret; + } +#endif /* WITH_ZLIB */ + return xstrdup(""); +} + char * connection_info_message(struct ssh *ssh) { char *ret = NULL, *cipher = NULL, *mac = NULL, *comp = NULL; - char *rekey_volume = NULL, *rekey_time = NULL; + char *rekey_volume = NULL, *rekey_time = NULL, *comp_info = NULL; struct kex *kex; struct session_state *state; struct newkeys *nk_in, *nk_out; @@ -2986,17 +3024,20 @@ connection_info_message(struct ssh *ssh) xasprintf(&rekey_time, "interval %s, next %s", fmt_timeframe(state->rekey_interval), rekey_next); } + comp_info = comp_status_message(ssh); xasprintf(&ret, "Connection information for peer %s port %d:\r\n" " kexalgorithm %s\r\n hostkeyalgorithm %s\r\n" " cipher %s\r\n mac %s\r\n compression %s\r\n" " rekey %s %s\r\n" - " traffic %s in, %s out\r\n", + " traffic %s in, %s out\r\n" + "%s", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), kex->name, kex->hostkey_alg, cipher, mac, comp, rekey_volume, rekey_time, - stats_in, stats_out + stats_in, stats_out, + comp_info ); free(cipher); free(mac); @@ -3005,6 +3046,7 @@ connection_info_message(struct ssh *ssh) free(stats_out); free(rekey_volume); free(rekey_time); + free(comp_info); return ret; } From 8fce5520a1c9c2cf3fc6c6974dd158f4b3ce9c4e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 29 Nov 2025 06:49:56 +0000 Subject: [PATCH 450/687] upstream: Add local hostname and pid to ~I escape connection info, only display peer information for TCP connections including source address and port This provides enough information to uniquely identify a connection on the host or network. OpenBSD-Commit-ID: aa18a4af2de41c298d1195d2566808585f8ce964 --- packet.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/packet.c b/packet.c index d0d2560dd577..be90e90d4d55 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.325 2025/11/29 05:00:50 dtucker Exp $ */ +/* $OpenBSD: packet.c,v 1.326 2025/11/29 06:49:56 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2978,6 +2978,7 @@ connection_info_message(struct ssh *ssh) { char *ret = NULL, *cipher = NULL, *mac = NULL, *comp = NULL; char *rekey_volume = NULL, *rekey_time = NULL, *comp_info = NULL; + char thishost[NI_MAXHOST] = "unknown", *tcp_info = NULL; struct kex *kex; struct session_state *state; struct newkeys *nk_in, *nk_out; @@ -2989,6 +2990,17 @@ connection_info_message(struct ssh *ssh) state = ssh->state; kex = ssh->kex; + (void)gethostname(thishost, sizeof(thishost)); + + if (ssh_local_port(ssh) != 65535 || + strcmp(ssh_local_ipaddr(ssh), "UNKNOWN") != 0) { + xasprintf(&tcp_info, " tcp %s:%d -> %s:%d\r\n", + ssh_local_ipaddr(ssh), ssh_local_port(ssh), + ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); + } else { + tcp_info = xstrdup(""); + } + nk_in = ssh->state->newkeys[MODE_IN]; nk_out = ssh->state->newkeys[MODE_OUT]; stats_in = format_traffic_stats(&ssh->state->p_read); @@ -3026,19 +3038,22 @@ connection_info_message(struct ssh *ssh) } comp_info = comp_status_message(ssh); - xasprintf(&ret, "Connection information for peer %s port %d:\r\n" + xasprintf(&ret, "Connection information for %s pid %lld:\r\n" + "%s" " kexalgorithm %s\r\n hostkeyalgorithm %s\r\n" " cipher %s\r\n mac %s\r\n compression %s\r\n" " rekey %s %s\r\n" " traffic %s in, %s out\r\n" "%s", - ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), + thishost, (long long)getpid(), + tcp_info, kex->name, kex->hostkey_alg, cipher, mac, comp, rekey_volume, rekey_time, stats_in, stats_out, comp_info ); + free(tcp_info); free(cipher); free(mac); free(comp); From 66622394fd3a51e9a6c99c39a068f8ba709542fa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 3 Dec 2025 06:29:50 +0000 Subject: [PATCH 451/687] upstream: correctly quote filenames in verbose output for local->local copies; from Colin Watson via bz3900; ok dtucker@ OpenBSD-Commit-ID: 5c09b030e2024651ebc8c1f9af6a8a2d37912150 --- scp.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/scp.c b/scp.c index 85880a7923a4..88cad77410f1 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.269 2025/10/13 00:53:51 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.270 2025/12/03 06:29:50 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -216,7 +216,7 @@ suspchild(int signo) static int do_local_cmd(arglist *a) { - u_int i; + char *cp; int status; pid_t pid; @@ -224,10 +224,9 @@ do_local_cmd(arglist *a) fatal("do_local_cmd: no arguments"); if (verbose_mode) { - fprintf(stderr, "Executing:"); - for (i = 0; i < a->num; i++) - fmprintf(stderr, " %s", a->list[i]); - fprintf(stderr, "\n"); + cp = argv_assemble(a->num, a->list); + fmprintf(stderr, "Executing: %s\n", cp); + free(cp); } if ((pid = fork()) == -1) fatal("do_local_cmd: fork: %s", strerror(errno)); From eb97fc2b5e7c85a37fdb3f8a6ee1d665ef086c3f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Dec 2025 06:16:27 +0000 Subject: [PATCH 452/687] upstream: Add an ssh -Oconninfo command that shows connection information, similar to the ~I escapechar. This is the first use of the mux extension mechanism, so it should be both forward and backward compatible: a new client talking to an old server will not allow the "conninfo" request to be sent, but everything else should work seamlessly. feedback and ok djm@ OpenBSD-Commit-ID: 50f047a85da277360558cabdfed59cb66f754341 --- clientloop.h | 3 +- mux.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++++-- packet.c | 4 +- ssh.1 | 6 ++- ssh.c | 4 +- 5 files changed, 133 insertions(+), 11 deletions(-) diff --git a/clientloop.h b/clientloop.h index 4bc7bcd7c4f2..1f550b35cd1e 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.38 2024/05/17 06:42:04 jsg Exp $ */ +/* $OpenBSD: clientloop.h,v 1.39 2025/12/05 06:16:27 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -75,6 +75,7 @@ void client_expect_confirm(struct ssh *, int, const char *, #define SSHMUX_COMMAND_STOP 6 /* Disable mux but not conn */ #define SSHMUX_COMMAND_CANCEL_FWD 7 /* Cancel forwarding(s) */ #define SSHMUX_COMMAND_PROXY 8 /* Open new connection */ +#define SSHMUX_COMMAND_CONNINFO 9 /* Show connection information */ void muxserver_listen(struct ssh *); int muxclient(const char *); diff --git a/mux.c b/mux.c index 37bcb91037ef..53cbab0fc87d 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.107 2025/09/30 00:03:09 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.108 2025/12/05 06:16:27 dtucker Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -122,6 +122,7 @@ struct mux_master_state { #define MUX_C_NEW_STDIO_FWD 0x10000008 #define MUX_C_STOP_LISTENING 0x10000009 #define MUX_C_PROXY 0x1000000f +#define MUX_C_EXT_INFO 0x20000001 #define MUX_S_OK 0x80000001 #define MUX_S_PERMISSION_DENIED 0x80000002 #define MUX_S_FAILURE 0x80000003 @@ -131,12 +132,18 @@ struct mux_master_state { #define MUX_S_REMOTE_PORT 0x80000007 #define MUX_S_TTY_ALLOC_FAIL 0x80000008 #define MUX_S_PROXY 0x8000000f +#define MUX_S_EXT_INFO 0x90000001 /* type codes for MUX_C_OPEN_FWD and MUX_C_CLOSE_FWD */ #define MUX_FWD_LOCAL 1 #define MUX_FWD_REMOTE 2 #define MUX_FWD_DYNAMIC 3 +#define MUX_EXT_INFO 0x00000001 + +/* Bitmask of supported extensions */ +static u_int extensions = 0; + static void mux_session_confirm(struct ssh *, int, int, void *); static void mux_stdio_confirm(struct ssh *, int, int, void *); @@ -158,6 +165,8 @@ static int mux_master_process_stop_listening(struct ssh *, u_int, Channel *, struct sshbuf *, struct sshbuf *); static int mux_master_process_proxy(struct ssh *, u_int, Channel *, struct sshbuf *, struct sshbuf *); +static int mux_master_process_ext_info(struct ssh *, u_int, + Channel *, struct sshbuf *, struct sshbuf *); static const struct { u_int type; @@ -173,6 +182,7 @@ static const struct { { MUX_C_NEW_STDIO_FWD, mux_master_process_stdio_fwd }, { MUX_C_STOP_LISTENING, mux_master_process_stop_listening }, { MUX_C_PROXY, mux_master_process_proxy }, + { MUX_C_EXT_INFO, mux_master_process_ext_info }, { 0, NULL } }; @@ -287,8 +297,13 @@ mux_master_process_hello(struct ssh *ssh, u_int rid, error_fr(r, "parse extension"); return -1; } - debug2_f("Unrecognised extension \"%s\" length %zu", - name, value_len); + if (strcmp(name, "info") == 0) { + debug_f("Received 'info' extension"); + extensions |= MUX_EXT_INFO; + } else { + debug2_f("Unrecognised extension \"%s\" length %zu", + name, value_len); + } free(name); } state->hello_rcvd = 1; @@ -494,6 +509,39 @@ mux_master_process_alive_check(struct ssh *ssh, u_int rid, return 0; } +/* The "info" extension. */ +static int +mux_master_process_ext_info(struct ssh *ssh, u_int rid, + Channel *c, struct sshbuf *m, struct sshbuf *reply) +{ + int r; + u_int status = 0; + char *name = NULL, *msg = NULL; + + debug2_f("channel %d: info request", c->self); + + if ((r = sshbuf_get_cstring(m, &name, NULL)) != 0) + fatal_fr(r, "parse"); + + if (strcmp(name, "connection") == 0) { + if ((msg = connection_info_message(ssh)) == NULL) + fatal_f("connection_info_message"); + status = 1; + } else { + msg = xstrdup("info request type not supported"); + } + + /* prepare reply */ + if ((r = sshbuf_put_u32(reply, MUX_S_EXT_INFO)) != 0 || + (r = sshbuf_put_u32(reply, rid)) != 0 || + (r = sshbuf_put_u32(reply, status)) != 0 || + (r = sshbuf_put_cstring(reply, msg)) != 0) + fatal_fr(r, "reply"); + free(msg); + + return 0; +} + static int mux_master_process_terminate(struct ssh *ssh, u_int rid, Channel *c, struct sshbuf *m, struct sshbuf *reply) @@ -1160,7 +1208,10 @@ mux_master_read_cb(struct ssh *ssh, Channel *c) if ((r = sshbuf_put_u32(out, MUX_MSG_HELLO)) != 0 || (r = sshbuf_put_u32(out, SSHMUX_VER)) != 0) fatal_fr(r, "reply"); - /* no extensions */ + /* "info" extension */ + if ((r = sshbuf_put_cstring(out, "info")) != 0 || + (r = sshbuf_put_cstring(out, "0")) != 0) + fatal_fr(r, "put info extension"); if ((r = sshbuf_put_stringb(c->output, out)) != 0) fatal_fr(r, "enqueue"); debug3_f("channel %d: hello sent", c->self); @@ -1635,7 +1686,13 @@ mux_client_hello_exchange(int fd, int timeout_ms) error_fr(r, "parse extension"); goto out; } - debug2("Unrecognised master extension \"%s\"", name); + /* Process extensions. */ + if (strcmp(name, "info") == 0) { + debug("Received 'info' extension"); + extensions |= MUX_EXT_INFO; + } else { + debug2("Unrecognised master extension \"%s\"", name); + } free(name); } /* success */ @@ -1696,6 +1753,57 @@ mux_client_request_alive(int fd) return pid; } +static char * +mux_client_request_info(int fd, const char *name) +{ + struct sshbuf *m; + char *e, *msg; + u_int type, rid, status; + int r; + + debug3_f("entering"); + + if ((m = sshbuf_new()) == NULL) + fatal_f("sshbuf_new"); + if ((r = sshbuf_put_u32(m, MUX_C_EXT_INFO)) != 0 || + (r = sshbuf_put_u32(m, muxclient_request_id)) != 0 || + (r = sshbuf_put_cstring(m, name)) != 0) + fatal_fr(r, "assemble"); + + if (mux_client_write_packet(fd, m) != 0) + fatal_f("write packet: %s", strerror(errno)); + + sshbuf_reset(m); + + /* Read their reply */ + if (mux_client_read_packet(fd, m) != 0) { + sshbuf_free(m); + return 0; + } + + if ((r = sshbuf_get_u32(m, &type)) != 0) + fatal_fr(r, "parse type"); + if (type != MUX_S_EXT_INFO) { + if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0) + fatal_fr(r, "parse error message"); + fatal_f("master returned error: %s", e); + } + + if ((r = sshbuf_get_u32(m, &rid)) != 0) + fatal_fr(r, "parse remote ID"); + if (rid != muxclient_request_id) + fatal_f("out of sequence reply: my id %u theirs %u", + muxclient_request_id, rid); + if ((r = sshbuf_get_u32(m, &status)) != 0 || + (r = sshbuf_get_cstring(m, &msg, NULL)) != 0) + fatal_fr(r, "parse connection info"); + sshbuf_free(m); + + muxclient_request_id++; + + return msg; +} + static void mux_client_request_terminate(int fd) { @@ -2261,6 +2369,7 @@ muxclient(const char *path) struct sockaddr_un addr; int sock, timeout = options.connection_timeout, timeout_ms = -1; u_int pid; + char *conninfo = NULL; if (muxclient_command == 0) { if (options.stdio_forward_host != NULL) @@ -2331,6 +2440,14 @@ muxclient(const char *path) fatal_f("master alive check failed"); fprintf(stderr, "Master running (pid=%u)\r\n", pid); exit(0); + case SSHMUX_COMMAND_CONNINFO: + if (!(extensions & MUX_EXT_INFO)) + fatal("mux server does not support conninfo"); + conninfo = mux_client_request_info(sock, "connection"); + if (conninfo == NULL) + fatal_f("connection info request failed"); + printf("%s", conninfo); + exit(0); case SSHMUX_COMMAND_TERMINATE: mux_client_request_terminate(sock); if (options.log_level != SYSLOG_LEVEL_QUIET) diff --git a/packet.c b/packet.c index be90e90d4d55..2a5a56a886da 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.326 2025/11/29 06:49:56 dtucker Exp $ */ +/* $OpenBSD: packet.c,v 1.327 2025/12/05 06:16:27 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -3038,7 +3038,7 @@ connection_info_message(struct ssh *ssh) } comp_info = comp_status_message(ssh); - xasprintf(&ret, "Connection information for %s pid %lld:\r\n" + xasprintf(&ret, "Connection information for %s pid %lld\r\n" "%s" " kexalgorithm %s\r\n hostkeyalgorithm %s\r\n" " cipher %s\r\n mac %s\r\n compression %s\r\n" diff --git a/ssh.1 b/ssh.1 index 391bcdbb6187..ac218cc51340 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.445 2025/11/27 02:18:48 dtucker Exp $ -.Dd $Mdocdate: November 27 2025 $ +.\" $OpenBSD: ssh.1,v 1.446 2025/12/05 06:16:27 dtucker Exp $ +.Dd $Mdocdate: December 5 2025 $ .Dt SSH 1 .Os .Sh NAME @@ -486,6 +486,8 @@ argument is interpreted and passed to the master process. Valid commands are: .Dq check (check that the master process is running), +.Dq conninfo +(report information about the master connection), .Dq forward (request forwardings without command execution), .Dq cancel diff --git a/ssh.c b/ssh.c index df302c34ba98..461b60975b1a 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.620 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.621 2025/12/05 06:16:27 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -817,6 +817,8 @@ main(int ac, char **av) fatal("Multiplexing command already specified"); if (strcmp(optarg, "check") == 0) muxclient_command = SSHMUX_COMMAND_ALIVE_CHECK; + else if (strcmp(optarg, "conninfo") == 0) + muxclient_command = SSHMUX_COMMAND_CONNINFO; else if (strcmp(optarg, "forward") == 0) muxclient_command = SSHMUX_COMMAND_FORWARD; else if (strcmp(optarg, "exit") == 0) From b7dc1d95ee838c86a93df59663dad32e9b555520 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Dec 2025 06:55:22 +0000 Subject: [PATCH 453/687] upstream: Add test for ssh -Oconninfo mux command. OpenBSD-Regress-ID: e939edc41caad8b6ad00ff294f33b61ed32a1edd --- regress/multiplex.sh | 29 +++++++++++++++++++++++++++-- regress/test-exec.sh | 8 +++++++- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/regress/multiplex.sh b/regress/multiplex.sh index 8274b9d59d18..f093588c56b2 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -1,12 +1,12 @@ -# $OpenBSD: multiplex.sh,v 1.37 2024/07/19 04:33:36 djm Exp $ +# $OpenBSD: multiplex.sh,v 1.38 2025/12/05 06:55:22 dtucker Exp $ # Placed in the Public Domain. -make_tmpdir CTL=${SSH_REGRESS_TMP}/ctl-sock tid="connection multiplexing" trace "will use ProxyCommand $proxycmd" +make_tmpdir if config_defined DISABLE_FD_PASSING ; then skip "not supported on this platform (FD passing disabled)" fi @@ -24,6 +24,7 @@ wait_for_mux_master_ready() } maybe_add_scp_path_to_sshd +enable_all_kexes_in_sshd start_sshd start_mux_master() @@ -180,6 +181,13 @@ N=$(echo "xyzzy" | $NC -U $OBJ/unix-1.fwd 2>&1 | grep "xyzzy" | wc -l) test ${N} -eq 0 || fail "remote forward path still listening" rm -f $OBJ/unix-1.fwd +verbose "test $tid: cmd conninfo" +conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \ + || fail "request remote forward failed" +if echo "$conninfo" | ! egrep -- "-> 127.0.0.1:$port" >/dev/null; then + fail "conninfo" +fi + verbose "test $tid: cmd exit" ${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \ || fail "send exit command failed" @@ -188,11 +196,28 @@ ${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1 wait $SSH_PID kill -0 $SSH_PID >/dev/null 2>&1 && fail "exit command failed" +# Enable compression and alternative kex for next conninfo test. +if $SSH -Q compression | grep zlib@openssh.com >/dev/null; then + echo compression yes >>$OBJ/ssh_config + echo kexalgorithms curve25519-sha256 >>$OBJ/ssh_config + echo ciphers aes128-ctr >>$OBJ/ssh_config +fi + # Restart master and test -O stop command with master using -N verbose "test $tid: cmd stop" trace "restart master, fork to background" start_mux_master +verbose "test $tid: cmd conninfo compression" +conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \ + || fail "request remote forward failed" +if ! echo "$conninfo" | grep "compression zlib" >/dev/null || + ! echo "$conninfo" | grep "compressed" >/dev/null || + ! echo "$conninfo" | grep "kexalgorithm curve25519-sha256" >/dev/null || + ! echo "$conninfo" | grep "cipher aes128-ctr" >/dev/null; then + fail "conninfo compression" +fi + # start a long-running command then immediately request a stop ${SSH} -F $OBJ/ssh_config -S $CTL otherhost "sleep 10; exit 0" \ >>$TEST_REGRESS_LOGFILE 2>&1 & diff --git a/regress/test-exec.sh b/regress/test-exec.sh index f7f562aef5cc..20297f22e5dd 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.135 2025/11/24 23:56:58 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.136 2025/12/05 06:55:22 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -910,6 +910,12 @@ start_sshd () test -f $PIDFILE || fatal "no sshd running on port $PORT" } +enable_all_kexes_in_sshd () +{ + kexs=`$SSH -Q KexAlgorithms | tr '\n' , | sed 's/,$//'` + echo KexAlgorithms $kexs >>$OBJ/sshd_config +} + # Find a PKCS#11 library. p11_find_lib() { TEST_SSH_PKCS11="" From f45cd249e45a15c84bf1316ac719039d04a74e84 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 5 Dec 2025 07:43:12 +0000 Subject: [PATCH 454/687] upstream: Add convtime_double() that converts a string interval, such as "3w2d4h5m10.5s", into a floating point number of seconds. Reimplement the existing convtime() function using convtime_double() (it just drops the fractional seconds) lots of feedback deraadt@ / dtucker@; ok deraadt@ OpenBSD-Commit-ID: 053cdd0c72325a20efc6613caa847473fb89e36f --- misc.c | 136 +++++++++++++++++++++++++++++++++------------------------ misc.h | 4 +- 2 files changed, 81 insertions(+), 59 deletions(-) diff --git a/misc.c b/misc.c index 15d7fc4dfe3c..aff5b3fc38c1 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.209 2025/11/06 01:31:11 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.210 2025/12/05 07:43:12 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -622,25 +622,22 @@ a2tun(const char *s, int *remote) return (tun); } -#define SECONDS 1 +#define SECONDS 1.0 #define MINUTES (SECONDS * 60) #define HOURS (MINUTES * 60) #define DAYS (HOURS * 24) #define WEEKS (DAYS * 7) -static char * -scandigits(char *s) -{ - while (isdigit((unsigned char)*s)) - s++; - return s; -} - /* - * Convert a time string into seconds; format is - * a sequence of: + * Convert an interval/duration time string into seconds, which may include + * fractional seconds. + * + * The format is a sequence of: * time[qualifier] * + * This supports fractional values for the seconds value only. All other + * values must be integers. + * * Valid time qualifiers are: * seconds * s|S seconds @@ -650,44 +647,46 @@ scandigits(char *s) * w|W weeks * * Examples: - * 90m 90 minutes - * 1h30m 90 minutes - * 2d 2 days - * 1w 1 week + * 90m 90 minutes + * 1h30m 90 minutes + * 1.5s 1.5 seconds + * 2d 2 days + * 1w 1 week * - * Return -1 if time string is invalid. + * Returns <0.0 if the time string is invalid. */ -int -convtime(const char *s) +double +convtime_double(const char *s) { - int secs, total = 0, multiplier; - char *p, *os, *np, c = 0; - const char *errstr; + double val, total_sec = 0.0, multiplier; + const char *p, *start_p; + char *endp; + int seen_seconds = 0; if (s == NULL || *s == '\0') - return -1; - p = os = strdup(s); /* deal with const */ - if (os == NULL) - return -1; - - while (*p) { - np = scandigits(p); - if (np) { - c = *np; - *np = '\0'; - } - secs = (int)strtonum(p, 0, INT_MAX, &errstr); - if (errstr) - goto fail; - *np = c; - - multiplier = 1; - switch (c) { + return -1.0; + + for (p = s; *p != '\0';) { + if (!isdigit((unsigned char)*p) && *p != '.') + return -1.0; + + errno = 0; + if ((val = strtod(p, &endp)) < 0 || errno != 0 || p == endp) + return -1.0; + /* Allow only decimal forms */ + if (p + strspn(p, "0123456789.") != endp) + return -1.0; + start_p = p; + p = endp; + + switch (*p) { case '\0': - np--; /* back up */ - break; + /* FALLTHROUGH */ case 's': case 'S': + if (seen_seconds++) + return -1.0; + multiplier = SECONDS; break; case 'm': case 'M': @@ -706,23 +705,44 @@ convtime(const char *s) multiplier = WEEKS; break; default: - goto fail; + return -1.0; } - if (secs > INT_MAX / multiplier) - goto fail; - secs *= multiplier; - if (total > INT_MAX - secs) - goto fail; - total += secs; - if (total < 0) - goto fail; - p = ++np; - } - free(os); - return total; -fail: - free(os); - return -1; + + /* Special handling if this was a decimal */ + if (memchr(start_p, '.', endp - start_p) != NULL) { + /* Decimal point present */ + if (multiplier > 1.0) + return -1.0; /* No fractionals for non-seconds */ + /* For seconds, ensure digits follow */ + if (!isdigit((unsigned char)*(endp - 1))) + return -1.0; + } + + total_sec += val * multiplier; + + if (*p != '\0') + p++; + } + return total_sec; +} + +/* + * Same as convtime_double() above but fractional seconds are ignored. + * Return -1 if time string is invalid. + */ +int +convtime(const char *s) +{ + double sec_val; + + if ((sec_val = convtime_double(s)) < 0.0) + return -1; + + /* Check for overflow into int */ + if (sec_val < 0 || sec_val > INT_MAX) + return -1; + + return (int)sec_val; } #define TF_BUFS 8 diff --git a/misc.h b/misc.h index f106be18f638..5b401c5c444c 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.113 2025/11/06 01:31:11 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.114 2025/12/05 07:43:12 djm Exp $ */ /* * Author: Tatu Ylonen @@ -81,7 +81,9 @@ char *colon(char *); int parse_user_host_path(const char *, char **, char **, char **); int parse_user_host_port(const char *, char **, char **, int *); int parse_uri(const char *, const char *, char **, char **, int *, char **); +double convtime_double(const char *); int convtime(const char *); +double convtime_double(const char *); const char *fmt_timeframe(time_t t); int tilde_expand(const char *, uid_t, char **); char *tilde_expand_filename(const char *, uid_t); From c48de35bea389308428cb47b5ee55b1b1fb4567c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 5 Dec 2025 07:49:45 +0000 Subject: [PATCH 455/687] upstream: convert PerSourcePenalties to using floating point time, allowing penalties to be less than a second. This is useful if you need to penalise things you expect to occur at >=1 QPS. feedback dtucker / deraadt; ok deraadt@ OpenBSD-Commit-ID: 89198be755722131b45a52d22d548e4c602201f0 --- servconf.c | 92 ++++++++++++++++++++++++++++++------------------------ servconf.h | 16 +++++----- srclimit.c | 36 +++++++++++---------- 3 files changed, 80 insertions(+), 64 deletions(-) diff --git a/servconf.c b/servconf.c index 6cdfb3cb6814..e1e84db84845 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.437 2025/11/25 00:52:00 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.438 2025/12/05 07:49:45 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -173,13 +173,13 @@ initialize_server_options(ServerOptions *options) options->per_source_penalty.max_sources6 = -1; options->per_source_penalty.overflow_mode = -1; options->per_source_penalty.overflow_mode6 = -1; - options->per_source_penalty.penalty_crash = -1; - options->per_source_penalty.penalty_authfail = -1; - options->per_source_penalty.penalty_noauth = -1; - options->per_source_penalty.penalty_grace = -1; - options->per_source_penalty.penalty_refuseconnection = -1; - options->per_source_penalty.penalty_max = -1; - options->per_source_penalty.penalty_min = -1; + options->per_source_penalty.penalty_crash = -1.0; + options->per_source_penalty.penalty_authfail = -1.0; + options->per_source_penalty.penalty_noauth = -1.0; + options->per_source_penalty.penalty_grace = -1.0; + options->per_source_penalty.penalty_refuseconnection = -1.0; + options->per_source_penalty.penalty_max = -1.0; + options->per_source_penalty.penalty_min = -1.0; options->max_authtries = -1; options->max_sessions = -1; options->banner = NULL; @@ -429,20 +429,20 @@ fill_default_server_options(ServerOptions *options) options->per_source_penalty.overflow_mode = PER_SOURCE_PENALTY_OVERFLOW_PERMISSIVE; if (options->per_source_penalty.overflow_mode6 == -1) options->per_source_penalty.overflow_mode6 = options->per_source_penalty.overflow_mode; - if (options->per_source_penalty.penalty_crash == -1) - options->per_source_penalty.penalty_crash = 90; - if (options->per_source_penalty.penalty_grace == -1) - options->per_source_penalty.penalty_grace = 10; - if (options->per_source_penalty.penalty_authfail == -1) - options->per_source_penalty.penalty_authfail = 5; - if (options->per_source_penalty.penalty_noauth == -1) - options->per_source_penalty.penalty_noauth = 1; - if (options->per_source_penalty.penalty_refuseconnection == -1) - options->per_source_penalty.penalty_refuseconnection = 10; - if (options->per_source_penalty.penalty_min == -1) - options->per_source_penalty.penalty_min = 15; - if (options->per_source_penalty.penalty_max == -1) - options->per_source_penalty.penalty_max = 600; + if (options->per_source_penalty.penalty_crash < 0.0) + options->per_source_penalty.penalty_crash = 90.0; + if (options->per_source_penalty.penalty_grace < 0.0) + options->per_source_penalty.penalty_grace = 10.0; + if (options->per_source_penalty.penalty_authfail < 0.0) + options->per_source_penalty.penalty_authfail = 5.0; + if (options->per_source_penalty.penalty_noauth < 0.0) + options->per_source_penalty.penalty_noauth = 1.0; + if (options->per_source_penalty.penalty_refuseconnection < 0.0) + options->per_source_penalty.penalty_refuseconnection = 10.0; + if (options->per_source_penalty.penalty_min < 0.0) + options->per_source_penalty.penalty_min = 15.0; + if (options->per_source_penalty.penalty_max < 0.0) + options->per_source_penalty.penalty_max = 600.0; if (options->max_authtries == -1) options->max_authtries = DEFAULT_AUTH_FAIL_MAX; if (options->max_sessions == -1) @@ -1315,6 +1315,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, { char *str, ***chararrayptr, **charptr, *arg, *arg2, *p, *keyword; int cmdline = 0, *intptr, value, value2, value3, n, port, oactive, r; + double dvalue, *doubleptr = NULL; int ca_only = 0, found = 0; SyslogFacility *log_facility_ptr; LogLevel *log_level_ptr; @@ -2085,6 +2086,8 @@ process_server_config_line_depth(ServerOptions *options, char *line, const char *q = NULL; found = 1; + intptr = NULL; + doubleptr = NULL; value = -1; value2 = 0; /* Allow no/yes only in first position */ @@ -2100,19 +2103,19 @@ process_server_config_line_depth(ServerOptions *options, char *line, options->per_source_penalty.enabled = value2; continue; } else if ((q = strprefix(arg, "crash:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_crash; + doubleptr = &options->per_source_penalty.penalty_crash; } else if ((q = strprefix(arg, "authfail:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_authfail; + doubleptr = &options->per_source_penalty.penalty_authfail; } else if ((q = strprefix(arg, "noauth:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_noauth; + doubleptr = &options->per_source_penalty.penalty_noauth; } else if ((q = strprefix(arg, "grace-exceeded:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_grace; + doubleptr = &options->per_source_penalty.penalty_grace; } else if ((q = strprefix(arg, "refuseconnection:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_refuseconnection; + doubleptr = &options->per_source_penalty.penalty_refuseconnection; } else if ((q = strprefix(arg, "max:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_max; + doubleptr = &options->per_source_penalty.penalty_max; } else if ((q = strprefix(arg, "min:", 0)) != NULL) { - intptr = &options->per_source_penalty.penalty_min; + doubleptr = &options->per_source_penalty.penalty_min; } else if ((q = strprefix(arg, "max-sources4:", 0)) != NULL) { intptr = &options->per_source_penalty.max_sources4; if ((errstr = atoi_err(q, &value)) != NULL) @@ -2139,15 +2142,24 @@ process_server_config_line_depth(ServerOptions *options, char *line, fatal("%s line %d: unsupported %s keyword %s", filename, linenum, keyword, arg); } - /* If no value was parsed above, assume it's a time */ - if (value == -1 && (value = convtime(q)) == -1) { - fatal("%s line %d: invalid %s time value.", - filename, linenum, keyword); - } - if (*activep && *intptr == -1) { - *intptr = value; - /* any option implicitly enables penalties */ - options->per_source_penalty.enabled = 1; + + if (doubleptr != NULL) { + if ((dvalue = convtime_double(q)) < 0) { + fatal("%s line %d: invalid %s time value.", + filename, linenum, keyword); + } + if (*activep && *doubleptr < 0.0) { + *doubleptr = dvalue; + options->per_source_penalty.enabled = 1; + } + } else if (intptr != NULL) { + if (*activep && *intptr == -1) { + *intptr = value; + options->per_source_penalty.enabled = 1; + } + } else { + fatal_f("%s line %d: internal error", + filename, linenum); } } if (!found) { @@ -3407,8 +3419,8 @@ dump_config(ServerOptions *o) printf("\n"); if (o->per_source_penalty.enabled) { - printf("persourcepenalties crash:%d authfail:%d noauth:%d " - "grace-exceeded:%d refuseconnection:%d max:%d min:%d " + printf("persourcepenalties crash:%f authfail:%f noauth:%f " + "grace-exceeded:%f refuseconnection:%f max:%f min:%f " "max-sources4:%d max-sources6:%d " "overflow:%s overflow6:%s\n", o->per_source_penalty.penalty_crash, diff --git a/servconf.h b/servconf.h index 9beb90fae3da..885d102fc3c4 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.168 2024/09/15 01:18:26 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.170 2025/12/05 07:49:45 djm Exp $ */ /* * Author: Tatu Ylonen @@ -73,13 +73,13 @@ struct per_source_penalty { int max_sources6; int overflow_mode; int overflow_mode6; - int penalty_crash; - int penalty_grace; - int penalty_authfail; - int penalty_noauth; - int penalty_refuseconnection; - int penalty_max; - int penalty_min; + double penalty_crash; + double penalty_grace; + double penalty_authfail; + double penalty_noauth; + double penalty_refuseconnection; + double penalty_max; + double penalty_min; }; typedef struct { diff --git a/srclimit.c b/srclimit.c index c62763724b53..c6a553beb56d 100644 --- a/srclimit.c +++ b/srclimit.c @@ -53,7 +53,7 @@ static struct child_info { */ struct penalty { struct xaddr addr; - time_t expiry; + double expiry; int active; const char *reason; RB_ENTRY(penalty) by_addr; @@ -212,7 +212,7 @@ penalty_expiry_cmp(struct penalty *a, struct penalty *b) } static void -expire_penalties_from_tree(time_t now, const char *t, +expire_penalties_from_tree(double now, const char *t, struct penalties_by_expiry *by_expiry, struct penalties_by_addr *by_addr, size_t *npenaltiesp) { @@ -234,7 +234,7 @@ expire_penalties_from_tree(time_t now, const char *t, } static void -expire_penalties(time_t now) +expire_penalties(double now) { expire_penalties_from_tree(now, "ipv4", &penalties_by_expiry4, &penalties_by_addr4, &npenalties4); @@ -260,7 +260,7 @@ srclimit_penalty_check_allow(int sock, const char **reason) { struct xaddr addr; struct penalty find, *penalty; - time_t now; + double now; int bits, max_sources, overflow_mode; char addr_s[NI_MAXHOST]; struct penalties_by_addr *by_addr; @@ -277,7 +277,7 @@ srclimit_penalty_check_allow(int sock, const char **reason) return 1; } } - now = monotime(); + now = monotime_double(); expire_penalties(now); by_addr = addr.af == AF_INET ? &penalties_by_addr4 : &penalties_by_addr6; @@ -347,8 +347,9 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) { struct xaddr masked; struct penalty *penalty = NULL, *existing = NULL; - time_t now; - int bits, penalty_secs, max_sources = 0, overflow_mode; + double now; + int bits, max_sources = 0, overflow_mode; + double penalty_secs; char addrnetmask[NI_MAXHOST + 4]; const char *reason = NULL, *t; size_t *npenaltiesp = NULL; @@ -392,12 +393,16 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) default: fatal_f("internal error: unknown penalty %d", penalty_type); } + + if (penalty_secs <= 0) + return; + bits = addr->af == AF_INET ? ipv4_masklen : ipv6_masklen; if (srclimit_mask_addr(addr, bits, &masked) != 0) return; addr_masklen_ntop(addr, bits, addrnetmask, sizeof(addrnetmask)); - now = monotime(); + now = monotime_double(); expire_penalties(now); by_expiry = addr->af == AF_INET ? &penalties_by_expiry4 : &penalties_by_expiry6; @@ -429,7 +434,7 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) fatal_f("internal error: %s penalty tables corrupt", t); do_log2_f(penalty->active ? SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE, - "%s: new %s %s penalty of %d seconds for %s", t, + "%s: new %s %s penalty of %f seconds for %s", t, addrnetmask, penalty->active ? "active" : "deferred", penalty_secs, reason); if (++(*npenaltiesp) > (size_t)max_sources) @@ -448,9 +453,8 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) existing->expiry = now + penalty_cfg.penalty_max; if (existing->expiry - now > penalty_cfg.penalty_min && !existing->active) { - logit_f("%s: activating %s penalty of %lld seconds for %s", - addrnetmask, t, (long long)(existing->expiry - now), - reason); + logit_f("%s: activating %s penalty of %.3f seconds for %s", + addrnetmask, t, existing->expiry - now, reason); existing->active = 1; } existing->reason = penalty->reason; @@ -468,9 +472,9 @@ srclimit_penalty_info_for_tree(const char *t, struct penalty *p = NULL; int bits; char s[NI_MAXHOST + 4]; - time_t now; + double now; - now = monotime(); + now = monotime_double(); logit("%zu active %s penalties", npenalties, t); RB_FOREACH(p, penalties_by_expiry, by_expiry) { bits = p->addr.af == AF_INET ? ipv4_masklen : ipv6_masklen; @@ -478,8 +482,8 @@ srclimit_penalty_info_for_tree(const char *t, if (p->expiry < now) logit("client %s %s (expired)", s, p->reason); else { - logit("client %s %s (%llu secs left)", s, p->reason, - (long long)(p->expiry - now)); + logit("client %s %s (%.3f secs left)", s, p->reason, + p->expiry - now); } } } From f4e79a4ba91cf0fd7397846424d1b261f3648708 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 5 Dec 2025 07:43:24 +0000 Subject: [PATCH 456/687] upstream: unit tests for convtime_double() OpenBSD-Regress-ID: d3ba7b894019b4128845d638c78fca37b3b6eecf --- regress/unittests/misc/test_convtime.c | 37 +++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/regress/unittests/misc/test_convtime.c b/regress/unittests/misc/test_convtime.c index 4fdcf38127df..83af8c8c8118 100644 --- a/regress/unittests/misc/test_convtime.c +++ b/regress/unittests/misc/test_convtime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_convtime.c,v 1.3 2022/08/11 01:57:50 djm Exp $ */ +/* $OpenBSD: test_convtime.c,v 1.4 2025/12/05 07:43:24 djm Exp $ */ /* * Regress test for misc time conversion functions. * @@ -57,6 +57,41 @@ test_convtime(void) #endif TEST_DONE(); + TEST_START("misc_convtime_double"); + ASSERT_DOUBLE_EQ(convtime_double("0"), 0); + ASSERT_DOUBLE_EQ(convtime_double("1"), 1.0); + ASSERT_DOUBLE_EQ(convtime_double("2s"), 2.0); + ASSERT_DOUBLE_EQ(convtime_double("3m"), 180.0); + ASSERT_DOUBLE_EQ(convtime_double("1m30s"), 90.0); + ASSERT_DOUBLE_EQ(convtime_double("1.5s"), 1.5); + ASSERT_DOUBLE_EQ(convtime_double(".5s"), 0.5); + ASSERT_DOUBLE_EQ(convtime_double("0.5s"), 0.5); + ASSERT_DOUBLE_EQ(convtime_double("1.123456s"), 1.123456); + ASSERT_DOUBLE_EQ(convtime_double("1.1234567s"), 1.1234567); + ASSERT_DOUBLE_EQ(convtime_double("1.123s"), 1.123); + ASSERT_DOUBLE_EQ(convtime_double("1m0.5s"), 60.5); + ASSERT_DOUBLE_EQ(convtime_double("1m.5s"), 60.5); + ASSERT_DOUBLE_EQ(convtime_double("1.5"), 1.5); + ASSERT_DOUBLE_EQ(convtime_double("1.123456"), 1.123456); + ASSERT_DOUBLE_EQ(convtime_double("1.1234567"), 1.1234567); + /* errors */ + ASSERT_DOUBLE_LT(convtime_double(""), 0.0); + ASSERT_DOUBLE_LT(convtime_double("trout"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1.s"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("0x1"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("inf"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("nan"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1e10"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("-1"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("3.w0.5s"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1.0d0.5s"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1.5m"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1.5h"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1.5d"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1.5w"), 0.0); + ASSERT_DOUBLE_LT(convtime_double("1s1.5"), 0.0); + TEST_DONE(); + /* XXX timezones/DST make verification of this tricky */ /* XXX maybe setenv TZ and tzset() to make it unambiguous? */ TEST_START("misc_parse_absolute_time"); From 89a67a04e581423cdc443f2597cb1e2c7d8cc50f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 5 Dec 2025 08:09:34 +0000 Subject: [PATCH 457/687] upstream: Shell compatibility fix. OpenBSD-Regress-ID: bceaeb267d49c13e4a797c42e93b8f0cdb14dbd7 --- regress/multiplex.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/multiplex.sh b/regress/multiplex.sh index f093588c56b2..172b182c8ca6 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -1,4 +1,4 @@ -# $OpenBSD: multiplex.sh,v 1.38 2025/12/05 06:55:22 dtucker Exp $ +# $OpenBSD: multiplex.sh,v 1.39 2025/12/05 08:09:34 dtucker Exp $ # Placed in the Public Domain. CTL=${SSH_REGRESS_TMP}/ctl-sock @@ -184,7 +184,7 @@ rm -f $OBJ/unix-1.fwd verbose "test $tid: cmd conninfo" conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \ || fail "request remote forward failed" -if echo "$conninfo" | ! egrep -- "-> 127.0.0.1:$port" >/dev/null; then +if ! echo "$conninfo" | egrep -- "-> 127.0.0.1:$port" >/dev/null; then fail "conninfo" fi From 70a01a7e66075047329e3aeccc942678f512ebdd Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Dec 2025 20:02:39 +1100 Subject: [PATCH 458/687] Set SSH_REGRESS_TMP after making tmpdir. Put both of these later in the script so the cvsids don't cause conflicts on every synced patch. --- regress/multiplex.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/multiplex.sh b/regress/multiplex.sh index 172b182c8ca6..6b58387f318d 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -1,12 +1,12 @@ # $OpenBSD: multiplex.sh,v 1.39 2025/12/05 08:09:34 dtucker Exp $ # Placed in the Public Domain. -CTL=${SSH_REGRESS_TMP}/ctl-sock - tid="connection multiplexing" trace "will use ProxyCommand $proxycmd" make_tmpdir +CTL=${SSH_REGRESS_TMP}/ctl-sock + if config_defined DISABLE_FD_PASSING ; then skip "not supported on this platform (FD passing disabled)" fi From 5f5d1af478d4b9daf61fab1e4298973980d4c348 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 5 Dec 2025 11:13:35 +0000 Subject: [PATCH 459/687] upstream: ASSERT_DOUBLE_* test helpers OpenBSD-Regress-ID: cdb5c4e95c0f00efb773ddba4056a49e33702cf9 --- regress/unittests/test_helper/test_helper.c | 43 ++++++++++++++++++++- regress/unittests/test_helper/test_helper.h | 18 ++++++++- 2 files changed, 59 insertions(+), 2 deletions(-) diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index 51b80119bafa..15d7a0063cbf 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.c,v 1.14 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: test_helper.c,v 1.15 2025/12/05 11:13:35 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -604,6 +604,47 @@ assert_u64(const char *file, int line, const char *a1, const char *a2, test_die(); } +void +assert_double(const char *file, int line, const char *a1, const char *a2, + double aa1, double aa2, enum test_predicate pred) +{ + const double epsilon = 0.000000001; + + switch (pred) { + case TEST_EQ: + if (fabs(aa1 - aa2) < epsilon) + return; + break; + case TEST_NE: + if (fabs(aa1 - aa2) >= epsilon) + return; + break; + case TEST_LT: + if (aa1 < aa2) + return; + break; + case TEST_LE: + if (aa1 <= aa2) + return; + break; + case TEST_GT: + if (aa1 > aa2) + return; + break; + case TEST_GE: + if (aa1 >= aa2) + return; + break; + default: + abort(); + } + + test_header(file, line, a1, a2, "DOUBLE", pred); + fprintf(stderr, "%12s = %f\n", a1, aa1); + fprintf(stderr, "%12s = %f\n", a2, aa2); + test_die(); +} + void assert_ptr(const char *file, int line, const char *a1, const char *a2, const void *aa1, const void *aa2, enum test_predicate pred) diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h index 4f7e2c87f28d..215513a06ef7 100644 --- a/regress/unittests/test_helper/test_helper.h +++ b/regress/unittests/test_helper/test_helper.h @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.h,v 1.10 2025/04/15 04:00:42 djm Exp $ */ +/* $OpenBSD: test_helper.h,v 1.11 2025/12/05 11:13:35 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -99,6 +99,9 @@ void assert_u32(const char *file, int line, void assert_u64(const char *file, int line, const char *a1, const char *a2, u_int64_t aa1, u_int64_t aa2, enum test_predicate pred); +void assert_double(const char *file, int line, + const char *a1, const char *a2, + double aa1, double aa2, enum test_predicate pred); #define TEST_START(n) test_start(n) #define TEST_DONE() test_done() @@ -285,6 +288,19 @@ void assert_u64(const char *file, int line, #define ASSERT_U64_GE(a1, a2) \ assert_u64(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_GE) +#define ASSERT_DOUBLE_EQ(a1, a2) \ + assert_double(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_EQ) +#define ASSERT_DOUBLE_NE(a1, a2) \ + assert_double(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_NE) +#define ASSERT_DOUBLE_LT(a1, a2) \ + assert_double(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_LT) +#define ASSERT_DOUBLE_LE(a1, a2) \ + assert_double(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_LE) +#define ASSERT_DOUBLE_GT(a1, a2) \ + assert_double(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_GT) +#define ASSERT_DOUBLE_GE(a1, a2) \ + assert_double(__FILE__, __LINE__, #a1, #a2, a1, a2, TEST_GE) + /* Benchmarking support */ #define BENCH_START(name) \ do { \ From c99a30d30a5d2af6fec30b9b0d85aa9b252760c9 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 6 Dec 2025 03:23:27 +0000 Subject: [PATCH 460/687] upstream: Don't check compressions stats when ssh does not support compression. OpenBSD-Regress-ID: 026db51b2654a949e9a10b908443dab83b64c74a --- regress/multiplex.sh | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/regress/multiplex.sh b/regress/multiplex.sh index 6b58387f318d..f68af935e456 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -1,4 +1,4 @@ -# $OpenBSD: multiplex.sh,v 1.39 2025/12/05 08:09:34 dtucker Exp $ +# $OpenBSD: multiplex.sh,v 1.40 2025/12/06 03:23:27 dtucker Exp $ # Placed in the Public Domain. tid="connection multiplexing" @@ -198,31 +198,39 @@ kill -0 $SSH_PID >/dev/null 2>&1 && fail "exit command failed" # Enable compression and alternative kex for next conninfo test. if $SSH -Q compression | grep zlib@openssh.com >/dev/null; then - echo compression yes >>$OBJ/ssh_config - echo kexalgorithms curve25519-sha256 >>$OBJ/ssh_config - echo ciphers aes128-ctr >>$OBJ/ssh_config + compression=yes +else + compression=no fi +echo compression $compression >>$OBJ/ssh_config +echo kexalgorithms curve25519-sha256 >>$OBJ/ssh_config +echo ciphers aes128-ctr >>$OBJ/ssh_config # Restart master and test -O stop command with master using -N verbose "test $tid: cmd stop" trace "restart master, fork to background" start_mux_master -verbose "test $tid: cmd conninfo compression" +verbose "test $tid: cmd conninfo algos" conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \ || fail "request remote forward failed" -if ! echo "$conninfo" | grep "compression zlib" >/dev/null || - ! echo "$conninfo" | grep "compressed" >/dev/null || - ! echo "$conninfo" | grep "kexalgorithm curve25519-sha256" >/dev/null || +if ! echo "$conninfo" | grep "kexalgorithm curve25519-sha256" >/dev/null || ! echo "$conninfo" | grep "cipher aes128-ctr" >/dev/null; then - fail "conninfo compression" + fail "conninfo algos" +fi +if [ "$compression" = "yes" ]; then + verbose "test $tid: cmd conninfo compression" + if ! echo "$conninfo" | grep "compression zlib" >/dev/null || + ! echo "$conninfo" | grep "compressed" >/dev/null; then + fail "conninfo compression" + fi fi # start a long-running command then immediately request a stop ${SSH} -F $OBJ/ssh_config -S $CTL otherhost "sleep 10; exit 0" \ >>$TEST_REGRESS_LOGFILE 2>&1 & SLEEP_PID=$! -${SSH} -F $OBJ/ssh_config -S $CTL -Ostop otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \ +${SSH} -F$OBJ/ssh_config -S$CTL -Ostop otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \ || fail "send stop command failed" # wait until both long-running command and master have exited. From ab164f671609a3a25cd0efcd967aff29144081bb Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 6 Dec 2025 07:10:24 +0000 Subject: [PATCH 461/687] upstream: Append a newline, otherwise some sed's won't output anything. OpenBSD-Regress-ID: 507cb8c36bb7fc338f60a55bf7040f479536b3f7 --- regress/test-exec.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 20297f22e5dd..b391dbc82039 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.136 2025/12/05 06:55:22 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.137 2025/12/06 07:10:24 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -912,7 +912,7 @@ start_sshd () enable_all_kexes_in_sshd () { - kexs=`$SSH -Q KexAlgorithms | tr '\n' , | sed 's/,$//'` + kexs=`$SSH -Q KexAlgorithms | (tr '\n' ,; echo) | sed 's/,$//'` echo KexAlgorithms $kexs >>$OBJ/sshd_config } From 45aca67d79c194660342a64a9175d814d4e8ba56 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 7 Dec 2025 02:49:41 +0000 Subject: [PATCH 462/687] upstream: spaces->tab OpenBSD-Regress-ID: c78eb430da0ec2c4b6919ff4d27ef8e565ef52ff --- regress/test-exec.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index b391dbc82039..7206e74e88e9 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.137 2025/12/06 07:10:24 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.138 2025/12/07 02:49:41 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -912,8 +912,8 @@ start_sshd () enable_all_kexes_in_sshd () { - kexs=`$SSH -Q KexAlgorithms | (tr '\n' ,; echo) | sed 's/,$//'` - echo KexAlgorithms $kexs >>$OBJ/sshd_config + kexs=`$SSH -Q KexAlgorithms | (tr '\n' ,; echo) | sed 's/,$//'` + echo KexAlgorithms $kexs >>$OBJ/sshd_config } # Find a PKCS#11 library. From f62868e03e51785c521c4d20d60662c0bbdd695e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 7 Dec 2025 02:59:53 +0000 Subject: [PATCH 463/687] upstream: Avoid "if ! thing || ! otherthing; then" constructs since they seem to cause portability problems. OpenBSD-Regress-ID: ff001be683de43bf396cd5f9f6a54e0c7a99c3cf --- regress/multiplex.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/regress/multiplex.sh b/regress/multiplex.sh index f68af935e456..584bbbe22619 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -1,4 +1,4 @@ -# $OpenBSD: multiplex.sh,v 1.40 2025/12/06 03:23:27 dtucker Exp $ +# $OpenBSD: multiplex.sh,v 1.41 2025/12/07 02:59:53 dtucker Exp $ # Placed in the Public Domain. tid="connection multiplexing" @@ -214,14 +214,18 @@ start_mux_master verbose "test $tid: cmd conninfo algos" conninfo=`${SSH} -F $OBJ/ssh_config -S $CTL -Oconninfo otherhost` \ || fail "request remote forward failed" -if ! echo "$conninfo" | grep "kexalgorithm curve25519-sha256" >/dev/null || - ! echo "$conninfo" | grep "cipher aes128-ctr" >/dev/null; then +if echo "$conninfo" | grep "kexalgorithm curve25519-sha256" >/dev/null && + echo "$conninfo" | grep "cipher aes128-ctr" >/dev/null; then + trace "ok conninfo algos" +else fail "conninfo algos" fi if [ "$compression" = "yes" ]; then verbose "test $tid: cmd conninfo compression" - if ! echo "$conninfo" | grep "compression zlib" >/dev/null || - ! echo "$conninfo" | grep "compressed" >/dev/null; then + if echo "$conninfo" | grep "compression zlib" >/dev/null && + echo "$conninfo" | grep "compressed" >/dev/null; then + trace "ok conninfo compression" + else fail "conninfo compression" fi fi From f701869185915b9a324dcc23c12d0035251ef93f Mon Sep 17 00:00:00 2001 From: "phessler@openbsd.org" Date: Fri, 5 Dec 2025 17:48:47 +0000 Subject: [PATCH 464/687] upstream: allow network programs select DSCP_VA for network ToS OK stsp@ OpenBSD-Commit-ID: 8019fd6e8c522b4b5f291a2c0e3bf2437cc70dc1 --- misc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misc.c b/misc.c index aff5b3fc38c1..d1369b956517 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.210 2025/12/05 07:43:12 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.211 2025/12/05 17:48:47 phessler Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -1950,6 +1950,7 @@ static const struct { { "cs7", IPTOS_DSCP_CS7 }, { "ef", IPTOS_DSCP_EF }, { "le", IPTOS_DSCP_LE }, + { "va", IPTOS_DSCP_VA }, { "lowdelay", INT_MIN }, /* deprecated */ { "throughput", INT_MIN }, /* deprecated */ { "reliability", INT_MIN }, /* deprecated */ From 185459dd87c4f7580a2591fbbbb1d800ec249b78 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 7 Dec 2025 14:17:20 +1100 Subject: [PATCH 465/687] Define IPTOS_DSCP_VA if not already defined. --- defines.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/defines.h b/defines.h index a1bd6fad345e..43d3c0a3f076 100644 --- a/defines.h +++ b/defines.h @@ -95,6 +95,9 @@ enum # define IPTOS_DSCP_CS6 0xc0 # define IPTOS_DSCP_CS7 0xe0 #endif /* IPTOS_DSCP_CS0 */ +#ifndef IPTOS_DSCP_VA +# define IPTOS_DSCP_VA 0x2c +#endif /* IPTOS_DSCP_VA */ #ifndef IPTOS_DSCP_EF # define IPTOS_DSCP_EF 0xb8 #endif /* IPTOS_DSCP_EF */ From f086fafa0486012df6ba095664be75ecbf68e8e1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 7 Dec 2025 13:43:02 +1100 Subject: [PATCH 466/687] Remove generated compat includes during distclean. --- Makefile.in | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile.in b/Makefile.in index e5f8364423df..7f7d2c5dd43f 100644 --- a/Makefile.in +++ b/Makefile.in @@ -336,6 +336,7 @@ distclean: regressclean rm -f *.out core opensshd.init openssh.xml rm -f Makefile buildpkg.sh config.h config.status rm -f survey.sh openbsd-compat/regress/Makefile *~ + rm -rf openbsd-compat/include rm -rf autom4te.cache rm -f regress/check-perm rm -f regress/mkdtemp From d05b704086d53c02f4ad7de921435f7e7e3ad60a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 7 Dec 2025 20:10:42 +1100 Subject: [PATCH 467/687] Add OpenBSD 7.8 VM test target. --- .github/workflows/vm.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 759de69cbe33..1da1e9fc6ecd 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -269,6 +269,7 @@ jobs: - "7.5" - "7.6" - "7.7" + - "7.8" config: [default] runs-on: ubuntu-latest steps: From 70ad2e9a2b3aa6f856200464078c2750bfba0e3d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 8 Dec 2025 00:41:46 +0000 Subject: [PATCH 468/687] upstream: increment correct variable when counting group memberships. Reported by Kevin Day via bz3903 OpenBSD-Commit-ID: 772b9aafd5165a7c407f08cb95f8b94cc5a4c1c0 --- sftp-server.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sftp-server.c b/sftp-server.c index 777821acd521..b98c3cd41c7f 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.149 2025/09/02 09:26:21 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.150 2025/12/08 00:41:46 djm Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1754,7 +1754,7 @@ process_extended_get_users_groups_by_id(u_int32_t id) debug3_f("gid %u => \"%s\"", n, name); if ((r = sshbuf_put_cstring(groupnames, name)) != 0) fatal_fr(r, "assemble gid reply"); - nusers++; + ngroups++; } verbose("users-groups-by-id: %u users, %u groups", nusers, ngroups); From a1e37f0998ed5027f6c8dd30befb379ea2cac95b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 8 Dec 2025 00:44:16 +0000 Subject: [PATCH 469/687] upstream: There is a warning next to the authorized_keys command="" flag that forcing a command doesn't automatically disable forwarding. Add one next to the sshd_config(5) ForceCommand directive too. feedback deraadt@ OpenBSD-Commit-ID: bfe38b4d3cfbadbb8bafe38bc256f5a17a0ee75c --- sshd_config.5 | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 1b01415cbfe6..361af6488190 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.386 2025/11/25 01:14:33 djm Exp $ -.Dd $Mdocdate: November 25 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.387 2025/12/08 00:44:16 djm Exp $ +.Dd $Mdocdate: December 8 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -710,6 +710,15 @@ files when used with .Cm ChrootDirectory . The default is .Cm none . +.Pp +This directive does not limit other kinds of access that a +client may request via their connection, such as TCP, agent, socket or +X11 forwarding. +If these are not desired, then they must be explicitly disabled, either +individually via their respective options or all together using the +.Cm DisableForwarding +option. +.Cm .It Cm GatewayPorts Specifies whether remote hosts are allowed to connect to ports forwarded for the client. From 24f32f7755801b16368375b8e27fb1a48d250fc5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 8 Dec 2025 00:45:00 +0000 Subject: [PATCH 470/687] upstream: errant line OpenBSD-Commit-ID: 8542d59f5ba48a67c3ebd5de17f9fa408ec54ca5 --- sshd_config.5 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 361af6488190..480b756c802e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.387 2025/12/08 00:44:16 djm Exp $ +.\" $OpenBSD: sshd_config.5,v 1.388 2025/12/08 00:45:00 djm Exp $ .Dd $Mdocdate: December 8 2025 $ .Dt SSHD_CONFIG 5 .Os @@ -718,7 +718,6 @@ If these are not desired, then they must be explicitly disabled, either individually via their respective options or all together using the .Cm DisableForwarding option. -.Cm .It Cm GatewayPorts Specifies whether remote hosts are allowed to connect to ports forwarded for the client. From 94bf1154b4132727114f222a587daeac101f1f5b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 8 Dec 2025 03:55:22 +0000 Subject: [PATCH 471/687] upstream: add a GssDelegateCreds option for the server, controlling whether it accepts delgated credentials offered by the client. This option mirrors GssDelegateCreds in ssh_config. From Dmitry Belyavskiy via GHPR614; ok dtucker@ OpenBSD-Commit-ID: ac419354edb26cef9ad15692e0bed17a03997786 --- gss-serv.c | 7 ++++++- servconf.c | 14 ++++++++++++-- servconf.h | 3 ++- sshd_config.5 | 5 ++++- 4 files changed, 24 insertions(+), 5 deletions(-) diff --git a/gss-serv.c b/gss-serv.c index b0e9c3b49fe0..05c347ea058b 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.33 2025/09/29 21:30:15 dtucker Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.34 2025/12/08 03:55:22 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -332,6 +332,11 @@ ssh_gssapi_cleanup_creds(void) void ssh_gssapi_storecreds(void) { + if (options.gss_deleg_creds == 0) { + debug_f("delegate credential is disabled, doing nothing"); + return 0; + } + if (gssapi_client.mech && gssapi_client.mech->storecreds) { (*gssapi_client.mech->storecreds)(&gssapi_client); } else diff --git a/servconf.c b/servconf.c index e1e84db84845..e74e3ecfbb12 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.438 2025/12/05 07:49:45 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.439 2025/12/08 03:55:22 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -137,6 +137,7 @@ initialize_server_options(ServerOptions *options) options->kerberos_get_afs_token = -1; options->gss_authentication=-1; options->gss_cleanup_creds = -1; + options->gss_deleg_creds = -1; options->gss_strict_acceptor = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; @@ -376,6 +377,8 @@ fill_default_server_options(ServerOptions *options) options->gss_authentication = 0; if (options->gss_cleanup_creds == -1) options->gss_cleanup_creds = 1; + if (options->gss_deleg_creds == -1) + options->gss_deleg_creds = 1; if (options->gss_strict_acceptor == -1) options->gss_strict_acceptor = 1; if (options->password_authentication == -1) @@ -561,7 +564,7 @@ typedef enum { sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, - sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, + sGssAuthentication, sGssCleanupCreds, sGssDelegateCreds, sGssStrictAcceptor, sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, @@ -647,10 +650,12 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, + { "gssapidelegatecredentials", sGssDelegateCreds, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, + { "gssapidelegatecredentials", sUnsupported, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, #endif { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, @@ -1649,6 +1654,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->gss_cleanup_creds; goto parse_flag; + case sGssDelegateCreds: + intptr = &options->gss_deleg_creds; + goto parse_flag; + case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -3270,6 +3279,7 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); + dump_cfg_fmtint(sGssDelegateCreds, o->gss_deleg_creds); dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); diff --git a/servconf.h b/servconf.h index 885d102fc3c4..1005b0070b98 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.170 2025/12/05 07:49:45 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.171 2025/12/08 03:55:22 djm Exp $ */ /* * Author: Tatu Ylonen @@ -151,6 +151,7 @@ typedef struct { * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ + int gss_deleg_creds; /* If true, accept delegated GSS credentials */ int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ int password_authentication; /* If true, permit password * authentication. */ diff --git a/sshd_config.5 b/sshd_config.5 index 480b756c802e..4b6955a3b19e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.388 2025/12/08 00:45:00 djm Exp $ +.\" $OpenBSD: sshd_config.5,v 1.389 2025/12/08 03:55:22 djm Exp $ .Dd $Mdocdate: December 8 2025 $ .Dt SSHD_CONFIG 5 .Os @@ -747,6 +747,9 @@ Specifies whether to automatically destroy the user's credentials cache on logout. The default is .Cm yes . +.It Cm GSSAPIDelegateCredentials +Accept delegated credentials on the server side. The default is +.CM yes . .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. From 49480f1934f8cf994afa646d4bcbd22ac08bb6af Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 16 Dec 2025 08:32:50 +0000 Subject: [PATCH 472/687] upstream: Add 'invaliduser' penalty to PerSourcePenalties, which is applied to login attempts for usernames that do not match real accounts. Defaults to 5s to match 'authfail' but allows administrators to block such sources for longer if desired. with & ok djm@ OpenBSD-Commit-ID: bb62797bcf2adceb96f608ce86d0bb042aff5834 --- monitor.c | 18 ++++++++++++++++-- monitor.h | 5 ++++- servconf.c | 9 ++++++++- servconf.h | 3 ++- srclimit.c | 6 +++++- srclimit.h | 2 ++ sshd-session.c | 8 ++++---- sshd.c | 8 +++++++- sshd_config.5 | 7 +++++-- 9 files changed, 53 insertions(+), 13 deletions(-) diff --git a/monitor.c b/monitor.c index a9e854bec831..3867b438b330 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.249 2025/09/25 06:45:50 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.250 2025/12/16 08:32:50 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -155,7 +155,8 @@ static char *auth_submethod = NULL; static u_int session_id2_len = 0; static u_char *session_id2 = NULL; static pid_t monitor_child_pid; -int auth_attempted = 0; +static int auth_attempted = 0; +static int invalid_user = 0; struct mon_table { enum monitor_reqtype type; @@ -855,6 +856,7 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) sshbuf_reset(m); if (pwent == NULL) { + invalid_user = 1; if ((r = sshbuf_put_u8(m, 0)) != 0) fatal_fr(r, "assemble fakepw"); authctxt->pw = fakepw(); @@ -1944,6 +1946,18 @@ monitor_reinit(struct monitor *mon) monitor_openfds(mon, 0); } +int +monitor_auth_attempted(void) +{ + return auth_attempted; +} + +int +monitor_invalid_user(void) +{ + return invalid_user; +} + #ifdef GSSAPI int mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) diff --git a/monitor.h b/monitor.h index 3f8a9bea30c6..dc7cd5c7eb03 100644 --- a/monitor.h +++ b/monitor.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.h,v 1.24 2024/05/17 00:30:24 djm Exp $ */ +/* $OpenBSD: monitor.h,v 1.26 2025/12/16 08:32:50 dtucker Exp $ */ /* * Copyright 2002 Niels Provos @@ -88,6 +88,9 @@ void monitor_child_postauth(struct ssh *, struct monitor *); void monitor_clear_keystate(struct ssh *, struct monitor *); void monitor_apply_keystate(struct ssh *, struct monitor *); +int monitor_auth_attempted(void); +int monitor_invalid_user(void); + /* Prototypes for request sending and receiving */ void mm_request_send(int, enum monitor_reqtype, struct sshbuf *); void mm_request_receive(int, struct sshbuf *); diff --git a/servconf.c b/servconf.c index e74e3ecfbb12..1b8cfa4b62ed 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.439 2025/12/08 03:55:22 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.440 2025/12/16 08:32:50 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -176,6 +176,7 @@ initialize_server_options(ServerOptions *options) options->per_source_penalty.overflow_mode6 = -1; options->per_source_penalty.penalty_crash = -1.0; options->per_source_penalty.penalty_authfail = -1.0; + options->per_source_penalty.penalty_invaliduser = -1.0; options->per_source_penalty.penalty_noauth = -1.0; options->per_source_penalty.penalty_grace = -1.0; options->per_source_penalty.penalty_refuseconnection = -1.0; @@ -438,6 +439,8 @@ fill_default_server_options(ServerOptions *options) options->per_source_penalty.penalty_grace = 10.0; if (options->per_source_penalty.penalty_authfail < 0.0) options->per_source_penalty.penalty_authfail = 5.0; + if (options->per_source_penalty.penalty_invaliduser < 0.0) + options->per_source_penalty.penalty_invaliduser = 5.0; if (options->per_source_penalty.penalty_noauth < 0.0) options->per_source_penalty.penalty_noauth = 1.0; if (options->per_source_penalty.penalty_refuseconnection < 0.0) @@ -2115,6 +2118,8 @@ process_server_config_line_depth(ServerOptions *options, char *line, doubleptr = &options->per_source_penalty.penalty_crash; } else if ((q = strprefix(arg, "authfail:", 0)) != NULL) { doubleptr = &options->per_source_penalty.penalty_authfail; + } else if ((q = strprefix(arg, "invaliduser:", 0)) != NULL) { + doubleptr = &options->per_source_penalty.penalty_invaliduser; } else if ((q = strprefix(arg, "noauth:", 0)) != NULL) { doubleptr = &options->per_source_penalty.penalty_noauth; } else if ((q = strprefix(arg, "grace-exceeded:", 0)) != NULL) { @@ -3430,12 +3435,14 @@ dump_config(ServerOptions *o) if (o->per_source_penalty.enabled) { printf("persourcepenalties crash:%f authfail:%f noauth:%f " + "invaliduser:%f " "grace-exceeded:%f refuseconnection:%f max:%f min:%f " "max-sources4:%d max-sources6:%d " "overflow:%s overflow6:%s\n", o->per_source_penalty.penalty_crash, o->per_source_penalty.penalty_authfail, o->per_source_penalty.penalty_noauth, + o->per_source_penalty.penalty_invaliduser, o->per_source_penalty.penalty_grace, o->per_source_penalty.penalty_refuseconnection, o->per_source_penalty.penalty_max, diff --git a/servconf.h b/servconf.h index 1005b0070b98..73d952f095c6 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.171 2025/12/08 03:55:22 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.172 2025/12/16 08:32:50 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -76,6 +76,7 @@ struct per_source_penalty { double penalty_crash; double penalty_grace; double penalty_authfail; + double penalty_invaliduser; double penalty_noauth; double penalty_refuseconnection; double penalty_max; diff --git a/srclimit.c b/srclimit.c index c6a553beb56d..dacc570aa406 100644 --- a/srclimit.c +++ b/srclimit.c @@ -382,6 +382,10 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) penalty_secs = penalty_cfg.penalty_noauth; reason = "penalty: connections without attempting authentication"; break; + case SRCLIMIT_PENALTY_INVALIDUSER: + penalty_secs = penalty_cfg.penalty_invaliduser; + reason = "penalty: attempted authentication by invalid user"; + break; case SRCLIMIT_PENALTY_REFUSECONNECTION: penalty_secs = penalty_cfg.penalty_refuseconnection; reason = "penalty: connection prohibited by RefuseConnection"; @@ -434,7 +438,7 @@ srclimit_penalise(struct xaddr *addr, int penalty_type) fatal_f("internal error: %s penalty tables corrupt", t); do_log2_f(penalty->active ? SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE, - "%s: new %s %s penalty of %f seconds for %s", t, + "%s: new %s %s penalty of %.3f seconds for %s", t, addrnetmask, penalty->active ? "active" : "deferred", penalty_secs, reason); if (++(*npenaltiesp) > (size_t)max_sources) diff --git a/srclimit.h b/srclimit.h index 77d951ba66ea..3e083df4413e 100644 --- a/srclimit.h +++ b/srclimit.h @@ -28,12 +28,14 @@ void srclimit_done(int); #define SRCLIMIT_PENALTY_GRACE_EXCEEDED 3 #define SRCLIMIT_PENALTY_NOAUTH 4 #define SRCLIMIT_PENALTY_REFUSECONNECTION 5 +#define SRCLIMIT_PENALTY_INVALIDUSER 6 /* meaningful exit values, used by sshd listener for penalties */ #define EXIT_LOGIN_GRACE 3 /* login grace period exceeded */ #define EXIT_CHILD_CRASH 4 /* preauth child crashed */ #define EXIT_AUTH_ATTEMPTED 5 /* at least one auth attempt made */ #define EXIT_CONFIG_REFUSED 6 /* sshd_config RefuseConnection */ +#define EXIT_INVALID_USER 7 /* invalid user supplied */ void srclimit_penalise(struct xaddr *, int); int srclimit_penalty_check_allow(int, const char **); diff --git a/sshd-session.c b/sshd-session.c index 70a8766831fe..5d384fa2f986 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.17 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.18 2025/12/16 08:32:50 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -1375,8 +1375,6 @@ sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey, void cleanup_exit(int i) { - extern int auth_attempted; /* monitor.c */ - if (the_active_state != NULL && the_authctxt != NULL) { do_cleanup(the_active_state, the_authctxt); if (privsep_is_preauth && @@ -1395,7 +1393,9 @@ cleanup_exit(int i) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif /* Override default fatal exit value when auth was attempted */ - if (i == 255 && auth_attempted) + if (i == 255 && monitor_auth_attempted()) _exit(EXIT_AUTH_ATTEMPTED); + if (i == 255 && monitor_invalid_user()) + _exit(EXIT_INVALID_USER); _exit(i); } diff --git a/sshd.c b/sshd.c index 8a84ff69b78e..03c40f66ca8e 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.623 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.624 2025/12/16 08:32:50 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -399,6 +399,12 @@ child_reap(struct early_child *child) "after unsuccessful auth attempt%s", (long)child->pid, child->id, child_status); break; + case EXIT_INVALID_USER: + penalty_type = SRCLIMIT_PENALTY_INVALIDUSER; + debug_f("preauth child %ld for %s exited " + "after auth attempt by invalid user%s", + (long)child->pid, child->id, child_status); + break; case EXIT_CONFIG_REFUSED: penalty_type = SRCLIMIT_PENALTY_REFUSECONNECTION; debug_f("preauth child %ld for %s prohibited by" diff --git a/sshd_config.5 b/sshd_config.5 index 4b6955a3b19e..8108dc2daff5 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.389 2025/12/08 03:55:22 djm Exp $ -.Dd $Mdocdate: December 8 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.390 2025/12/16 08:32:50 dtucker Exp $ +.Dd $Mdocdate: December 16 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1622,6 +1622,9 @@ Specifies how long to refuse clients that cause a crash of .It Cm authfail:duration Specifies how long to refuse clients that disconnect after making one or more unsuccessful authentication attempts (default: 5s). +.It Cm invaliduser:duration +Specifies how long to refuse clients that attempt to log in with an invalid +user (default: 5s). .It Cm refuseconnection:duration Specifies how long to refuse clients that were administratively prohibited connection via the From f878d7ccc25b02a39e6766f5dd405d5de6fb106c Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 16 Dec 2025 08:36:43 +0000 Subject: [PATCH 473/687] upstream: Plug leak in ssh_digest_memory on error path. Bonehead mistake spotted by otto@, ok djm@ OpenBSD-Commit-ID: 4ad67ac402e0b4c013f4f4e386d22b88969a5dd7 --- digest-libc.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/digest-libc.c b/digest-libc.c index b187bc9faf2c..6e62af7f227e 100644 --- a/digest-libc.c +++ b/digest-libc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-libc.c,v 1.8 2025/09/05 09:31:31 dtucker Exp $ */ +/* $OpenBSD: digest-libc.c,v 1.9 2025/12/16 08:36:43 dtucker Exp $ */ /* * Copyright (c) 2013 Damien Miller * Copyright (c) 2014 Markus Friedl. All rights reserved. @@ -248,14 +248,15 @@ int ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen) { struct ssh_digest_ctx *ctx = ssh_digest_start(alg); + int ret = 0; if (ctx == NULL) return SSH_ERR_INVALID_ARGUMENT; if (ssh_digest_update(ctx, m, mlen) != 0 || ssh_digest_final(ctx, d, dlen) != 0) - return SSH_ERR_INVALID_ARGUMENT; + ret = SSH_ERR_INVALID_ARGUMENT; ssh_digest_free(ctx); - return 0; + return ret; } int From 3ab346aa6d9030379df3ec1ed0b0ce608f952c5f Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Thu, 18 Dec 2025 23:51:56 +0000 Subject: [PATCH 474/687] upstream: fix markup, .CM -> .Cm OpenBSD-Commit-ID: 4db8cb254792df8a4dce11825852e089ae3d053a --- sshd_config.5 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 8108dc2daff5..e9419b72c07e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.390 2025/12/16 08:32:50 dtucker Exp $ -.Dd $Mdocdate: December 16 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.391 2025/12/18 23:51:56 jsg Exp $ +.Dd $Mdocdate: December 18 2025 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -749,7 +749,7 @@ The default is .Cm yes . .It Cm GSSAPIDelegateCredentials Accept delegated credentials on the server side. The default is -.CM yes . +.Cm yes . .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. From 4c9de155ce1d35c9e3c05223cc093580f9efff9a Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Thu, 18 Dec 2025 23:54:10 +0000 Subject: [PATCH 475/687] upstream: new sentence, new line OpenBSD-Commit-ID: 23974d7c98b2ba4fea7f5143676c34e04ffd4128 --- sshd_config.5 | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index e9419b72c07e..8a51582a5a9e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.391 2025/12/18 23:51:56 jsg Exp $ +.\" $OpenBSD: sshd_config.5,v 1.392 2025/12/18 23:54:10 jsg Exp $ .Dd $Mdocdate: December 18 2025 $ .Dt SSHD_CONFIG 5 .Os @@ -748,7 +748,8 @@ on logout. The default is .Cm yes . .It Cm GSSAPIDelegateCredentials -Accept delegated credentials on the server side. The default is +Accept delegated credentials on the server side. +The default is .Cm yes . .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor From 4e0f2dee54d210dc44f72f73e703c6dc5348a406 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Dec 2025 00:48:04 +0000 Subject: [PATCH 476/687] upstream: detect invalid sshd_config Subsystem directives inside Match blocks at startup rather than failing later at runtime; noticed via bz#3906; ok dtucker OpenBSD-Commit-ID: e6035ff0baa375de6c9f22c883ed530a8649dfed --- servconf.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/servconf.c b/servconf.c index 1b8cfa4b62ed..57a14294c677 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.440 2025/12/16 08:32:50 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.441 2025/12/19 00:48:04 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1958,8 +1958,8 @@ process_server_config_line_depth(ServerOptions *options, char *line, break; case sSubsystem: - arg = argv_next(&ac, &av); - if (!arg || *arg == '\0') + if ((arg = argv_next(&ac, &av)) == NULL || *arg == '\0' || + ((arg2 = argv_next(&ac, &av)) == NULL || *arg == '\0')) fatal("%s line %d: %s missing argument.", filename, linenum, keyword); if (!*activep) { @@ -1992,15 +1992,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, options->num_subsystems + 1, sizeof(*options->subsystem_args)); options->subsystem_name[options->num_subsystems] = xstrdup(arg); - arg = argv_next(&ac, &av); - if (!arg || *arg == '\0') { - fatal("%s line %d: Missing subsystem command.", - filename, linenum); - } options->subsystem_command[options->num_subsystems] = - xstrdup(arg); + xstrdup(arg2); /* Collect arguments (separate to executable) */ - arg = argv_assemble(1, &arg); /* quote command correctly */ + arg = argv_assemble(1, &arg2); /* quote command correctly */ arg2 = argv_assemble(ac, av); /* rest of command */ xasprintf(&options->subsystem_args[options->num_subsystems], "%s%s%s", arg, *arg2 == '\0' ? "" : " ", arg2); From 831e6db69ff8625b6e81c2809aa082abbab6c0b1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Dec 2025 00:56:34 +0000 Subject: [PATCH 477/687] upstream: don't crash at connection time if the main sshd_config lacks any subsystem directive but one is defined in a Match block bz#3906; ok dtucker OpenBSD-Commit-ID: 2eb9024726d6f10eaa41958faeca9c9ba5ca7d8a --- monitor.c | 4 ++-- monitor_wrap.c | 6 +++--- servconf.c | 7 ++++--- servconf.h | 33 +++++++++++++++++---------------- 4 files changed, 26 insertions(+), 24 deletions(-) diff --git a/monitor.c b/monitor.c index 3867b438b330..eac5aa819578 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.250 2025/12/16 08:32:50 dtucker Exp $ */ +/* $OpenBSD: monitor.c,v 1.251 2025/12/19 00:56:34 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -822,7 +822,7 @@ mm_encode_server_options(struct sshbuf *m) (r = sshbuf_put_cstring(m, options.x)) != 0) \ fatal_fr(r, "assemble %s", #x); \ } while (0) -#define M_CP_STRARRAYOPT(x, nx) do { \ +#define M_CP_STRARRAYOPT(x, nx, clobber) do { \ for (i = 0; i < options.nx; i++) { \ if ((r = sshbuf_put_cstring(m, options.x[i])) != 0) \ fatal_fr(r, "assemble %s", #x); \ diff --git a/monitor_wrap.c b/monitor_wrap.c index e5b620d9cb35..a5c6308be818 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.143 2025/10/09 03:23:33 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.144 2025/12/19 00:56:34 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -305,7 +305,7 @@ mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m) (r = sshbuf_get_cstring(m, &newopts->x, NULL)) != 0) \ fatal_fr(r, "parse %s", #x); \ } while (0) -#define M_CP_STRARRAYOPT(x, nx) do { \ +#define M_CP_STRARRAYOPT(x, nx, clobber) do { \ newopts->x = newopts->nx == 0 ? \ NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \ for (i = 0; i < newopts->nx; i++) { \ @@ -327,7 +327,7 @@ mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m) /* use the macro hell to clean up too */ #define M_CP_STROPT(x) free(newopts->x) -#define M_CP_STRARRAYOPT(x, nx) do { \ +#define M_CP_STRARRAYOPT(x, nx, clobber) do { \ for (i = 0; i < newopts->nx; i++) \ free(newopts->x[i]); \ free(newopts->x); \ diff --git a/servconf.c b/servconf.c index 57a14294c677..3452e1a3013c 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.441 2025/12/19 00:48:04 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.442 2025/12/19 00:56:34 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2992,7 +2992,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) dst->n = xstrdup(src->n); \ } \ } while(0) -#define M_CP_STRARRAYOPT(s, num_s) do {\ +#define M_CP_STRARRAYOPT(s, num_s, clobber) do {\ u_int i; \ if (src->num_s != 0) { \ for (i = 0; i < dst->num_s; i++) \ @@ -3001,7 +3001,8 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \ for (i = 0; i < src->num_s; i++) \ dst->s[i] = xstrdup(src->s[i]); \ - dst->num_s = src->num_s; \ + if (clobber) \ + dst->num_s = src->num_s; \ } \ } while(0) diff --git a/servconf.h b/servconf.h index 73d952f095c6..bf47f838edaf 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.172 2025/12/16 08:32:50 dtucker Exp $ */ +/* $OpenBSD: servconf.h,v 1.173 2025/12/19 00:56:34 djm Exp $ */ /* * Author: Tatu Ylonen @@ -303,21 +303,22 @@ TAILQ_HEAD(include_list, include_item); M_CP_STROPT(routing_domain); \ M_CP_STROPT(permit_user_env_allowlist); \ M_CP_STROPT(pam_service_name); \ - M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ - M_CP_STRARRAYOPT(allow_users, num_allow_users); \ - M_CP_STRARRAYOPT(deny_users, num_deny_users); \ - M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \ - M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \ - M_CP_STRARRAYOPT(accept_env, num_accept_env); \ - M_CP_STRARRAYOPT(setenv, num_setenv); \ - M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ - M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \ - M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \ - M_CP_STRARRAYOPT(channel_timeouts, num_channel_timeouts); \ - M_CP_STRARRAYOPT(log_verbose, num_log_verbose); \ - M_CP_STRARRAYOPT(subsystem_name, num_subsystems); \ - M_CP_STRARRAYOPT(subsystem_command, num_subsystems); \ - M_CP_STRARRAYOPT(subsystem_args, num_subsystems); \ + M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files, 1);\ + M_CP_STRARRAYOPT(allow_users, num_allow_users, 1); \ + M_CP_STRARRAYOPT(deny_users, num_deny_users, 1); \ + M_CP_STRARRAYOPT(allow_groups, num_allow_groups, 1); \ + M_CP_STRARRAYOPT(deny_groups, num_deny_groups, 1); \ + M_CP_STRARRAYOPT(accept_env, num_accept_env, 1); \ + M_CP_STRARRAYOPT(setenv, num_setenv, 1); \ + M_CP_STRARRAYOPT(auth_methods, num_auth_methods, 1); \ + M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens, 1); \ + M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens, 1); \ + M_CP_STRARRAYOPT(channel_timeouts, num_channel_timeouts, 1); \ + M_CP_STRARRAYOPT(log_verbose, num_log_verbose, 1); \ + /* Note: don't clobber num_subsystems until all copies */ \ + M_CP_STRARRAYOPT(subsystem_name, num_subsystems, 0); \ + M_CP_STRARRAYOPT(subsystem_command, num_subsystems, 0); \ + M_CP_STRARRAYOPT(subsystem_args, num_subsystems, 1); \ } while (0) void initialize_server_options(ServerOptions *); From 81e5bb8d93f2d8361bd7f4b034044ad8ee4ded0e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Dec 2025 00:48:47 +0000 Subject: [PATCH 478/687] upstream: check that invalid subsystem directives inside Match blocks are noticed at startup; bz#3906 OpenBSD-Regress-ID: b9171bde4cc24757a826b3da0e9eadc33995a453 --- regress/cfgmatch.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh index 8b9d80f0a239..aa59f91491b5 100644 --- a/regress/cfgmatch.sh +++ b/regress/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.15 2025/07/11 23:26:59 djm Exp $ +# $OpenBSD: cfgmatch.sh,v 1.16 2025/12/19 00:48:47 djm Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -160,3 +160,13 @@ EOD fi done done + +# Ensure that invalid subsystems are detected at startup +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Match host blah + Subsystem invalid +_EOF +$SSHD -tf $OBJ/sshd_proxy 2>/dev/null && \ + fail "sshd_config accepted invalid subsystem" + From 345892ba2e8efea4be03675c866395bee251c117 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Dec 2025 00:57:42 +0000 Subject: [PATCH 479/687] upstream: regression test for bz3906: sshd crashing at connection time if the config lacks a subsystem directive but one is defined in a match block. OpenBSD-Regress-ID: 5290553665307ccddaec2499ec1eb196bb2efc84 --- regress/cfgmatch.sh | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh index aa59f91491b5..d627c37a3fa7 100644 --- a/regress/cfgmatch.sh +++ b/regress/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.16 2025/12/19 00:48:47 djm Exp $ +# $OpenBSD: cfgmatch.sh,v 1.17 2025/12/19 00:57:42 djm Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -9,6 +9,8 @@ fwd="-L $fwdport:127.0.0.1:$PORT" echo "ExitOnForwardFailure=yes" >> $OBJ/ssh_config echo "ExitOnForwardFailure=yes" >> $OBJ/ssh_proxy +cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak +cp $OBJ/sshd_config $OBJ/sshd_config_bak start_client() { @@ -38,7 +40,6 @@ stop_client() wait } -cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak echo "PermitOpen 127.0.0.1:1 # comment" >>$OBJ/sshd_config echo "Match Address 127.0.0.1" >>$OBJ/sshd_config echo "PermitOpen 127.0.0.1:2 127.0.0.1:3 127.0.0.1:$PORT" >>$OBJ/sshd_config @@ -170,3 +171,11 @@ _EOF $SSHD -tf $OBJ/sshd_proxy 2>/dev/null && \ fail "sshd_config accepted invalid subsystem" +# A single subsystem inside a match block doesn't cause a crash (bz3906) +stop_sshd +grep -vi subsystem $OBJ/sshd_config_bak > $OBJ/sshd_config +echo "Match host *" >> $OBJ/sshd_config +grep -i subsystem $OBJ/sshd_config_bak >> $OBJ/sshd_config +start_sshd +${SSH} -q -F $OBJ/ssh_config somehost true || fatal "ssh failed" + From 0b98be75dbb2ccb1c3146429c0077416c113b57d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Dec 2025 01:26:39 +0000 Subject: [PATCH 480/687] upstream: correctly check subsystem command is not the empty string (was repeatedly checking the subsystem name) spotted by Coverity (CID 898836) OpenBSD-Commit-ID: dabea2b499de8280f76f7291dd52086df6831cb0 --- servconf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/servconf.c b/servconf.c index 3452e1a3013c..94184b5b479e 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.442 2025/12/19 00:56:34 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.443 2025/12/19 01:26:39 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1959,7 +1959,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, case sSubsystem: if ((arg = argv_next(&ac, &av)) == NULL || *arg == '\0' || - ((arg2 = argv_next(&ac, &av)) == NULL || *arg == '\0')) + ((arg2 = argv_next(&ac, &av)) == NULL || *arg2 == '\0')) fatal("%s line %d: %s missing argument.", filename, linenum, keyword); if (!*activep) { From b652322cdc5e94f059b37a8fb87e44ccb1cdff33 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Dec 2025 01:27:19 +0000 Subject: [PATCH 481/687] upstream: typo in comment OpenBSD-Commit-ID: f72306b86953e74f358096db141b4f9c00d33ed7 --- servconf.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/servconf.h b/servconf.h index bf47f838edaf..e1ccc04314a1 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.173 2025/12/19 00:56:34 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.174 2025/12/19 01:27:19 djm Exp $ */ /* * Author: Tatu Ylonen @@ -315,7 +315,7 @@ TAILQ_HEAD(include_list, include_item); M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens, 1); \ M_CP_STRARRAYOPT(channel_timeouts, num_channel_timeouts, 1); \ M_CP_STRARRAYOPT(log_verbose, num_log_verbose, 1); \ - /* Note: don't clobber num_subsystems until all copies */ \ + /* Note: don't clobber num_subsystems until all copied */ \ M_CP_STRARRAYOPT(subsystem_name, num_subsystems, 0); \ M_CP_STRARRAYOPT(subsystem_command, num_subsystems, 0); \ M_CP_STRARRAYOPT(subsystem_args, num_subsystems, 1); \ From daf6bdd34b59f640d2af0fd230da69f1cbad33b4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 01:17:31 +0000 Subject: [PATCH 482/687] upstream: add a "ssh -O channels user@host" multiplexing command to get a running mux process to show information about what channels are currently open; ok dtucker@ markus@ OpenBSD-Commit-ID: 80bb3953b306a50839f9a4bc5679faebc32e5bb8 --- clientloop.h | 3 ++- mux.c | 21 ++++++++++++++------- ssh.1 | 6 ++++-- ssh.c | 4 +++- 4 files changed, 23 insertions(+), 11 deletions(-) diff --git a/clientloop.h b/clientloop.h index 1f550b35cd1e..a2dc8758c265 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.39 2025/12/05 06:16:27 dtucker Exp $ */ +/* $OpenBSD: clientloop.h,v 1.40 2025/12/22 01:17:31 djm Exp $ */ /* * Author: Tatu Ylonen @@ -76,6 +76,7 @@ void client_expect_confirm(struct ssh *, int, const char *, #define SSHMUX_COMMAND_CANCEL_FWD 7 /* Cancel forwarding(s) */ #define SSHMUX_COMMAND_PROXY 8 /* Open new connection */ #define SSHMUX_COMMAND_CONNINFO 9 /* Show connection information */ +#define SSHMUX_COMMAND_CHANINFO 10 /* Show channels information */ void muxserver_listen(struct ssh *); int muxclient(const char *); diff --git a/mux.c b/mux.c index 53cbab0fc87d..bbeb505b46d8 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.108 2025/12/05 06:16:27 dtucker Exp $ */ +/* $OpenBSD: mux.c,v 1.109 2025/12/22 01:17:31 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -527,6 +527,10 @@ mux_master_process_ext_info(struct ssh *ssh, u_int rid, if ((msg = connection_info_message(ssh)) == NULL) fatal_f("connection_info_message"); status = 1; + } else if (strcmp(name, "channels") == 0) { + if ((msg = channel_open_message(ssh)) == NULL) + fatal_f("channel_open_message"); + status = 1; } else { msg = xstrdup("info request type not supported"); } @@ -2369,7 +2373,7 @@ muxclient(const char *path) struct sockaddr_un addr; int sock, timeout = options.connection_timeout, timeout_ms = -1; u_int pid; - char *conninfo = NULL; + char *info = NULL; if (muxclient_command == 0) { if (options.stdio_forward_host != NULL) @@ -2441,12 +2445,15 @@ muxclient(const char *path) fprintf(stderr, "Master running (pid=%u)\r\n", pid); exit(0); case SSHMUX_COMMAND_CONNINFO: + case SSHMUX_COMMAND_CHANINFO: if (!(extensions & MUX_EXT_INFO)) - fatal("mux server does not support conninfo"); - conninfo = mux_client_request_info(sock, "connection"); - if (conninfo == NULL) - fatal_f("connection info request failed"); - printf("%s", conninfo); + fatal("mux server does not support info request"); + info = mux_client_request_info(sock, + muxclient_command == SSHMUX_COMMAND_CONNINFO ? + "connection" : "channels"); + if (info == NULL) + fatal_f("info request failed"); + printf("%s", info); exit(0); case SSHMUX_COMMAND_TERMINATE: mux_client_request_terminate(sock); diff --git a/ssh.1 b/ssh.1 index ac218cc51340..82ae5480c3ee 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.446 2025/12/05 06:16:27 dtucker Exp $ -.Dd $Mdocdate: December 5 2025 $ +.\" $OpenBSD: ssh.1,v 1.447 2025/12/22 01:17:31 djm Exp $ +.Dd $Mdocdate: December 22 2025 $ .Dt SSH 1 .Os .Sh NAME @@ -488,6 +488,8 @@ Valid commands are: (check that the master process is running), .Dq conninfo (report information about the master connection), +.Dq channels +(report information about open channels), .Dq forward (request forwardings without command execution), .Dq cancel diff --git a/ssh.c b/ssh.c index 461b60975b1a..0b1a6e158fac 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.621 2025/12/05 06:16:27 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.622 2025/12/22 01:17:31 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -819,6 +819,8 @@ main(int ac, char **av) muxclient_command = SSHMUX_COMMAND_ALIVE_CHECK; else if (strcmp(optarg, "conninfo") == 0) muxclient_command = SSHMUX_COMMAND_CONNINFO; + else if (strcmp(optarg, "channels") == 0) + muxclient_command = SSHMUX_COMMAND_CHANINFO; else if (strcmp(optarg, "forward") == 0) muxclient_command = SSHMUX_COMMAND_FORWARD; else if (strcmp(optarg, "exit") == 0) From aaac8c61c18124eb5fb8a2cff1e85dea2db6c147 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 01:20:39 +0000 Subject: [PATCH 483/687] upstream: Don't misuse the sftp limits extension's open-handles field. This value is supposed to be the number of handles a server will allow to be opened and not a number of outstanding read/write requests that can be sent during an upload/download. ok markus@ OpenBSD-Commit-ID: 14ebb6690acbd488e748ce8ce3302bd7e1e8a5b0 --- sftp-client.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/sftp-client.c b/sftp-client.c index 840170ab63e3..21f5330900c5 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.180 2025/09/30 00:10:42 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.181 2025/12/22 01:20:39 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -571,17 +571,6 @@ sftp_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, (unsigned long long)limits.read_length, ret->upload_buflen, ret->download_buflen); } - - /* Use the server limit to scale down our value only */ - if (num_requests == 0 && limits.open_handles) { - ret->num_requests = - MINIMUM(DEFAULT_NUM_REQUESTS, limits.open_handles); - if (ret->num_requests == 0) - ret->num_requests = 1; - debug3("server handle limit %llu; using %u", - (unsigned long long)limits.open_handles, - ret->num_requests); - } } /* Some filexfer v.0 servers don't support large packets */ From 5166b6cbf2b6103117a79f90a68068e89e02bf66 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 01:49:03 +0000 Subject: [PATCH 484/687] upstream: When certificate support was added to OpenSSH, certificates were originally specified to represent any principal if the principals list was empty. This was, in retrospect, a mistake as it created a fail-open situation if a CA could be convinced to accidentally sign a certificate with no principals. This actually happened in a 3rd- party CA product (CVE-2024-7594). Somewhat fortunately, the main pathway for using certificates in sshd (TrustedUserCAKeys) never supported empty-principals certificates, so the blast radius of such mistakes was substantially reduced. This change removes this footcannon and requires all certificates include principals sections. It also fixes interpretation of wildcard principals, and properly enables them for host certificates only. This is a behaviour change that will permanently break uses of certificates with empty principals sections. ok markus@ OpenBSD-Commit-ID: 0a901f03c567c100724a492cf91e02939904712e --- auth2-hostbased.c | 6 ++--- auth2-pubkey.c | 4 ++-- auth2-pubkeyfile.c | 4 ++-- ssh-agent.c | 4 ++-- ssh-keygen.1 | 34 +++++++++++++++++++-------- ssh-keygen.c | 11 ++++++++- sshconnect.c | 4 ++-- sshkey.c | 57 ++++++++++++++++++++++------------------------ sshkey.h | 8 +++---- sshsig.c | 8 +++---- 10 files changed, 80 insertions(+), 60 deletions(-) diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 9d8b860eb14e..e2ed8b3eb665 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.55 2025/08/14 09:26:53 dtucker Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.56 2025/12/22 01:49:03 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -211,8 +211,8 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, } debug2_f("access allowed by auth_rhosts2"); - if (sshkey_is_cert(key) && - sshkey_cert_check_authority_now(key, 1, 0, 0, lookup, &reason)) { + if (sshkey_is_cert(key) && sshkey_cert_check_host(key, lookup, + options.ca_sign_algorithms, &reason) != 0) { if ((fp = sshkey_fingerprint(key->cert->signature_key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) fatal_f("sshkey_fingerprint fail"); diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 15ad3000c6cd..5d5d79196a09 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.124 2025/08/14 09:44:39 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.125 2025/12/22 01:49:03 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -562,7 +562,7 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key, } if (use_authorized_principals && principals_opts == NULL) fatal_f("internal error: missing principals_opts"); - if (sshkey_cert_check_authority_now(key, 0, 1, 0, + if (sshkey_cert_check_authority_now(key, 0, 0, use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) goto fail_reason; diff --git a/auth2-pubkeyfile.c b/auth2-pubkeyfile.c index 9d59e566658e..896ea19967de 100644 --- a/auth2-pubkeyfile.c +++ b/auth2-pubkeyfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkeyfile.c,v 1.6 2025/08/14 10:03:44 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkeyfile.c,v 1.7 2025/12/22 01:49:03 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -364,7 +364,7 @@ auth_check_authkey_line(struct passwd *pw, struct sshkey *key, reason = "Certificate does not contain an authorized principal"; goto cert_fail_reason; } - if (sshkey_cert_check_authority_now(key, 0, 0, 0, + if (sshkey_cert_check_authority_now(key, 0, 0, keyopts->cert_principals == NULL ? pw->pw_name : NULL, &reason) != 0) goto cert_fail_reason; diff --git a/ssh-agent.c b/ssh-agent.c index cd569c33ac10..963f4feb32b2 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.315 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.316 2025/12/22 01:49:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -392,7 +392,7 @@ match_key_hop(const char *tag, const struct sshkey *key, return -1; /* shouldn't happen */ if (!sshkey_equal(key->cert->signature_key, dch->keys[i])) continue; - if (sshkey_cert_check_host(key, hostname, 1, + if (sshkey_cert_check_host(key, hostname, SSH_ALLOWED_CA_SIGALGS, &reason) != 0) { debug_f("cert %s / hostname %s rejected: %s", key->cert->key_id, hostname, reason); diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 7ceb1db959fb..c5f3f741017f 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.236 2025/10/04 21:41:35 naddy Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.237 2025/12/22 01:49:03 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: October 4 2025 $ +.Dd $Mdocdate: December 22 2025 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -902,15 +902,29 @@ User certificates authenticate users to servers, whereas host certificates authenticate server hosts to users. To generate a user certificate: .Pp -.Dl $ ssh-keygen -s /path/to/ca_key -I key_id /path/to/user_key.pub +.Dl $ ssh-keygen -s /path/to/ca_key -I id -n user \e +.Dl \ \ \ \ \ \ /path/to/user_key.pub .Pp The resultant certificate will be placed in .Pa /path/to/user_key-cert.pub . +The argument to +.Fl I +is a key identifier that will be used in logs and may be used to revoke +keys. +The argument to +.Fl n +is one or more (comma-separated) principals, typically usernames, that +the certificate represents. A host certificate requires the .Fl h option: .Pp -.Dl $ ssh-keygen -s /path/to/ca_key -I key_id -h /path/to/host_key.pub +.Dl $ ssh-keygen -s /path/to/ca_key -I id -h -n foo.example.org \e +.Dl \ \ \ \ \ \ /path/to/host_key.pub +.Pp +For host certificates, the principals specified using the +.Fl n +argument are hostnames and may contain wildcard characters. .Pp The host certificate will be output to .Pa /path/to/host_key-cert.pub . @@ -922,7 +936,8 @@ and identifying the CA key by providing its public half as an argument to .Fl s : .Pp -.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub +.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I id -n user \e +.Dl \ \ \ \ \ \ user_key.pub .Pp Similarly, it is possible for the CA key to be hosted in an .Xr ssh-agent 1 . @@ -930,20 +945,19 @@ This is indicated by the .Fl U flag and, again, the CA key must be identified by its public half. .Pp -.Dl $ ssh-keygen -Us ca_key.pub -I key_id user_key.pub +.Dl $ ssh-keygen -Us ca_key.pub -I id -n user user_key.pub .Pp In all cases, .Ar key_id is a "key identifier" that is logged by the server when the certificate is used for authentication. .Pp -Certificates may be limited to be valid for a set of principal (user/host) +Certificates are limited to be valid for a set of principal (user/host) names. -By default, generated certificates are valid for all users or hosts. To generate a certificate for a specified set of principals: .Pp -.Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub -.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub" +.Dl $ ssh-keygen -s ca_key -I id -n user1,user2 user_key.pub +.Dl $ ssh-keygen -s ca_key -I id -h -n host.domain host_key.pub .Pp Additional limitations on the validity and use of user certificates may be specified through certificate options. diff --git a/ssh-keygen.c b/ssh-keygen.c index 1a05876ab845..8d9e5f885db4 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.487 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.488 2025/12/22 01:49:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -3665,6 +3665,15 @@ main(int argc, char **argv) if (ca_key_path != NULL) { if (cert_key_id == NULL) fatal("Must specify key id (-I) when certifying"); + if (cert_principals == NULL) { + /* + * Ideally this would be a fatal(), but we need to + * be able to generate such certificates for testing + * even though they will be rejected. + */ + error("Warning: certificate will contain no " + "principals (-n)"); + } for (i = 0; i < nopts; i++) add_cert_option(opts[i]); do_ca_sign(pw, ca_key_path, prefer_agent, diff --git a/sshconnect.c b/sshconnect.c index 912a520c51bf..4b4a9018957c 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.376 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.377 2025/12/22 01:49:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1084,7 +1084,7 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo, if (want_cert) { if (sshkey_cert_check_host(host_key, options.host_key_alias == NULL ? - hostname : options.host_key_alias, 0, + hostname : options.host_key_alias, options.ca_sign_algorithms, &fail_reason) != 0) { error("%s", fail_reason); goto fail; diff --git a/sshkey.c b/sshkey.c index 791361474d6f..51706533206f 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.158 2025/11/25 01:08:35 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.159 2025/12/22 01:49:03 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2386,8 +2386,8 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg, int sshkey_cert_check_authority(const struct sshkey *k, - int want_host, int require_principal, int wildcard_pattern, - uint64_t verify_time, const char *name, const char **reason) + int want_host, int wildcard_pattern, uint64_t verify_time, + const char *name, const char **reason) { u_int i, principal_matches; @@ -2417,37 +2417,36 @@ sshkey_cert_check_authority(const struct sshkey *k, return SSH_ERR_KEY_CERT_INVALID; } if (k->cert->nprincipals == 0) { - if (require_principal) { - *reason = "Certificate lacks principal list"; - return SSH_ERR_KEY_CERT_INVALID; - } - } else if (name != NULL) { - principal_matches = 0; - for (i = 0; i < k->cert->nprincipals; i++) { - if (wildcard_pattern) { - if (match_pattern(k->cert->principals[i], - name)) { - principal_matches = 1; - break; - } - } else if (strcmp(name, k->cert->principals[i]) == 0) { + *reason = "Certificate lacks principal list"; + return SSH_ERR_KEY_CERT_INVALID; + } + if (name == NULL) + return 0; /* principal matching not requested */ + + principal_matches = 0; + for (i = 0; i < k->cert->nprincipals; i++) { + if (wildcard_pattern) { + if (match_pattern(name, k->cert->principals[i])) { principal_matches = 1; break; } + } else if (strcmp(name, k->cert->principals[i]) == 0) { + principal_matches = 1; + break; } - if (!principal_matches) { - *reason = "Certificate invalid: name is not a listed " - "principal"; - return SSH_ERR_KEY_CERT_INVALID; - } + } + if (!principal_matches) { + *reason = "Certificate invalid: name is not a listed " + "principal"; + return SSH_ERR_KEY_CERT_INVALID; } return 0; } int sshkey_cert_check_authority_now(const struct sshkey *k, - int want_host, int require_principal, int wildcard_pattern, - const char *name, const char **reason) + int want_host, int wildcard_pattern, const char *name, + const char **reason) { time_t now; @@ -2456,19 +2455,17 @@ sshkey_cert_check_authority_now(const struct sshkey *k, *reason = "Certificate invalid: not yet valid"; return SSH_ERR_KEY_CERT_INVALID; } - return sshkey_cert_check_authority(k, want_host, require_principal, - wildcard_pattern, (uint64_t)now, name, reason); + return sshkey_cert_check_authority(k, want_host, wildcard_pattern, + (uint64_t)now, name, reason); } int sshkey_cert_check_host(const struct sshkey *key, const char *host, - int wildcard_principals, const char *ca_sign_algorithms, - const char **reason) + const char *ca_sign_algorithms, const char **reason) { int r; - if ((r = sshkey_cert_check_authority_now(key, 1, 0, wildcard_principals, - host, reason)) != 0) + if ((r = sshkey_cert_check_authority_now(key, 1, 1, host, reason)) != 0) return r; if (sshbuf_len(key->cert->critical) != 0) { *reason = "Certificate contains unsupported critical options"; diff --git a/sshkey.h b/sshkey.h index c3262b896f06..37231847916a 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.70 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.71 2025/12/22 01:49:03 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -218,12 +218,12 @@ int sshkey_match_keyname_to_sigalgs(const char *, const char *); int sshkey_to_certified(struct sshkey *); int sshkey_drop_cert(struct sshkey *); int sshkey_cert_copy(const struct sshkey *, struct sshkey *); -int sshkey_cert_check_authority(const struct sshkey *, int, int, int, +int sshkey_cert_check_authority(const struct sshkey *, int, int, uint64_t, const char *, const char **); -int sshkey_cert_check_authority_now(const struct sshkey *, int, int, int, +int sshkey_cert_check_authority_now(const struct sshkey *, int, int, const char *, const char **); int sshkey_cert_check_host(const struct sshkey *, const char *, - int , const char *, const char **); + const char *, const char **); size_t sshkey_format_cert_validity(const struct sshkey_cert *, char *, size_t) __attribute__((__bounded__(__string__, 2, 3))); int sshkey_check_cert_sigtype(const struct sshkey *, const char *); diff --git a/sshsig.c b/sshsig.c index 3789c437baa0..5b267d07d684 100644 --- a/sshsig.c +++ b/sshsig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshsig.c,v 1.40 2025/09/25 06:23:19 jsg Exp $ */ +/* $OpenBSD: sshsig.c,v 1.41 2025/12/22 01:49:03 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -854,8 +854,8 @@ cert_filter_principals(const char *path, u_long linenum, while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') { /* Check certificate validity */ - if ((r = sshkey_cert_check_authority(cert, 0, 1, 0, - verify_time, NULL, &reason)) != 0) { + if ((r = sshkey_cert_check_authority(cert, 0, 0, verify_time, + NULL, &reason)) != 0) { debug("%s:%lu: principal \"%s\" not authorized: %s", path, linenum, cp, reason); continue; @@ -920,7 +920,7 @@ check_allowed_keys_line(const char *path, u_long linenum, char *line, sshkey_equal_public(sign_key->cert->signature_key, found_key)) { if (principal) { /* Match certificate CA key with specified principal */ - if ((r = sshkey_cert_check_authority(sign_key, 0, 1, 0, + if ((r = sshkey_cert_check_authority(sign_key, 0, 0, verify_time, principal, &reason)) != 0) { error("%s:%lu: certificate not authorized: %s", path, linenum, reason); From adca2f439827eb829652805f36e288b5b260ce1b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 01:31:07 +0000 Subject: [PATCH 485/687] upstream: don't try to test webauthn signatures. Nothing in OpenSSH generates these (yet) OpenBSD-Regress-ID: 48d59b7c4768c2a22ce3d8cf3b455e6ada9fc7b0 --- regress/test-exec.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 7206e74e88e9..577bc01afa1c 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.138 2025/12/07 02:49:41 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.139 2025/12/22 01:31:07 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -722,9 +722,9 @@ export EXTRA_AGENT_ARGS maybe_filter_sk() { if test -z "$SSH_SK_PROVIDER" ; then - grep -v ^sk + grep -v ^sk | grep -v ^webauthn else - cat + grep -v ^webauthn fi } From ecdf9b9f8e89aae65d4a12fe5a25c560eea08393 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 01:50:46 +0000 Subject: [PATCH 486/687] upstream: regression tests for certificates with empty principals sections (which are now unconditionally refused) and for certificates with wildcard principals (which should only be accepted in host certs) OpenBSD-Regress-ID: fdca88845a68424060547b4f9f32f90a7cf82e73 --- regress/cert-hostkey.sh | 28 +++++++++++++++++----------- regress/cert-userkey.sh | 9 ++++----- 2 files changed, 21 insertions(+), 16 deletions(-) diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index bfdd3588d98f..9061cc702a05 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-hostkey.sh,v 1.28 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.29 2025/12/22 01:50:46 djm Exp $ # Placed in the Public Domain. tid="certified host keys" @@ -208,9 +208,12 @@ kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert test_one() { - ident=$1 - result=$2 - sign_opts=$3 + ident="$1" + result="$2" + hosts="$3" + sign_opts="$4" + + test -z "$hosts" || sign_opts="$sign_opts -n $hosts" for kt in $PLAIN_TYPES; do case $ktype in @@ -243,13 +246,16 @@ test_one() { done } -test_one "user-certificate" failure "-n $HOSTS" -test_one "empty principals" success "-h" -test_one "wrong principals" failure "-h -n foo" -test_one "cert not yet valid" failure "-h -V20300101:20320101" -test_one "cert expired" failure "-h -V19800101:19900101" -test_one "cert valid interval" success "-h -V-1w:+2w" -test_one "cert has constraints" failure "-h -Oforce-command=false" +test_one "simple" success $HOSTS "-h" +test_one "wildcard" success "loc*" "-h" +test_one "user-certificate" failure $HOSTS +test_one "wildcard user" failure "local*" +test_one "empty principals" failure "" "-h" +test_one "wrong principals" failure foo "-h" +test_one "cert not yet valid" failure $HOSTS "-h -V20300101:20320101" +test_one "cert expired" failure $HOSTS "-h -V19800101:19900101" +test_one "cert valid interval" success $HOSTS "-h -V-1w:+2w" +test_one "cert has constraints" failure $HOSTS "-h -Oforce-command=false" # Check downgrade of cert to raw key when no CA found for ktype in $PLAIN_TYPES ; do diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index fde2caefbd4f..6e2713bdd04b 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-userkey.sh,v 1.30 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: cert-userkey.sh,v 1.31 2025/12/22 01:50:46 djm Exp $ # Placed in the Public Domain. tid="certified user keys" @@ -340,16 +340,15 @@ test_one() { } test_one "correct principal" success "-n ${USER}" +test_one "correct principal" success "-n ${USER},*" test_one "host-certificate" failure "-n ${USER} -h" -test_one "wrong principals" failure "-n foo" +test_one "wrong principals" failure "-n foo,*" test_one "cert not yet valid" failure "-n ${USER} -V20300101:20320101" test_one "cert expired" failure "-n ${USER} -V19800101:19900101" test_one "cert valid interval" success "-n ${USER} -V-1w:+2w" test_one "wrong source-address" failure "-n ${USER} -Osource-address=10.0.0.0/8" test_one "force-command" failure "-n ${USER} -Oforce-command=false" - -# Behaviour is different here: TrustedUserCAKeys doesn't allow empty principals -test_one "empty principals" success "" authorized_keys +test_one "empty principals" failure "" authorized_keys test_one "empty principals" failure "" TrustedUserCAKeys # Check explicitly-specified principals: an empty principals list in the cert From dfd710e4e2928201743e32027e2d6cf0e2eafc61 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 03:12:05 +0000 Subject: [PATCH 487/687] upstream: return 0 in void function; spotted by clang -Wextra OpenBSD-Commit-ID: fe7461c93dfaef98a007a246af837a8275a1e539 --- gss-serv.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gss-serv.c b/gss-serv.c index 05c347ea058b..0ef5018e569b 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.34 2025/12/08 03:55:22 djm Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.35 2025/12/22 03:12:05 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -334,7 +334,7 @@ ssh_gssapi_storecreds(void) { if (options.gss_deleg_creds == 0) { debug_f("delegate credential is disabled, doing nothing"); - return 0; + return; } if (gssapi_client.mech && gssapi_client.mech->storecreds) { From 09daf2ac5f248dc5d60a6f3a703b479d67da14b4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 22 Dec 2025 03:36:43 +0000 Subject: [PATCH 488/687] upstream: correctly quote wildcard host certificate principal name, lest it expand to an unrelated filename in the working directory OpenBSD-Regress-ID: 8a9eb716d3ea7986d26c1a931758b996aa93c58e --- regress/cert-hostkey.sh | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index 9061cc702a05..f1551223280f 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-hostkey.sh,v 1.29 2025/12/22 01:50:46 djm Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.30 2025/12/22 03:36:43 djm Exp $ # Placed in the Public Domain. tid="certified host keys" @@ -220,9 +220,20 @@ test_one() { rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;; *) tflag=""; ca="$OBJ/host_ca_key" ;; esac - ${SSHKEYGEN} -q -s $ca $tflag -I "regress host key for $USER" \ - $sign_opts $OBJ/cert_host_key_${kt} || - fatal "couldn't sign cert_host_key_${kt}" + if test -z "$hosts" ; then + # Empty principals section. + ${SSHKEYGEN} -q -s $ca $tflag $sign_opts \ + -I "regress host key for $USER" \ + $OBJ/cert_host_key_${kt} 2>/dev/null || + fatal "couldn't sign cert_host_key_${kt}" + else + # Be careful with quoting principals, which may contain + # wilcards. + ${SSHKEYGEN} -q -s $ca $tflag $sign_opts \ + -I "regress host key for $USER" -n "$hosts" \ + $OBJ/cert_host_key_${kt} || + fatal "couldn't sign cert_host_key_${kt}" + fi ( cat $OBJ/sshd_proxy_bak echo HostKey $OBJ/cert_host_key_${kt} From 6eafc52a4185ba6d765047146cd645152baaeb58 Mon Sep 17 00:00:00 2001 From: Ludovic Rousseau Date: Sat, 27 Dec 2025 10:07:22 +0100 Subject: [PATCH 489/687] Update ssh-agent.1 Add a missing "/" in the default allowed providers list. --- ssh-agent.1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh-agent.1 b/ssh-agent.1 index f77a6cdd58f0..016f7e0ebc76 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -166,7 +166,7 @@ options to .Xr ssh-add 1 . Libraries that do not match the pattern list will be refused. The default list is -.Dq usr/lib*/*,/usr/local/lib*/* . +.Dq /usr/lib*/*,/usr/local/lib*/* . .Pp See PATTERNS in .Xr ssh_config 5 From 55b6b1697433eca98052f5c45281133ca793a9c8 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 29 Dec 2025 23:52:09 +0000 Subject: [PATCH 490/687] upstream: Add sshbuf_consume_upto_child(), to similify particular parsing patterns using parent/child buffer; ok markus@ OpenBSD-Commit-ID: c11ed27907751f2a16c1283313e77f88617e4852 --- sshbuf.c | 22 +++++++++++++++++++++- sshbuf.h | 20 +++++++++++++++++++- 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/sshbuf.c b/sshbuf.c index 1b714e5f9c79..0dc411c51374 100644 --- a/sshbuf.c +++ b/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.23 2024/08/14 15:42:18 tobias Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.24 2025/12/29 23:52:09 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -425,3 +425,23 @@ sshbuf_consume_end(struct sshbuf *buf, size_t len) return 0; } +int +sshbuf_consume_upto_child(struct sshbuf *buf, const struct sshbuf *child) +{ + int r; + + if ((r = sshbuf_check_sanity(buf)) != 0 || + (r = sshbuf_check_sanity(child)) != 0) + return r; + /* This function is only used for parent/child buffers */ + if (child->parent != buf) + return SSH_ERR_INVALID_ARGUMENT; + /* Nonsensical if the parent has advanced past the child */ + if (sshbuf_len(child) > sshbuf_len(buf)) + return SSH_ERR_INVALID_ARGUMENT; + /* More paranoia, shouldn't happen */ + if (child->cd < buf->cd) + return SSH_ERR_INTERNAL_ERROR; + /* Advance */ + return sshbuf_consume(buf, sshbuf_len(buf) - sshbuf_len(child)); +} diff --git a/sshbuf.h b/sshbuf.h index 8c18ded02fd0..052b0879849e 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.33 2025/11/21 01:29:06 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.34 2025/12/29 23:52:09 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -143,6 +143,24 @@ int sshbuf_consume(struct sshbuf *buf, size_t len); */ int sshbuf_consume_end(struct sshbuf *buf, size_t len); +/* + * Consume data from a parent buffer up to that of a child buffer (i.e. + * one created by sshbuf_fromb()). + * + * Intended to be used in a pattern like: + * + * b = sshbuf_fromb(parent); + * sshbuf_get_string(b, &foo, &foostr); + * sshbuf_get_u32(b, &bar); + * sshbuf_consume_upto_child(parent, b); + * + * After which, both "b" and "parent" will point to the same data. + * + * "child" must be a direct child of "buf" (i.e. neither an unrelated buffer + * nor a grandchild) which has consumed data past that of "buf". + */ +int sshbuf_consume_upto_child(struct sshbuf *buf, const struct sshbuf *child); + /* Extract or deposit some bytes */ int sshbuf_get(struct sshbuf *buf, void *v, size_t len); int sshbuf_put(struct sshbuf *buf, const void *v, size_t len); From ca313fef2deed90668fe0706da8529310092d1dd Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Dec 2025 00:22:58 +0000 Subject: [PATCH 491/687] upstream: Enforce maximum packet/block limit during pre-authentication phase OpenSSH doesn't support rekeying before authentication completes to minimise pre-auth attack surface. Given LoginGraceTime, MaxAuthTries and strict KEX, it would be difficult to send enough data or packets before authentication completes to reach a point where rekeying is required, but we'd prefer it to be completely impossible. So this applies the default volume/packet rekeying limits to the pre-auth phase. If these limits are exceeded the connection will simply be closed. ok dtucker markus OpenBSD-Commit-ID: 70415098db739058006e4ebd1630b6bae8cc8bf6 --- packet.c | 88 ++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 67 insertions(+), 21 deletions(-) diff --git a/packet.c b/packet.c index 2a5a56a886da..2df7a97b7e23 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.327 2025/12/05 06:16:27 dtucker Exp $ */ +/* $OpenBSD: packet.c,v 1.328 2025/12/30 00:22:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -184,6 +184,7 @@ struct session_state { struct packet_state p_read, p_send; /* Volume-based rekeying */ + u_int64_t hard_max_blocks_in, hard_max_blocks_out; u_int64_t max_blocks_in, max_blocks_out, rekey_limit; /* Time-based rekeying */ @@ -979,7 +980,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode) struct sshcomp *comp; struct sshcipher_ctx **ccp; struct packet_state *ps; - u_int64_t *max_blocks; + u_int64_t *max_blocks, *hard_max_blocks; const char *wmsg; int r, crypt_type; const char *dir = mode == MODE_OUT ? "out" : "in"; @@ -990,11 +991,13 @@ ssh_set_newkeys(struct ssh *ssh, int mode) ccp = &state->send_context; crypt_type = CIPHER_ENCRYPT; ps = &state->p_send; + hard_max_blocks = &state->hard_max_blocks_out; max_blocks = &state->max_blocks_out; } else { ccp = &state->receive_context; crypt_type = CIPHER_DECRYPT; ps = &state->p_read; + hard_max_blocks = &state->hard_max_blocks_in; max_blocks = &state->max_blocks_in; } if (state->newkeys[mode] != NULL) { @@ -1055,25 +1058,59 @@ ssh_set_newkeys(struct ssh *ssh, int mode) * See RFC4344 section 3.2. */ if (enc->block_size >= 16) - *max_blocks = (u_int64_t)1 << (enc->block_size*2); + *hard_max_blocks = (u_int64_t)1 << (enc->block_size*2); else - *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; - if (state->rekey_limit) + *hard_max_blocks = ((u_int64_t)1 << 30) / enc->block_size; + *max_blocks = *hard_max_blocks; + if (state->rekey_limit) { *max_blocks = MINIMUM(*max_blocks, state->rekey_limit / enc->block_size); + } debug("rekey %s after %llu blocks", dir, (unsigned long long)*max_blocks); return 0; } #define MAX_PACKETS (1U<<31) +/* + * Checks whether the packet- or block- based rekeying limits have been + * exceeded. If the 'hard' flag is set, the checks are performed against the + * absolute maximum we're willing to accept for the given cipher. Otherwise + * the checks are performed against the RekeyLimit volume, which may be lower. + */ +static inline int +ssh_packet_check_rekey_blocklimit(struct ssh *ssh, u_int packet_len, int hard) +{ + struct session_state *state = ssh->state; + u_int32_t out_blocks; + const u_int64_t max_blocks_in = hard ? + state->hard_max_blocks_in : state->max_blocks_in; + const u_int64_t max_blocks_out = hard ? + state->hard_max_blocks_out : state->max_blocks_out; + + /* + * Always rekey when MAX_PACKETS sent in either direction + * As per RFC4344 section 3.1 we do this after 2^31 packets. + */ + if (state->p_send.packets > MAX_PACKETS || + state->p_read.packets > MAX_PACKETS) + return 1; + + /* Rekey after (cipher-specific) maximum blocks */ + out_blocks = ROUNDUP(packet_len, + state->newkeys[MODE_OUT]->enc.block_size); + return (max_blocks_out && + (state->p_send.blocks + out_blocks > max_blocks_out)) || + (max_blocks_in && + (state->p_read.blocks > max_blocks_in)); +} + static int ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) { struct session_state *state = ssh->state; - u_int32_t out_blocks; - /* XXX client can't cope with rekeying pre-auth */ + /* Don't attempt rekeying during pre-auth */ if (!state->after_authentication) return 0; @@ -1097,26 +1134,30 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) (int64_t)state->rekey_time + state->rekey_interval <= monotime()) return 1; - /* - * Always rekey when MAX_PACKETS sent in either direction - * As per RFC4344 section 3.1 we do this after 2^31 packets. - */ - if (state->p_send.packets > MAX_PACKETS || - state->p_read.packets > MAX_PACKETS) - return 1; + return ssh_packet_check_rekey_blocklimit(ssh, outbound_packet_len, 0); +} - /* Rekey after (cipher-specific) maximum blocks */ - out_blocks = ROUNDUP(outbound_packet_len, - state->newkeys[MODE_OUT]->enc.block_size); - return (state->max_blocks_out && - (state->p_send.blocks + out_blocks > state->max_blocks_out)) || - (state->max_blocks_in && - (state->p_read.blocks > state->max_blocks_in)); +/* Checks that the hard rekey limits have not been exceeded during preauth */ +static int +ssh_packet_check_rekey_preauth(struct ssh *ssh, u_int outgoing_packet_len) +{ + if (ssh->state->after_authentication) + return 0; + + if (ssh_packet_check_rekey_blocklimit(ssh, 0, 1)) { + error("RekeyLimit exceeded before authentication completed"); + return SSH_ERR_NEED_REKEY; + } + return 0; } int ssh_packet_check_rekey(struct ssh *ssh) { + int r; + + if ((r = ssh_packet_check_rekey_preauth(ssh, 0)) != 0) + return r; if (!ssh_packet_need_rekeying(ssh, 0)) return 0; debug3_f("rekex triggered"); @@ -1374,6 +1415,11 @@ ssh_packet_send2(struct ssh *ssh) need_rekey = !ssh_packet_type_is_kex(type) && ssh_packet_need_rekeying(ssh, sshbuf_len(state->outgoing_packet)); + /* Enforce hard rekey limit during pre-auth */ + if (!state->rekeying && !ssh_packet_type_is_kex(type) && + (r = ssh_packet_check_rekey_preauth(ssh, 0)) != 0) + return r; + /* * During rekeying we can only send key exchange messages. * Queue everything else. From dd49a87bf4e4a219978bf20f03e2a72041f57b2f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Dec 2025 00:35:37 +0000 Subject: [PATCH 492/687] upstream: Remove bug compatibility for implementations that don't support rekeying. AFAIK this is only an ancient Sun SSH version. If such an implementation tries to interoperate with OpenSSH, it will eventually fail when the transport needs rekeying. This is probably long enough to use it to download a modern SSH implementation that lacks this problem :) ok markus@ deraadt@ OpenBSD-Commit-ID: 228a502fee808cf8b7caee23169eb6a1ab1c331a --- packet.c | 12 +++--------- sshconnect.c | 8 +++++++- sshd-session.c | 5 ++++- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/packet.c b/packet.c index 2df7a97b7e23..1c781763c97c 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.328 2025/12/30 00:22:58 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.329 2025/12/30 00:35:37 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1118,10 +1118,6 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) if (ssh_packet_is_rekeying(ssh)) return 0; - /* Peer can't rekey */ - if (ssh->compat & SSH_BUG_NOREKEY) - return 0; - /* * Permit one packet in or out per rekey - this allows us to * make progress when rekey limits are very small. @@ -1368,8 +1364,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) logit("outgoing seqnr wraps around"); } if (++state->p_send.packets == 0) - if (!(ssh->compat & SSH_BUG_NOREKEY)) - return SSH_ERR_NEED_REKEY; + return SSH_ERR_NEED_REKEY; state->p_send.blocks += len / block_size; state->p_send.bytes += len; sshbuf_reset(state->outgoing_packet); @@ -1784,8 +1779,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) logit("incoming seqnr wraps around"); } if (++state->p_read.packets == 0) - if (!(ssh->compat & SSH_BUG_NOREKEY)) - return SSH_ERR_NEED_REKEY; + return SSH_ERR_NEED_REKEY; state->p_read.blocks += (state->packlen + 4) / block_size; state->p_read.bytes += state->packlen + 4; diff --git a/sshconnect.c b/sshconnect.c index 4b4a9018957c..9dd1d02ea93f 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.377 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.378 2025/12/30 00:35:37 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -44,6 +44,7 @@ #include "xmalloc.h" #include "hostfile.h" #include "ssh.h" +#include "compat.h" #include "sshbuf.h" #include "packet.h" #include "sshkey.h" @@ -1609,6 +1610,11 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, options.version_addendum)) != 0) sshpkt_fatal(ssh, r, "banner exchange"); + if ((ssh->compat & SSH_BUG_NOREKEY)) { + logit("Warning: this server does not support rekeying."); + logit("This session will eventually fail"); + } + /* Put the connection into non-blocking mode. */ ssh_packet_set_nonblocking(ssh); diff --git a/sshd-session.c b/sshd-session.c index 5d384fa2f986..5f34f6444cba 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.18 2025/12/16 08:32:50 dtucker Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.19 2025/12/30 00:35:37 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -1252,6 +1252,9 @@ main(int ac, char **av) options.version_addendum)) != 0) sshpkt_fatal(ssh, r, "banner exchange"); + if ((ssh->compat & SSH_BUG_NOREKEY)) + debug("client does not support rekeying"); + ssh_packet_set_nonblocking(ssh); /* allocate authentication context */ From b9c318777eb40db66fb92df87666c3642467d0e7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Dec 2025 00:12:58 +0000 Subject: [PATCH 493/687] upstream: unit tests for sshbuf_consume_upto_child() OpenBSD-Regress-ID: 13cbd0370ebca7c61c35346b3e0356517719a447 --- regress/unittests/sshbuf/test_sshbuf.c | 39 ++++++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/regress/unittests/sshbuf/test_sshbuf.c b/regress/unittests/sshbuf/test_sshbuf.c index dc021ba9087b..3e165d430b3d 100644 --- a/regress/unittests/sshbuf/test_sshbuf.c +++ b/regress/unittests/sshbuf/test_sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf.c,v 1.2 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_sshbuf.c,v 1.3 2025/12/30 00:12:58 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -28,7 +28,8 @@ void sshbuf_tests(void); void sshbuf_tests(void) { - struct sshbuf *p1; + struct sshbuf *p1, *p2, *p3; + u_int v32; const u_char *cdp; u_char *dp; size_t sz; @@ -238,4 +239,38 @@ sshbuf_tests(void) ASSERT_SIZE_T_EQ(sshbuf_avail(p1), 1223); sshbuf_free(p1); TEST_DONE(); + + TEST_START("sshbuf_consume_upto_child"); + p1 = sshbuf_new(); + ASSERT_PTR_NE(p1, NULL); + p2 = sshbuf_new(); + ASSERT_PTR_NE(p2, NULL); + /* Unrelated buffers */ + ASSERT_INT_EQ(sshbuf_consume_upto_child(p1, p2), + SSH_ERR_INVALID_ARGUMENT); + /* Simple success case */ + ASSERT_INT_EQ(sshbuf_put_u32(p1, 0xdeadbeef), 0); + ASSERT_INT_EQ(sshbuf_put_u32(p1, 0x01020304), 0); + ASSERT_INT_EQ(sshbuf_put_u32(p1, 0xfeedface), 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), 12); + p3 = sshbuf_fromb(p1); + ASSERT_PTR_NE(p3, NULL); + ASSERT_INT_EQ(sshbuf_get_u32(p3, &v32), 0); + ASSERT_U32_EQ(v32, 0xdeadbeef); + ASSERT_SIZE_T_EQ(sshbuf_len(p3), 8); + ASSERT_INT_EQ(sshbuf_consume_upto_child(p1, p3), 0); + ASSERT_SIZE_T_EQ(sshbuf_len(p1), sshbuf_len(p3)); + ASSERT_PTR_EQ(sshbuf_ptr(p1), sshbuf_ptr(p3)); + sshbuf_free(p3); + /* Parent already consumed past child */ + p3 = sshbuf_fromb(p1); + ASSERT_PTR_NE(p3, NULL); + ASSERT_INT_EQ(sshbuf_get_u32(p1, &v32), 0); + ASSERT_U32_EQ(v32, 0x01020304); + ASSERT_INT_EQ(sshbuf_consume_upto_child(p1, p3), + SSH_ERR_INVALID_ARGUMENT); + sshbuf_free(p1); + sshbuf_free(p2); + sshbuf_free(p3); + TEST_DONE(); } From 5f2bc9cb8625d1fd582e0e4b562200f9856f1f7d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Dec 2025 04:23:53 +0000 Subject: [PATCH 494/687] upstream: avoid possible NULL deref if ssh_packet_check_rekey_blocklimit() called before the encrypted transport is brought up. OpenBSD-Commit-ID: fb998ccbe59865e33a8ab6a6577f254d39bdc72f --- packet.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packet.c b/packet.c index 1c781763c97c..3d47df758c26 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.329 2025/12/30 00:35:37 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.330 2025/12/30 04:23:53 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1096,6 +1096,9 @@ ssh_packet_check_rekey_blocklimit(struct ssh *ssh, u_int packet_len, int hard) state->p_read.packets > MAX_PACKETS) return 1; + if (state->newkeys == NULL) + return 0; + /* Rekey after (cipher-specific) maximum blocks */ out_blocks = ROUNDUP(packet_len, state->newkeys[MODE_OUT]->enc.block_size); From ea367b4bbc3fd49f84683763723425adfdce35c0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 30 Dec 2025 04:28:42 +0000 Subject: [PATCH 495/687] upstream: test the right thing, doofus OpenBSD-Commit-ID: 31b2ec6e0b3dbd08c60ba2d969dd687cd80c25fd --- packet.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packet.c b/packet.c index 3d47df758c26..05c2adfac54b 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.330 2025/12/30 04:23:53 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.331 2025/12/30 04:28:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1096,7 +1096,7 @@ ssh_packet_check_rekey_blocklimit(struct ssh *ssh, u_int packet_len, int hard) state->p_read.packets > MAX_PACKETS) return 1; - if (state->newkeys == NULL) + if (state->newkeys[MODE_OUT] == NULL) return 0; /* Rekey after (cipher-specific) maximum blocks */ From a6f8f793d427a831be1b350741faa4f34066d55f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 4 Jan 2026 09:52:58 +0000 Subject: [PATCH 496/687] upstream: rewrite SOCKS4/4A/5 parsing code to use sshbuf functions instead of manual pointer fiddling. Should make the code safer and easier to read. feedback/ok markus@ OpenBSD-Commit-ID: 5ebd841fbd78d8395774f002a19c1ddcf91ad047 --- channels.c | 389 +++++++++++++++++++++++++++-------------------------- 1 file changed, 198 insertions(+), 191 deletions(-) diff --git a/channels.c b/channels.c index 80014ff341fa..efade6d810c4 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.452 2025/10/07 08:02:32 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.453 2026/01/04 09:52:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1507,115 +1507,93 @@ channel_pre_mux_client(struct ssh *ssh, Channel *c) } } +static inline int +socks_decode_error(Channel *c, int status, const char *func, const char *msg) +{ + if (status == SSH_ERR_MESSAGE_INCOMPLETE) + return 0; + else { + debug_r(status, "%s: channel %d: decode %s", + func, c->self, msg); + return -1; + } +} + /* try to decode a socks4 header */ static int channel_decode_socks4(Channel *c, struct sshbuf *input, struct sshbuf *output) { - const u_char *p; - char *host; - u_int len, have, i, found, need; - char username[256]; - struct { - u_int8_t version; - u_int8_t command; - u_int16_t dest_port; - struct in_addr dest_addr; - } s4_req, s4_rsp; - int r; - - debug2("channel %d: decode socks4", c->self); + uint8_t socks_ver, socks_cmd, dest_addr[4]; + uint16_t dest_port; + char *user = NULL, *host = NULL; + int success = -1, socks4a = 0, r; + struct sshbuf *b = NULL; - have = sshbuf_len(input); - len = sizeof(s4_req); - if (have < len) + if (sshbuf_len(input) < 9) return 0; - p = sshbuf_ptr(input); - - need = 1; - /* SOCKS4A uses an invalid IP address 0.0.0.x */ - if (p[4] == 0 && p[5] == 0 && p[6] == 0 && p[7] != 0) { - debug2("channel %d: socks4a request", c->self); - /* ... and needs an extra string (the hostname) */ - need = 2; - } - /* Check for terminating NUL on the string(s) */ - for (found = 0, i = len; i < have; i++) { - if (p[i] == '\0') { - found++; - if (found == need) - break; - } - if (i > 1024) { - /* the peer is probably sending garbage */ - debug("channel %d: decode socks4: too long", - c->self); - return -1; - } - } - if (found < need) - return 0; - if ((r = sshbuf_get(input, &s4_req.version, 1)) != 0 || - (r = sshbuf_get(input, &s4_req.command, 1)) != 0 || - (r = sshbuf_get(input, &s4_req.dest_port, 2)) != 0 || - (r = sshbuf_get(input, &s4_req.dest_addr, 4)) != 0) { - debug_r(r, "channels %d: decode socks4", c->self); - return -1; - } - have = sshbuf_len(input); - p = sshbuf_ptr(input); - if (memchr(p, '\0', have) == NULL) { - error("channel %d: decode socks4: unterminated user", c->self); - return -1; + + /* We may not have a complete message, so work on a dup of the buffer */ + if ((b = sshbuf_fromb(input)) == NULL) + fatal_f("sshbuf_fromb failed"); + + debug2("channel %d: decode socks4", c->self); + if ((r = sshbuf_get_u8(b, &socks_ver)) != 0 || + (r = sshbuf_get_u8(b, &socks_cmd)) != 0 || + (r = sshbuf_get_u16(b, &dest_port)) != 0 || + (r = sshbuf_get(b, &dest_addr, sizeof(dest_addr))) != 0 || + (r = sshbuf_get_nulterminated_string(b, 1024, &user, NULL)) != 0) { + success = socks_decode_error(c, r, __func__, "header"); + goto out; } - len = strlen(p); - debug2("channel %d: decode socks4: user %s/%d", c->self, p, len); - len++; /* trailing '\0' */ - strlcpy(username, p, sizeof(username)); - if ((r = sshbuf_consume(input, len)) != 0) - fatal_fr(r, "channel %d: consume", c->self); - free(c->path); - c->path = NULL; - if (need == 1) { /* SOCKS4: one string */ - host = inet_ntoa(s4_req.dest_addr); - c->path = xstrdup(host); - } else { /* SOCKS4A: two strings */ - have = sshbuf_len(input); - p = sshbuf_ptr(input); - if (memchr(p, '\0', have) == NULL) { - error("channel %d: decode socks4a: host not nul " - "terminated", c->self); - return -1; - } - len = strlen(p); - debug2("channel %d: decode socks4a: host %s/%d", - c->self, p, len); - len++; /* trailing '\0' */ - if (len > NI_MAXHOST) { - error("channel %d: hostname \"%.100s\" too long", - c->self, p); - return -1; + + /* Is this a SOCKS4A request? (indicated by an address of 0.0.0.x) */ + if (dest_addr[0] == 0 && dest_addr[1] == 0 && + dest_addr[2] == 0 && dest_addr[3] != 0) { + /* If so, then the hostname follows, also nul-terminated */ + if ((r = sshbuf_get_nulterminated_string(b, 1024, + &host, NULL)) != 0) { + success = socks_decode_error(c, r, __func__, "host"); + goto out; } - c->path = xstrdup(p); - if ((r = sshbuf_consume(input, len)) != 0) - fatal_fr(r, "channel %d: consume", c->self); + socks4a = 1; + } else { + /* Plain SOCKS4 passes an IPv4 binary address; reconstruct */ + xasprintf(&host, "%d.%d.%d.%d", + dest_addr[0], dest_addr[1], dest_addr[2], dest_addr[3]); } - c->host_port = ntohs(s4_req.dest_port); - debug2("channel %d: dynamic request: socks4 host %s port %u command %u", - c->self, c->path, c->host_port, s4_req.command); + /* We have a complete SOCKS4 message; consume it from input */ + if ((r = sshbuf_consume_upto_child(input, b)) != 0) + fatal_fr(r, "channel %d: consume", c->self); - if (s4_req.command != 1) { - debug("channel %d: cannot handle: %s cn %d", - c->self, need == 1 ? "SOCKS4" : "SOCKS4A", s4_req.command); - return -1; + /* Handle the request */ + debug2("channel %d: %s: user=\"%s\" command=%d destination=[%s]:%d", + c->self, socks4a ? "SOCKS4A" : "SOCKS4", user, (int)socks_cmd, + host, dest_port); + if (socks_cmd != 1) { + debug("channel %d: cannot handle %s command 0x%02x", + c->self, socks4a ? "SOCKS4A" : "SOCKS4", socks_cmd); + goto out; } - s4_rsp.version = 0; /* vn: 0 for reply */ - s4_rsp.command = 90; /* cd: req granted */ - s4_rsp.dest_port = 0; /* ignored */ - s4_rsp.dest_addr.s_addr = INADDR_ANY; /* ignored */ - if ((r = sshbuf_put(output, &s4_rsp, sizeof(s4_rsp))) != 0) - fatal_fr(r, "channel %d: append reply", c->self); - return 1; + free(c->path); + c->path = host; + host = NULL; /* transferred */ + c->host_port = dest_port; + + /* Reply to the SOCKS4 client */ + if ((r = sshbuf_put_u8(output, 0)) != 0 || /* vn: 0 for reply */ + (r = sshbuf_put_u8(output, 90)) != 0 || /* cd: req granted */ + (r = sshbuf_put_u16(output, 0)) != 0 || /* port: ignored */ + (r = sshbuf_put_u32(output, ntohl(INADDR_ANY))) != 0) /* ignored */ + fatal_fr(r, "channel %d: compose reply", c->self); + + /* success */ + success = 1; + out: + sshbuf_free(b); + free(user); + free(host); + return success; } /* try to decode a socks5 header */ @@ -1627,73 +1605,110 @@ channel_decode_socks4(Channel *c, struct sshbuf *input, struct sshbuf *output) #define SSH_SOCKS5_CONNECT 0x01 #define SSH_SOCKS5_SUCCESS 0x00 +/* + * Handles SOCKS5 authentication. Note 'b' must be a dup of 'input' + * Returns 0 on insufficient queued date, 1 on authentication success or + * -1 on error. + */ +static int +channel_socks5_check_auth(Channel *c, struct sshbuf *b, struct sshbuf *input, + struct sshbuf *output) +{ + uint8_t socks_ver; + uint8_t nmethods, method; + int r; + u_int i, found; + + /* format: ver | nmethods | methods */ + if ((r = sshbuf_get_u8(b, &socks_ver)) != 0) + return socks_decode_error(c, r, __func__, "version"); + if (socks_ver != 5) /* shouldn't happen; checked by caller^2 */ + fatal_fr(r, "channel %d: internal error: not socks5", c->self); + if ((r = sshbuf_get_u8(b, &nmethods)) != 0) + return socks_decode_error(c, r, __func__, "methods"); + for (found = i = 0; i < nmethods; i++) { + if ((r = sshbuf_get_u8(b, &method)) != 0) + return socks_decode_error(c, r, __func__, "method"); + if (method == SSH_SOCKS5_NOAUTH) + found = 1; + } + if (!found) { + debug("channel %d: didn't request SSH_SOCKS5_NOAUTH", c->self); + return -1; + } + /* Consume completed request */ + if ((r = sshbuf_consume_upto_child(input, b)) != 0) + fatal_fr(r, "channel %d: consume", c->self); + + /* Compose reply: version, method */ + if ((r = sshbuf_put_u8(output, 0x05)) != 0 || + (r = sshbuf_put_u8(output, SSH_SOCKS5_NOAUTH)) != 0) + fatal_fr(r, "channel %d: append reply", c->self); + /* success */ + debug2("channel %d: socks5 auth done", c->self); + return 1; +} + static int channel_decode_socks5(Channel *c, struct sshbuf *input, struct sshbuf *output) { - /* XXX use get/put_u8 instead of trusting struct padding */ - struct { - u_int8_t version; - u_int8_t command; - u_int8_t reserved; - u_int8_t atyp; - } s5_req, s5_rsp; - u_int16_t dest_port; + uint8_t socks_ver, socks_cmd, socks_reserved, socks_atyp, addrlen; + uint16_t dest_port; char dest_addr[255+1], ntop[INET6_ADDRSTRLEN]; - const u_char *p; - u_int have, need, i, found, nmethods, addrlen, af; - int r; + u_int af; + int r, success = -1;; + struct sshbuf *b = NULL; + + debug2("channel %d: decode socks5 %s", c->self, + (c->flags & SSH_SOCKS5_AUTHDONE) ? "request" : "auth"); + + /* We may not have a complete message, so work on a dup of the buffer */ + if ((b = sshbuf_fromb(input)) == NULL) + fatal_f("sshbuf_fromb failed"); - debug2("channel %d: decode socks5", c->self); - p = sshbuf_ptr(input); - if (p[0] != 0x05) - return -1; - have = sshbuf_len(input); if (!(c->flags & SSH_SOCKS5_AUTHDONE)) { - /* format: ver | nmethods | methods */ - if (have < 2) - return 0; - nmethods = p[1]; - if (have < nmethods + 2) - return 0; - /* look for method: "NO AUTHENTICATION REQUIRED" */ - for (found = 0, i = 2; i < nmethods + 2; i++) { - if (p[i] == SSH_SOCKS5_NOAUTH) { - found = 1; - break; - } - } - if (!found) { - debug("channel %d: method SSH_SOCKS5_NOAUTH not found", - c->self); - return -1; + if ((r = channel_socks5_check_auth(c, b, input, output)) != 1) { + success = r; + goto out; } - if ((r = sshbuf_consume(input, nmethods + 2)) != 0) - fatal_fr(r, "channel %d: consume", c->self); - /* version, method */ - if ((r = sshbuf_put_u8(output, 0x05)) != 0 || - (r = sshbuf_put_u8(output, SSH_SOCKS5_NOAUTH)) != 0) - fatal_fr(r, "channel %d: append reply", c->self); c->flags |= SSH_SOCKS5_AUTHDONE; - debug2("channel %d: socks5 auth done", c->self); - return 0; /* need more */ + /* Continue to parse request in case client speculated ahead */ + } + + /* Request messages (auth or connect) always start with the version */ + if ((r = sshbuf_get_u8(b, &socks_ver)) != 0) { + success = socks_decode_error(c, r, __func__, "version"); + goto out; } + if (socks_ver != 5) /* shouldn't happen */ + fatal_fr(r, "channel %d: internal error: not socks5", c->self); + + /* Parse SOCKS5 request header */ debug2("channel %d: socks5 post auth", c->self); - if (have < sizeof(s5_req)+1) - return 0; /* need more */ - memcpy(&s5_req, p, sizeof(s5_req)); - if (s5_req.version != 0x05 || - s5_req.command != SSH_SOCKS5_CONNECT || - s5_req.reserved != 0x00) { + if ((r = sshbuf_get_u8(b, &socks_cmd)) != 0 || + (r = sshbuf_get_u8(b, &socks_reserved)) != 0 || + (r = sshbuf_get_u8(b, &socks_atyp)) != 0) { + success = socks_decode_error(c, r, __func__, "request header"); + goto out; + } + + if (socks_ver != 0x05 || + socks_cmd != SSH_SOCKS5_CONNECT || + socks_reserved != 0x00) { debug2("channel %d: only socks5 connect supported", c->self); - return -1; + goto out; } - switch (s5_req.atyp){ + + switch (socks_atyp) { case SSH_SOCKS5_IPV4: addrlen = 4; af = AF_INET; break; case SSH_SOCKS5_DOMAIN: - addrlen = p[sizeof(s5_req)]; + if ((r = sshbuf_get_u8(b, &addrlen)) != 0) { + success = socks_decode_error(c, r, __func__, "addrlen"); + goto out; + } af = -1; break; case SSH_SOCKS5_IPV6: @@ -1701,57 +1716,48 @@ channel_decode_socks5(Channel *c, struct sshbuf *input, struct sshbuf *output) af = AF_INET6; break; default: - debug2("channel %d: bad socks5 atyp %d", c->self, s5_req.atyp); - return -1; - } - need = sizeof(s5_req) + addrlen + 2; - if (s5_req.atyp == SSH_SOCKS5_DOMAIN) - need++; - if (have < need) - return 0; - if ((r = sshbuf_consume(input, sizeof(s5_req))) != 0) - fatal_fr(r, "channel %d: consume", c->self); - if (s5_req.atyp == SSH_SOCKS5_DOMAIN) { - /* host string length */ - if ((r = sshbuf_consume(input, 1)) != 0) - fatal_fr(r, "channel %d: consume", c->self); + debug2("channel %d: bad socks5 atyp %d", c->self, socks_atyp); + goto out; } - if ((r = sshbuf_get(input, &dest_addr, addrlen)) != 0 || - (r = sshbuf_get(input, &dest_port, 2)) != 0) { - debug_r(r, "channel %d: parse addr/port", c->self); - return -1; + if ((r = sshbuf_get(b, &dest_addr, addrlen)) != 0 || + (r = sshbuf_get_u16(b, &dest_port)) != 0) { + success = socks_decode_error(c, r, __func__, "addr/port"); + goto out; } dest_addr[addrlen] = '\0'; + + /* We have a complete SOCKS5 request; consume it from input */ + if ((r = sshbuf_consume_upto_child(input, b)) != 0) + fatal_fr(r, "channel %d: consume", c->self); + free(c->path); c->path = NULL; - if (s5_req.atyp == SSH_SOCKS5_DOMAIN) { - if (addrlen >= NI_MAXHOST) { - error("channel %d: dynamic request: socks5 hostname " - "\"%.100s\" too long", c->self, dest_addr); - return -1; - } + if (socks_atyp == SSH_SOCKS5_DOMAIN) c->path = xstrdup(dest_addr); - } else { + else { if (inet_ntop(af, dest_addr, ntop, sizeof(ntop)) == NULL) return -1; c->path = xstrdup(ntop); } - c->host_port = ntohs(dest_port); + c->host_port = dest_port; debug2("channel %d: dynamic request: socks5 host %s port %u command %u", - c->self, c->path, c->host_port, s5_req.command); - - s5_rsp.version = 0x05; - s5_rsp.command = SSH_SOCKS5_SUCCESS; - s5_rsp.reserved = 0; /* ignored */ - s5_rsp.atyp = SSH_SOCKS5_IPV4; - dest_port = 0; /* ignored */ - - if ((r = sshbuf_put(output, &s5_rsp, sizeof(s5_rsp))) != 0 || - (r = sshbuf_put_u32(output, ntohl(INADDR_ANY))) != 0 || - (r = sshbuf_put(output, &dest_port, sizeof(dest_port))) != 0) + c->self, c->path, c->host_port, socks_cmd); + + /* Reply */ + if ((r = sshbuf_put_u8(output, 0x05)) != 0 || /* version */ + (r = sshbuf_put_u8(output, SSH_SOCKS5_SUCCESS)) != 0 || /* cmd */ + (r = sshbuf_put_u8(output, 0)) != 0 || /* reserved, ignored */ + (r = sshbuf_put_u8(output, SSH_SOCKS5_IPV4)) != 0 || /* addrtype */ + (r = sshbuf_put_u32(output, ntohl(INADDR_ANY))) != 0 || /* addr */ + (r = sshbuf_put_u16(output, dest_port)) != 0) /* port */ fatal_fr(r, "channel %d: append reply", c->self); - return 1; + + /* success */ + success = 1; + out: + sshbuf_free(b); + return success; } Channel * @@ -1783,9 +1789,9 @@ channel_connect_stdio_fwd(struct ssh *ssh, static void channel_pre_dynamic(struct ssh *ssh, Channel *c) { - const u_char *p; u_int have; - int ret; + u_char ver; + int r, ret; c->io_want = 0; have = sshbuf_len(c->input); @@ -1798,9 +1804,9 @@ channel_pre_dynamic(struct ssh *ssh, Channel *c) return; } /* try to guess the protocol */ - p = sshbuf_ptr(c->input); - /* XXX sshbuf_peek_u8? */ - switch (p[0]) { + if ((r = sshbuf_peek_u8(c->input, 0, &ver)) != 0) + fatal_fr(r, "sshbuf_peek_u8"); + switch (ver) { case 0x04: ret = channel_decode_socks4(c, c->input, c->output); break; @@ -1808,6 +1814,7 @@ channel_pre_dynamic(struct ssh *ssh, Channel *c) ret = channel_decode_socks5(c, c->input, c->output); break; default: + debug2_f("channel %d: unknown SOCKS version %u", c->self, ver); ret = -1; break; } From d41503a5762680e43a8d31e4ec2b9b684028f378 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 11:51:41 -0800 Subject: [PATCH 497/687] add GitHub Copilot files --- .github/agents/merge-upstream.agent.md | 399 ++++++++++++++ .github/instructions/build.instructions.md | 300 +++++++++++ .../getting-started.instructions.md | 28 + .../merge/merge-details.instructions.md | 504 ++++++++++++++++++ .../merge-process-overview.instructions.md | 280 ++++++++++ .../merge/research.instructions.md | 106 ++++ .../repository-overview.instructions.md | 131 +++++ .github/instructions/setup.instructions.md | 86 +++ .github/instructions/testing.instructions.md | 248 +++++++++ .github/tools/Build-OpenSSH.ps1 | 254 +++++++++ .github/tools/Get-CommitGroups.ps1 | 402 ++++++++++++++ .github/tools/Start-OpenSSHBuild.ps1 | 195 +++++++ .github/tools/Test-OpenSSHBuild.ps1 | 262 +++++++++ .github/tools/Test-OpenSSHFunctionality.ps1 | 447 ++++++++++++++++ 14 files changed, 3642 insertions(+) create mode 100644 .github/agents/merge-upstream.agent.md create mode 100644 .github/instructions/build.instructions.md create mode 100644 .github/instructions/getting-started.instructions.md create mode 100644 .github/instructions/merge/merge-details.instructions.md create mode 100644 .github/instructions/merge/merge-process-overview.instructions.md create mode 100644 .github/instructions/merge/research.instructions.md create mode 100644 .github/instructions/repository-overview.instructions.md create mode 100644 .github/instructions/setup.instructions.md create mode 100644 .github/instructions/testing.instructions.md create mode 100644 .github/tools/Build-OpenSSH.ps1 create mode 100644 .github/tools/Get-CommitGroups.ps1 create mode 100644 .github/tools/Start-OpenSSHBuild.ps1 create mode 100644 .github/tools/Test-OpenSSHBuild.ps1 create mode 100644 .github/tools/Test-OpenSSHFunctionality.ps1 diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md new file mode 100644 index 000000000000..a5565b25b883 --- /dev/null +++ b/.github/agents/merge-upstream.agent.md @@ -0,0 +1,399 @@ +--- +name: merge-upstream +description: Assist with merging upstream OpenSSH commits into the PowerShell fork. +tools: + ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'test-server/*', 'agent', 'todo'] +--- +# OpenSSH Upstream Merge Agent + +## Agent Purpose +This agent assists with merging upstream OpenSSH commits into the PowerShell fork (PowerShell/openssh-portable). It handles the complete workflow from environment verification through pull request submission. + +**Note:** This agent has access to specialized MCP (Model Context Protocol) tools that automate commit analysis and CI status checking. When available, use the MCP tools instead of running scripts manually. + +## Agent Capabilities + +### Core Functions +- **Environment verification and setup** +- **Commit group analysis** using Get-CommitGroups MCP tool +- **Incremental cherry-picking** with conflict resolution +- **Windows-specific build system updates** +- **Compilation and testing** +- **Documentation and PR preparation** + +### Key Tools Available + +1. **Get-CommitGroups MCP Tool** - Groups commits by CI presence or success + - **Access**: Available via MCP server (preferred method) + - **MCP Tool Name**: `mcp_pwsh-mcp-server_Get_CommitGroups` + - **Direct Script**: `.github/tools/Get-CommitGroups.ps1` (fallback) + - **Parameters**: + - `GitHubTag` (string, optional): GitHub tag to start from (e.g., "V_10_0_P2") + - `StartCommit` (string, optional): Commit SHA to start from + - `FirstChunkOnly` (boolean, optional): Stop after finding first chunk + - `GroupByCIPresence` (boolean, optional): Group by CI presence instead of CI success + - **Recommended Usage**: Always use `-FirstChunkOnly -GroupByCIPresence` for incremental merging + - **Usage via MCP**: Use the MCP tool function directly - it handles all GitHub API calls + - **Manual Usage**: `Get-Help .\Get-CommitGroups.ps1` for direct script execution + +2. **OpenSSHBuildHelper Module** - Build automation + - Location: `contrib\win32\openssh\OpenSSHBuildHelper.psm1` + - Key cmdlet: `Start-OpenSSHBuild -Configuration Release -NativeHostArch x64` + +3. **Git** - Version control operations + - Cherry-pick: `git cherry-pick start_commit^..end_commit` (inclusive) + - Status: `git status` + - Remotes: `origin`, `upstream-pwsh`, `upstream` + +## Workflow Phases + +### Phase 0: Research and Planning +**Objective:** Understand the merge scope, requirements, and context + +**Steps:** +1. **Read all merge instructions** from `.github/instructions/merge/` folder: + - `merge-process-overview.instructions.md` - Primary merge workflow and process overview + - `research.instructions.md` - Research methodology and analysis requirements + - `merge-details.instructions.md` - Detailed conflict resolution strategies and patterns + +2. **Analyze upstream changes:** + - Review release notes for target version + - Identify breaking changes and new features + - Note security fixes and critical updates + - Assess Windows-specific impact + +3. **Review historical context:** + - Examine previous merge PRs for patterns + - Identify recurring conflict areas + - Note Windows-specific workarounds from past merges + - Document lessons learned from previous merges + +**Success Criteria:** +- All merge instructions read and understood +- Upstream changes analyzed and documented +- Ready to proceed with environment setup + +### Phase 1: Pre-Merge Setup +**Objective:** Verify environment and establish baseline + +**Steps:** +1. Verify Git, PowerShell, Visual Studio are available +2. Confirm repository remotes are configured +3. Identify upstream version/tag to merge +4. Create merge branch: `merge-v-` +5. Perform baseline build on `latestw_all` branch +6. Use Get-CommitGroups with `-FirstChunkOnly -GroupByCIPresence` to get first commit batch + +**Success Criteria:** +- Base branch builds successfully +- First commit group identified (ending with any CI run) +- Merge branch created + +### Phase 2: Incremental Merge +**Objective:** Cherry-pick commits in a single batch ending with a CI run + +**Steps:** +1. **Get first commit batch** using Get-CommitGroups with `-FirstChunkOnly -GroupByCIPresence`: + ```pwsh + # For first batch - start from last merged tag + .github\tools\Get-CommitGroups.ps1 -GitHubTag "V_10_0_P2" -FirstChunkOnly -GroupByCIPresence + + # For subsequent batches - start from last batch's end commit + .github\tools\Get-CommitGroups.ps1 -StartCommit "" -FirstChunkOnly -GroupByCIPresence + + # The tool returns structured data: + # { + # "ChunkNumber": 1, + # "StartCommit": "609fe2c", + # "EndCommit": "6fb728d", + # "StartCommitFull": "609fe2cae2459d721ac11d23cd27b8a94397ef3c", + # "EndCommitFull": "6fb728df50c1afd338cb0223a84ce24579577eff", + # "CommitCount": 12, + # "StartMessage": "upstream: rework the text for -3 to make it clearer", + # "EndMessage": "Run all tests on Cygwin again." + # } + ``` + +2. **Display batch information for verification:** + ```pwsh + Write-Host "Processing Batch $($result.ChunkNumber)" -ForegroundColor Cyan + Write-Host "Commit Range: $($result.StartCommit)..$($result.EndCommit)" -ForegroundColor Gray + Write-Host "Start: [$($result.StartCommit)] $($result.StartMessage)" -ForegroundColor White + Write-Host "End: [$($result.EndCommit)] $($result.EndMessage)" -ForegroundColor Green + Write-Host "Total commits: $($result.CommitCount)" -ForegroundColor Yellow + ``` + +3. **Cherry-pick the batch:** + ```pwsh + git cherry-pick $($result.StartCommitFull)^..$($result.EndCommitFull) + ``` + +4. **Resolve conflicts** following Windows preservation patterns (if conflicts occur) +5. **Stage and continue:** `git add .` then `git cherry-pick --continue` +6. **Repeat steps 4-5** until all commits in batch are applied + +**Conflict Resolution Patterns:** +- **Windows-specific code:** Preserve with `#ifdef WINDOWS` +- **Removed featureand Validation +**Objective:** Build successfully and validate if CI was successful + +**MANDATORY:** Build after each commit batch before proceeding to next batch. + +**Steps:** +1. **Build the merged code:** + ```pwsh + .github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + ``` + +2. **If build fails, fix compilation errors:** + - Document all compilation errors from build output + - Fix source code issues (add Windows compatibility defines, update function signatures, add platform guards) + - Update Visual Studio project files (add/remove source files, create projects for new binaries) + - Rebuild until successful + - Commit build fixes with detailed description + +3. **Check if batch ended with successful CI:** + - Inspect the chunk's end commit CI status from Get-CommitGroups output + - Look for commits ending with `CIStatus: "success"` in the detailed output + +4. **If CI was successful, run validation tests:** + ```pwsh + .github\tools\Test-OpenSSHFunctionality.ps1 + ``` + - This test installs service, creates test user, validates SSH connectivity + - If tests fail, fix issues and commit fixes + - **Do not proceed** to next batch until tests pass + +5. **If CI was not successful (or no CI), skip validation:** + - Build success is sufficient to proceed + - Validation will be performed at next successful CI checkpoint + +**Common Build Fixes:** +- Missing source files in .vcxproj files +- Removed files still referenced in projects +- Missing function implementations (add to win32compat) + +**Success Criteria:** +- Clean build with no errors +- All expected binaries generated +- If batch had successful CI: validation tests pass +- If batch had no/failed CI: build success is sufficient + +### Phase 4: Summary and Approval +**Objective:** Summarize changes and get approval before proceeding + +**MANDATORY:** Before proceeding to the next commit batch, provide summary and wait for user approval. + +**Steps:** +1. **Generate batch summary:** + ```markdown + ## Batch Completion Summary + + **Batch:** [StartCommit]..[EndCommit] ( commits) + **End Commit CI Status:** + + ### Changes in this Batch: + - + - + - + + ### Conflicts Resolved: + - : + - : + + ### Build Status: + - Build: ✅ Success / ❌ Failed + - Build fixes applied: + + ### Validation Status: + - Validation tests: ✅ Passed / ⏭️ Skipped (no successful CI) / ❌ Failed + - Test fixes applied: + + ### Next Steps: + - Next batch will start from commit: + - Estimated remaining batches: + + **Ready to proceed to next batch?** + ``` + +2. **Wait for user response:** + - User responds "yes" / "continue" / "proceed" → Continue to Phase 5 + - User responds "no" / "stop" / "wait" → Pause and await further instructions + - User provides feedback → Address concerns and re-summarize + +**Success Criteria:** +- Summary provided with all required information +- User approval received to proceed + +### Phase 5: Iteration +**Objective:** Process remaining commit groups until merge is complete + +**Steps:** +1. **Return to Phase 2** with `-StartCommit` set to previous batch's end commit +2. **Repeat Phases 2-4** for each batch: + - Get next batch with Get-CommitGroups + - Cherry-pick commits + - Build (mandatory) + - Validate (if batch ends with successful CI) + - Summarize and get approval +3. **Continue** until all target commits are merged or HEAD is reached +4. **Perform final comprehensive validation:** + ```pwsh + .github\tools\Test-OpenSSHFunctionality.ps1 + ``` + +**Success Criteria:** +- All commit batches processed +- Build remains stable after each batch +- All successful CI checkpoints validated +- Final validation passes +1. Use Get-CommitGroups MCP tool with `-StartCommit` parameter set to previous batch end commit +2. Repeat Phase 2-4 for next batch +3. Continue until all target commits merged +4. Perform final comprehensive test + +**Success Criteria:** +- All commit groups processed +- Build remains stable after each batch +- Tests pass after each batch + +### Phase 6: Documentation and PR +**Objective:** Document changes and submit for review + +**Steps:** +1. Review all merge commits for clarity +2. Document major conflict resolutions +3. Note any Windows-specific changes +4. Push branch: `git push origin merge-v-` +5. Create PR with comprehensive description +6. Add labels and request reviewers + +**PR Description Template:** +```markdown +## Merge OpenSSH + +This PR merges upstream OpenSSH commits from through . + +### Commit Groups +- Batch 1: to ( commits) +- Batch 2: to ( commits) +... + +### Major Changes +- [List significant upstream changes] + +### Windows-Specific Resolutions +- [List Windows compatibility fixes] +- [List build system updates] + +### Testing +- [x] Builds successfully (x64) +- [x] Service starts and runs +- [x] SSH connections work +- [x] Basic operations verified + +### Known Issues +- [List any known limitations or issues] +``` + +**Success Criteria:** +- PR created with complete description +- All CI checks passing +- Reviewers assigned + +## Decision Points + +### When to Use Commit Groups +- **High complexity merge:** >100 commits, significant changes +- **Medium complexity merge:** 50-100 commits, moderate changes +- **Low complexity merge:** <50 commits, minor changes → single merge OK + +### Conflict Resolution Strategy +**Always preserve:** +- Windows-specific functionality in `#ifdef WINDOWS` blocks +- Security fixes from upstream +- Build system integrity + +**Accept upstream for:** +- Removed deprecated features (e.g., DSA) +- Algorithm updates +- API modernization + +**Combine when:** +- Both sides add different functionality +- Windows needs additional compatibility code +- Upstream changes affect Windows-specific code + +## Key Files to Monitor + +### Frequently Modified +- `config.h` / `config.h.vs` - Configuration defines +- `*.vcxproj` - Visual Studio project files +- `contrib/win32/win32compat/*` - Windows compatibility layer + +### Conflict Hotspots +- Authentication code (`auth*.c`) +- Platform-specific code (`platform*.c`) + +## Recovery Procedures + +### Abort Cherry-Pick +```bash +git cherry-pick --abort +git clean -fd +git reset --hard +``` + +### Restart from Checkpoint +```bash +git checkout merge-v- +git log --oneline -5 # Verify last successful commit +# Continue from there +``` + +### Build Failure Recovery +1. Check build log: `contrib\win32\openssh\OpenSSHReleasex64.log` +2. Search for "error C" or "error LNK" +3. Fix errors in order (compilation before linking) +4. Commit fixes separately for clarity + +## Best Practices + +### Commit Organization +- One logical fix per commit +- Clear commit messages explaining Windows-specific changes +- Reference upstream commit SHAs when applicable + +### Testing Between Batches +- Build after each batch +- Quick smoke test (service start, simple connection) +- Full test only after all batches complete + +### Documentation +- Comment complex conflict resolutions in code +- Note Windows-specific workarounds +- Link to upstream issues/PRs when relevant + +## Success Metrics +- ✅ All commits from target range merged +- ✅ Clean build with no warnings +- ✅ All tests passing +- ✅ SSH service functional +- ✅ PR approved and merged +- ✅ No regressions reported in first 48 hours + +## Reference Links + +### Repository Links +- [Upstream OpenSSH](https://github.com/openssh/openssh-portable) +- [PowerShell Fork](https://github.com/PowerShell/openssh-portable) + +### Instruction Documents (Phase 0 Required Reading) +- [Merge Process Overview](../instructions/merge/merge-process-overview.instructions.md) +- [Research Instructions](../instructions/merge/research.instructions.md) +- [Merge Details Instructions](../instructions/merge/merge-details.instructions.md) + +### Additional Instructions +- [Build Instructions](../instructions/build.instructions.md) +- [Setup Instructions](../instructions/setup.instructions.md) +- [Testing Instructions](../instructions/testing.instructions.md) diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md new file mode 100644 index 000000000000..82f267f30cd9 --- /dev/null +++ b/.github/instructions/build.instructions.md @@ -0,0 +1,300 @@ +--- +applyTo: "**/*" +--- + +# Build Instructions for AI Agents + +## Overview +This document provides comprehensive build instructions for OpenSSH-Portable on Windows, specifically tailored for AI agents performing upstream merges. + +## Prerequisites Verification + +### Check Required Tools +```pwsh +# Verify PowerShell version +$PSVersionTable.PSVersion + +# Verify Visual Studio installation +Get-ChildItem "C:\Program Files*\Microsoft Visual Studio\*\*\MSBuild\Current\Bin\msbuild.exe" + +# Verify Windows SDK +Get-ChildItem "C:\Program Files*\Windows Kits\10\bin" -Directory + +# Verify Git +git --version +``` + +## Build Process + +### Using MCP Build Tools (Recommended) + +The repository includes MCP tools that automate the build, verification, and error analysis process. + +#### Option 1: Build & Verify (Recommended) +```pwsh +# Complete build and verification in one step +.\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + +# Clean build +.\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 -Clean + +# Debug build +.\.github\tools\Build-OpenSSH.ps1 -Configuration Debug -Architecture x64 +``` + +**Output includes:** +- Build success/failure status +- All 14 expected artifacts verification +- Parsed compilation errors with file/line/code/message +- Build warnings summary +- Build log location + +#### Option 2: Build Only +```pwsh +# Incremental build +.\.github\tools\Start-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 + +# Clean build +.\.github\tools\Start-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 -Clean +``` + +#### Option 3: Test Existing Build +```pwsh +# Test artifacts and parse errors from previous build +.\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 +``` + +### Using PowerShell Module Directly (Alternative) + +If you need direct access to the build module functions: + +#### Step 1: Environment Setup +```pwsh +# Navigate to repository root +cd + +# Import build helper module +Import-Module .\contrib\win32\openssh\OpenSSHBuildHelper.psm1 -Force + +# Verify module loaded +Get-Command -Module OpenSSHBuildHelper +``` + +#### Step 2: Initial Build +```pwsh +Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 +``` + +## Compilation Error Resolution + +### Common Error Categories + +#### 1. Missing Preprocessor Definitions +**Symptoms:** +``` +error C2065: 'SOME_DEFINE': undeclared identifier +``` + +**Resolution:** +```pwsh +# Edit config.h.vs file +notepad .\contrib\win32\openssh\config.h.vs + +# Add missing definitions (example) +#define SOME_DEFINE 1 +``` + +#### 2. Missing Windows Equivalents +**Symptoms:** +``` +error C3861: 'fork': identifier not found +error C3861: 'signal': identifier not found +``` + +**Resolution Pattern:** +```c +// In source file, add Windows compatibility +#ifdef WINDOWS + // Use Windows equivalent or win32compat function + HANDLE process = CreateProcess(...); +#else + // Original Unix code + pid_t pid = fork(); +#endif +``` + +#### 3. Build System Inconsistencies +**Symptoms:** +``` +error MSB3073: The command exited with code 1 +fatal error C1083: Cannot open source file: 'newfile.c' +``` + +**AI Agent Resolution Process:** +1. **Check Makefile changes:** + ```bash + git diff upstream-pwsh/latestw_all upstream/ -- Makefile.in + ``` + +2. **Identify new/removed source files:** + ```bash + # Look for patterns like: + # ssh_SOURCES = ssh.c readconf.c clientloop.c sshtty.c \ + # sshconnect.c sshconnect2.c mux.c newfile.c + ``` + +3. **Update Visual Studio projects:** + ```xml + + + ``` + +4. **Update solution if new binaries added:** + ``` + # Check for new programs in Makefile: + # bin_PROGRAMS = ssh sshd ssh-add ssh-keygen ssh-keyscan ssh-copy-id scp sftp sftp-server ssh-pkcs11-helper ssh-sk-helper ssh-agent new-binary + ``` + +### Step-by-Step Error Resolution + +#### AI Agent Workflow: +1. **Attempt initial build using MCP tool** + ```pwsh + .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + ``` +2. **Review structured error output** from Build-OpenSSH tool +3. **Categorize error types** (preprocessor, Windows compatibility, build system) +4. **Apply appropriate resolution strategy** (see error categories above) +5. **Rebuild and verify** using Build-OpenSSH tool again +6. **Commit fixes with detailed message** + +#### Manual Error Analysis Commands (if needed): +```pwsh +# Parse errors manually from log file +.\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 + +# Direct MSBuild with detailed logging +& "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\MSBuild.exe" .\contrib\win32\openssh\Win32-OpenSSH.sln /p:Configuration=Release /p:Platform=x64 /v:detailed +``` + +## Project File Management + +### Understanding the Project Structure +``` +contrib\win32\openssh\ +├── Win32-OpenSSH.sln # Main solution file +├── libssh.vcxproj # Core SSH library +├── ssh.vcxproj # SSH client +├── sshd.vcxproj # SSH server listener handling +├── sshd-auth.vcxproj # SSH server authentication handling +├── sshd-session.vcxproj # SSH server session handling +├── ssh-add.vcxproj # Key agent utility +├── ssh-agent.vcxproj # Authentication agent +├── ssh-keygen.vcxproj # Key generation utility +├── ssh-keyscan.vcxproj # Key scanning utility +└── ssh-pkcs11-helper.vcxproj # SSH PKCS11 helper +└── ssh-shell-host.vcxproj # SSH shell host +└── ssh-sk-helper.vcxproj # SSH SK helper +├── scp.vcxproj # Secure copy +├── sftp.vcxproj # Secure file transfer client +└── sftp-server.vcxproj # Secure file transfer server +``` + +### Adding New Projects (AI Agent Process) +1. **Identify new binary in Makefile:** + ```bash + grep "bin_PROGRAMS\|sbin_PROGRAMS" Makefile.in + ``` + +2. **Check Windows applicability:** + ```bash + # Skip Unix-only binaries like ssh-keysign + # Include utilities that work on Windows + ``` + +3. **Create new project file:** + ```pwsh + # Copy existing similar project + Copy-Item ssh.vcxproj ssh-newutil.vcxproj + ``` + +4. **Update project references:** + ```xml + + + ssh-newutil + ssh-newutil + + ``` + +5. **Add to solution:** + ``` + # Edit Win32-OpenSSH.sln to include new project + ``` + +## Validation and Testing + +### Build Verification Using MCP Tools +```pwsh +# Recommended: Use Build-OpenSSH which includes testing +.\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + +# Or test an existing build +.\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 +``` + +**Expected Output:** +- Success/failure status +- 14 of 14 artifacts found +- Parsed errors and warnings +- Build log location + +**Expected Artifacts (14 executables):** +- ssh.exe, sshd.exe, sshd-auth.exe, sshd-session.exe +- ssh-agent.exe, ssh-add.exe, ssh-keygen.exe, ssh-keyscan.exe +- scp.exe, sftp.exe, sftp-server.exe +- ssh-pkcs11-helper.exe, ssh-shellhost.exe, ssh-sk-helper.exe + +### Manual Verification (Alternative) +```pwsh +# Check that all expected binaries were built +$buildPath = ".\contrib\win32\openssh\x64\Release" +Get-ChildItem $buildPath -Filter "*.exe" | Select-Object Name + +# Expected outputs: +# a binary for each vcxproj file, e.g. +# ssh.vcxproj -> ssh.exe +``` + +### Quick Functionality Test +```pwsh +# Verify version reporting +& ".\contrib\win32\openssh\x64\Release\ssh.exe" -V +``` + +## Troubleshooting Guide + +### Build Helper Module Issues +```pwsh +# Force reload module +Remove-Module OpenSSHBuildHelper -Force -ErrorAction SilentlyContinue +Import-Module .\contrib\win32\openssh\OpenSSHBuildHelper.psm1 -Force +``` + +### Path and Environment Issues +```pwsh +# Verify Visual Studio environment +& "${env:ProgramFiles}\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" + +# Check MSBuild path +where.exe msbuild +``` + +### Permission Issues +```pwsh +# Ensure running as Administrator if needed +if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) +{ + Write-Warning "Build may require Administrator privileges" +} +``` diff --git a/.github/instructions/getting-started.instructions.md b/.github/instructions/getting-started.instructions.md new file mode 100644 index 000000000000..d4f064517e42 --- /dev/null +++ b/.github/instructions/getting-started.instructions.md @@ -0,0 +1,28 @@ +### 🔧 General Repository Instructions +These instructions apply to any task involving the OpenSSH-Portable repository: + +- **[repository-overview.instructions.md](./repository-overview.instructions.md)** - Repository structure and Windows compatibility layer overview +- **[setup.instructions.md](./setup.instructions.md)** - Repository setup and environment configuration +- **[build.instructions.md](./build.instructions.md)** - Compilation procedures and error resolution +- **[testing.instructions.md](./testing.instructions.md)** - Validation and testing procedures + +### 🔀 Upstream Merge Task Instructions +These instructions are specific to performing upstream merges from openssh/openssh-portable: + +- **[merge/merge-process-overview.instructions.md](./merge/merge-process-overview.instructions.md)** - Primary merge workflow and process overview +- **[merge/merge-details.instructions.md](./merge/merge-details.instructions.md)** - Detailed conflict resolution strategies and patterns +- **[merge/research.instructions.md](./merge/research.instructions.md)** - Intelligence gathering and analysis procedures + +## Quick Start Guide + +### For Human Developers +1. Read [merge/merge-process-overview.instructions.md](./merge/merge-process-overview.instructions.md) for complete merge workflow overview +2. Follow phase-by-phase process +3. Reference general repository instructions ([setup](./setup.instructions.md), [build](./build.instructions.md), [testing](./testing.instructions.md)) as needed + +### For AI Agents +1. **Start here:** [merge/merge-process-overview.instructions.md](./merge/merge-process-overview.instructions.md) +2. **Understand the repository:** Review general instructions for setup, build, and testing procedures +3. **Follow systematic approach:** Check off each merge item before proceeding +4. **Use automation:** Leverage provided scripts in `tools/` directory +5. **Escalate if needed:** Document blockers and seek human guidance when complexity exceeds capabilities diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md new file mode 100644 index 000000000000..b2214858543c --- /dev/null +++ b/.github/instructions/merge/merge-details.instructions.md @@ -0,0 +1,504 @@ +--- +applyTo: "**/*" +--- + +# Merge Instructions for AI Agents + +## Overview +This AI-specific documentation provides comprehensive instructions and algorithmic frameworks that AI agents can use to systematically approach the OpenSSH merge process with minimal human intervention while maintaining high quality and consistency. It combines conflict resolution strategies with automated decision-making processes. + +**Key Approach: Chunked Merging** +Instead of merging entire upstream versions at once, this framework implements a chunked approach that: +- Processes commits in small batches ending with commits that have any CI run (successful or not) +- Groups commits by CI presence rather than CI success for more frequent checkpoints +- Builds after each batch (mandatory) +- Validates functionality only at successful CI checkpoints +- Requires user approval before proceeding to next batch +- Allows for incremental progress and easier rollback +- Reduces complexity of conflict resolution +- Enables better testing and validation at each step + +## Decision Framework for AI Agents + +### Pre-Merge Analysis Algorithm +```pseudocode +FUNCTION analyze_upstream_changes(target_version): + // Step 1: Find last merged commit and determine range + last_upstream_commit = find_last_upstream_commit_in_fork() + commit_range = get_commit_range(last_upstream_commit, target_version) + + // Step 2: Fetch and analyze release notes + release_notes = fetch_release_notes(target_version) + risk_factors = [] + + FOR EACH change IN release_notes: + IF change.contains(["signal", "fork", "pipe", "process", "daemon", "service"]): + risk_factors.append({type: "PROCESS_MANAGEMENT", change: change}) + IF change.contains(["auth", "pam", "kerberos", "gssapi"]): + risk_factors.append({type: "AUTHENTICATION", change: change}) + IF change.contains(["build", "makefile", "configure", "autotools"]): + risk_factors.append({type: "BUILD_SYSTEM", change: change}) + IF change.contains(["security", "cve", "vulnerability"]): + risk_factors.append({type: "SECURITY", change: change, priority: "HIGH"}) +``` + +### Conflict Resolution Decision Tree +```pseudocode +FUNCTION resolve_conflict(file_path, conflict_content): + conflict_type = analyze_conflict_type(conflict_content) + + SWITCH conflict_type: + CASE "SECURITY_FIX": + // Always accept upstream security fixes + RETURN accept_upstream(conflict_content) + + CASE "BUILD_SYSTEM_CHANGE": + // Need to update Visual Studio projects + upstream_changes = extract_upstream_changes(conflict_content) + RETURN combine_with_windows_build_system(upstream_changes) + + CASE "PROCESS_MANAGEMENT": + // Unix fork/exec vs Windows CreateProcess + IF contains_fork_or_exec(conflict_content): + RETURN wrap_with_platform_ifdef(conflict_content) + ELSE: + RETURN analyze_compatibility(conflict_content) + + CASE "AUTHENTICATION": + // PAM/Kerberos vs Windows auth + RETURN preserve_windows_auth_with_upstream_features(conflict_content) + + CASE "CONFIGURATION": + // config.h vs config.h.vs changes + new_defines = extract_new_defines(conflict_content) + RETURN update_config_h_vs(new_defines) + + DEFAULT: + // Use historical pattern matching + similar_resolutions = find_similar_conflicts(file_path, conflict_content) + RETURN apply_similar_resolution_pattern(similar_resolutions[0]) +``` + +## Information Sources and Analysis + +### Primary References +- [Upstream release notes](https://www.openssh.com/releasenotes.html) - Pay special attention when merging new versions +- [Previous merge PRs](./research.instructions.md) - Review conflict resolution patterns +- Commit history and messages - Use `git log --oneline upstream/` to understand changes +- Local repository file comparison - Use 3-way diff tools + +### Analysis Commands +```pwsh +# View commit details for understanding changes +git show + +# Compare files between branches +git diff upstream-pwsh/latestw_all upstream/ -- +``` + +## Conflict Resolution Strategies + +### 1. Taking Upstream Changes +**When to use:** Security fixes, bug fixes, feature improvements that don't conflict with Windows functionality. + +```c +// Example: Accept upstream security patch +<<<<<<< HEAD +// Windows-specific code +======= +// New upstream security fix +>>>>>>> upstream/V_X_Y_PZ +``` +**Resolution:** Take the upstream change completely. + +### 2. Combining Changes with Preprocessor Directives +**When to use:** Upstream changes that conflict with Windows-specific functionality but both are needed. + +```c +// Example: Combining platform-specific implementations +#ifdef WINDOWS + // Windows-specific implementation + return windows_specific_function(); +#else + // Upstream Unix implementation + return unix_specific_function(); +#endif /* WINDOWS */ +``` + +### 3. Excluding Changes with #ifndef WINDOWS +**When to use:** Upstream changes are not applicable to Windows or would break Windows functionality. + +```c +// Example: Excluding Unix-only functionality +#ifndef WINDOWS + // Unix-only code that doesn't apply to Windows + setup_unix_specific_feature(); +#endif /* !WINDOWS */ +``` + +## Automated Conflict Resolution Patterns + +### Pattern 1: Platform-Specific Code Wrapping +```c +// Input conflict: +<<<<<<< HEAD +void windows_specific_function() { + // Windows implementation +} +======= +void unix_specific_function() { + // New upstream Unix implementation +} +>>>>>>> upstream/version + +// AI Resolution: +#ifdef WINDOWS +void windows_specific_function() { + // Windows implementation +} +#else +void unix_specific_function() { + // New upstream Unix implementation +} +#endif /* WINDOWS */ +``` + +### Pattern 2: Configuration File Updates +```pseudocode +FUNCTION update_config_h_vs(upstream_config_changes): + config_vs_path = "./contrib/win32/openssh/config.h.vs" + current_config = read_file(config_vs_path) + + FOR EACH define IN upstream_config_changes: + IF define.is_windows_compatible(): + IF define NOT IN current_config: + add_define_to_config_vs(define, determine_windows_value(define)) + ELSE: + // Add comment explaining why it's not included + add_comment_to_config_vs(f"// {define.name} - Unix only, not applicable to Windows") + + write_file(config_vs_path, current_config) +``` + +### Pattern 3: Build System Synchronization +```pseudocode +FUNCTION sync_build_system(): + makefile_changes = get_makefile_changes() + + FOR EACH binary IN makefile_changes.new_binaries: + IF binary.is_windows_applicable(): + create_visual_studio_project(binary) + add_to_solution_file(binary) + ELSE: + log(f"Skipping {binary} - Unix only") + + FOR EACH binary IN makefile_changes.removed_binaries: + remove_visual_studio_project(binary) + remove_from_solution_file(binary) + + FOR EACH source_file IN makefile_changes.new_source_files: + target_project = determine_target_project(source_file) + add_source_to_project(target_project, source_file) +``` + +## Common Conflict Patterns + +### File System Operations +- **Fork/exec calls** → Use Windows process creation APIs +- **Signal handling** → Use Windows event mechanisms +- **File permissions** → Adapt to Windows ACL model + +### Build System Changes +- **Makefile additions** → Update Visual Studio project files +- **New dependencies** → Check Windows compatibility +- **Compiler flags** → Translate to MSVC equivalents + +### Configuration Changes +- **New config options** → Add to `./contrib/win32/openssh/config.h.vs` +- **Feature detection** → Verify Windows support +- **Default values** → Adjust for Windows environment + +## Resolution Workflow + +### For Each Conflict: +1. **Analyze the change** + ```bash + git show upstream/ -- + ``` + +2. **Check previous resolutions** + - Search previous merge PRs for similar conflicts + - Look for patterns in Windows-specific handling + +3. **Choose resolution strategy** + - Upstream change: Complete replacement + - Combined: Add preprocessor directives + - Excluded: Use `#ifndef WINDOWS` + +4. **Test the resolution** + - Ensure code compiles + - Verify simple ssh connection to local host works + - Check that upstream functionality is preserved where applicable + +5. **Document the decision** + - Add comments explaining the Windows-specific handling + - Note in commit message why this approach was chosen + +## Build Validation Automation + +### Iterative Build and Fix Process +```pseudocode +FUNCTION automated_build_fix(): + MAX_ITERATIONS = 10 + iteration = 0 + + WHILE iteration < MAX_ITERATIONS: + build_result = attempt_build() + + IF build_result.success: + RETURN SUCCESS + + errors = parse_build_errors(build_result.output) + fixes_applied = [] + + FOR EACH error IN errors: + fix = determine_fix_strategy(error) + IF fix: + apply_fix(fix) + fixes_applied.append(fix) + + IF fixes_applied.empty(): + RETURN MANUAL_INTERVENTION_REQUIRED + + commit_build_fixes(fixes_applied, f"Build fixes iteration {iteration + 1}") + iteration += 1 + + RETURN MAX_ITERATIONS_EXCEEDED + +FUNCTION determine_fix_strategy(error): + SWITCH error.type: + CASE "MISSING_INCLUDE": + RETURN add_windows_include(error.missing_header) + CASE "UNDEFINED_FUNCTION": + RETURN add_windows_equivalent(error.function_name) + CASE "MISSING_DEFINE": + RETURN add_to_config_h_vs(error.define_name) + CASE "MISSING_SOURCE_FILE": + RETURN add_source_to_project(error.file_name) + DEFAULT: + RETURN null +``` + +## Testing Automation Framework + +### Automated Test Execution +```pseudocode +FUNCTION execute_test_suite(): + test_results = {} + + // Phase 1: Build verification + test_results["build"] = verify_build_artifacts() + IF NOT test_results["build"].success: + RETURN test_results + + // Phase 2: Service setup + test_results["service_setup"] = setup_ssh_service() + IF NOT test_results["service_setup"].success: + RETURN test_results + + // Phase 3: Basic connectivity + test_results["connectivity"] = test_basic_ssh_connection() + + // Cleanup + cleanup_test_environment() + + RETURN test_results + +FUNCTION generate_test_report(test_results): + report = "# Automated Test Results\n\n" + + FOR EACH category, result IN test_results: + status = result.success ? "✅ PASS" : "❌ FAIL" + report += f"## {category}: {status}\n" + + IF NOT result.success: + report += f"Error: {result.error}\n" + report += f"Suggested Fix: {result.suggested_fix}\n" + + RETURN report +``` + +## Error Recovery Strategies + +### Automatic Rollback Points +```pseudocode +FUNCTION create_checkpoint(phase_name): + current_commit = get_current_commit_hash() + checkpoints[phase_name] = current_commit + tag_commit(f"checkpoint-{phase_name}", current_commit) + +FUNCTION rollback_to_checkpoint(phase_name): + IF phase_name IN checkpoints: + reset_to_commit(checkpoints[phase_name]) + RETURN SUCCESS + ELSE: + RETURN CHECKPOINT_NOT_FOUND + +// Usage in main workflow +create_checkpoint("pre-merge") +execute_merge() + +IF merge_conflicts_too_complex(): + rollback_to_checkpoint("pre-merge") + request_manual_intervention() +``` + +### Conflict Complexity Assessment +```pseudocode +FUNCTION assess_conflict_complexity(conflicts): + complexity_score = 0 + + FOR EACH conflict IN conflicts: + // File-based scoring + IF conflict.file.ends_with(".c", ".h"): + complexity_score += 2 + IF conflict.file.contains("auth", "pam", "kerberos"): + complexity_score += 5 + IF conflict.file == "config.h": + complexity_score += 3 + + // Content-based scoring + lines_in_conflict = conflict.content.split('\n').length + complexity_score += lines_in_conflict * 0.1 + + // Pattern-based scoring + IF conflict.content.contains("fork", "exec", "signal"): + complexity_score += 10 + IF conflict.content.contains("WIN32", "WINDOWS", "#ifdef"): + complexity_score -= 2 // Already has platform guards + + IF complexity_score > 50: + RETURN "HIGH_COMPLEXITY" + ELIF complexity_score > 20: + RETURN "MEDIUM_COMPLEXITY" + ELSE: + RETURN "LOW_COMPLEXITY" +``` + +## Anti-Patterns to Avoid + +### ❌ Don't Remove Upstream Code +```c +// WRONG: This will cause future merge conflicts +// Completely removing upstream additions +``` + +### ❌ Don't Modify Upstream Logic Without Guards +```c +// WRONG: Modifying upstream code without preprocessor protection +upstream_function_with_windows_modifications(); +``` + +### ✅ Do Use Preprocessor Guards +```c +// CORRECT: Preserve upstream code with conditional compilation +#ifdef WINDOWS + windows_alternative(); +#else + upstream_function(); +#endif +``` + +## Progress Tracking and Reporting + +### Automated Progress Updates +```pseudocode +FUNCTION update_progress(phase, status, details): + progress_entry = { + timestamp: current_timestamp(), + phase: phase, + status: status, // SUCCESS, FAILURE, IN_PROGRESS + details: details, + commit_hash: get_current_commit_hash() + } + + append_to_progress_log(progress_entry) + + IF status == "FAILURE": + generate_failure_report(phase, details) + suggest_recovery_actions(phase, details) + +FUNCTION generate_merge_summary(): + summary = { + total_conflicts: count_resolved_conflicts(), + build_iterations: count_build_fix_iterations(), + test_results: get_final_test_results(), + time_elapsed: calculate_total_time(), + commits_created: count_commits_since_start(), + complexity_rating: assess_overall_complexity() + } + + RETURN format_summary_report(summary) +``` + +## Integration with Development Workflow + +### Pull Request Preparation +```pseudocode +FUNCTION prepare_pull_request(): + // Generate comprehensive commit history + commit_history = get_commits_since_branch_creation() + + // Create PR description + pr_description = f""" +# Merge OpenSSH {target_version} to Windows Fork + +## Summary +{generate_merge_summary()} + +## Conflict Resolutions +{generate_conflict_resolution_summary()} + +## Testing Results +{generate_test_report(final_test_results)} + +## Files Modified +{list_modified_files()} + +## Breaking Changes +{identify_breaking_changes()} +""" + + RETURN { + title: f"Merge upstream OpenSSH {target_version}", + description: pr_description, + labels: ["upstream-merge", determine_complexity_label()], + assignees: get_default_reviewers() + } +``` + +## Commit Message Template + +``` +Resolve merge conflicts for + +Major conflict resolutions: +- : Combined upstream with Windows using #ifdef +- : Excluded upstream with #ifndef WINDOWS due to +- : Accepted upstream completely + +Reasoning: +``` + +## Troubleshooting + +### If Unsure About a Conflict: +1. Check if the upstream change addresses a CVE or security issue (prioritize) +2. Look for similar code patterns elsewhere in the Windows codebase +3. Consult the OpenSSH-portable issue tracker for context +4. When in doubt, use conditional compilation to preserve both approaches + +### Testing Your Resolution: +- Build the project after each major conflict resolution +- Run ssh connection to local host to ensure basic functionality +- Check that removed functionality wasn't critical to Windows operation \ No newline at end of file diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md new file mode 100644 index 000000000000..34f4b413a6b5 --- /dev/null +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -0,0 +1,280 @@ +--- +applyTo: "**/*" +--- + +# OpenSSH-Portable: Merge From Upstream Instructions + +## Overview +This documentation provides comprehensive instructions for merging OpenBSD's OpenSSH-Portable changes into the PowerShell team's Windows-compatible fork. It is designed to be used by both human developers and AI agents to complete a full merge process that results in a ready-to-merge Pull Request. + +## Prerequisites +Ensure the following tools are installed and configured before proceeding: +- **Git** +- **PowerShell** +- **Visual Studio** with: + - Latest C/C++ development tools + - Latest Windows 10/11 SDK + +## Process Overview +The merge process uses a **chunked approach** to reduce complexity and improve success rates. Instead of merging entire upstream versions at once, commits are processed in small batches ending with commits that have CI runs. Each batch is built and optionally validated before proceeding to the next. + +The process consists of several interconnected phases: + +1. **[Setup Phase](#setup-phase)** - Repository configuration and preparation +2. **[Research Phase](#research-phase)** - Understanding changes and conflicts +3. **[Merge Phase](#merge-phase)** - Performing chunked commit merging +4. **[Build Phase](#build-phase)** - Resolving compilation issues +5. **[Testing Phase](#testing-phase)** - Validating functionality +6. **[Submission Phase](#submission-phase)** - Creating the Pull Request + +## Setup Phase + +**📖 Detailed Instructions:** [Setup Instructions](../setup.instructions.md) + +**Quick Overview:** +1. Clone your fork of the openssh-portable repository +2. Configure upstream remotes (PowerShell team fork + original OpenSSH) +3. Fetch latest changes + +## Research Phase + +**📖 Detailed Instructions:** [Research Instructions](./research.instructions.md) + +**Key Resources:** +- **Upstream Release Notes:** [OpenSSH Release Notes](https://www.openssh.com/releasenotes.html) +- **Previous Merge PRs:** such as https://github.com/PowerShell/openssh-portable/pull/737 + +## Merge Phase + +### Initial Preparation +1. **Checkout base branch:** + ```pwsh + git checkout upstream-pwsh/latestw_all + ``` + +2. **Verify baseline build** + **(📖 Detailed Instructions:** [Build Instructions](../build.instructions.md)): + ```pwsh + Import-Module .\contrib\win32\openssh\OpenSSHBuildHelper.psm1 -Force + Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 + ``` + +3. **Configure git:** + ```pwsh + git config core.editor true + ``` + +3. **Create merge branch:** + ```pwsh + git checkout -b merge-v- + # Example: merge-v9.8-20241010 + ``` + +### Perform Merge with Grouped Commits +4. **Identify merge range and group commits:** + Use .\tools\Get-CommitGroups.ps1 with `-FirstChunkOnly -GroupByCIPresence` + ```pwsh + # Find the last upstream tag in the fork (this is the starting point for the next merge) + # Call .\tools\Get-CommitGroups.ps1 -GitHubTag -FirstChunkOnly -GroupByCIPresence + # This gets commits ending with any commit that has CI runs (not just successful CI) + # Example output: + # { + # "ChunkNumber": 1, + # "StartCommit": "609fe2c", + # "EndCommit": "6fb728d", + # "StartCommitFull": "609fe2cae2459d721ac11d23cd27b8a94397ef3c", + # "EndCommitFull": "6fb728df50c1afd338cb0223a84ce24579577eff", + # "CommitCount": 57, + # "StartMessage": "upstream: rework the text for -3 to make it clearer what default", + # "EndMessage": "Run all tests on Cygwin again." + # } + + # Print the commit batch details for verification + Write-Host "Processing batch: $($result.StartCommit)..$($result.EndCommit)" + Write-Host "Start: $($result.StartMessage)" + Write-Host "End: $($result.EndMessage)" + Write-Host "End Commit CI Status: $($result.EndCommit has CI runs)" + + # After completing steps below, get next batch: + # Call .\tools\Get-CommitGroups.ps1 -StartCommit -FirstChunkOnly -GroupByCIPresence + # Continue this process untiland + # follow the below steps to completion until the upstream's HEAD has been successfully merged + ``` + +5. **Execute chunked merge (commit-by-commit within the chunk):** + + **Important:** Even though commits are *grouped* into chunks for planning/CI boundaries, **cherry-pick each commit individually** within the chunk and **build after each commit**. This catches Windows-specific build breaks early and makes it clear which upstream commit introduced a regression. + + ```pwsh + # For each chunk (start..end), enumerate and cherry-pick commits one at a time. + # Then build after EACH commit. + # + # Example for a single chunk: + $chunkStart = $result.StartCommitFull + $chunkEnd = $result.EndCommitFull + $commits = git rev-list --reverse "$chunkStart^..$chunkEnd" + + foreach ($commit in $commits) { + Write-Host "Cherry-picking commit: $commit" + git cherry-pick $commit + + # Build after every commit so we can attribute failures precisely. + # Prefer the MCP build helper if available; otherwise use Start-OpenSSHBuild. + .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + } + ``` + +7. **Resolve merge conflicts (per commit):** + **📖 Detailed Instructions** ([Merge Details](./merge-details.instructions.md)): + + - Resolve conflicts for the current commit only + - Use three-way comparison tools + - Follow established Windows compatibility patterns + - Reference previous merge PRs for similar conflicts + +8. **Continue cherry-picking after resolution:** + ```pwsh + # After resolving conflicts for current commit + git add . + git cherry-pick --continue + + # Then continue with remaining commits in batch + # Repeat process for next batch if needed + ``` + +9. **Build after completing the batch:** + ```pwsh + .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + + # If build fails, fix issues and rebuild + # Commit any build fixes separately + ``` + +10. **Validate if batch ended with successful CI:** + ```pwsh + # Check the end commit's CI status from Get-CommitGroups output + # If CI was successful, run validation: + .\.github\tools\Test-OpenSSHFunctionality.ps1 + + # If no CI or failed CI, skip validation (build success is sufficient) + ``` + +11. **Provide summary and get approval:** + - Summarize batch changes, conflicts resolved, build status, validation status + - Wait for user approval before proceeding to next batch + - Document next steps (starting commit for next batch) +--- + +## Build Phase + +**📖 Detailed Instructions:** [Build Instructions](../build.instructions.md) + +7. **Initial build attempt:** + ```pwsh + Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 + ``` + +8. **Resolve compilation errors (iterative process):** + + **Common Areas to Check:** + - **config.h.vs updates:** New preprocessor definitions + - **Function signatures:** Windows equivalents for Unix functions + - **Build system changes:** Makefile vs Visual Studio projects + - **New dependencies:** Windows compatibility verification + +9. **Update Visual Studio projects:** + - Check Makefile for added/removed binaries + - Create/update .vcxproj files as needed + - Update Win32-OpenSSH.sln solution file + - Ensure Windows-applicable binaries only + +10. **Commit build fixes:** + ```pwsh + git commit -m "Fix compilation errors for + + Changes: + - Updated config.h.vs with + - Added Windows equivalent for + - Updated project files for " + ``` + +--- + +## Testing Phase + +**📖 Detailed Instructions:** [Testing Instructions](../testing.instructions.md) + +11. **Basic functionality test:** + ```pwsh + # Set up SSH service (see testing.instructions.md) + ssh.exe @localhost + ``` + +12. **Troubleshoot connection issues:** + - Enable verbose logging + - Check service configuration + - Use debugger if necessary + - Verify certificate/key handling + +13. **Commit any test fixes:** + ```pwsh + git commit -m "Fix runtime issues for + + Issues resolved: + - " + ``` + +--- + +## Submission Phase + +### Creating the Pull Request +14. **Push to fork:** + ```pwsh + git push origin merge-v- + ``` + +15. **Create Pull Request:** + - Target: `PowerShell/openssh-portable:latestw_all` + - Title: `Merge upstream OpenSSH ` + - Include comprehensive description of changes and resolutions + +16. **Address CI/test failures:** + - Monitor automated tests + - Fix any Windows-specific test failures + - Ensure all checks pass + +17. **Request review:** + - Tag appropriate PowerShell team reviewers + - Provide context for complex conflict resolutions + +--- + +## Success Criteria + +**The merge is complete when:** +- [ ] All merge conflicts resolved with documented reasoning +- [ ] Solution builds successfully on Windows +- [ ] Basic SSH connection test passes +- [ ] All CI tests pass +- [ ] PR approved and ready for merge + +--- + +## AI Agent Resources + +AI agents should utilize these additional resources: + +- **[Reference Analysis](./research.instructions.md)** - Intelligence gathering protocols +- **[Merge Details](./merge-details.instructions.md)** - Comprehensive merge process, conflict resolution, and automation algorithms +- **[Testing Instructions](../testing.instructions.md)** - Detailed validation procedures + +**For AI Agents:** +1. **Start with this overview** - Follow the phases and track progress commit-by-commit +2. **Follow decision trees** - Refer to AI agent instructions for algorithmic guidance +3. **Document everything** - Maintain detailed commit messages and resolution rationale +4. **Use automated testing** - Leverage provided test scripts for validation +5. **Escalate when needed** - If complexity exceeds capabilities, document and request human intervention + +**Success Criteria Check:** +The merge process is successful when an AI agent can complete all phases independently and produce a Pull Request that meets all quality standards without human intervention. diff --git a/.github/instructions/merge/research.instructions.md b/.github/instructions/merge/research.instructions.md new file mode 100644 index 000000000000..f8b8c5032d5c --- /dev/null +++ b/.github/instructions/merge/research.instructions.md @@ -0,0 +1,106 @@ +--- +applyTo: "**/*" +--- + +# References for AI Agents + +## AI Agent Instructions +This file provides reference materials and links that AI agents should review before and during the merge process. Each section contains specific guidance on what to look for and how to use the information. + +## Upstream Release Notes +**URL:** https://www.openssh.com/releasenotes.html + +**AI Agent Task:** +1. Navigate to the release notes page +2. Focus ONLY on the latest release section (at the top of the page) +3. Look for these specific types of changes that require Windows compatibility work: + - Signal handling modifications + - File handling changes + - Inter-process communication (IPC) updates + - New system calls or POSIX-specific functionality + - Changes to build system or dependencies + - Security fixes that might affect Windows implementations + +**Example Analysis:** +``` +If release notes mention "Added support for new signal handling in sshd", +the AI should flag this as requiring Windows event mechanism adaptation. +``` + +## Previous Merge Pull Requests + +**AI Agent Task:** Review these PRs in order of recency for conflict resolution patterns: + +1. **Most Recent:** https://github.com/PowerShell/openssh-portable/pull/737 +2. https://github.com/PowerShell/openssh-portable/pull/703 +3. https://github.com/PowerShell/openssh-portable/pull/684 +4. https://github.com/PowerShell/openssh-portable/pull/657 +5. https://github.com/PowerShell/openssh-portable/pull/626 +6. https://github.com/PowerShell/openssh-portable/pull/577 +7. https://github.com/PowerShell/openssh-portable/pull/504 +8. https://github.com/PowerShell/openssh-portable/pull/351 + +**What to Extract from Each PR:** +1. **Commit Messages:** Look for commits added AFTER the initial merge commit +2. **File Patterns:** Note which files commonly have conflicts +3. **Resolution Strategies:** Document how specific types of conflicts were resolved +4. **Build Fixes:** Note compilation issues and their solutions +5. **Test Failures:** Understand common CI/test failures and fixes + +**Key Contributors to Follow:** +- Regular PowerShell/OpenSSH-Portable contributors +- Their commit patterns and resolution strategies +- Comments and review feedback + +## Upstream Repository Analysis + +**Commands for AI Agent:** +```pwsh +# Get commit history for target version +git log --oneline upstream/ --since="" + +# Analyze specific commits +git show + +# Compare branches +git diff upstream-pwsh/latestw_all upstream/ +``` + +## Windows-Specific Knowledge Base + +### Common Conflict Areas +1. **Process Management:** fork() vs CreateProcess() +2. **Signal Handling:** Unix signals vs Windows events +3. **File Permissions:** POSIX permissions vs Windows ACLs +4. **Path Handling:** Unix paths vs Windows paths +5. **Build System:** Makefile vs Visual Studio projects + +### Resolution Pattern Library +```c +// Pattern 1: Platform-specific implementation +#ifdef WINDOWS + // Windows implementation +#else + // Unix implementation +#endif + +// Pattern 2: Exclude Unix-only features +#ifndef WINDOWS + // Unix-only code +#endif + +// Pattern 3: Windows compatibility layer +#ifdef WINDOWS + #include "win32compat.h" +#endif +``` + +## Decision Matrix for AI Agents + +| Conflict Type | Resolution Strategy | Example | +|---------------|-------------------|---------| +| Security Fix | Accept upstream completely | CVE patches | +| Build System | Update VS project files | New source files | +| System Calls | Add Windows equivalent | fork() → CreateProcess() | +| Configuration | Update config.h.vs | New preprocessor defines | +| Test Code | Platform-specific guards | Unix-only tests | diff --git a/.github/instructions/repository-overview.instructions.md b/.github/instructions/repository-overview.instructions.md new file mode 100644 index 000000000000..aa343214f394 --- /dev/null +++ b/.github/instructions/repository-overview.instructions.md @@ -0,0 +1,131 @@ +--- +applyTo: "**/*" +--- + +# Repository Structure and Windows Compatibility Layer + +## Overview + +This repository is a **downstream fork** of [openssh/openssh-portable](https://github.com/openssh/openssh-portable) maintained by the PowerShell team to provide Windows compatibility for OpenSSH. + +## Repository Organization + +### Upstream Code (Base Directory) +The root of the repository contains the upstream OpenSSH code: +- Core SSH implementation files (`.c`, `.h`) +- Unix/POSIX-focused codebase +- Maintained to stay close to upstream for easier merging + +### Windows Compatibility Layer + +#### Primary Windows Code Locations + +**1. `.\contrib\win32\openssh\`** +- Visual Studio project files (`.vcxproj`, `.sln`) +- Windows-specific build configuration +- Project organization for Windows builds + +**2. `.\contrib\win32\win32compat\`** +- Windows compatibility implementation layer +- Provides Windows equivalents for POSIX functions +- Contains platform abstraction code + +#### Compatibility Strategy + +The Windows port follows a **separation of concerns** approach to minimize divergence from upstream: + +1. **Preferred: Compatibility Layer** + - Windows-specific implementations prefixed with `w32_` + - Example: `w32_mkdir()`, `w32_stat()`, `w32_open()` + - Macro redefinition in headers to redirect POSIX calls + - Located in `contrib\win32\win32compat\` + +2. **When Necessary: Conditional Compilation** + - Use `#ifdef WINDOWS` blocks in upstream files + - Keep Windows-specific code minimal and well-documented + - Only when compatibility layer approach is insufficient + +**Example Pattern:** +```c +// In win32compat header (e.g., sys/stat.h) +int w32_mkdir(const char *pathname, unsigned short mode); +#undef mkdir // Clear any existing definition +#define mkdir w32_mkdir // Redirect to Windows implementation + +// In upstream code - no changes needed +mkdir(path, 0700); // Automatically uses w32_mkdir on Windows +``` + +## Special Case: SSH-Agent + +### Important: Separate Windows Implementation + +The **ssh-agent** is a special case that **does not follow** the standard compatibility layer pattern: + +- **Windows ssh-agent location**: `.\contrib\win32\win32compat\ssh-agent\` +- Built from **completely separate code** from the upstream ssh-agent +- Uses Windows-native APIs and service architecture + +### Implications for Upstream Merges + +When merging changes to `ssh-agent.c` or related agent files from upstream: + +1. **Simple changes** (bug fixes, small improvements): + - Manually port functionality to `contrib\win32\win32compat\ssh-agent\` + - Adapt logic to Windows implementation + +2. **Complex changes** (architectural changes, new features): + - Document as TODO in merge commit + - Flag for Windows team review + - May require significant redesign work + +3. **Do NOT**: + - Directly apply upstream ssh-agent patches to Windows version + - Assume one-to-one code correspondence + - Merge without understanding Windows implementation differences + +### Other Binaries + +All other OpenSSH binaries (ssh, sshd, scp, sftp, etc.) follow the standard compatibility layer approach and can be merged more directly from upstream with appropriate Windows compatibility adjustments. + +## Best Practices for Merging + +### 1. Minimize Direct Modifications +- Prefer extending compatibility layer over adding `#ifdef WINDOWS` blocks +- Keep upstream code as clean as possible + +### 2. Document Windows-Specific Changes +- Clear comments explaining why Windows needs different approach +- Reference related compatibility layer functions + +### 3. Test on Windows +- Always build and test on Windows after merging +- Use provided automation tools in `.github\tools\` +- Verify both functionality and build process + +### 4. Upstream Alignment +- Track which upstream commits have been merged +- Maintain clear merge history +- Document any deviations from upstream behavior + +## Key Files to Know + +### Build System +- `contrib\win32\openssh\Win32-OpenSSH.sln` - Main Visual Studio solution +- `contrib\win32\openssh\*.vcxproj` - Individual project files +- `contrib\win32\openssh\OpenSSHBuildHelper.psm1` - Build helper module + +### Compatibility Headers +- `contrib\win32\win32compat\inc\sys\*` - POSIX header replacements +- `contrib\win32\win32compat\inc\*.h` - Windows compatibility declarations +- `contrib\win32\win32compat\inc\crtheaders.h` - CRT header mappings + +### Compatibility Implementation +- `contrib\win32\win32compat\*.c` - Windows function implementations +- `contrib\win32\win32compat\ssh-agent\*` - Separate Windows ssh-agent + +## Getting Help + +- **Build issues**: See [build.instructions.md](./build.instructions.md) +- **Merge conflicts**: See [merge/merge-details.instructions.md](./merge/merge-details.instructions.md) +- **Testing**: See [testing.instructions.md](./testing.instructions.md) diff --git a/.github/instructions/setup.instructions.md b/.github/instructions/setup.instructions.md new file mode 100644 index 000000000000..3081ae3cfdd2 --- /dev/null +++ b/.github/instructions/setup.instructions.md @@ -0,0 +1,86 @@ +--- +applyTo: "**/*" +--- + +# Repository Setup Instructions for AI Agents + +## Initial Repository Setup + +### Step 1: Clone Your Fork +```pwsh +# Replace 'your-username' with actual GitHub username +git clone https://github.com/your-username/openssh-portable.git +cd openssh-portable +``` + +### Step 2: Add Upstream Repositories +```pwsh +# Add PowerShell team's fork as upstream-pwsh +git remote add upstream-pwsh https://github.com/PowerShell/openssh-portable.git + +# Add original OpenSSH repository as upstream +git remote add upstream https://github.com/openssh/openssh-portable.git +``` + +### Step 3: Verify Remote Configuration +```pwsh +git remote -v +# Expected output: +# origin https://github.com/your-username/openssh-portable.git (fetch) +# origin https://github.com/your-username/openssh-portable.git (push) +# upstream https://github.com/openssh/openssh-portable.git (fetch) +# upstream https://github.com/openssh/openssh-portable.git (push) +# upstream-pwsh https://github.com/PowerShell/openssh-portable.git (fetch) +# upstream-pwsh https://github.com/PowerShell/openssh-portable.git (push) +``` + +### Step 4: Initial Fetch +```pwsh +git fetch --all +``` + +## Branch Strategy + +### Understanding the Branch Structure +- **upstream-pwsh/latestw_all**: Main Windows-compatible branch (base for merges) +- **upstream/master**: Latest upstream OpenSSH development +- **upstream/V_X_Y_PZ**: Tagged releases (merge targets) + +### Verification Commands +```pwsh +# List all branches +git branch -r + +# Check current branch +git branch +``` + +### Step 5: Clone VCPkg Repository +```pwsh +# In the same parent directory as openssh-portable +git clone https://github.com/Microsoft/vcpkg.git +``` + +### Step 6: Setup VCPkg Integration with MSBuild +```pwsh +cd vcpkg +.\bootstrap-vcpkg.bat +.\vcpkg.exe integrate install +``` + +## AI Agent Checklist + +Before proceeding to merge: +- [ ] Repository cloned successfully +- [ ] All three remotes configured (origin, upstream, upstream-pwsh) +- [ ] Can fetch from all remotes without errors +- [ ] Can see upstream-pwsh/latestw_all branch +- [ ] Can see upstream target version/branch +- [ ] Working directory is clean (`git status` shows no uncommitted changes) + +## Troubleshooting + +### Common Issues +1. **Authentication errors**: Ensure GitHub credentials are configured +2. **Network issues**: Check proxy settings if behind corporate firewall +3. **Branch not found**: Verify branch/tag names are correct diff --git a/.github/instructions/testing.instructions.md b/.github/instructions/testing.instructions.md new file mode 100644 index 000000000000..7aa715edeab2 --- /dev/null +++ b/.github/instructions/testing.instructions.md @@ -0,0 +1,248 @@ +--- +applyTo: "**/*" +--- + +# Testing Instructions for AI Agents + +## Overview +This document provides comprehensive testing procedures for validating OpenSSH-Portable merges on Windows. Testing should be performed after successful compilation to ensure functionality is preserved. + +## Automated Testing with MCP Tools (Recommended) + +### Using Test-OpenSSHFunctionality Tool + +The repository includes an MCP tool that automates end-to-end functional testing of OpenSSH on Windows. + +```pwsh +# Run automated functional test (requires Administrator privileges) +.\.github\tools\Test-OpenSSHFunctionality.ps1 + +# Test with specific configuration +.\.github\tools\Test-OpenSSHFunctionality.ps1 -Configuration Debug -Architecture x64 + +# Skip firewall configuration if rules already exist +.\.github\tools\Test-OpenSSHFunctionality.ps1 -SkipFirewall +``` + +**What the tool does:** +1. Verifies Administrator privileges +2. Creates a temporary test user with random password +3. Installs and starts the SSH service +4. Configures Windows Firewall (unless -SkipFirewall is used) +5. Tests SSH connection with password authentication +6. Executes "echo hello world" command via SSH +7. Cleans up all resources (user, service, firewall rule) + +**Expected output on success:** +``` +=== OpenSSH Functionality Test === +[1/6] Checking Administrator privileges... +✓ Running with Administrator privileges +[2/6] Creating temporary test user... +✓ Created test user: openssh_test_1234 +[3/6] Installing SSH service... +✓ SSH service installed successfully +[4/6] Starting SSH service... +✓ SSH service started successfully +[5/6] Configuring Windows Firewall... +✓ Firewall rule created +[6/6] Testing SSH connection... +✓ SSH connection successful + Command output: hello world + +=== Cleanup === +✓ SSH service uninstalled +✓ Firewall rule removed +✓ Test user removed + +=== Test Summary === +Status: PASSED +``` + +**The tool returns a structured result object with:** +- `Success`: Boolean indicating overall test success +- `ServiceInstalled`: Whether service installation succeeded +- `ServiceStarted`: Whether service started successfully +- `ConnectionSuccessful`: Whether SSH connection test passed +- `CommandOutput`: Output from the test command +- `TestUser`: Name of the temporary test user created +- `Errors`: Array of any errors encountered +- `Message`: Summary message + +## Manual Testing Procedures + +If you need to perform manual testing or troubleshoot specific issues, follow these procedures: + +### Prerequisites Check +```pwsh +# Verify Windows version compatibility +Get-ComputerInfo | Select-Object WindowsProductName, WindowsVersion + +# Check if running as Administrator - REQUIRED for service installation +if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) +{ + Write-Error "Administrative privileges are REQUIRED for service installation and testing." + Write-Host "Please restart PowerShell or VS Code as Administrator and try again." -ForegroundColor Yellow + Write-Host "To elevate: Right-click PowerShell/VS Code -> 'Run as Administrator'" -ForegroundColor Yellow + exit 1 +} + +Write-Host "✓ Running with Administrator privileges" -ForegroundColor Green + +# Verify build artifacts exist +$buildPath = ".\contrib\win32\openssh\x64\Release" +if (-not (Test-Path "$buildPath\sshd.exe") -or -not (Test-Path "$buildPath\ssh.exe")) { + Write-Error "Build artifacts not found. Please build the project first." + exit 1 +} + +Write-Host "✓ Build artifacts verified" -ForegroundColor Green +``` + +### Test Environment Setup + +### Service Installation and Configuration + +#### Step 1: Install SSH Service +```pwsh +# Navigate to build directory +cd .\contrib\win32\openssh\x64\Release + +# Install SSH server service with PowerShell script +.\install-sshd.ps1 + +# Verify service installation +Get-Service sshd -ErrorAction SilentlyContinue | Select-Object Name, Status, StartType +``` + +#### Step 2: Configure SSH Service +```pwsh +# Start SSH service +Start-Service sshd + +# Verify service is running +Get-Service sshd | Select-Object Name, Status +``` + +#### Step 3: Configure Windows Firewall (if needed) +```pwsh +# Allow SSH through Windows Firewall +New-NetFirewallRule -DisplayName "SSH Server (sshd)" -Direction Inbound -Port 22 -Protocol TCP -Action Allow -ErrorAction SilentlyContinue +``` + +## Basic Functionality Tests + +### Test 1: SSH Client Connection +```pwsh +# Test local connection (most basic test) +$username = $env:USERNAME +$hostname = "localhost" + +Write-Host "Testing SSH connection: ssh $username@$hostname" + +# Basic connection test +.\ssh.exe $username@$hostname "echo 'SSH connection successful'" +``` + +**Expected Output:** +``` +SSH connection successful +``` + +## Error Diagnosis and Troubleshooting + +### Run SSH Server in Debug Mode +```pwsh +# Enable SSH daemon debug logging +Stop-Service sshd +.\sshd.exe -ddd + +# In another terminal, test connection with verbose client logging +.\ssh.exe -vvv $username@$hostname +``` + +### Common Issues and Solutions + +#### Issue 1: Service Won't Start +**Symptoms:** +- Service fails to start +- Event log shows service errors + +**Diagnosis:** +```pwsh +# Check event logs +Get-WinEvent -LogName System | Where-Object {$_.ProviderName -eq "Service Control Manager" -and $_.Id -eq 7034} | Select-Object -First 5 + +# Check sshd configuration +.\sshd.exe -T +``` + +**Common Solutions:** +- Verify configuration file syntax + +#### Issue 2: Connection Timeouts +**Symptoms:** +- SSH client hangs +- Connection timeout errors + +**Diagnosis:** +```pwsh +# Check network connectivity +Test-NetConnection -ComputerName localhost -Port 22 + +# Check Windows Firewall rules +Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} +``` + +## Success Criteria + +**Testing is successful when:** +- [ ] All expected executables are present after build (verified by Test-OpenSSHBuild.ps1) +- [ ] SSH service installs and starts without errors +- [ ] SSH connection with password authentication succeeds +- [ ] Test command executes successfully via SSH connection +- [ ] All resources cleaned up properly after testing + + +## AI Agent Guidelines + +1. **Use automated testing tools** whenever possible - prefer Test-OpenSSHFunctionality.ps1 over manual procedures +2. **Run tests incrementally** during the merge process, not just at the end +3. **Document any test failures** and their resolutions in commit messages +4. **Pay special attention to Windows-specific functionality** that might be affected by upstream changes +5. **Always verify cleanup** - ensure test users, services, and firewall rules are removed +6. **Report any new functionality** that needs additional testing procedures + +### Recommended Testing Workflow for AI Agents + +1. **After successful build**, run the automated functionality test: + ```pwsh + .\.github\tools\Test-OpenSSHFunctionality.ps1 + ``` + +2. **If test passes**, the merge is validated for basic SSH functionality + +3. **If test fails**, use manual procedures and debug mode to diagnose issues + +4. **Document results** in commit message or merge documentation + +## Manual Test Environment Cleanup + +If you ran manual tests instead of using the automated tool: + +```pwsh +# Clean up test environment +Stop-Service sshd -ErrorAction SilentlyContinue +cd .\contrib\win32\openssh\x64\Release +.\uninstall-sshd.ps1 + +# Remove firewall rule +Remove-NetFirewallRule -DisplayName "SSH Server (sshd)" -ErrorAction SilentlyContinue + +# Remove any test users manually created +Remove-LocalUser -Name "test_username" -ErrorAction SilentlyContinue + +Write-Host "Test environment cleaned up" +``` + +**Note:** The automated Test-OpenSSHFunctionality.ps1 tool handles all cleanup automatically, even on failure. diff --git a/.github/tools/Build-OpenSSH.ps1 b/.github/tools/Build-OpenSSH.ps1 new file mode 100644 index 000000000000..692559066f0e --- /dev/null +++ b/.github/tools/Build-OpenSSH.ps1 @@ -0,0 +1,254 @@ +<# +.SYNOPSIS + MCP wrapper tool that builds and verifies OpenSSH in a single operation. + +.DESCRIPTION + This script combines Start-OpenSSHBuild and Test-OpenSSHBuild into a single + convenient operation. It first builds OpenSSH using the specified configuration + and architecture, then tests that all expected artifacts were produced and + parses the build log for errors. + + This is the recommended tool for most build operations as it provides + comprehensive feedback in one step. + +.PARAMETER Configuration + Build configuration type. Valid values: 'Debug', 'Release' + Default: 'Release' + +.PARAMETER Architecture + Target architecture for the build. Valid values: 'x64', 'x86', 'ARM', 'ARM64' + Default: 'x64' + +.PARAMETER Clean + When specified, performs a clean build by deleting existing build artifacts first. + Default: false (incremental build) + +.PARAMETER NoOpenSSL + Build without OpenSSL support. + Default: false + +.PARAMETER OneCore + Build for Windows OneCore API subset. + Default: false + +.OUTPUTS + Returns a consolidated hashtable with: + - BuildSuccess: Boolean indicating if build succeeded + - TestSuccess: Boolean indicating if test passed + - OverallSuccess: Boolean indicating both build and test succeeded + - BuildExitCode: MSBuild exit code + - BuildMessage: Build status message + - TotalArtifacts: Count of artifacts found + - ExpectedArtifacts: Count of artifacts expected (14) + - ArtifactsMissing: Array of missing artifacts + - Errors: Array of parsed error objects + - Warnings: Array of parsed warning objects + - LogFile: Path to build log file + - BuildPath: Path to build output directory + - Message: Overall summary message + +.EXAMPLE + .\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + + Performs an incremental release build for x64 and tests artifacts. + +.EXAMPLE + .\Build-OpenSSH.ps1 -Configuration Debug -Architecture x64 -Clean + + Performs a clean debug build for x64 and tests artifacts. + +.EXAMPLE + .\Build-OpenSSH.ps1 -Architecture ARM64 -OneCore + + Performs an incremental OneCore release build for ARM64 and tests artifacts. + +.NOTES + - This tool calls Start-OpenSSHBuild.ps1 and Test-OpenSSHBuild.ps1 + - Requires Visual Studio 2019 or later with C++ tools + - Requires Windows SDK 10.0.17763.0 or later + - Build artifacts output to: contrib\win32\openssh\{Architecture}\{Configuration}\ + - Build log written to: OpenSSH{Configuration}{Architecture}.log +#> + +param( + [Parameter(Mandatory=$false)] + [ValidateSet('Debug', 'Release')] + [string]$Configuration = 'Release', + + [Parameter(Mandatory=$false)] + [ValidateSet('x64', 'x86', 'ARM', 'ARM64')] + [string]$Architecture = 'x64', + + [Parameter(Mandatory=$false)] + [switch]$Clean, + + [Parameter(Mandatory=$false)] + [switch]$NoOpenSSL, + + [Parameter(Mandatory=$false)] + [switch]$OneCore +) + +$scriptRoot = $PSScriptRoot + +try { + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "OpenSSH Build & Test Tool (MCP)" -ForegroundColor Cyan + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "Configuration: $Configuration" -ForegroundColor White + Write-Host "Architecture: $Architecture" -ForegroundColor White + Write-Host "Clean Build: $Clean" -ForegroundColor White + Write-Host "No OpenSSL: $NoOpenSSL" -ForegroundColor White + Write-Host "OneCore: $OneCore" -ForegroundColor White + Write-Host "========================================`n" -ForegroundColor Cyan + + # Step 1: Build + Write-Host "STEP 1: Building OpenSSH..." -ForegroundColor Cyan + Write-Host "----------------------------------------`n" -ForegroundColor Cyan + + $buildParams = @{ + Configuration = $Configuration + Architecture = $Architecture + } + + if ($Clean) { + $buildParams['Clean'] = $true + } + + if ($NoOpenSSL) { + $buildParams['NoOpenSSL'] = $true + } + + if ($OneCore) { + $buildParams['OneCore'] = $true + } + + $buildScriptPath = Join-Path $scriptRoot "Start-OpenSSHBuild.ps1" + $buildResult = & $buildScriptPath @buildParams + + if (-not $buildResult.Success) { + Write-Host "`n⚠ Build failed, skipping test" -ForegroundColor Yellow + + # Return build result with test skipped + $result = @{ + BuildSuccess = $false + TestSuccess = $false + OverallSuccess = $false + BuildExitCode = $buildResult.ExitCode + BuildMessage = $buildResult.Message + TotalArtifacts = 0 + ExpectedArtifacts = 14 + ArtifactsMissing = @() + Errors = @() + Warnings = @() + LogFile = $buildResult.LogFile + BuildPath = $buildResult.BuildPath + Message = "Build failed: $($buildResult.Message)" + } + + return $result + } + + # Step 2: Test + Write-Host "`nSTEP 2: Testing Build Artifacts..." -ForegroundColor Cyan + Write-Host "----------------------------------------`n" -ForegroundColor Cyan + + $testParams = @{ + Configuration = $Configuration + Architecture = $Architecture + LogFile = $buildResult.LogFile + } + + $testScriptPath = Join-Path $scriptRoot "Test-OpenSSHBuild.ps1" + $testResult = & $testScriptPath @testParams + + # Step 3: Consolidate results + $overallSuccess = $buildResult.Success -and $testResult.Success + + Write-Host "`n========================================" -ForegroundColor $(if ($overallSuccess) { "Green" } else { "Red" }) + Write-Host "OVERALL RESULT: $(if ($overallSuccess) { 'SUCCESS' } else { 'FAILED' })" -ForegroundColor $(if ($overallSuccess) { "Green" } else { "Red" }) + Write-Host "========================================" -ForegroundColor $(if ($overallSuccess) { "Green" } else { "Red" }) + + if ($overallSuccess) { + Write-Host "✓ Build succeeded" -ForegroundColor Green + Write-Host "✓ All $($testResult.ExpectedArtifacts) artifacts tested" -ForegroundColor Green + Write-Host "✓ No errors found" -ForegroundColor Green + } else { + if (-not $buildResult.Success) { + Write-Host "✗ Build failed with exit code $($buildResult.ExitCode)" -ForegroundColor Red + } + if ($testResult.ArtifactsMissing.Count -gt 0) { + Write-Host "✗ $($testResult.ArtifactsMissing.Count) artifacts missing" -ForegroundColor Red + } + if ($testResult.Errors.Count -gt 0) { + Write-Host "✗ $($testResult.Errors.Count) error(s) found" -ForegroundColor Red + } + } + + Write-Host "`nBuild artifacts: $($buildResult.BuildPath)" -ForegroundColor White + Write-Host "Build log: $($buildResult.LogFile)" -ForegroundColor White + + # Build consolidated message + $messageParts = @() + if ($buildResult.Success) { + $messageParts += "Build succeeded" + } else { + $messageParts += "Build failed" + } + + if ($testResult.Success) { + $messageParts += "all artifacts tested" + } else { + if ($testResult.ArtifactsMissing.Count -gt 0) { + $messageParts += "$($testResult.ArtifactsMissing.Count) artifacts missing" + } + if ($testResult.Errors.Count -gt 0) { + $messageParts += "$($testResult.Errors.Count) errors" + } + } + + $consolidatedMessage = $messageParts -join ", " + + $result = @{ + BuildSuccess = $buildResult.Success + TestSuccess = $testResult.Success + OverallSuccess = $overallSuccess + BuildExitCode = $buildResult.ExitCode + BuildMessage = $buildResult.Message + TotalArtifacts = $testResult.TotalArtifacts + ExpectedArtifacts = $testResult.ExpectedArtifacts + ArtifactsMissing = $testResult.ArtifactsMissing + Errors = $testResult.Errors + Warnings = $testResult.Warnings + LogFile = $buildResult.LogFile + BuildPath = $buildResult.BuildPath + Message = $consolidatedMessage + } + + return $result + +} catch { + Write-Host "`n========================================" -ForegroundColor Red + Write-Host "ERROR" -ForegroundColor Red + Write-Host "========================================" -ForegroundColor Red + Write-Host $_.Exception.Message -ForegroundColor Red + Write-Host $_.ScriptStackTrace -ForegroundColor Gray + + $result = @{ + BuildSuccess = $false + TestSuccess = $false + OverallSuccess = $false + BuildExitCode = -1 + BuildMessage = "Tool error: $($_.Exception.Message)" + TotalArtifacts = 0 + ExpectedArtifacts = 14 + ArtifactsMissing = @() + Errors = @() + Warnings = @() + LogFile = "" + BuildPath = "" + Message = "Build & test tool error: $($_.Exception.Message)" + } + + return $result +} diff --git a/.github/tools/Get-CommitGroups.ps1 b/.github/tools/Get-CommitGroups.ps1 new file mode 100644 index 000000000000..be7677800325 --- /dev/null +++ b/.github/tools/Get-CommitGroups.ps1 @@ -0,0 +1,402 @@ +<# +.SYNOPSIS + Groups upstream OpenSSH commits into batches based on CI success status or CI presence. + +.DESCRIPTION + This script fetches commits from the openssh/openssh-portable repository on GitHub + and groups them into batches (chunks) based on CI test results. By default, each chunk + ends with a commit that has all CI tests passing (success or skipped). Alternatively, + when using -GroupByCIPresence, each chunk ends with any commit that has CI runs, + regardless of success or failure. + + The script is designed to help with incremental merging of upstream commits by + identifying safe stopping points where all tests pass (or where CI exists). + + When the total number of commits exceeds 250 (GitHub API limit), the script + automatically adjusts to fetch the first 250 commits in chronological order. + +.PARAMETER GitHubTag + The GitHub tag to start from (e.g., "V_10_0_P2"). Cannot be used with -StartCommit. + The script will find commits after this tag up to HEAD. + +.PARAMETER StartCommit + The commit SHA to start from (e.g., "6fb728df50c1afd338cb0223a84ce24579577eff"). + Cannot be used with -GitHubTag. The script will find commits after this commit up to HEAD. + This is typically used when continuing from a previously merged commit. + +.PARAMETER FirstChunkOnly + When specified, the script stops after finding the first chunk with a successful CI commit + (or first chunk with any CI when using -GroupByCIPresence). + This is useful for incremental processing where you want to merge one batch at a time. + +.PARAMETER GroupByCIPresence + When specified, groups commits by CI presence (any CI run exists) rather than CI success. + Each chunk ends with a commit that has any CI runs, regardless of pass/fail status. + Default behavior (without this flag) groups by CI success only. + +.OUTPUTS + Returns an array of chunk objects, each containing: + - ChunkNumber: Sequential number of the chunk + - StartIndex/EndIndex: Array indices for the chunk range + - StartCommit/EndCommit: Short SHA (7 chars) of first and last commits + - StartCommitFull/EndCommitFull: Full SHA of first and last commits + - CommitCount: Number of commits in the chunk + - StartMessage/EndMessage: Commit messages for first and last commits + +.EXAMPLE + .\Get-CommitGroups.ps1 -GitHubTag "V_10_0_P2" -FirstChunkOnly + + Finds the first batch of commits after the V_10_0_P2 tag that ends with passing CI. + +.EXAMPLE + .\Get-CommitGroups.ps1 -StartCommit "6fb728df50c1afd338cb0223a84ce24579577eff" -FirstChunkOnly + + Finds the first batch of commits after the specified commit that ends with passing CI. + Useful for continuing from where a previous merge left off. + +.EXAMPLE + .\Get-CommitGroups.ps1 -StartCommit "6fb728df50c1afd338cb0223a84ce24579577eff" + + Finds all batches of commits after the specified commit, grouping by CI success. + Each batch ends with a commit that has passing CI tests. + +.EXAMPLE + .\Get-CommitGroups.ps1 -GitHubTag "V_10_0_P2" -GroupByCIPresence -FirstChunkOnly + + Finds the first batch of commits after the V_10_0_P2 tag that ends with any commit + that has CI runs (regardless of success or failure). + +.NOTES + - Requires internet access to query GitHub API + - Set GITHUB_TOKEN environment variable for authenticated API access (5,000 requests/hour) + - Without token: rate limited with 200ms delay between commits (60 requests/hour) + - Maximum 250 commits per API call (automatically handled) + - CI status is checked via GitHub check-runs API with pagination support + - Default mode: Commits with "success" or "skipped" CI conclusions are considered passing + - GroupByCIPresence mode: Any commit with CI runs (regardless of result) ends a chunk + +.LINK + https://github.com/openssh/openssh-portable +#> + +param( + [Parameter(Mandatory=$false)] + [string]$GitHubTag, + + [Parameter(Mandatory=$false)] + [string]$StartCommit, + + [Parameter(Mandatory=$false)] + [switch]$FirstChunkOnly, + + [Parameter(Mandatory=$false)] + [switch]$GroupByCIPresence +) + +# Validate parameters +if (-not $GitHubTag -and -not $StartCommit) { + Write-Error "Either -GitHubTag or -StartCommit must be provided" + exit 1 +} + +if ($GitHubTag -and $StartCommit) { + Write-Error "Cannot specify both -GitHubTag and -StartCommit. Please provide only one." + exit 1 +} + +# Configuration +$repo = "openssh/openssh-portable" +$apiBase = "https://api.github.com/repos/$repo" + +# Check for GitHub token for authenticated API access +$script:githubToken = $env:GITHUB_TOKEN +if ($script:githubToken) { + Write-Host "Using authenticated GitHub API (higher rate limits)" -ForegroundColor Green +} else { + Write-Host "Using unauthenticated GitHub API (rate limited - consider setting GITHUB_TOKEN)" -ForegroundColor Yellow +} + +if ($GitHubTag) { + Write-Host "Fetching commits starting from tag: $GitHubTag" -ForegroundColor Cyan +} else { + Write-Host "Fetching commits starting from commit: $StartCommit" -ForegroundColor Cyan +} + +# Function to get GitHub API headers with optional authentication +function Get-GitHubHeaders { + $headers = @{ + "User-Agent" = "PowerShell" + "Accept" = "application/vnd.github+json" + } + + if ($script:githubToken) { + $headers["Authorization"] = "Bearer $script:githubToken" + } + + return $headers +} + +# Get the starting commit SHA +try { + if ($GitHubTag) { + $tagInfo = Invoke-RestMethod -Uri "$apiBase/git/refs/tags/$GitHubTag" -Headers (Get-GitHubHeaders) + $startCommitSha = $tagInfo.object.sha + + # If it's an annotated tag, we need to get the actual commit + if ($tagInfo.object.type -eq "tag") { + $tagObject = Invoke-RestMethod -Uri $tagInfo.object.url -Headers (Get-GitHubHeaders) + $startCommitSha = $tagObject.object.sha + } + + Write-Host "Tag $GitHubTag points to commit: $startCommitSha" -ForegroundColor Green + } else { + # Validate the commit exists + $commitInfo = Invoke-RestMethod -Uri "$apiBase/commits/$StartCommit" -Headers (Get-GitHubHeaders) + $startCommitSha = $commitInfo.sha + Write-Host "Starting from commit: $startCommitSha" -ForegroundColor Green + } +} catch { + Write-Error "Failed to retrieve starting commit information: $_" + exit 1 +} + +# Function to check CI status for a commit +function Get-CommitCIStatus { + param( + [string]$sha, + [bool]$checkPresenceOnly = $false + ) + + try { + $allCheckRuns = @() + $page = 1 + $perPage = 100 + + # Fetch all pages of check runs + do { + $checkRunsUrl = "$apiBase/commits/$sha/check-runs?per_page=$perPage&page=$page" + $response = Invoke-RestMethod -Uri $checkRunsUrl -Headers (Get-GitHubHeaders) + + $allCheckRuns += $response.check_runs + $page++ + + } while ($response.check_runs.Count -eq $perPage) + + # Check if there are any check runs + if ($allCheckRuns.Count -eq 0) { + return "no_ci" + } + + # If only checking for presence, return has_ci + if ($checkPresenceOnly) { + return "has_ci" + } + + # Check if all check runs are successful or skipped + $allSuccessful = $true + foreach ($checkRun in $allCheckRuns) { + # Accept "success" or "skipped" as valid conclusions + if ($checkRun.conclusion -ne "success" -and $checkRun.conclusion -ne "skipped") { + $allSuccessful = $false + break + } + } + + if ($allSuccessful) { + return "success" + } else { + return "failure" + } + } catch { + Write-Warning "Could not get CI status for commit $sha : $_" + return "unknown" + } +} + +# Function to get commit details +function Get-CommitDetails { + param([string]$sha) + + try { + $commitUrl = "$apiBase/commits/$sha" + $commit = Invoke-RestMethod -Uri $commitUrl -Headers (Get-GitHubHeaders) + return @{ + Sha = $commit.sha.Substring(0, 7) + FullSha = $commit.sha + Message = $commit.commit.message.Split("`n")[0] + Author = $commit.commit.author.name + Date = $commit.commit.author.date + } + } catch { + Write-Warning "Could not get commit details for $sha" + return $null + } +} + +# Fetch commits starting from the tag using compare API +Write-Host "`nFetching commits from the repository..." -ForegroundColor Cyan + +try { + # Get commits after the starting commit (excluding the start commit itself) + $allCommits = @() + $page = 1 + $perPage = 250 # Compare API returns max 250 commits per page + + Write-Host "Fetching commits from $startCommitSha...HEAD" -ForegroundColor Gray + + # The Compare API doesn't support pagination, so we need to use commits API instead + # to get commits in the correct range with proper pagination + $compareUrl = "$apiBase/compare/${startCommitSha}...HEAD" + $comparison = Invoke-RestMethod -Uri $compareUrl -Headers (Get-GitHubHeaders) + + # The Compare API returns commits - need to verify order + # According to GitHub API docs, commits are in chronological order (oldest first) + $allCommits = @($comparison.commits) + + # If we hit the 250 commit limit, we need to get the actual first 250 commits + # by using the oldest commit from this batch as the end point + if ($comparison.total_commits -gt 250) { + Write-Host "Warning: Total commits ($($comparison.total_commits)) exceeds API limit (250)." -ForegroundColor Yellow + Write-Host "Fetching first 250 commits by using oldest commit as endpoint..." -ForegroundColor Cyan + + # Get the oldest commit SHA from the initial batch (first in chronological order) + $oldestCommitSha = $allCommits[0].sha + + # Now compare from start to this oldest commit to get the actual first 250 + $limitedCompareUrl = "$apiBase/compare/${startCommitSha}...${oldestCommitSha}" + Write-Host "Comparing $startCommitSha...$oldestCommitSha" -ForegroundColor Gray + $limitedComparison = Invoke-RestMethod -Uri $limitedCompareUrl -Headers (Get-GitHubHeaders) + + $allCommits = @($limitedComparison.commits) + Write-Host "Fetched $($allCommits.Count) commits in the corrected range" -ForegroundColor Green + } + + $startRef = if ($GitHubTag) { "tag $GitHubTag" } else { "commit $StartCommit" } + Write-Host "Found $($allCommits.Count) commits from $startRef" -ForegroundColor Green +} catch { + Write-Error "Failed to fetch commits: $_" + exit 1 +} + +# Process commits and check CI status +$statusCheckMessage = if ($GroupByCIPresence) { "Checking CI presence for each commit..." } else { "Checking CI status for each commit..." } +Write-Host "\n$statusCheckMessage" -ForegroundColor Cyan + +$commitsWithStatus = @() +$chunks = @() +$commitCount = 0 +$chunkStart = 0 + +foreach ($commit in $allCommits) { + $commitCount++ + Write-Host "Processing commit $commitCount of $($allCommits.Count): $($commit.sha.Substring(0,7))" -ForegroundColor Gray + + $status = Get-CommitCIStatus -sha $commit.sha -checkPresenceOnly $GroupByCIPresence + $details = Get-CommitDetails -sha $commit.sha + + if ($details) { + $commitsWithStatus += [PSCustomObject]@{ + Index = $commitCount - 1 + Sha = $details.Sha + FullSha = $details.FullSha + Message = $details.Message + Author = $details.Author + Date = $details.Date + CIStatus = $status + } + + # Check if this commit completes a chunk (based on grouping mode) + $targetStatus = if ($GroupByCIPresence) { "has_ci" } else { "success" } + if ($status -eq $targetStatus) { + $chunkEnd = $commitsWithStatus.Count - 1 + + $chunks += [PSCustomObject]@{ + ChunkNumber = $chunks.Count + 1 + StartIndex = $chunkStart + EndIndex = $chunkEnd + StartCommit = $commitsWithStatus[$chunkStart].Sha + EndCommit = $commitsWithStatus[$chunkEnd].Sha + StartCommitFull = $commitsWithStatus[$chunkStart].FullSha + EndCommitFull = $commitsWithStatus[$chunkEnd].FullSha + CommitCount = $chunkEnd - $chunkStart + 1 + StartMessage = $commitsWithStatus[$chunkStart].Message + EndMessage = $commitsWithStatus[$chunkEnd].Message + } + + $chunkStart = $commitsWithStatus.Count + + # If FirstChunkOnly is specified, stop after finding the first chunk + if ($FirstChunkOnly) { + $chunkFoundMessage = if ($GroupByCIPresence) { "Found first chunk with CI, stopping..." } else { "Found first successful chunk, stopping..." } + Write-Host $chunkFoundMessage -ForegroundColor Green + break + } + } + } + + # Rate limiting - only needed for unauthenticated requests + if (-not $script:githubToken) { + Start-Sleep -Milliseconds 200 + } +} + +# Handle remaining commits that don't end with success (only if not FirstChunkOnly or no chunk found) +if (-not $FirstChunkOnly -and $chunkStart -lt $commitsWithStatus.Count) { + $chunkEnd = $commitsWithStatus.Count - 1 + $chunks += [PSCustomObject]@{ + ChunkNumber = $chunks.Count + 1 + StartIndex = $chunkStart + EndIndex = $chunkEnd + StartCommit = $commitsWithStatus[$chunkStart].Sha + EndCommit = $commitsWithStatus[$chunkEnd].Sha + StartCommitFull = $commitsWithStatus[$chunkStart].FullSha + EndCommitFull = $commitsWithStatus[$chunkEnd].FullSha + CommitCount = $chunkEnd - $chunkStart + 1 + StartMessage = $commitsWithStatus[$chunkStart].Message + EndMessage = $commitsWithStatus[$chunkEnd].Message + } +} + +Write-Host "`nGrouping complete." -ForegroundColor Cyan + +# Display results +$groupingMode = if ($GroupByCIPresence) { "CI Presence" } else { "CI Success" } +Write-Host "\n========================================" -ForegroundColor Cyan +Write-Host "COMMIT CHUNKS (Grouped by $groupingMode)" -ForegroundColor Cyan +Write-Host "========================================`n" -ForegroundColor Cyan + +foreach ($chunk in $chunks) { + Write-Host "Chunk $($chunk.ChunkNumber): $($chunk.CommitCount) commits" -ForegroundColor Yellow + Write-Host " Start: $($chunk.StartCommit) - $($chunk.StartMessage)" -ForegroundColor White + Write-Host " End: $($chunk.EndCommit) - $($chunk.EndMessage)" -ForegroundColor Green + Write-Host " Commit Pair: ($($chunk.StartCommitFull), $($chunk.EndCommitFull))" -ForegroundColor Magenta + Write-Host "" +} + +Write-Host "`nTotal Chunks: $($chunks.Count)" -ForegroundColor Cyan +Write-Host "Total Commits: $($commitsWithStatus.Count)" -ForegroundColor Cyan + +# Output detailed commit list +Write-Host "`n========================================" -ForegroundColor Cyan +Write-Host "DETAILED COMMIT LIST" -ForegroundColor Cyan +Write-Host "========================================`n" -ForegroundColor Cyan + +# Only show commits that are part of returned chunks +$maxIndex = if ($chunks.Count -gt 0) { $chunks[-1].EndIndex } else { -1 } +foreach ($commit in $commitsWithStatus) { + if ($commit.Index -le $maxIndex) { + $statusColor = switch ($commit.CIStatus) { + "success" { "Green" } + "has_ci" { "Green" } + "failure" { "Red" } + "no_ci" { "Yellow" } + "pending" { "Yellow" } + default { "Gray" } + } + + Write-Host "$($commit.Sha) | $($commit.CIStatus.PadRight(10)) | $($commit.Message.Substring(0, [Math]::Min(60, $commit.Message.Length)))" -ForegroundColor $statusColor + } +} + +# Return the chunks for potential further processing +return $chunks diff --git a/.github/tools/Start-OpenSSHBuild.ps1 b/.github/tools/Start-OpenSSHBuild.ps1 new file mode 100644 index 000000000000..c175b29c6394 --- /dev/null +++ b/.github/tools/Start-OpenSSHBuild.ps1 @@ -0,0 +1,195 @@ +<# +.SYNOPSIS + MCP tool to build OpenSSH on Windows using Visual Studio. + +.DESCRIPTION + This script wraps the Start-OpenSSHBuild function from OpenSSHBuildHelper.psm1 + to provide a standardized MCP interface for building OpenSSH. It supports + incremental and clean builds, multiple architectures, and various build configurations. + + The tool invokes MSBuild on the Win32-OpenSSH.sln solution and captures + all build output to a log file. + +.PARAMETER Configuration + Build configuration type. Valid values: 'Debug', 'Release' + Default: 'Release' + +.PARAMETER Architecture + Target architecture for the build. Valid values: 'x64', 'x86', 'ARM', 'ARM64' + Default: 'x64' + +.PARAMETER Clean + When specified, performs a clean build by deleting existing build artifacts first. + Default: false (incremental build) + +.PARAMETER NoOpenSSL + Build without OpenSSL support. + Default: false + +.PARAMETER OneCore + Build for Windows OneCore API subset. + Default: false + +.OUTPUTS + Returns a hashtable with: + - Success: Boolean indicating build success + - ExitCode: MSBuild exit code + - LogFile: Path to build log file + - BuildPath: Path to build output directory + - Message: Status message + +.EXAMPLE + .\Start-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 + + Performs an incremental release build for x64 architecture. + +.EXAMPLE + .\Start-OpenSSHBuild.ps1 -Configuration Debug -Architecture x64 -Clean + + Performs a clean debug build for x64 architecture. + +.EXAMPLE + .\Start-OpenSSHBuild.ps1 -Architecture ARM64 -OneCore + + Performs an incremental OneCore release build for ARM64. + +.NOTES + - Requires Visual Studio 2019 or later with C++ tools + - Requires Windows SDK 10.0.17763.0 or later + - Build artifacts output to: contrib\win32\openssh\{Architecture}\{Configuration}\ + - Build log written to: OpenSSH{Configuration}{Architecture}.log +#> + +param( + [Parameter(Mandatory=$false)] + [ValidateSet('Debug', 'Release')] + [string]$Configuration = 'Release', + + [Parameter(Mandatory=$false)] + [ValidateSet('x64', 'x86', 'ARM', 'ARM64')] + [string]$Architecture = 'x64', + + [Parameter(Mandatory=$false)] + [switch]$Clean, + + [Parameter(Mandatory=$false)] + [switch]$NoOpenSSL, + + [Parameter(Mandatory=$false)] + [switch]$OneCore +) + +# Determine repository root (go up from .github\tools to repo root) +$scriptRoot = $PSScriptRoot +$repoRoot = Split-Path -Parent (Split-Path -Parent $scriptRoot) + +# Navigate to repository root +Push-Location $repoRoot + +try { + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "OpenSSH Build Tool (MCP)" -ForegroundColor Cyan + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "Configuration: $Configuration" -ForegroundColor White + Write-Host "Architecture: $Architecture" -ForegroundColor White + Write-Host "Clean Build: $Clean" -ForegroundColor White + Write-Host "No OpenSSL: $NoOpenSSL" -ForegroundColor White + Write-Host "OneCore: $OneCore" -ForegroundColor White + Write-Host "========================================`n" -ForegroundColor Cyan + + # Import OpenSSH build helper module + $buildHelperPath = Join-Path $repoRoot "contrib\win32\openssh\OpenSSHBuildHelper.psm1" + if (-not (Test-Path $buildHelperPath)) { + throw "OpenSSHBuildHelper.psm1 not found at: $buildHelperPath" + } + + Import-Module $buildHelperPath -Force -ErrorAction Stop + Write-Host "✓ Loaded OpenSSHBuildHelper module" -ForegroundColor Green + + # Define build output path + $buildPath = Join-Path $repoRoot "contrib\win32\openssh\$Architecture\$Configuration" + + # Perform clean if requested + if ($Clean -and (Test-Path $buildPath)) { + Write-Host "`nCleaning previous build artifacts..." -ForegroundColor Yellow + Remove-Item $buildPath -Recurse -Force -ErrorAction Stop + Write-Host "✓ Cleaned: $buildPath" -ForegroundColor Green + } + + # Build log file path + $logFile = Join-Path $repoRoot "OpenSSH$Configuration$Architecture.log" + Write-Host "`nBuild log: $logFile" -ForegroundColor Gray + + # Prepare parameters for Start-OpenSSHBuild + $buildParams = @{ + Configuration = $Configuration + NativeHostArch = $Architecture + } + + if ($NoOpenSSL) { + $buildParams['NoOpenSSL'] = $true + } + + if ($OneCore) { + $buildParams['OneCore'] = $true + } + + # Execute build + Write-Host "`nStarting build..." -ForegroundColor Cyan + Write-Host "Command: Start-OpenSSHBuild -Configuration $Configuration -NativeHostArch $Architecture$(if($NoOpenSSL){' -NoOpenSSL'})$(if($OneCore){' -OneCore'})" -ForegroundColor Gray + + $buildResult = Start-OpenSSHBuild @buildParams + + # Check build result + if ($buildResult -eq 0) { + Write-Host "`n========================================" -ForegroundColor Green + Write-Host "BUILD SUCCEEDED" -ForegroundColor Green + Write-Host "========================================" -ForegroundColor Green + Write-Host "Build artifacts: $buildPath" -ForegroundColor White + + $result = @{ + Success = $true + ExitCode = 0 + LogFile = $logFile + BuildPath = $buildPath + Message = "Build completed successfully" + } + } else { + Write-Host "`n========================================" -ForegroundColor Red + Write-Host "BUILD FAILED" -ForegroundColor Red + Write-Host "========================================" -ForegroundColor Red + Write-Host "Exit code: $buildResult" -ForegroundColor Red + Write-Host "Check log file: $logFile" -ForegroundColor Yellow + + $result = @{ + Success = $false + ExitCode = $buildResult + LogFile = $logFile + BuildPath = $buildPath + Message = "Build failed with exit code $buildResult. Check log file for details." + } + } + + # Output result as JSON for MCP consumption + return $result + +} catch { + Write-Host "`n========================================" -ForegroundColor Red + Write-Host "ERROR" -ForegroundColor Red + Write-Host "========================================" -ForegroundColor Red + Write-Host $_.Exception.Message -ForegroundColor Red + Write-Host $_.ScriptStackTrace -ForegroundColor Gray + + $result = @{ + Success = $false + ExitCode = -1 + LogFile = $logFile + BuildPath = $buildPath + Message = "Build tool error: $($_.Exception.Message)" + } + + return $result + +} finally { + Pop-Location +} diff --git a/.github/tools/Test-OpenSSHBuild.ps1 b/.github/tools/Test-OpenSSHBuild.ps1 new file mode 100644 index 000000000000..25aa95f4571c --- /dev/null +++ b/.github/tools/Test-OpenSSHBuild.ps1 @@ -0,0 +1,262 @@ +<# +.SYNOPSIS + MCP tool to test OpenSSH build artifacts and parse build errors. + +.DESCRIPTION + This script tests that all expected OpenSSH executables were built successfully + and parses the build log file for any compilation or linker errors using regex patterns. + + Expected artifacts (14 executables): + - ssh.exe, sshd.exe, sshd-auth.exe, sshd-session.exe + - ssh-agent.exe, ssh-add.exe, ssh-keygen.exe, ssh-keyscan.exe + - scp.exe, sftp.exe, sftp-server.exe + - ssh-pkcs11-helper.exe, ssh-shellhost.exe, ssh-sk-helper.exe + +.PARAMETER Configuration + Build configuration type that was used. Valid values: 'Debug', 'Release' + Default: 'Release' + +.PARAMETER Architecture + Target architecture that was built. Valid values: 'x64', 'x86', 'ARM', 'ARM64' + Default: 'x64' + +.PARAMETER LogFile + Optional path to the build log file. If not specified, uses default pattern: + OpenSSH{Configuration}{Architecture}.log in repository root. + +.OUTPUTS + Returns a hashtable with: + - Success: Boolean indicating if all artifacts present and no errors + - ArtifactsFound: Array of executables that exist + - ArtifactsMissing: Array of expected executables that are missing + - TotalArtifacts: Count of artifacts found + - ExpectedArtifacts: Count of artifacts expected (14) + - Errors: Array of parsed error objects with file, line, code, message + - Warnings: Array of parsed warning objects + - LogFile: Path to log file analyzed + - Message: Summary message + +.EXAMPLE + .\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 + + Tests release build artifacts for x64 architecture. + +.EXAMPLE + .\Test-OpenSSHBuild.ps1 -Configuration Debug -Architecture x86 -LogFile "C:\build\custom.log" + + Tests debug build artifacts for x86 using a custom log file location. + +.NOTES + - Expected build artifact location: contrib\win32\openssh\{Architecture}\{Configuration}\ + - Error parsing regex: ^(?.*?)\((?\d+)[,)].*?error (?(C|LNK)\d+): (?.*)$ + - Warning parsing regex: ^(?.*?)\((?\d+)[,)].*?warning (?(C|LNK)\d+): (?.*)$ +#> + +param( + [Parameter(Mandatory=$false)] + [ValidateSet('Debug', 'Release')] + [string]$Configuration = 'Release', + + [Parameter(Mandatory=$false)] + [ValidateSet('x64', 'x86', 'ARM', 'ARM64')] + [string]$Architecture = 'x64', + + [Parameter(Mandatory=$false)] + [string]$LogFile +) + +# Determine repository root (go up from .github\tools to repo root) +$scriptRoot = $PSScriptRoot +$repoRoot = Split-Path -Parent (Split-Path -Parent $scriptRoot) + +# Define expected artifacts (14 executables) +$expectedArtifacts = @( + "ssh.exe", + "sshd.exe", + "sshd-auth.exe", + "sshd-session.exe", + "ssh-agent.exe", + "ssh-add.exe", + "ssh-keygen.exe", + "ssh-keyscan.exe", + "scp.exe", + "sftp.exe", + "sftp-server.exe", + "ssh-pkcs11-helper.exe", + "ssh-shellhost.exe", + "ssh-sk-helper.exe" +) + +try { + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "OpenSSH Build Test Tool (MCP)" -ForegroundColor Cyan + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "Configuration: $Configuration" -ForegroundColor White + Write-Host "Architecture: $Architecture" -ForegroundColor White + Write-Host "========================================`n" -ForegroundColor Cyan + + # Define build output path + $buildPath = Join-Path $repoRoot "contrib\win32\openssh\$Architecture\$Configuration" + + if (-not (Test-Path $buildPath)) { + Write-Host "Build path does not exist: $buildPath" -ForegroundColor Red + + $result = @{ + Success = $false + ArtifactsFound = @() + ArtifactsMissing = $expectedArtifacts + TotalArtifacts = 0 + ExpectedArtifacts = $expectedArtifacts.Count + Errors = @() + Warnings = @() + LogFile = $LogFile + Message = "Build path does not exist: $buildPath" + } + + return $result + } + + Write-Host "Build path: $buildPath" -ForegroundColor Gray + + # Check for artifacts + Write-Host "`nChecking for expected artifacts..." -ForegroundColor Cyan + + $artifactsFound = @() + $artifactsMissing = @() + + foreach ($artifact in $expectedArtifacts) { + $artifactPath = Join-Path $buildPath $artifact + if (Test-Path $artifactPath) { + $artifactsFound += $artifact + Write-Host " ✓ $artifact" -ForegroundColor Green + } else { + $artifactsMissing += $artifact + Write-Host " ✗ $artifact (MISSING)" -ForegroundColor Red + } + } + + Write-Host "`nArtifacts: $($artifactsFound.Count) of $($expectedArtifacts.Count) found" -ForegroundColor $(if ($artifactsMissing.Count -eq 0) { "Green" } else { "Yellow" }) + + # Parse build log if available + $errors = @() + $warnings = @() + + if (-not $LogFile) { + $LogFile = Join-Path $repoRoot "OpenSSH$Configuration$Architecture.log" + } + + if (Test-Path $LogFile) { + Write-Host "`nParsing build log: $LogFile" -ForegroundColor Cyan + + $logContent = Get-Content $LogFile -ErrorAction SilentlyContinue + + if ($logContent) { + # Error regex: file(line) : error CODE: message + # Example: c:\path\file.c(123): error C2065: 'identifier' : undeclared identifier + $errorRegex = '^(?.*?)\((?\d+)[,)].*?error (?(C|LNK)\d+): (?.*)$' + + # Warning regex: similar pattern for warnings + $warningRegex = '^(?.*?)\((?\d+)[,)].*?warning (?(C|LNK)\d+): (?.*)$' + + foreach ($line in $logContent) { + # Check for errors + if ($line -match $errorRegex) { + $errors += [PSCustomObject]@{ + File = $matches['file'] + Line = [int]$matches['line'] + Code = $matches['code'] + Message = $matches['message'] + RawLine = $line + } + } + # Check for warnings + elseif ($line -match $warningRegex) { + $warnings += [PSCustomObject]@{ + File = $matches['file'] + Line = [int]$matches['line'] + Code = $matches['code'] + Message = $matches['message'] + RawLine = $line + } + } + } + + if ($errors.Count -gt 0) { + Write-Host "`nFound $($errors.Count) error(s) in build log:" -ForegroundColor Red + foreach ($e in $errors) { + Write-Host " $($e.File)($($e.Line)): error $($e.Code): $($e.Message)" -ForegroundColor Red + } + } else { + Write-Host "`n✓ No errors found in build log" -ForegroundColor Green + } + + if ($warnings.Count -gt 0) { + Write-Host "`nFound $($warnings.Count) warning(s) in build log:" -ForegroundColor Yellow + foreach ($warning in $warnings | Select-Object -First 10) { + Write-Host " $($warning.File)($($warning.Line)): warning $($warning.Code): $($warning.Message)" -ForegroundColor Yellow + } + if ($warnings.Count -gt 10) { + Write-Host " ... and $($warnings.Count - 10) more warnings" -ForegroundColor Gray + } + } + } else { + Write-Host "Log file is empty or could not be read" -ForegroundColor Yellow + } + } else { + Write-Host "`nBuild log not found: $LogFile" -ForegroundColor Yellow + } + + # Determine overall success + $success = ($artifactsMissing.Count -eq 0) -and ($errors.Count -eq 0) + + # Build summary message + if ($success) { + $message = "All $($expectedArtifacts.Count) artifacts built successfully with no errors" + } elseif ($artifactsMissing.Count -gt 0 -and $errors.Count -gt 0) { + $message = "$($artifactsMissing.Count) artifacts missing and $($errors.Count) error(s) found" + } elseif ($artifactsMissing.Count -gt 0) { + $message = "$($artifactsMissing.Count) artifacts missing" + } else { + $message = "$($errors.Count) error(s) found in build log" + } + + Write-Host "`n========================================" -ForegroundColor $(if ($success) { "Green" } else { "Red" }) + Write-Host $(if ($success) { "TEST PASSED" } else { "TEST FAILED" }) -ForegroundColor $(if ($success) { "Green" } else { "Red" }) + Write-Host "========================================" -ForegroundColor $(if ($success) { "Green" } else { "Red" }) + Write-Host $message -ForegroundColor White + + $result = @{ + Success = $success + ArtifactsFound = $artifactsFound + ArtifactsMissing = $artifactsMissing + TotalArtifacts = $artifactsFound.Count + ExpectedArtifacts = $expectedArtifacts.Count + Errors = $errors + Warnings = $warnings + LogFile = $LogFile + Message = $message + } + + return $result + +} catch { + Write-Host "`n========================================" -ForegroundColor Red + Write-Host "ERROR" -ForegroundColor Red + Write-Host "========================================" -ForegroundColor Red + Write-Host $_.Exception.Message -ForegroundColor Red + Write-Host $_.ScriptStackTrace -ForegroundColor Gray + + $result = @{ + Success = $false + ArtifactsFound = @() + ArtifactsMissing = $expectedArtifacts + TotalArtifacts = 0 + ExpectedArtifacts = $expectedArtifacts.Count + Errors = @() + Warnings = @() + LogFile = $LogFile + Message = "Test tool error: $($_.Exception.Message)" + } + + return $result +} diff --git a/.github/tools/Test-OpenSSHFunctionality.ps1 b/.github/tools/Test-OpenSSHFunctionality.ps1 new file mode 100644 index 000000000000..9e1b0f7c8907 --- /dev/null +++ b/.github/tools/Test-OpenSSHFunctionality.ps1 @@ -0,0 +1,447 @@ +<# +.SYNOPSIS + Tests OpenSSH functionality by installing the SSH service, creating a test user, + and attempting a password-authenticated SSH connection. + +.DESCRIPTION + This script performs end-to-end functional testing of OpenSSH on Windows by: + 1. Verifying Administrator privileges + 2. Creating a temporary local user with a random password + 3. Installing the SSH service using install-sshd.ps1 + 4. Starting the SSH service + 5. Configuring Windows Firewall (optional) + 6. Testing SSH connection with password authentication + 7. Cleaning up all resources (user, service, firewall rule) + + The test is successful if an SSH connection can execute "echo hello world" successfully. + +.PARAMETER Configuration + Build configuration type. Valid values: 'Debug', 'Release' + Default: 'Release' + +.PARAMETER Architecture + Target architecture. Valid values: 'x64', 'x86', 'ARM', 'ARM64' + Default: 'x64' + +.PARAMETER SkipFirewall + Skip Windows Firewall configuration. Use this if firewall rules already exist + or if testing on a system without firewall enabled. + +.PARAMETER NoCleanup + Skip cleanup of created resources (test user, firewall rule, temp files). + Useful when debugging failures. + +.EXAMPLE + .\Test-OpenSSHFunctionality.ps1 + Tests using default Release x64 build with firewall configuration + +.EXAMPLE + .\Test-OpenSSHFunctionality.ps1 -Configuration Debug -Architecture x64 + Tests using Debug x64 build + +.EXAMPLE + .\Test-OpenSSHFunctionality.ps1 -SkipFirewall + Tests without modifying firewall rules + +.NOTES + Requires Administrator privileges. + Creates temporary user with prefix "openssh_test_" which is removed after testing. +#> + +[CmdletBinding()] +param( + [Parameter()] + [ValidateSet('Debug', 'Release')] + [string]$Configuration = 'Release', + + [Parameter()] + [ValidateSet('x64', 'x86', 'ARM', 'ARM64')] + [string]$Architecture = 'x64', + + [Parameter()] + [switch]$SkipFirewall, + + [Parameter()] + [switch]$NoCleanup +) + +# Helper function to generate a random password +function New-RandomPassword { + [CmdletBinding()] + param( + [Parameter()] + [int]$Length = 20 + ) + + # Character sets for password complexity + $lowercase = 'abcdefghijklmnopqrstuvwxyz' + $uppercase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' + $numbers = '0123456789' + $special = '!@#$%^&*()_+-=[]{}|;:,.<>?' + + # Ensure at least one character from each set + $password = @( + $lowercase[(Get-Random -Maximum $lowercase.Length)] + $uppercase[(Get-Random -Maximum $uppercase.Length)] + $numbers[(Get-Random -Maximum $numbers.Length)] + $special[(Get-Random -Maximum $special.Length)] + ) + + # Fill the rest with random characters from all sets + $allChars = $lowercase + $uppercase + $numbers + $special + for ($i = $password.Count; $i -lt $Length; $i++) { + $password += $allChars[(Get-Random -Maximum $allChars.Length)] + } + + # Shuffle the password + $shuffled = $password | Sort-Object {Get-Random} + + return -join $shuffled +} + +# Initialize result object +$result = [PSCustomObject]@{ + Success = $false + ServiceInstalled = $false + ServiceStarted = $false + ConnectionSuccessful = $false + CommandOutput = $null + TestUser = $null + Errors = @() + Message = "" +} + +# Variables for cleanup tracking +$testUser = $null +$serviceWasInstalled = $false +$firewallRuleCreated = $false + +try { + Write-Host "=== OpenSSH Functionality Test ===" -ForegroundColor Cyan + Write-Host "Configuration: $Configuration" -ForegroundColor Gray + Write-Host "Architecture: $Architecture" -ForegroundColor Gray + Write-Host "" + + # Step 1: Verify Administrator privileges + Write-Host "[1/6] Checking Administrator privileges..." -ForegroundColor Yellow + $isAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") + + if (-not $isAdmin) { + $result.Errors += "Administrator privileges required" + $result.Message = "FAILED: This script must be run as Administrator for service installation and user management." + Write-Host "✗ Administrator privileges required" -ForegroundColor Red + Write-Host " Please restart PowerShell or VS Code as Administrator" -ForegroundColor Yellow + return $result + } + Write-Host "✓ Running with Administrator privileges" -ForegroundColor Green + + # Step 2: Locate build artifacts and scripts + $scriptRoot = Split-Path -Parent $PSCommandPath + $repoRoot = Split-Path -Parent (Split-Path -Parent $scriptRoot) + $buildPath = Join-Path $repoRoot "bin\$Architecture\$Configuration" + $askPassExe = Join-Path $repoRoot "regress\pesterTests\utilities\askpass_util\askpass_util.exe" + + # Verify build artifacts exist + $sshdExe = Join-Path $buildPath "sshd.exe" + $sshExe = Join-Path $buildPath "ssh.exe" + $installScript = Join-Path $buildPath "install-sshd.ps1" + + if (-not (Test-Path $sshdExe) -or -not (Test-Path $sshExe)) { + $result.Errors += "Build artifacts not found at $buildPath" + $result.Message = "FAILED: Build artifacts not found. Please build the project first." + Write-Host "✗ Build artifacts not found at $buildPath" -ForegroundColor Red + return $result + } + + if (-not (Test-Path $installScript)) { + $result.Errors += "install-sshd.ps1 not found at $buildPath" + $result.Message = "FAILED: install-sshd.ps1 script not found." + Write-Host "✗ install-sshd.ps1 not found at $buildPath" -ForegroundColor Red + return $result + } + + # Step 3: Create temporary test user + Write-Host "`n[2/6] Creating temporary test user..." -ForegroundColor Yellow + $testUsername = "openssh_test_" + (Get-Random -Minimum 1000 -Maximum 9999) + $testPassword = New-RandomPassword -Length 24 + $securePassword = ConvertTo-SecureString $testPassword -AsPlainText -Force + + try { + Import-Module Microsoft.PowerShell.LocalAccounts -UseWindowsPowerShell + New-LocalUser -Name $testUsername -Password $securePassword -Description "Temporary user for OpenSSH testing" -ErrorAction Stop | Out-Null + $testUser = $testUsername + $result.TestUser = $testUsername + $env:ASKPASS_PASSWORD = $testPassword + $env:SSH_ASKPASS_REQUIRE = "force" + if (-not (Test-Path $askPassExe)) { + throw "SSH_ASKPASS helper not found at '$askPassExe'" + } + $env:SSH_ASKPASS = $askPassExe + Write-Host "✓ Created test user: $testUsername" -ForegroundColor Green + } + catch { + $result.Errors += "Failed to create test user: $_" + $result.Message = "FAILED: Could not create temporary test user." + Write-Host "✗ Failed to create test user: $_" -ForegroundColor Red + return $result + } + + # Step 4: Install SSH service + Write-Host "`n[3/6] Installing SSH service..." -ForegroundColor Yellow + Push-Location $buildPath + try { + # Check if service already exists + $existingService = Get-Service sshd -ErrorAction SilentlyContinue + if ($existingService) { + Write-Host " SSH service already exists, uninstalling first..." -ForegroundColor Gray + $uninstallScript = Join-Path $buildPath "uninstall-sshd.ps1" + if (Test-Path $uninstallScript) { + & $uninstallScript 2>&1 | Out-Null + Start-Sleep -Seconds 2 + } + } + + # Install the service + & $installScript 2>&1 | Out-Null + $serviceWasInstalled = $true + + # Verify installation + $service = Get-Service sshd -ErrorAction SilentlyContinue + if ($service) { + $result.ServiceInstalled = $true + Write-Host "✓ SSH service installed successfully" -ForegroundColor Green + } + else { + throw "Service installation completed but service not found" + } + } + catch { + $result.Errors += "Failed to install SSH service: $_" + $result.Message = "FAILED: SSH service installation failed." + Write-Host "✗ Failed to install SSH service: $_" -ForegroundColor Red + return $result + } + finally { + Pop-Location + } + + # Step 5: Start SSH service + Write-Host "`n[4/6] Starting SSH service..." -ForegroundColor Yellow + try { + Start-Service sshd -ErrorAction Stop + Start-Sleep -Seconds 2 + + $service = Get-Service sshd + if ($service.Status -eq 'Running') { + $result.ServiceStarted = $true + Write-Host "✓ SSH service started successfully" -ForegroundColor Green + } + else { + throw "Service status is $($service.Status), expected Running" + } + } + catch { + $result.Errors += "Failed to start SSH service: $_" + $result.Message = "FAILED: Could not start SSH service." + Write-Host "✗ Failed to start SSH service: $_" -ForegroundColor Red + return $result + } + + # Step 6: Configure Windows Firewall (if not skipped) + if (-not $SkipFirewall) { + Write-Host "`n[5/6] Configuring Windows Firewall..." -ForegroundColor Yellow + try { + # Check if rule already exists + $existingRule = Get-NetFirewallRule -DisplayName "SSH Server (sshd) - Test" -ErrorAction SilentlyContinue + if ($existingRule) { + Remove-NetFirewallRule -DisplayName "SSH Server (sshd) - Test" -ErrorAction SilentlyContinue + } + + New-NetFirewallRule -DisplayName "SSH Server (sshd) - Test" -Direction Inbound -Port 22 -Protocol TCP -Action Allow -ErrorAction Stop | Out-Null + $firewallRuleCreated = $true + Write-Host "✓ Firewall rule created" -ForegroundColor Green + } + catch { + # Non-critical error, continue with test + Write-Host "⚠ Firewall configuration failed (non-critical): $_" -ForegroundColor Yellow + } + } + else { + Write-Host "`n[5/6] Skipping firewall configuration (as requested)" -ForegroundColor Gray + } + + # Step 7: Test SSH connection + Write-Host "`n[6/6] Testing SSH connection..." -ForegroundColor Yellow + + # Prepare connection test + $sshClientPath = Join-Path $buildPath "ssh.exe" + $hostname = "localhost" + $testCommand = "echo hello world" + + # Create temporary files for password input and output capture + $tempPasswordFile = [System.IO.Path]::GetTempFileName() + $tempOutputFile = [System.IO.Path]::GetTempFileName() + $tempErrorFile = [System.IO.Path]::GetTempFileName() + + try { + # Write password to temp file (for potential use, though we'll use environment variable) + Set-Content -Path $tempPasswordFile -Value $testPassword -NoNewline + + # Build SSH command with password authentication forced + # Note: Windows SSH doesn't support stdin password directly, so we rely on interactive prompt handling + # For automated testing, we'll use SSH with key-based auth disabled and capture output + + $processInfo = New-Object System.Diagnostics.ProcessStartInfo + $processInfo.FileName = $sshClientPath + $processInfo.Arguments = "-o StrictHostKeyChecking=no -o UserKnownHostsFile=NUL -o PubkeyAuthentication=no -o PasswordAuthentication=yes $testUsername@$hostname `"$testCommand`"" + $processInfo.RedirectStandardInput = $true + $processInfo.RedirectStandardOutput = $true + $processInfo.RedirectStandardError = $true + $processInfo.UseShellExecute = $false + $processInfo.CreateNoWindow = $true + + $process = New-Object System.Diagnostics.Process + $process.StartInfo = $processInfo + + Write-Host " Attempting SSH connection to $testUsername@$hostname..." -ForegroundColor Gray + + $process.Start() | Out-Null + + # Wait for completion (with timeout) + $completed = $process.WaitForExit(15000) # 15 second timeout + + if (-not $completed) { + $process.Kill() + throw "SSH connection timed out after 15 seconds" + } + + $stdout = $process.StandardOutput.ReadToEnd() + $stderr = $process.StandardError.ReadToEnd() + $exitCode = $process.ExitCode + + # Check result + if ($exitCode -eq 0 -and $stdout -match "hello world") { + $result.ConnectionSuccessful = $true + $result.CommandOutput = $stdout.Trim() + $result.Success = $true + $result.Message = "SUCCESS: SSH connection test passed. Command executed successfully." + Write-Host "✓ SSH connection successful" -ForegroundColor Green + Write-Host " Command output: $($stdout.Trim())" -ForegroundColor Gray + } + else { + $result.Errors += "SSH connection failed with exit code $exitCode" + if ($stderr) { + $result.Errors += "SSH error: $stderr" + } + $result.Message = "FAILED: SSH connection test failed." + Write-Host "✗ SSH connection failed (exit code: $exitCode)" -ForegroundColor Red + if ($stderr) { + Write-Host " Error: $stderr" -ForegroundColor Red + } + } + } + catch { + $result.Errors += "SSH connection test error: $_" + $result.Message = "FAILED: SSH connection test encountered an error." + Write-Host "✗ SSH connection test error: $_" -ForegroundColor Red + } + finally { + # Clean up temp files + if (Test-Path $tempPasswordFile) { Remove-Item $tempPasswordFile -Force -ErrorAction SilentlyContinue } + if (Test-Path $tempOutputFile) { Remove-Item $tempOutputFile -Force -ErrorAction SilentlyContinue } + if (Test-Path $tempErrorFile) { Remove-Item $tempErrorFile -Force -ErrorAction SilentlyContinue } + } +} +finally { + # Cleanup: Always attempt to clean up resources + Write-Host "`n=== Cleanup ===" -ForegroundColor Cyan + + if ($NoCleanup) { + Write-Host "⚠ NoCleanup specified - leaving resources in place for investigation." -ForegroundColor Yellow + if ($testUser) { + Write-Host " Test user: $testUser" -ForegroundColor Yellow + } + if ($serviceWasInstalled) { + Write-Host " SSH service may still be installed/running (sshd)." -ForegroundColor Yellow + } + if ($firewallRuleCreated) { + Write-Host " Firewall rule: SSH Server (sshd) - Test" -ForegroundColor Yellow + } + Write-Host ""; + } else { + # Stop and uninstall SSH service + if ($serviceWasInstalled) { + Write-Host "Stopping SSH service..." -ForegroundColor Gray + try { + Stop-Service sshd -Force -ErrorAction SilentlyContinue + Start-Sleep -Seconds 1 + } + catch { + Write-Host "⚠ Warning: Failed to stop service: $_" -ForegroundColor Yellow + } + + Write-Host "Uninstalling SSH service..." -ForegroundColor Gray + $uninstallScript = Join-Path $buildPath "uninstall-sshd.ps1" + if (Test-Path $uninstallScript) { + Push-Location $buildPath + try { + & $uninstallScript 2>&1 | Out-Null + Write-Host "✓ SSH service uninstalled" -ForegroundColor Green + } + catch { + Write-Host "⚠ Warning: Failed to uninstall service: $_" -ForegroundColor Yellow + } + finally { + Pop-Location + } + } + } + + # Remove firewall rule + if ($firewallRuleCreated) { + Write-Host "Removing firewall rule..." -ForegroundColor Gray + try { + Remove-NetFirewallRule -DisplayName "SSH Server (sshd) - Test" -ErrorAction SilentlyContinue + Write-Host "✓ Firewall rule removed" -ForegroundColor Green + } + catch { + Write-Host "⚠ Warning: Failed to remove firewall rule: $_" -ForegroundColor Yellow + } + } + + # Remove test user + if ($testUser) { + Write-Host "Removing test user..." -ForegroundColor Gray + try { + Remove-LocalUser -Name $testUser -ErrorAction Stop + Write-Host "✓ Test user removed" -ForegroundColor Green + } + catch { + Write-Host "⚠ Warning: Failed to remove test user: $_" -ForegroundColor Yellow + Write-Host " You may need to manually remove user: $testUser" -ForegroundColor Yellow + } + } + + Write-Host "" + } +} + +# Output summary +Write-Host "=== Test Summary ===" -ForegroundColor Cyan +Write-Host "Status: $(if ($result.Success) { 'PASSED' } else { 'FAILED' })" -ForegroundColor $(if ($result.Success) { 'Green' } else { 'Red' }) +Write-Host "Service Installed: $($result.ServiceInstalled)" -ForegroundColor Gray +Write-Host "Service Started: $($result.ServiceStarted)" -ForegroundColor Gray +Write-Host "Connection Successful: $($result.ConnectionSuccessful)" -ForegroundColor Gray +if ($result.CommandOutput) { + Write-Host "Command Output: $($result.CommandOutput)" -ForegroundColor Gray +} +if ($result.Errors.Count -gt 0) { + Write-Host "Errors:" -ForegroundColor Red + foreach ($e in $result.Errors) { + Write-Host " - $e" -ForegroundColor Red + } +} +Write-Host "" + +# Return result object +return $result From 1053ed352101d114f969bce07efb9d8c1329a642 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 12:10:08 -0800 Subject: [PATCH 498/687] update instructions to branch off of current branch instead of latestw_all --- .github/agents/merge-upstream.agent.md | 2 +- .../merge/merge-details.instructions.md | 2 +- .../merge/merge-process-overview.instructions.md | 13 ++++--------- .github/instructions/merge/research.instructions.md | 2 +- .github/instructions/setup.instructions.md | 3 +-- 5 files changed, 8 insertions(+), 14 deletions(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index a5565b25b883..240b1b956458 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -81,7 +81,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for 2. Confirm repository remotes are configured 3. Identify upstream version/tag to merge 4. Create merge branch: `merge-v-` -5. Perform baseline build on `latestw_all` branch +5. Perform baseline build from current branch 6. Use Get-CommitGroups with `-FirstChunkOnly -GroupByCIPresence` to get first commit batch **Success Criteria:** diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index b2214858543c..5c6f20d909d4 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -93,7 +93,7 @@ FUNCTION resolve_conflict(file_path, conflict_content): git show # Compare files between branches -git diff upstream-pwsh/latestw_all upstream/ -- +git diff HEAD upstream/ -- ``` ## Conflict Resolution Strategies diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 34f4b413a6b5..fd8cce4b2620 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -47,24 +47,19 @@ The process consists of several interconnected phases: ## Merge Phase ### Initial Preparation -1. **Checkout base branch:** - ```pwsh - git checkout upstream-pwsh/latestw_all - ``` - -2. **Verify baseline build** +1. **Verify baseline build** **(📖 Detailed Instructions:** [Build Instructions](../build.instructions.md)): ```pwsh Import-Module .\contrib\win32\openssh\OpenSSHBuildHelper.psm1 -Force Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 ``` -3. **Configure git:** +2. **Configure git:** ```pwsh git config core.editor true ``` -3. **Create merge branch:** +3. **Create merge branch from current branch:** ```pwsh git checkout -b merge-v- # Example: merge-v9.8-20241010 @@ -235,7 +230,7 @@ The process consists of several interconnected phases: ``` 15. **Create Pull Request:** - - Target: `PowerShell/openssh-portable:latestw_all` + - Target: `PowerShell/openssh-portable:` (typically the branch you started from, e.g., latestw_all) - Title: `Merge upstream OpenSSH ` - Include comprehensive description of changes and resolutions diff --git a/.github/instructions/merge/research.instructions.md b/.github/instructions/merge/research.instructions.md index f8b8c5032d5c..49b6b56a4226 100644 --- a/.github/instructions/merge/research.instructions.md +++ b/.github/instructions/merge/research.instructions.md @@ -63,7 +63,7 @@ git log --oneline upstream/ --since="" git show # Compare branches -git diff upstream-pwsh/latestw_all upstream/ +git diff HEAD upstream/ ``` ## Windows-Specific Knowledge Base diff --git a/.github/instructions/setup.instructions.md b/.github/instructions/setup.instructions.md index 3081ae3cfdd2..5ec3962af00f 100644 --- a/.github/instructions/setup.instructions.md +++ b/.github/instructions/setup.instructions.md @@ -42,7 +42,7 @@ git fetch --all ## Branch Strategy ### Understanding the Branch Structure -- **upstream-pwsh/latestw_all**: Main Windows-compatible branch (base for merges) +- **upstream-pwsh/latestw_all**: Main Windows-compatible branch - **upstream/master**: Latest upstream OpenSSH development - **upstream/V_X_Y_PZ**: Tagged releases (merge targets) @@ -74,7 +74,6 @@ Before proceeding to merge: - [ ] Repository cloned successfully - [ ] All three remotes configured (origin, upstream, upstream-pwsh) - [ ] Can fetch from all remotes without errors -- [ ] Can see upstream-pwsh/latestw_all branch - [ ] Can see upstream target version/branch - [ ] Working directory is clean (`git status` shows no uncommitted changes) From 2955382ceb21b7c65455cc373d5a312758a47414 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 12:17:50 -0800 Subject: [PATCH 499/687] remove direct references to scripts for mcp tools --- .github/agents/merge-upstream.agent.md | 21 +++++++----- .github/instructions/build.instructions.md | 32 ------------------- .../merge-process-overview.instructions.md | 1 - 3 files changed, 13 insertions(+), 41 deletions(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index 240b1b956458..9014f07e45e5 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -24,23 +24,28 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for ### Key Tools Available 1. **Get-CommitGroups MCP Tool** - Groups commits by CI presence or success - - **Access**: Available via MCP server (preferred method) + - **Access**: Available via MCP server - **MCP Tool Name**: `mcp_pwsh-mcp-server_Get_CommitGroups` - - **Direct Script**: `.github/tools/Get-CommitGroups.ps1` (fallback) - **Parameters**: - `GitHubTag` (string, optional): GitHub tag to start from (e.g., "V_10_0_P2") - `StartCommit` (string, optional): Commit SHA to start from - `FirstChunkOnly` (boolean, optional): Stop after finding first chunk - `GroupByCIPresence` (boolean, optional): Group by CI presence instead of CI success - **Recommended Usage**: Always use `-FirstChunkOnly -GroupByCIPresence` for incremental merging - - **Usage via MCP**: Use the MCP tool function directly - it handles all GitHub API calls - - **Manual Usage**: `Get-Help .\Get-CommitGroups.ps1` for direct script execution + - **Usage**: Use the MCP tool function directly - it handles all GitHub API calls + - **If tool unavailable**: ERROR - This tool is required for the merge workflow -2. **OpenSSHBuildHelper Module** - Build automation - - Location: `contrib\win32\openssh\OpenSSHBuildHelper.psm1` - - Key cmdlet: `Start-OpenSSHBuild -Configuration Release -NativeHostArch x64` +2. **Build-OpenSSH MCP Tool** - Build automation and verification + - **Access**: Available via `.github/tools/Build-OpenSSH.ps1` + - **Usage**: `.github/tools/Build-OpenSSH.ps1 -Configuration Release -Architecture x64` + - **If tool unavailable**: ERROR - This tool is required for the merge workflow -3. **Git** - Version control operations +3. **Test-OpenSSHFunctionality MCP Tool** - Functional testing + - **Access**: Available via `.github/tools/Test-OpenSSHFunctionality.ps1` + - **Usage**: `.github/tools/Test-OpenSSHFunctionality.ps1` + - **If tool unavailable**: ERROR - This tool is required for the merge workflow + +4. **Git** - Version control operations - Cherry-pick: `git cherry-pick start_commit^..end_commit` (inclusive) - Status: `git status` - Remotes: `origin`, `upstream-pwsh`, `upstream` diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 82f267f30cd9..fdd4549f207b 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -64,27 +64,6 @@ The repository includes MCP tools that automate the build, verification, and err .\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 ``` -### Using PowerShell Module Directly (Alternative) - -If you need direct access to the build module functions: - -#### Step 1: Environment Setup -```pwsh -# Navigate to repository root -cd - -# Import build helper module -Import-Module .\contrib\win32\openssh\OpenSSHBuildHelper.psm1 -Force - -# Verify module loaded -Get-Command -Module OpenSSHBuildHelper -``` - -#### Step 2: Initial Build -```pwsh -Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 -``` - ## Compilation Error Resolution ### Common Error Categories @@ -255,17 +234,6 @@ contrib\win32\openssh\ - scp.exe, sftp.exe, sftp-server.exe - ssh-pkcs11-helper.exe, ssh-shellhost.exe, ssh-sk-helper.exe -### Manual Verification (Alternative) -```pwsh -# Check that all expected binaries were built -$buildPath = ".\contrib\win32\openssh\x64\Release" -Get-ChildItem $buildPath -Filter "*.exe" | Select-Object Name - -# Expected outputs: -# a binary for each vcxproj file, e.g. -# ssh.vcxproj -> ssh.exe -``` - ### Quick Functionality Test ```pwsh # Verify version reporting diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index fd8cce4b2620..d06bda0f986b 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -114,7 +114,6 @@ The process consists of several interconnected phases: git cherry-pick $commit # Build after every commit so we can attribute failures precisely. - # Prefer the MCP build helper if available; otherwise use Start-OpenSSHBuild. .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 } ``` From 36c482653550d3d42c46e82e2fe7c7cf8fba088b Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 12:22:56 -0800 Subject: [PATCH 500/687] fix default log location in tool --- .github/tools/Test-OpenSSHBuild.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/tools/Test-OpenSSHBuild.ps1 b/.github/tools/Test-OpenSSHBuild.ps1 index 25aa95f4571c..afb978b778bc 100644 --- a/.github/tools/Test-OpenSSHBuild.ps1 +++ b/.github/tools/Test-OpenSSHBuild.ps1 @@ -142,7 +142,7 @@ try { $warnings = @() if (-not $LogFile) { - $LogFile = Join-Path $repoRoot "OpenSSH$Configuration$Architecture.log" + $LogFile = Join-Path $repoRoot "contrib\win32\openssh\OpenSSH$Configuration$Architecture.log" } if (Test-Path $LogFile) { From 2ffcb0e3aedfef3b088b44889c87cabd74f5e9b8 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 12:30:14 -0800 Subject: [PATCH 501/687] create tool for merge process prerequisites --- .github/agents/merge-upstream.agent.md | 34 +- .../merge-process-overview.instructions.md | 20 +- .github/tools/Test-MergePrerequisites.ps1 | 332 ++++++++++++++++++ 3 files changed, 374 insertions(+), 12 deletions(-) create mode 100644 .github/tools/Test-MergePrerequisites.ps1 diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index 9014f07e45e5..e5cca4d7b48e 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -82,17 +82,35 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Objective:** Verify environment and establish baseline **Steps:** -1. Verify Git, PowerShell, Visual Studio are available -2. Confirm repository remotes are configured -3. Identify upstream version/tag to merge -4. Create merge branch: `merge-v-` -5. Perform baseline build from current branch -6. Use Get-CommitGroups with `-FirstChunkOnly -GroupByCIPresence` to get first commit batch +1. **Run prerequisite verification via MCP tool:** + - **MCP Tool Name**: `mcp_test-server_Test_MergePrerequisites` + - **Parameters**: + - `TargetVersion` (string, required): Upstream version/tag to merge (e.g., "V_10_0_P2") + - `SkipBaselineBuild` (boolean, optional): Skip baseline build check (default: false) + + This single tool verifies: + - Git, PowerShell, Visual Studio are available + - Repository remotes are configured (origin, upstream, upstream-pwsh) + - Target version/tag exists in upstream + - Working directory is clean (no uncommitted changes) + - Baseline build passes from current branch + - First commit batch is identified + +2. **Proceed only if tool reports success:** + - Tool must return `Success: true` + - Tool must display "ALL PREREQUISITES MET" + - If tool fails, fix reported issues before continuing + +3. **Create merge branch:** + ```pwsh + git checkout -b merge-v- + # Example: git checkout -b merge-v10.0P2-20260109 + ``` **Success Criteria:** -- Base branch builds successfully -- First commit group identified (ending with any CI run) +- Prerequisite tool reports all checks passed - Merge branch created +- Ready to begin Phase 2 (cherry-picking first batch) ### Phase 2: Incremental Merge **Objective:** Cherry-pick commits in a single batch ending with a CI run diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index d06bda0f986b..491d36b3dd15 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -47,11 +47,23 @@ The process consists of several interconnected phases: ## Merge Phase ### Initial Preparation -1. **Verify baseline build** - **(📖 Detailed Instructions:** [Build Instructions](../build.instructions.md)): +1. **Verify prerequisites and baseline** + Use the Test-MergePrerequisites MCP tool: ```pwsh - Import-Module .\contrib\win32\openssh\OpenSSHBuildHelper.psm1 -Force - Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 + # Run prerequisite check via MCP tool + # MCP Tool Name: mcp_test-server_Test_MergePrerequisites + # Parameters: TargetVersion (required), SkipBaselineBuild (optional) + + # Example invocation (replace with target like "V_10_0_P2"): + # The MCP tool will verify: + # - Git, PowerShell, Visual Studio installed + # - Repository remotes configured (origin, upstream, upstream-pwsh) + # - Target version exists in upstream + # - Working directory is clean + # - Baseline build passes (unless SkipBaselineBuild is true) + # - First commit batch identified + + # Proceed only if tool reports "ALL PREREQUISITES MET" ``` 2. **Configure git:** diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 new file mode 100644 index 000000000000..c27c9bdb6dd5 --- /dev/null +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -0,0 +1,332 @@ +<# +.SYNOPSIS + MCP tool that verifies all prerequisites for starting an OpenSSH upstream merge. + +.DESCRIPTION + This script performs comprehensive pre-merge setup verification for the OpenSSH + upstream merge workflow. It checks: + - Required tools (Git, PowerShell, Visual Studio) + - Repository configuration (remotes, branch state) + - Baseline build capability + - Target version identification + + This tool should be run before starting Phase 1 of the merge workflow to ensure + all prerequisites are met. It prevents wasted effort by catching configuration + issues early. + +.PARAMETER TargetVersion + The upstream version/tag to merge (e.g., "V_10_0_P2", "V_9_9_P1") + This can be a tag name or branch name from the upstream repository. + +.PARAMETER SkipBaselineBuild + Skip the baseline build verification step. Use this if you've already + verified the base branch builds successfully. + Default: false (baseline build is performed) + +.OUTPUTS + Returns a hashtable with: + - Success: Boolean indicating all prerequisites passed + - GitInstalled: Boolean - Git is available + - PowerShellVersion: String - PowerShell version + - VSInstalled: Boolean - Visual Studio is available + - RemotesConfigured: Boolean - All required remotes configured + - TargetExists: Boolean - Target version/tag exists in upstream + - WorkingDirClean: Boolean - No uncommitted changes + - BaselineBuildPassed: Boolean - Base branch builds successfully (if not skipped) + - FirstChunkIdentified: Boolean - First commit batch identified + - FirstChunk: Object - First commit batch details from Get-CommitGroups + - Issues: Array - List of any issues found + - Message: String - Summary message + +.EXAMPLE + .\Test-MergePrerequisites.ps1 -TargetVersion "V_10_0_P2" + + Verifies all prerequisites for merging upstream V_10_0_P2. + +.EXAMPLE + .\Test-MergePrerequisites.ps1 -TargetVersion "V_10_0_P2" -SkipBaselineBuild + + Verifies prerequisites but skips the baseline build check. + +.NOTES + - This is a Phase 1 Pre-Merge Setup verification tool + - Should be run before creating the merge branch + - Requires approximately 2-5 minutes to complete (depending on baseline build) + - Part of the OpenSSH upstream merge workflow automation +#> + +param( + [Parameter(Mandatory=$true)] + [string]$TargetVersion, + + [Parameter(Mandatory=$false)] + [switch]$SkipBaselineBuild +) + +$scriptRoot = $PSScriptRoot +$repoRoot = (Get-Item $scriptRoot).Parent.Parent.FullName + +$result = @{ + Success = $false + GitInstalled = $false + PowerShellVersion = $PSVersionTable.PSVersion.ToString() + VSInstalled = $false + RemotesConfigured = $false + TargetExists = $false + WorkingDirClean = $false + BaselineBuildPassed = $null # null if skipped + FirstChunkIdentified = $false + FirstChunk = $null + Issues = @() + Message = "" +} + +try { + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "OpenSSH Merge Prerequisites Check" -ForegroundColor Cyan + Write-Host "========================================" -ForegroundColor Cyan + Write-Host "Target Version: $TargetVersion" -ForegroundColor White + Write-Host "Skip Baseline: $SkipBaselineBuild" -ForegroundColor White + Write-Host "========================================`n" -ForegroundColor Cyan + + # Change to repository root + Push-Location $repoRoot + + # Step 1: Verify Git + Write-Host "[1/8] Checking Git installation..." -ForegroundColor Cyan + try { + $gitVersion = git --version 2>&1 + if ($LASTEXITCODE -eq 0) { + $result.GitInstalled = $true + Write-Host " ✓ Git installed: $gitVersion" -ForegroundColor Green + } else { + $result.Issues += "Git is not installed or not in PATH" + Write-Host " ✗ Git not found" -ForegroundColor Red + } + } catch { + $result.Issues += "Git is not installed or not in PATH" + Write-Host " ✗ Git not found" -ForegroundColor Red + } + + # Step 2: Verify PowerShell version + Write-Host "`n[2/8] Checking PowerShell version..." -ForegroundColor Cyan + $psVersion = $PSVersionTable.PSVersion + if ($psVersion.Major -ge 5) { + Write-Host " ✓ PowerShell $($psVersion.ToString()) (>= 5.0)" -ForegroundColor Green + } else { + $result.Issues += "PowerShell version $($psVersion.ToString()) is too old (need >= 5.0)" + Write-Host " ✗ PowerShell $($psVersion.ToString()) is too old (need >= 5.0)" -ForegroundColor Red + } + + # Step 3: Verify Visual Studio + Write-Host "`n[3/8] Checking Visual Studio installation..." -ForegroundColor Cyan + $msBuildPaths = @( + "${env:ProgramFiles}\Microsoft Visual Studio\2022\*\MSBuild\Current\Bin\MSBuild.exe", + "${env:ProgramFiles}\Microsoft Visual Studio\2019\*\MSBuild\Current\Bin\MSBuild.exe", + "${env:ProgramFiles(x86)}\Microsoft Visual Studio\2022\*\MSBuild\Current\Bin\MSBuild.exe", + "${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\*\MSBuild\Current\Bin\MSBuild.exe" + ) + + $msBuildFound = $false + foreach ($path in $msBuildPaths) { + $resolved = Resolve-Path $path -ErrorAction SilentlyContinue + if ($resolved) { + $msBuildFound = $true + $result.VSInstalled = $true + Write-Host " ✓ Visual Studio found: $($resolved.Path)" -ForegroundColor Green + break + } + } + + if (-not $msBuildFound) { + $result.Issues += "Visual Studio 2019 or later not found" + Write-Host " ✗ Visual Studio 2019 or later not found" -ForegroundColor Red + } + + # Step 4: Verify repository remotes + Write-Host "`n[4/8] Checking repository remotes..." -ForegroundColor Cyan + if ($result.GitInstalled) { + $remotes = git remote 2>&1 + $expectedRemotes = @('origin', 'upstream', 'upstream-pwsh') + $missingRemotes = @() + + foreach ($remote in $expectedRemotes) { + if ($remotes -contains $remote) { + $remoteUrl = git remote get-url $remote 2>&1 + Write-Host " ✓ $remote configured: $remoteUrl" -ForegroundColor Green + } else { + $missingRemotes += $remote + Write-Host " ✗ $remote not configured" -ForegroundColor Red + } + } + + if ($missingRemotes.Count -eq 0) { + $result.RemotesConfigured = $true + } else { + $result.Issues += "Missing remotes: $($missingRemotes -join ', ')" + } + } else { + Write-Host " ⊘ Skipped (Git not available)" -ForegroundColor Yellow + } + + # Step 5: Verify target version exists + Write-Host "`n[5/8] Checking target version exists..." -ForegroundColor Cyan + if ($result.GitInstalled -and $result.RemotesConfigured) { + Write-Host " Fetching from upstream..." -ForegroundColor Gray + git fetch upstream 2>&1 | Out-Null + + $tagExists = git rev-parse "upstream/$TargetVersion" 2>&1 + if ($LASTEXITCODE -eq 0) { + $result.TargetExists = $true + Write-Host " ✓ Target exists: upstream/$TargetVersion" -ForegroundColor Green + } else { + $result.Issues += "Target version/tag 'upstream/$TargetVersion' not found" + Write-Host " ✗ Target 'upstream/$TargetVersion' not found" -ForegroundColor Red + } + } else { + Write-Host " ⊘ Skipped (prerequisites not met)" -ForegroundColor Yellow + } + + # Step 6: Verify working directory is clean + Write-Host "`n[6/8] Checking working directory state..." -ForegroundColor Cyan + if ($result.GitInstalled) { + $status = git status --porcelain 2>&1 + if ([string]::IsNullOrWhiteSpace($status)) { + $result.WorkingDirClean = $true + Write-Host " ✓ Working directory is clean" -ForegroundColor Green + } else { + $result.Issues += "Working directory has uncommitted changes" + Write-Host " ✗ Working directory has uncommitted changes" -ForegroundColor Red + Write-Host " Run 'git status' to see changes" -ForegroundColor Yellow + } + } else { + Write-Host " ⊘ Skipped (Git not available)" -ForegroundColor Yellow + } + + # Step 7: Baseline build verification + Write-Host "`n[7/8] Verifying baseline build..." -ForegroundColor Cyan + if ($SkipBaselineBuild) { + Write-Host " ⊘ Skipped (SkipBaselineBuild flag set)" -ForegroundColor Yellow + } else { + $currentBranch = git rev-parse --abbrev-ref HEAD 2>&1 + Write-Host " Current branch: $currentBranch" -ForegroundColor Gray + Write-Host " Starting baseline build..." -ForegroundColor Gray + + $buildScriptPath = Join-Path $scriptRoot "Build-OpenSSH.ps1" + $buildResult = & $buildScriptPath -Configuration Release -Architecture x64 + + if ($buildResult.OverallSuccess) { + $result.BaselineBuildPassed = $true + Write-Host " ✓ Baseline build passed" -ForegroundColor Green + Write-Host " All $($buildResult.ExpectedArtifacts) artifacts built successfully" -ForegroundColor Gray + } else { + $result.BaselineBuildPassed = $false + $result.Issues += "Baseline build failed: $($buildResult.Message)" + Write-Host " ✗ Baseline build failed" -ForegroundColor Red + Write-Host " $($buildResult.Message)" -ForegroundColor Yellow + Write-Host " Check build log: $($buildResult.LogFile)" -ForegroundColor Yellow + } + } + + # Step 8: Identify first commit batch + Write-Host "`n[8/8] Identifying first commit batch..." -ForegroundColor Cyan + if ($result.GitInstalled -and $result.TargetExists) { + $commitGroupsScript = Join-Path $scriptRoot "Get-CommitGroups.ps1" + + Write-Host " Finding last merged tag..." -ForegroundColor Gray + # Find the last upstream tag in current branch + $lastTag = git describe --tags --match "V_*" --abbrev=0 2>&1 + + if ($LASTEXITCODE -eq 0) { + Write-Host " Last merged tag: $lastTag" -ForegroundColor Gray + Write-Host " Finding commits from $lastTag to $TargetVersion..." -ForegroundColor Gray + + try { + $firstChunk = & $commitGroupsScript -GitHubTag $lastTag -FirstChunkOnly -GroupByCIPresence + + if ($firstChunk -and $firstChunk.CommitCount -gt 0) { + $result.FirstChunkIdentified = $true + $result.FirstChunk = $firstChunk + Write-Host " ✓ First batch identified" -ForegroundColor Green + Write-Host " Range: $($firstChunk.StartCommit)..$($firstChunk.EndCommit)" -ForegroundColor Gray + Write-Host " Commits: $($firstChunk.CommitCount)" -ForegroundColor Gray + Write-Host " Start: $($firstChunk.StartMessage)" -ForegroundColor Gray + Write-Host " End: $($firstChunk.EndMessage)" -ForegroundColor Gray + } else { + $result.Issues += "No commits found between $lastTag and $TargetVersion" + Write-Host " ⚠ No new commits found (may already be up to date)" -ForegroundColor Yellow + } + } catch { + $result.Issues += "Failed to get commit groups: $($_.Exception.Message)" + Write-Host " ✗ Failed to get commit groups" -ForegroundColor Red + Write-Host " $($_.Exception.Message)" -ForegroundColor Yellow + } + } else { + $result.Issues += "Could not find last merged tag (no V_* tags in current branch)" + Write-Host " ✗ Could not find last merged tag" -ForegroundColor Red + } + } else { + Write-Host " ⊘ Skipped (prerequisites not met)" -ForegroundColor Yellow + } + + # Final evaluation + Write-Host "`n========================================" -ForegroundColor Cyan + Write-Host "PREREQUISITE CHECK SUMMARY" -ForegroundColor Cyan + Write-Host "========================================" -ForegroundColor Cyan + + $criticalChecks = @( + $result.GitInstalled, + $result.VSInstalled, + $result.RemotesConfigured, + $result.TargetExists, + $result.WorkingDirClean + ) + + # Baseline build is critical unless skipped + if (-not $SkipBaselineBuild) { + $criticalChecks += $result.BaselineBuildPassed + } + + # First chunk identification is informational, not critical + $result.Success = ($criticalChecks | Where-Object { $_ -eq $false }).Count -eq 0 + + if ($result.Success) { + Write-Host "✓ ALL PREREQUISITES MET" -ForegroundColor Green + Write-Host "`nYou are ready to begin the merge process:" -ForegroundColor White + Write-Host " 1. Create merge branch: git checkout -b merge-v$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray + Write-Host " 2. Begin cherry-picking commits from first batch" -ForegroundColor Gray + + if ($result.FirstChunkIdentified) { + Write-Host "`nFirst batch to merge:" -ForegroundColor White + Write-Host " git cherry-pick $($result.FirstChunk.StartCommitFull)^..$($result.FirstChunk.EndCommitFull)" -ForegroundColor Gray + } + + $result.Message = "All prerequisites met. Ready to start merge." + } else { + Write-Host "✗ PREREQUISITES NOT MET" -ForegroundColor Red + Write-Host "`nIssues found:" -ForegroundColor Yellow + foreach ($issue in $result.Issues) { + Write-Host " • $issue" -ForegroundColor Red + } + $result.Message = "$($result.Issues.Count) issue(s) found. Fix issues before starting merge." + } + + Write-Host "" + + return $result + +} catch { + Write-Host "`n========================================" -ForegroundColor Red + Write-Host "ERROR" -ForegroundColor Red + Write-Host "========================================" -ForegroundColor Red + Write-Host $_.Exception.Message -ForegroundColor Red + Write-Host $_.ScriptStackTrace -ForegroundColor Gray + + $result.Success = $false + $result.Issues += "Tool error: $($_.Exception.Message)" + $result.Message = "Prerequisite check failed with error: $($_.Exception.Message)" + + return $result +} finally { + Pop-Location +} From 4984b21ecd7e1b4bb41f0142483593cadcd37313 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 12:44:19 -0800 Subject: [PATCH 502/687] replace more direct scripts references to mcp tool references --- .github/agents/merge-upstream.agent.md | 76 +++++++++-------- .github/instructions/build.instructions.md | 71 ++++++++-------- .../merge-process-overview.instructions.md | 85 ++++++++++--------- .github/instructions/testing.instructions.md | 62 ++++++++++---- 4 files changed, 167 insertions(+), 127 deletions(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index e5cca4d7b48e..da1c415110ce 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -25,7 +25,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for 1. **Get-CommitGroups MCP Tool** - Groups commits by CI presence or success - **Access**: Available via MCP server - - **MCP Tool Name**: `mcp_pwsh-mcp-server_Get_CommitGroups` + - **MCP Tool Name**: `mcp_openssh-server_Get_CommitGroups` - **Parameters**: - `GitHubTag` (string, optional): GitHub tag to start from (e.g., "V_10_0_P2") - `StartCommit` (string, optional): Commit SHA to start from @@ -36,13 +36,20 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - **If tool unavailable**: ERROR - This tool is required for the merge workflow 2. **Build-OpenSSH MCP Tool** - Build automation and verification - - **Access**: Available via `.github/tools/Build-OpenSSH.ps1` - - **Usage**: `.github/tools/Build-OpenSSH.ps1 -Configuration Release -Architecture x64` + - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` + - **Parameters**: + - `Configuration` (string, optional): Build configuration - "Debug" or "Release" (default: "Release") + - `Architecture` (string, optional): Target architecture - "x64", "x86", "ARM", "ARM64" (default: "x64") + - `Clean` (boolean, optional): Perform clean build (default: false) - **If tool unavailable**: ERROR - This tool is required for the merge workflow 3. **Test-OpenSSHFunctionality MCP Tool** - Functional testing - - **Access**: Available via `.github/tools/Test-OpenSSHFunctionality.ps1` - - **Usage**: `.github/tools/Test-OpenSSHFunctionality.ps1` + - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **Parameters**: + - `Configuration` (string, optional): Build configuration - "Debug" or "Release" (default: "Release") + - `Architecture` (string, optional): Target architecture - "x64", "x86", "ARM", "ARM64" (default: "x64") + - `SkipFirewall` (boolean, optional): Skip firewall configuration (default: false) + - `NoCleanup` (boolean, optional): Skip cleanup for debugging (default: false) - **If tool unavailable**: ERROR - This tool is required for the merge workflow 4. **Git** - Version control operations @@ -83,7 +90,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Steps:** 1. **Run prerequisite verification via MCP tool:** - - **MCP Tool Name**: `mcp_test-server_Test_MergePrerequisites` + - **MCP Tool Name**: `mcp_openssh-server_Test_MergePrerequisites` - **Parameters**: - `TargetVersion` (string, required): Upstream version/tag to merge (e.g., "V_10_0_P2") - `SkipBaselineBuild` (boolean, optional): Skip baseline build check (default: false) @@ -116,25 +123,24 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Objective:** Cherry-pick commits in a single batch ending with a CI run **Steps:** -1. **Get first commit batch** using Get-CommitGroups with `-FirstChunkOnly -GroupByCIPresence`: - ```pwsh - # For first batch - start from last merged tag - .github\tools\Get-CommitGroups.ps1 -GitHubTag "V_10_0_P2" -FirstChunkOnly -GroupByCIPresence - - # For subsequent batches - start from last batch's end commit - .github\tools\Get-CommitGroups.ps1 -StartCommit "" -FirstChunkOnly -GroupByCIPresence +1. **Get first commit batch** using Get-CommitGroups MCP tool: + - **MCP Tool Name**: `mcp_openssh-serve_Get_CommitGroups` + - **Parameters**: + - For first batch: `GitHubTag="V_10_0_P2"`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - For subsequent batches: `StartCommit=""`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - # The tool returns structured data: - # { - # "ChunkNumber": 1, - # "StartCommit": "609fe2c", - # "EndCommit": "6fb728d", - # "StartCommitFull": "609fe2cae2459d721ac11d23cd27b8a94397ef3c", - # "EndCommitFull": "6fb728df50c1afd338cb0223a84ce24579577eff", - # "CommitCount": 12, - # "StartMessage": "upstream: rework the text for -3 to make it clearer", - # "EndMessage": "Run all tests on Cygwin again." - # } + **The tool returns structured data:** + ```json + { + "ChunkNumber": 1, + "StartCommit": "609fe2c", + "EndCommit": "6fb728d", + "StartCommitFull": "609fe2cae2459d721ac11d23cd27b8a94397ef3c", + "EndCommitFull": "6fb728df50c1afd338cb0223a84ce24579577eff", + "CommitCount": 12, + "StartMessage": "upstream: rework the text for -3 to make it clearer", + "EndMessage": "Run all tests on Cygwin again." + } ``` 2. **Display batch information for verification:** @@ -164,9 +170,8 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Steps:** 1. **Build the merged code:** - ```pwsh - .github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 - ``` + - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` 2. **If build fails, fix compilation errors:** - Document all compilation errors from build output @@ -180,12 +185,12 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - Look for commits ending with `CIStatus: "success"` in the detailed output 4. **If CI was successful, run validation tests:** - ```pwsh - .github\tools\Test-OpenSSHFunctionality.ps1 - ``` - - This test installs service, creates test user, validates SSH connectivity - - If tests fail, fix issues and commit fixes - - **Do not proceed** to next batch until tests pass + - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **Parameters**: (use defaults for Release/x64) + + This test installs service, creates test user, validates SSH connectivity. + If tests fail, fix issues and commit fixes. + **Do not proceed** to next batch until tests pass. 5. **If CI was not successful (or no CI), skip validation:** - Build success is sufficient to proceed @@ -261,9 +266,8 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - Summarize and get approval 3. **Continue** until all target commits are merged or HEAD is reached 4. **Perform final comprehensive validation:** - ```pwsh - .github\tools\Test-OpenSSHFunctionality.ps1 - ``` + - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **Parameters**: (use defaults for Release/x64) **Success Criteria:** - All commit batches processed diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index fdd4549f207b..84b10974f4c0 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -31,16 +31,17 @@ git --version The repository includes MCP tools that automate the build, verification, and error analysis process. #### Option 1: Build & Verify (Recommended) -```pwsh -# Complete build and verification in one step -.\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 - -# Clean build -.\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 -Clean - -# Debug build -.\.github\tools\Build-OpenSSH.ps1 -Configuration Debug -Architecture x64 -``` +Use the Build-OpenSSH MCP tool: +- **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` +- **Parameters**: + - `Configuration` (optional): "Debug" or "Release" (default: "Release") + - `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") + - `Clean` (optional): Perform clean build (default: false) + +**Examples:** +- Complete build and verification: `Configuration="Release"`, `Architecture="x64"` +- Clean build: `Configuration="Release"`, `Architecture="x64"`, `Clean=true` +- Debug build: `Configuration="Debug"`, `Architecture="x64"` **Output includes:** - Build success/failure status @@ -50,19 +51,21 @@ The repository includes MCP tools that automate the build, verification, and err - Build log location #### Option 2: Build Only -```pwsh -# Incremental build -.\.github\tools\Start-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 +Use the Start-OpenSSHBuild MCP tool: +- **MCP Tool Name**: `mcp_openssh-serve_Start_OpenSSHBuild` +- **Parameters**: + - `Configuration` (optional): "Debug" or "Release" (default: "Release") + - `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") + - `Clean` (optional): Perform clean build (default: false) -# Clean build -.\.github\tools\Start-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 -Clean -``` +**Examples:** +- Incremental build: `Configuration="Release"`, `Architecture="x64"` +- Clean build: `Configuration="Release"`, `Architecture="x64"`, `Clean=true` #### Option 3: Test Existing Build -```pwsh -# Test artifacts and parse errors from previous build -.\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 -``` +Use the Test-OpenSSHBuild MCP tool: +- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` +- **Parameters**: `Configuration="Release"`, `Architecture="x64"` ## Compilation Error Resolution @@ -138,21 +141,21 @@ fatal error C1083: Cannot open source file: 'newfile.c' #### AI Agent Workflow: 1. **Attempt initial build using MCP tool** - ```pwsh - .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 - ``` + - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` 2. **Review structured error output** from Build-OpenSSH tool 3. **Categorize error types** (preprocessor, Windows compatibility, build system) 4. **Apply appropriate resolution strategy** (see error categories above) -5. **Rebuild and verify** using Build-OpenSSH tool again +5. **Rebuild and verify** using Build-OpenSSH MCP tool again 6. **Commit fixes with detailed message** #### Manual Error Analysis Commands (if needed): -```pwsh -# Parse errors manually from log file -.\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 +Parse errors manually from log file using the Test-OpenSSHBuild MCP tool: +- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` +- **Parameters**: `Configuration="Release"`, `Architecture="x64"` -# Direct MSBuild with detailed logging +Or use direct MSBuild with detailed logging: +```pwsh & "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\MSBuild.exe" .\contrib\win32\openssh\Win32-OpenSSH.sln /p:Configuration=Release /p:Platform=x64 /v:detailed ``` @@ -215,13 +218,13 @@ contrib\win32\openssh\ ### Build Verification Using MCP Tools ```pwsh -# Recommended: Use Build-OpenSSH which includes testing -.\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 - -# Or test an existing build -.\.github\tools\Test-OpenSSHBuild.ps1 -Configuration Release -Architecture x64 -``` +Use the Build-OpenSSH MCP tool (recommended): +- **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` +- **Parameters**: `Configuration="Release"`, `Architecture="x64"` +Or test an existing build: +- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` +- **Parameters**: `Configuration="Release"`, `Architecture="x64" **Expected Output:** - Success/failure status - 14 of 14 artifacts found diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 491d36b3dd15..69083761a9fd 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -51,7 +51,7 @@ The process consists of several interconnected phases: Use the Test-MergePrerequisites MCP tool: ```pwsh # Run prerequisite check via MCP tool - # MCP Tool Name: mcp_test-server_Test_MergePrerequisites + # MCP Tool Name: mcp_openssh-server_Test_MergePrerequisites # Parameters: TargetVersion (required), SkipBaselineBuild (optional) # Example invocation (replace with target like "V_10_0_P2"): @@ -79,35 +79,41 @@ The process consists of several interconnected phases: ### Perform Merge with Grouped Commits 4. **Identify merge range and group commits:** - Use .\tools\Get-CommitGroups.ps1 with `-FirstChunkOnly -GroupByCIPresence` - ```pwsh - # Find the last upstream tag in the fork (this is the starting point for the next merge) - # Call .\tools\Get-CommitGroups.ps1 -GitHubTag -FirstChunkOnly -GroupByCIPresence - # This gets commits ending with any commit that has CI runs (not just successful CI) - # Example output: - # { - # "ChunkNumber": 1, - # "StartCommit": "609fe2c", - # "EndCommit": "6fb728d", - # "StartCommitFull": "609fe2cae2459d721ac11d23cd27b8a94397ef3c", - # "EndCommitFull": "6fb728df50c1afd338cb0223a84ce24579577eff", - # "CommitCount": 57, - # "StartMessage": "upstream: rework the text for -3 to make it clearer what default", - # "EndMessage": "Run all tests on Cygwin again." - # } - - # Print the commit batch details for verification - Write-Host "Processing batch: $($result.StartCommit)..$($result.EndCommit)" - Write-Host "Start: $($result.StartMessage)" - Write-Host "End: $($result.EndMessage)" - Write-Host "End Commit CI Status: $($result.EndCommit has CI runs)" - - # After completing steps below, get next batch: - # Call .\tools\Get-CommitGroups.ps1 -StartCommit -FirstChunkOnly -GroupByCIPresence - # Continue this process untiland - # follow the below steps to completion until the upstream's HEAD has been successfully merged + Use the Get-CommitGroups MCP tool with `-FirstChunkOnly -GroupByCIPresence` + + **MCP Tool Name**: `mcp_openssh-serve_Get_CommitGroups` + + **Parameters**: + - `GitHubTag` (string, optional): Start from last merged tag (e.g., "V_10_0_P2") + - `StartCommit` (string, optional): Start from specific commit SHA + - `FirstChunkOnly` (boolean): Set to `true` + - `GroupByCIPresence` (boolean): Set to `true` + + **Example for first batch**: + - Find the last upstream tag in the fork + - Call tool with `GitHubTag=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - This gets commits ending with any commit that has CI runs (not just successful CI) + + **Example output:** + ```json + { + "ChunkNumber": 1, + "StartCommit": "609fe2c", + "EndCommit": "6fb728d", + "StartCommitFull": "609fe2cae2459d721ac11d23cd27b8a94397ef3c", + "EndCommitFull": "6fb728df50c1afd338cb0223a84ce24579577eff", + "CommitCount": 57, + "StartMessage": "upstream: rework the text for -3 to make it clearer what default", + "EndMessage": "Run all tests on Cygwin again." + } ``` + Display batch details for verification, then proceed with cherry-picking. + + **After completing steps below, get next batch**: + - Call tool with `StartCommit=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - Continue this process until the upstream's HEAD has been successfully merged + 5. **Execute chunked merge (commit-by-commit within the chunk):** **Important:** Even though commits are *grouped* into chunks for planning/CI boundaries, **cherry-pick each commit individually** within the chunk and **build after each commit**. This catches Windows-specific build breaks early and makes it clear which upstream commit introduced a regression. @@ -126,7 +132,8 @@ The process consists of several interconnected phases: git cherry-pick $commit # Build after every commit so we can attribute failures precisely. - .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + # Use MCP Tool: mcp_openssh-serve_Build_OpenSSH + # Parameters: Configuration="Release", Architecture="x64" } ``` @@ -149,21 +156,19 @@ The process consists of several interconnected phases: ``` 9. **Build after completing the batch:** - ```pwsh - .\.github\tools\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 + Use the Build-OpenSSH MCP tool: + - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - # If build fails, fix issues and rebuild - # Commit any build fixes separately - ``` + If build fails, fix issues and rebuild. Commit any build fixes separately. 10. **Validate if batch ended with successful CI:** - ```pwsh - # Check the end commit's CI status from Get-CommitGroups output - # If CI was successful, run validation: - .\.github\tools\Test-OpenSSHFunctionality.ps1 + Check the end commit's CI status from Get-CommitGroups output. + If CI was successful, run validation: + - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **Parameters**: (use defaults for Release/x64) - # If no CI or failed CI, skip validation (build success is sufficient) - ``` + If no CI or failed CI, skip validation (build success is sufficient). 11. **Provide summary and get approval:** - Summarize batch changes, conflicts resolved, build status, validation status diff --git a/.github/instructions/testing.instructions.md b/.github/instructions/testing.instructions.md index 7aa715edeab2..00a60db8fc4d 100644 --- a/.github/instructions/testing.instructions.md +++ b/.github/instructions/testing.instructions.md @@ -13,16 +13,18 @@ This document provides comprehensive testing procedures for validating OpenSSH-P The repository includes an MCP tool that automates end-to-end functional testing of OpenSSH on Windows. -```pwsh -# Run automated functional test (requires Administrator privileges) -.\.github\tools\Test-OpenSSHFunctionality.ps1 - -# Test with specific configuration -.\.github\tools\Test-OpenSSHFunctionality.ps1 -Configuration Debug -Architecture x64 - -# Skip firewall configuration if rules already exist -.\.github\tools\Test-OpenSSHFunctionality.ps1 -SkipFirewall -``` +Use the Test-OpenSSHFunctionality MCP tool: +- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` +- **Parameters**: + - `Configuration` (optional): "Debug" or "Release" (default: "Release") + - `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") + - `SkipFirewall` (optional): Skip firewall configuration (default: false) + - `NoCleanup` (optional): Skip cleanup for debugging (default: false) + +**Examples:** +- Run with defaults: (no parameters needed) +- Test with specific configuration: `Configuration="Debug"`, `Architecture="x64"` +- Skip firewall configuration: `SkipFirewall=true` **What the tool does:** 1. Verifies Administrator privileges @@ -69,9 +71,36 @@ Status: PASSED - `Errors`: Array of any errors encountered - `Message`: Summary message -## Manual Testing Procedures +## Primary Testing Approach + +**Use the automated Test-OpenSSHFunctionality MCP tool for all testing.** + +The MCP tool performs comprehensive end-to-end testing including: +- Administrator privilege verification +- Temporary test user creation +- SSH service installation and startup +- Windows Firewall configuration +- SSH connection testing with password authentication +- Command execution verification +- Complete cleanup of all test resources + +**MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + +**Parameters**: +- `Configuration` (optional): "Debug" or "Release" (default: "Release") +- `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") +- `SkipFirewall` (optional): Skip firewall configuration (default: false) +- `NoCleanup` (optional): Skip cleanup for debugging (default: false) + +**When to use**: +- After successful build to validate functionality +- During merge process at CI checkpoints +- Before creating pull requests +- When debugging SSH connectivity issues + +## Manual Testing Procedures (For Troubleshooting Only) -If you need to perform manual testing or troubleshoot specific issues, follow these procedures: +If the automated MCP tool fails and you need to troubleshoot specific issues manually, follow these procedures: ### Prerequisites Check ```pwsh @@ -197,7 +226,7 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} ## Success Criteria **Testing is successful when:** -- [ ] All expected executables are present after build (verified by Test-OpenSSHBuild.ps1) +- [ ] All expected executables are present after build (verified by Test-OpenSSHBuild MCP tool) - [ ] SSH service installs and starts without errors - [ ] SSH connection with password authentication succeeds - [ ] Test command executes successfully via SSH connection @@ -206,7 +235,7 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} ## AI Agent Guidelines -1. **Use automated testing tools** whenever possible - prefer Test-OpenSSHFunctionality.ps1 over manual procedures +1. **Use automated testing tools** whenever possible - use the Test-OpenSSHFunctionality MCP tool over manual procedures 2. **Run tests incrementally** during the merge process, not just at the end 3. **Document any test failures** and their resolutions in commit messages 4. **Pay special attention to Windows-specific functionality** that might be affected by upstream changes @@ -216,9 +245,8 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} ### Recommended Testing Workflow for AI Agents 1. **After successful build**, run the automated functionality test: - ```pwsh - .\.github\tools\Test-OpenSSHFunctionality.ps1 - ``` + - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **Parameters**: (use defaults) 2. **If test passes**, the merge is validated for basic SSH functionality From 63ac1acf50e0457881163d966c84cd86530e493e Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 13:00:53 -0800 Subject: [PATCH 503/687] update mcp server name --- .github/agents/merge-upstream.agent.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index da1c415110ce..a45f950eb2cf 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -2,7 +2,7 @@ name: merge-upstream description: Assist with merging upstream OpenSSH commits into the PowerShell fork. tools: - ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'test-server/*', 'agent', 'todo'] + ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'openssh-server/*', 'agent', 'todo'] --- # OpenSSH Upstream Merge Agent From 644bbf55b5659aa86da2ad48200832a69dfbb036 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 13:05:38 -0800 Subject: [PATCH 504/687] fix merge prereq tool --- .github/tools/Test-MergePrerequisites.ps1 | 78 ++++++----------------- 1 file changed, 19 insertions(+), 59 deletions(-) diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index c27c9bdb6dd5..cb7877791d58 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -75,8 +75,6 @@ $result = @{ TargetExists = $false WorkingDirClean = $false BaselineBuildPassed = $null # null if skipped - FirstChunkIdentified = $false - FirstChunk = $null Issues = @() Message = "" } @@ -170,25 +168,33 @@ try { } # Step 5: Verify target version exists - Write-Host "`n[5/8] Checking target version exists..." -ForegroundColor Cyan + Write-Host "`n[5/7] Checking target version exists..." -ForegroundColor Cyan if ($result.GitInstalled -and $result.RemotesConfigured) { Write-Host " Fetching from upstream..." -ForegroundColor Gray - git fetch upstream 2>&1 | Out-Null + git fetch upstream --tags 2>&1 | Out-Null - $tagExists = git rev-parse "upstream/$TargetVersion" 2>&1 + # Check if it's a tag first, then try as a branch + $tagExists = git rev-parse "$TargetVersion" 2>&1 if ($LASTEXITCODE -eq 0) { $result.TargetExists = $true - Write-Host " ✓ Target exists: upstream/$TargetVersion" -ForegroundColor Green + Write-Host " ✓ Target tag exists: $TargetVersion" -ForegroundColor Green } else { - $result.Issues += "Target version/tag 'upstream/$TargetVersion' not found" - Write-Host " ✗ Target 'upstream/$TargetVersion' not found" -ForegroundColor Red + # Try as a branch + $branchExists = git rev-parse "upstream/$TargetVersion" 2>&1 + if ($LASTEXITCODE -eq 0) { + $result.TargetExists = $true + Write-Host " ✓ Target branch exists: upstream/$TargetVersion" -ForegroundColor Green + } else { + $result.Issues += "Target version/tag '$TargetVersion' not found in upstream" + Write-Host " ✗ Target '$TargetVersion' not found" -ForegroundColor Red + } } } else { Write-Host " ⊘ Skipped (prerequisites not met)" -ForegroundColor Yellow } # Step 6: Verify working directory is clean - Write-Host "`n[6/8] Checking working directory state..." -ForegroundColor Cyan + Write-Host "`n[6/7] Checking working directory state..." -ForegroundColor Cyan if ($result.GitInstalled) { $status = git status --porcelain 2>&1 if ([string]::IsNullOrWhiteSpace($status)) { @@ -204,7 +210,7 @@ try { } # Step 7: Baseline build verification - Write-Host "`n[7/8] Verifying baseline build..." -ForegroundColor Cyan + Write-Host "`n[7/7] Verifying baseline build..." -ForegroundColor Cyan if ($SkipBaselineBuild) { Write-Host " ⊘ Skipped (SkipBaselineBuild flag set)" -ForegroundColor Yellow } else { @@ -228,47 +234,6 @@ try { } } - # Step 8: Identify first commit batch - Write-Host "`n[8/8] Identifying first commit batch..." -ForegroundColor Cyan - if ($result.GitInstalled -and $result.TargetExists) { - $commitGroupsScript = Join-Path $scriptRoot "Get-CommitGroups.ps1" - - Write-Host " Finding last merged tag..." -ForegroundColor Gray - # Find the last upstream tag in current branch - $lastTag = git describe --tags --match "V_*" --abbrev=0 2>&1 - - if ($LASTEXITCODE -eq 0) { - Write-Host " Last merged tag: $lastTag" -ForegroundColor Gray - Write-Host " Finding commits from $lastTag to $TargetVersion..." -ForegroundColor Gray - - try { - $firstChunk = & $commitGroupsScript -GitHubTag $lastTag -FirstChunkOnly -GroupByCIPresence - - if ($firstChunk -and $firstChunk.CommitCount -gt 0) { - $result.FirstChunkIdentified = $true - $result.FirstChunk = $firstChunk - Write-Host " ✓ First batch identified" -ForegroundColor Green - Write-Host " Range: $($firstChunk.StartCommit)..$($firstChunk.EndCommit)" -ForegroundColor Gray - Write-Host " Commits: $($firstChunk.CommitCount)" -ForegroundColor Gray - Write-Host " Start: $($firstChunk.StartMessage)" -ForegroundColor Gray - Write-Host " End: $($firstChunk.EndMessage)" -ForegroundColor Gray - } else { - $result.Issues += "No commits found between $lastTag and $TargetVersion" - Write-Host " ⚠ No new commits found (may already be up to date)" -ForegroundColor Yellow - } - } catch { - $result.Issues += "Failed to get commit groups: $($_.Exception.Message)" - Write-Host " ✗ Failed to get commit groups" -ForegroundColor Red - Write-Host " $($_.Exception.Message)" -ForegroundColor Yellow - } - } else { - $result.Issues += "Could not find last merged tag (no V_* tags in current branch)" - Write-Host " ✗ Could not find last merged tag" -ForegroundColor Red - } - } else { - Write-Host " ⊘ Skipped (prerequisites not met)" -ForegroundColor Yellow - } - # Final evaluation Write-Host "`n========================================" -ForegroundColor Cyan Write-Host "PREREQUISITE CHECK SUMMARY" -ForegroundColor Cyan @@ -287,19 +252,14 @@ try { $criticalChecks += $result.BaselineBuildPassed } - # First chunk identification is informational, not critical $result.Success = ($criticalChecks | Where-Object { $_ -eq $false }).Count -eq 0 if ($result.Success) { Write-Host "✓ ALL PREREQUISITES MET" -ForegroundColor Green Write-Host "`nYou are ready to begin the merge process:" -ForegroundColor White - Write-Host " 1. Create merge branch: git checkout -b merge-v$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray - Write-Host " 2. Begin cherry-picking commits from first batch" -ForegroundColor Gray - - if ($result.FirstChunkIdentified) { - Write-Host "`nFirst batch to merge:" -ForegroundColor White - Write-Host " git cherry-pick $($result.FirstChunk.StartCommitFull)^..$($result.FirstChunk.EndCommitFull)" -ForegroundColor Gray - } + Write-Host " 1. Create merge branch: git checkout -b merge-$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray + Write-Host " 2. Use Get-CommitGroups tool to identify first batch of commits" -ForegroundColor Gray + Write-Host " 3. Begin cherry-picking commits from first batch" -ForegroundColor Gray $result.Message = "All prerequisites met. Ready to start merge." } else { From 1d8b2015110e8f44cfc5f3c373e42f1a5b8625f8 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 13:16:40 -0800 Subject: [PATCH 505/687] update merge prereq tool --- .github/tools/Test-MergePrerequisites.ps1 | 70 +++++------------------ 1 file changed, 13 insertions(+), 57 deletions(-) diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index cb7877791d58..8ae3b1f3f3da 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -7,22 +7,19 @@ upstream merge workflow. It checks: - Required tools (Git, PowerShell, Visual Studio) - Repository configuration (remotes, branch state) - - Baseline build capability - Target version identification This tool should be run before starting Phase 1 of the merge workflow to ensure all prerequisites are met. It prevents wasted effort by catching configuration issues early. + + To verify baseline build capability, use the Test-OpenSSHBuild MCP tool: + mcp_openssh-serve_Test_OpenSSHBuild .PARAMETER TargetVersion The upstream version/tag to merge (e.g., "V_10_0_P2", "V_9_9_P1") This can be a tag name or branch name from the upstream repository. -.PARAMETER SkipBaselineBuild - Skip the baseline build verification step. Use this if you've already - verified the base branch builds successfully. - Default: false (baseline build is performed) - .OUTPUTS Returns a hashtable with: - Success: Boolean indicating all prerequisites passed @@ -32,9 +29,6 @@ - RemotesConfigured: Boolean - All required remotes configured - TargetExists: Boolean - Target version/tag exists in upstream - WorkingDirClean: Boolean - No uncommitted changes - - BaselineBuildPassed: Boolean - Base branch builds successfully (if not skipped) - - FirstChunkIdentified: Boolean - First commit batch identified - - FirstChunk: Object - First commit batch details from Get-CommitGroups - Issues: Array - List of any issues found - Message: String - Summary message @@ -42,25 +36,18 @@ .\Test-MergePrerequisites.ps1 -TargetVersion "V_10_0_P2" Verifies all prerequisites for merging upstream V_10_0_P2. - -.EXAMPLE - .\Test-MergePrerequisites.ps1 -TargetVersion "V_10_0_P2" -SkipBaselineBuild - - Verifies prerequisites but skips the baseline build check. + For baseline build verification, use Test-OpenSSHBuild MCP tool separately. .NOTES - This is a Phase 1 Pre-Merge Setup verification tool - Should be run before creating the merge branch - - Requires approximately 2-5 minutes to complete (depending on baseline build) + - For baseline build verification, use: mcp_openssh-serve_Test_OpenSSHBuild - Part of the OpenSSH upstream merge workflow automation #> param( [Parameter(Mandatory=$true)] - [string]$TargetVersion, - - [Parameter(Mandatory=$false)] - [switch]$SkipBaselineBuild + [string]$TargetVersion ) $scriptRoot = $PSScriptRoot @@ -74,7 +61,6 @@ $result = @{ RemotesConfigured = $false TargetExists = $false WorkingDirClean = $false - BaselineBuildPassed = $null # null if skipped Issues = @() Message = "" } @@ -84,14 +70,13 @@ try { Write-Host "OpenSSH Merge Prerequisites Check" -ForegroundColor Cyan Write-Host "========================================" -ForegroundColor Cyan Write-Host "Target Version: $TargetVersion" -ForegroundColor White - Write-Host "Skip Baseline: $SkipBaselineBuild" -ForegroundColor White Write-Host "========================================`n" -ForegroundColor Cyan # Change to repository root Push-Location $repoRoot # Step 1: Verify Git - Write-Host "[1/8] Checking Git installation..." -ForegroundColor Cyan + Write-Host "[1/6] Checking Git installation..." -ForegroundColor Cyan try { $gitVersion = git --version 2>&1 if ($LASTEXITCODE -eq 0) { @@ -107,7 +92,7 @@ try { } # Step 2: Verify PowerShell version - Write-Host "`n[2/8] Checking PowerShell version..." -ForegroundColor Cyan + Write-Host "`n[2/6] Checking PowerShell version..." -ForegroundColor Cyan $psVersion = $PSVersionTable.PSVersion if ($psVersion.Major -ge 5) { Write-Host " ✓ PowerShell $($psVersion.ToString()) (>= 5.0)" -ForegroundColor Green @@ -117,7 +102,7 @@ try { } # Step 3: Verify Visual Studio - Write-Host "`n[3/8] Checking Visual Studio installation..." -ForegroundColor Cyan + Write-Host "`n[3/6] Checking Visual Studio installation..." -ForegroundColor Cyan $msBuildPaths = @( "${env:ProgramFiles}\Microsoft Visual Studio\2022\*\MSBuild\Current\Bin\MSBuild.exe", "${env:ProgramFiles}\Microsoft Visual Studio\2019\*\MSBuild\Current\Bin\MSBuild.exe", @@ -142,7 +127,7 @@ try { } # Step 4: Verify repository remotes - Write-Host "`n[4/8] Checking repository remotes..." -ForegroundColor Cyan + Write-Host "`n[4/6] Checking repository remotes..." -ForegroundColor Cyan if ($result.GitInstalled) { $remotes = git remote 2>&1 $expectedRemotes = @('origin', 'upstream', 'upstream-pwsh') @@ -168,7 +153,7 @@ try { } # Step 5: Verify target version exists - Write-Host "`n[5/7] Checking target version exists..." -ForegroundColor Cyan + Write-Host "`n[5/6] Checking target version exists..." -ForegroundColor Cyan if ($result.GitInstalled -and $result.RemotesConfigured) { Write-Host " Fetching from upstream..." -ForegroundColor Gray git fetch upstream --tags 2>&1 | Out-Null @@ -194,7 +179,7 @@ try { } # Step 6: Verify working directory is clean - Write-Host "`n[6/7] Checking working directory state..." -ForegroundColor Cyan + Write-Host "`n[6/6] Checking working directory state..." -ForegroundColor Cyan if ($result.GitInstalled) { $status = git status --porcelain 2>&1 if ([string]::IsNullOrWhiteSpace($status)) { @@ -209,31 +194,6 @@ try { Write-Host " ⊘ Skipped (Git not available)" -ForegroundColor Yellow } - # Step 7: Baseline build verification - Write-Host "`n[7/7] Verifying baseline build..." -ForegroundColor Cyan - if ($SkipBaselineBuild) { - Write-Host " ⊘ Skipped (SkipBaselineBuild flag set)" -ForegroundColor Yellow - } else { - $currentBranch = git rev-parse --abbrev-ref HEAD 2>&1 - Write-Host " Current branch: $currentBranch" -ForegroundColor Gray - Write-Host " Starting baseline build..." -ForegroundColor Gray - - $buildScriptPath = Join-Path $scriptRoot "Build-OpenSSH.ps1" - $buildResult = & $buildScriptPath -Configuration Release -Architecture x64 - - if ($buildResult.OverallSuccess) { - $result.BaselineBuildPassed = $true - Write-Host " ✓ Baseline build passed" -ForegroundColor Green - Write-Host " All $($buildResult.ExpectedArtifacts) artifacts built successfully" -ForegroundColor Gray - } else { - $result.BaselineBuildPassed = $false - $result.Issues += "Baseline build failed: $($buildResult.Message)" - Write-Host " ✗ Baseline build failed" -ForegroundColor Red - Write-Host " $($buildResult.Message)" -ForegroundColor Yellow - Write-Host " Check build log: $($buildResult.LogFile)" -ForegroundColor Yellow - } - } - # Final evaluation Write-Host "`n========================================" -ForegroundColor Cyan Write-Host "PREREQUISITE CHECK SUMMARY" -ForegroundColor Cyan @@ -247,16 +207,12 @@ try { $result.WorkingDirClean ) - # Baseline build is critical unless skipped - if (-not $SkipBaselineBuild) { - $criticalChecks += $result.BaselineBuildPassed - } - $result.Success = ($criticalChecks | Where-Object { $_ -eq $false }).Count -eq 0 if ($result.Success) { Write-Host "✓ ALL PREREQUISITES MET" -ForegroundColor Green Write-Host "`nYou are ready to begin the merge process:" -ForegroundColor White + Write-Host " 0. (Optional) Verify baseline build: mcp_openssh-serve_Test_OpenSSHBuild" -ForegroundColor Gray Write-Host " 1. Create merge branch: git checkout -b merge-$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray Write-Host " 2. Use Get-CommitGroups tool to identify first batch of commits" -ForegroundColor Gray Write-Host " 3. Begin cherry-picking commits from first batch" -ForegroundColor Gray From aa02282770b2209298ce5911b9871e3f27819f08 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 13:17:45 -0800 Subject: [PATCH 506/687] update instructions --- .github/tools/Test-MergePrerequisites.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index 8ae3b1f3f3da..aeae000c83a9 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -212,7 +212,7 @@ try { if ($result.Success) { Write-Host "✓ ALL PREREQUISITES MET" -ForegroundColor Green Write-Host "`nYou are ready to begin the merge process:" -ForegroundColor White - Write-Host " 0. (Optional) Verify baseline build: mcp_openssh-serve_Test_OpenSSHBuild" -ForegroundColor Gray + Write-Host " 0. (Optional) Verify baseline build: mcp_openssh-server_Test_OpenSSHBuild" -ForegroundColor Gray Write-Host " 1. Create merge branch: git checkout -b merge-$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray Write-Host " 2. Use Get-CommitGroups tool to identify first batch of commits" -ForegroundColor Gray Write-Host " 3. Begin cherry-picking commits from first batch" -ForegroundColor Gray From 2bbb98e9c8e45a0af662e25c8ae2fabe5267205c Mon Sep 17 00:00:00 2001 From: User Date: Fri, 9 Jan 2026 13:21:27 -0800 Subject: [PATCH 507/687] update instructions --- .../instructions/merge/merge-process-overview.instructions.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 69083761a9fd..f9899a1cd993 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -60,8 +60,6 @@ The process consists of several interconnected phases: # - Repository remotes configured (origin, upstream, upstream-pwsh) # - Target version exists in upstream # - Working directory is clean - # - Baseline build passes (unless SkipBaselineBuild is true) - # - First commit batch identified # Proceed only if tool reports "ALL PREREQUISITES MET" ``` From 123f8e24b05b7a8d00ed0313272f39d730094e53 Mon Sep 17 00:00:00 2001 From: User Date: Thu, 15 Jan 2026 08:06:30 -0800 Subject: [PATCH 508/687] refactor tool to workaround io/buffer issues when invoked via MCP --- .github/tools/Test-MergePrerequisites.ps1 | 120 ++++++++++++---------- 1 file changed, 63 insertions(+), 57 deletions(-) diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index aeae000c83a9..879ef45dc424 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -51,6 +51,9 @@ param( ) $scriptRoot = $PSScriptRoot +if ([string]::IsNullOrEmpty($scriptRoot)) { + $scriptRoot = Split-Path -Parent $MyInvocation.MyCommand.Path +} $repoRoot = (Get-Item $scriptRoot).Parent.Parent.FullName $result = @{ @@ -70,18 +73,21 @@ try { Write-Host "OpenSSH Merge Prerequisites Check" -ForegroundColor Cyan Write-Host "========================================" -ForegroundColor Cyan Write-Host "Target Version: $TargetVersion" -ForegroundColor White + Write-Host "Repository Root: $repoRoot" -ForegroundColor Gray Write-Host "========================================`n" -ForegroundColor Cyan # Change to repository root Push-Location $repoRoot + Write-Host "Working Directory: $(Get-Location)" -ForegroundColor Gray + Write-Host "" # Step 1: Verify Git - Write-Host "[1/6] Checking Git installation..." -ForegroundColor Cyan + Write-Host "[1/5] Checking Git installation..." -ForegroundColor Cyan try { - $gitVersion = git --version 2>&1 - if ($LASTEXITCODE -eq 0) { + $gitPath = Get-Command git -ErrorAction SilentlyContinue + if ($gitPath) { $result.GitInstalled = $true - Write-Host " ✓ Git installed: $gitVersion" -ForegroundColor Green + Write-Host " ✓ Git found: $($gitPath.Source)" -ForegroundColor Green } else { $result.Issues += "Git is not installed or not in PATH" Write-Host " ✗ Git not found" -ForegroundColor Red @@ -92,7 +98,7 @@ try { } # Step 2: Verify PowerShell version - Write-Host "`n[2/6] Checking PowerShell version..." -ForegroundColor Cyan + Write-Host "`n[2/5] Checking PowerShell version..." -ForegroundColor Cyan $psVersion = $PSVersionTable.PSVersion if ($psVersion.Major -ge 5) { Write-Host " ✓ PowerShell $($psVersion.ToString()) (>= 5.0)" -ForegroundColor Green @@ -102,7 +108,7 @@ try { } # Step 3: Verify Visual Studio - Write-Host "`n[3/6] Checking Visual Studio installation..." -ForegroundColor Cyan + Write-Host "`n[3/5] Checking Visual Studio installation..." -ForegroundColor Cyan $msBuildPaths = @( "${env:ProgramFiles}\Microsoft Visual Studio\2022\*\MSBuild\Current\Bin\MSBuild.exe", "${env:ProgramFiles}\Microsoft Visual Studio\2019\*\MSBuild\Current\Bin\MSBuild.exe", @@ -127,73 +133,68 @@ try { } # Step 4: Verify repository remotes - Write-Host "`n[4/6] Checking repository remotes..." -ForegroundColor Cyan + Write-Host "`n[4/5] Checking repository remotes..." -ForegroundColor Cyan if ($result.GitInstalled) { - $remotes = git remote 2>&1 - $expectedRemotes = @('origin', 'upstream', 'upstream-pwsh') - $missingRemotes = @() - - foreach ($remote in $expectedRemotes) { - if ($remotes -contains $remote) { - $remoteUrl = git remote get-url $remote 2>&1 - Write-Host " ✓ $remote configured: $remoteUrl" -ForegroundColor Green + try { + $gitConfigPath = Join-Path $repoRoot ".git\config" + if (Test-Path $gitConfigPath) { + $gitConfig = Get-Content $gitConfigPath -Raw + $expectedRemotes = @('origin', 'upstream', 'upstream-pwsh') + $missingRemotes = @() + + foreach ($remote in $expectedRemotes) { + if ($gitConfig -match "\[remote `"$remote`"\]") { + Write-Host " ✓ $remote configured" -ForegroundColor Green + } else { + $missingRemotes += $remote + Write-Host " ✗ $remote not configured" -ForegroundColor Red + } + } + + if ($missingRemotes.Count -eq 0) { + $result.RemotesConfigured = $true + } else { + $result.Issues += "Missing remotes: $($missingRemotes -join ', ')" + } } else { - $missingRemotes += $remote - Write-Host " ✗ $remote not configured" -ForegroundColor Red + $result.Issues += "Not a git repository" + Write-Host " ✗ Not a git repository" -ForegroundColor Red } - } - - if ($missingRemotes.Count -eq 0) { - $result.RemotesConfigured = $true - } else { - $result.Issues += "Missing remotes: $($missingRemotes -join ', ')" + } catch { + $result.Issues += "Error checking remotes: $($_.Exception.Message)" + Write-Host " ✗ Error checking remotes" -ForegroundColor Red } } else { Write-Host " ⊘ Skipped (Git not available)" -ForegroundColor Yellow } # Step 5: Verify target version exists - Write-Host "`n[5/6] Checking target version exists..." -ForegroundColor Cyan + Write-Host "`n[5/5] Checking target version exists..." -ForegroundColor Cyan if ($result.GitInstalled -and $result.RemotesConfigured) { - Write-Host " Fetching from upstream..." -ForegroundColor Gray - git fetch upstream --tags 2>&1 | Out-Null - - # Check if it's a tag first, then try as a branch - $tagExists = git rev-parse "$TargetVersion" 2>&1 - if ($LASTEXITCODE -eq 0) { - $result.TargetExists = $true - Write-Host " ✓ Target tag exists: $TargetVersion" -ForegroundColor Green - } else { - # Try as a branch - $branchExists = git rev-parse "upstream/$TargetVersion" 2>&1 - if ($LASTEXITCODE -eq 0) { + try { + # Check if tag/branch ref exists in .git directory + $tagPath = Join-Path $repoRoot ".git\refs\tags\$TargetVersion" + $upstreamBranchPath = Join-Path $repoRoot ".git\refs\remotes\upstream\$TargetVersion" + + if (Test-Path $tagPath) { + $result.TargetExists = $true + Write-Host " ✓ Target tag exists locally: $TargetVersion" -ForegroundColor Green + } elseif (Test-Path $upstreamBranchPath) { $result.TargetExists = $true Write-Host " ✓ Target branch exists: upstream/$TargetVersion" -ForegroundColor Green } else { - $result.Issues += "Target version/tag '$TargetVersion' not found in upstream" - Write-Host " ✗ Target '$TargetVersion' not found" -ForegroundColor Red + $result.Issues += "Target version/tag '$TargetVersion' not found locally. Run 'git fetch upstream --tags' to update." + Write-Host " ✗ Target '$TargetVersion' not found locally" -ForegroundColor Red + Write-Host " Hint: Run 'git fetch upstream --tags' to fetch latest tags" -ForegroundColor Yellow } + } catch { + $result.Issues += "Error checking target version: $($_.Exception.Message)" + Write-Host " ✗ Error checking target version" -ForegroundColor Red } } else { Write-Host " ⊘ Skipped (prerequisites not met)" -ForegroundColor Yellow } - # Step 6: Verify working directory is clean - Write-Host "`n[6/6] Checking working directory state..." -ForegroundColor Cyan - if ($result.GitInstalled) { - $status = git status --porcelain 2>&1 - if ([string]::IsNullOrWhiteSpace($status)) { - $result.WorkingDirClean = $true - Write-Host " ✓ Working directory is clean" -ForegroundColor Green - } else { - $result.Issues += "Working directory has uncommitted changes" - Write-Host " ✗ Working directory has uncommitted changes" -ForegroundColor Red - Write-Host " Run 'git status' to see changes" -ForegroundColor Yellow - } - } else { - Write-Host " ⊘ Skipped (Git not available)" -ForegroundColor Yellow - } - # Final evaluation Write-Host "`n========================================" -ForegroundColor Cyan Write-Host "PREREQUISITE CHECK SUMMARY" -ForegroundColor Cyan @@ -203,8 +204,7 @@ try { $result.GitInstalled, $result.VSInstalled, $result.RemotesConfigured, - $result.TargetExists, - $result.WorkingDirClean + $result.TargetExists ) $result.Success = ($criticalChecks | Where-Object { $_ -eq $false }).Count -eq 0 @@ -229,6 +229,7 @@ try { Write-Host "" + # Return result return $result } catch { @@ -242,7 +243,12 @@ try { $result.Issues += "Tool error: $($_.Exception.Message)" $result.Message = "Prerequisite check failed with error: $($_.Exception.Message)" + # Return result return $result } finally { - Pop-Location + try { + Pop-Location + } catch { + # Ignore Pop-Location errors in MCP context + } } From 09f0fd65a737bb86fa6e203eb84decbf37e44f66 Mon Sep 17 00:00:00 2001 From: User Date: Thu, 15 Jan 2026 08:14:26 -0800 Subject: [PATCH 509/687] update instructions to use mcp tool to read build logs --- .github/instructions/build.instructions.md | 16 +++++++++++++--- .../merge/merge-process-overview.instructions.md | 9 ++++++++- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 84b10974f4c0..52621f426530 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -149,12 +149,22 @@ fatal error C1083: Cannot open source file: 'newfile.c' 5. **Rebuild and verify** using Build-OpenSSH MCP tool again 6. **Commit fixes with detailed message** -#### Manual Error Analysis Commands (if needed): -Parse errors manually from log file using the Test-OpenSSHBuild MCP tool: +#### Reading Build Logs and Errors: +**ALWAYS use the Test-OpenSSHBuild MCP tool to read build logs and parse errors:** - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` -Or use direct MSBuild with detailed logging: +**Why use this tool:** +- Automatically locates and parses the build log file +- Provides structured error output with file paths, line numbers, error codes, and messages +- Groups errors and warnings for easier analysis +- Works reliably in MCP context where direct file reading may not be available + +**DO NOT** attempt to read log files directly with `Get-Content` or similar commands. +**DO NOT** try to locate log files manually. + +#### Alternative: Direct MSBuild (Terminal Only) +Only use this when running directly in a terminal (not via MCP): ```pwsh & "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\MSBuild.exe" .\contrib\win32\openssh\Win32-OpenSSH.sln /p:Configuration=Release /p:Platform=x64 /v:detailed ``` diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index f9899a1cd993..07bbf4d42adb 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -158,7 +158,14 @@ The process consists of several interconnected phases: - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - If build fails, fix issues and rebuild. Commit any build fixes separately. + If build fails: + - **Use Test-OpenSSHBuild MCP tool to read the build log and parse errors**: + - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` + - **DO NOT** try to read log files directly with `Get-Content` or locate them manually + - Fix issues based on parsed error output + - Rebuild and verify + - Commit any build fixes separately with descriptive messages 10. **Validate if batch ended with successful CI:** Check the end commit's CI status from Get-CommitGroups output. From 59178e8144589dffc9d8a92c22aef18cb146895a Mon Sep 17 00:00:00 2001 From: User Date: Thu, 15 Jan 2026 08:38:26 -0800 Subject: [PATCH 510/687] update build verfication script to check correct location for artifacts --- .github/tools/Test-OpenSSHBuild.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/tools/Test-OpenSSHBuild.ps1 b/.github/tools/Test-OpenSSHBuild.ps1 index afb978b778bc..a1a8c3389682 100644 --- a/.github/tools/Test-OpenSSHBuild.ps1 +++ b/.github/tools/Test-OpenSSHBuild.ps1 @@ -47,7 +47,7 @@ Tests debug build artifacts for x86 using a custom log file location. .NOTES - - Expected build artifact location: contrib\win32\openssh\{Architecture}\{Configuration}\ + - Expected build artifact location: bin\{Architecture}\{Configuration}\ - Error parsing regex: ^(?.*?)\((?\d+)[,)].*?error (?(C|LNK)\d+): (?.*)$ - Warning parsing regex: ^(?.*?)\((?\d+)[,)].*?warning (?(C|LNK)\d+): (?.*)$ #> @@ -96,7 +96,7 @@ try { Write-Host "========================================`n" -ForegroundColor Cyan # Define build output path - $buildPath = Join-Path $repoRoot "contrib\win32\openssh\$Architecture\$Configuration" + $buildPath = Join-Path $repoRoot "bin\$Architecture\$Configuration" if (-not (Test-Path $buildPath)) { Write-Host "Build path does not exist: $buildPath" -ForegroundColor Red From 298557951af0388caafaebf87e1e742383c27479 Mon Sep 17 00:00:00 2001 From: User Date: Thu, 15 Jan 2026 09:04:29 -0800 Subject: [PATCH 511/687] fix typo --- .github/tools/Get-CommitGroups.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/tools/Get-CommitGroups.ps1 b/.github/tools/Get-CommitGroups.ps1 index be7677800325..0c5411dcedb3 100644 --- a/.github/tools/Get-CommitGroups.ps1 +++ b/.github/tools/Get-CommitGroups.ps1 @@ -280,7 +280,7 @@ try { # Process commits and check CI status $statusCheckMessage = if ($GroupByCIPresence) { "Checking CI presence for each commit..." } else { "Checking CI status for each commit..." } -Write-Host "\n$statusCheckMessage" -ForegroundColor Cyan +Write-Host "`n$statusCheckMessage" -ForegroundColor Cyan $commitsWithStatus = @() $chunks = @() From 1cc936b2fabffeac7fff14ca1070d7d7a317ab7b Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 20 Jan 2026 22:56:11 +0000 Subject: [PATCH 512/687] upstream: Fill entropy in a single operation instead of hundreds. The sntrup761 code we use from SUPERCOP fills entropy arrays 4 bytes at a time. On some platforms each of these operations has a significant overhead, so instead fill it in a single operation and as a precaution zero that array after it's used. Analysis and code change is from Mike Frysinger via Github PR#621 with feedback from djm@ and sed-ification from me. ok djm@ beck@. This change was submitted by Mike to SUPERCOP upstream so hopefully future versions will already have it. OpenBSD-Commit-ID: 0e85c82f79b1b396facac59e05b288c08048f15c --- sntrup761.c | 22 +++++++--------------- sntrup761.sh | 24 +++++++++++++++++++++++- 2 files changed, 30 insertions(+), 16 deletions(-) diff --git a/sntrup761.c b/sntrup761.c index 123d01381c61..a731e560f6f8 100644 --- a/sntrup761.c +++ b/sntrup761.c @@ -1,5 +1,4 @@ - -/* $OpenBSD: sntrup761.c,v 1.8 2024/09/16 05:37:05 djm Exp $ */ +/* $OpenBSD: sntrup761.c,v 1.9 2026/01/20 22:56:11 dtucker Exp $ */ /* * Public Domain, Authors: @@ -1961,27 +1960,20 @@ static void Hash_prefix(unsigned char *out, int b, const unsigned char *in, int for (i = 0; i < 32; ++i) out[i] = h[i]; } -static uint32_t urandom32(void) { - unsigned char c[4]; - uint32_t result = 0; - int i; - randombytes(c, 4); - for (i = 0; i < 4; ++i) result += ((uint32_t)c[i]) << (8 * i); - return result; -} static void Short_random(small *out) { uint32_t L[p]; - int i; - for (i = 0; i < p; ++i) L[i] = urandom32(); + randombytes(L, sizeof(L)); Short_fromlist(out, L); + explicit_bzero(L, sizeof(L)); } - static void Small_random(small *out) { int i; - for (i = 0; i < p; ++i) out[i] = (((urandom32() & 0x3fffffff) * 3) >> 30) - 1; + uint32_t L[p]; + randombytes(L, sizeof(L)); + for (i = 0; i < p; ++i) out[i] = (((L[i] & 0x3fffffff) * 3) >> 30) - 1; + explicit_bzero(L, sizeof(L)); } - static void KeyGen(Fq *h, small *f, small *ginv) { small g[p]; Fq finv[p]; diff --git a/sntrup761.sh b/sntrup761.sh index 4de8dc33479f..d4da9919540b 100644 --- a/sntrup761.sh +++ b/sntrup761.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: sntrup761.sh,v 1.9 2024/09/16 05:37:05 djm Exp $ +# $OpenBSD: sntrup761.sh,v 1.10 2026/01/20 22:56:11 dtucker Exp $ # Placed in the Public Domain. # AUTHOR="supercop-20240808/crypto_kem/sntrup761/ref/implementors" @@ -87,6 +87,28 @@ for i in $FILES; do */uint32/useint32/sort.c) sed -e "s/void crypto_sort/void crypto_sort_uint32/g" ;; + # Replace Short_random and Small_random with versions that fetch + # entropy in a single operation, then delete urandom32 as unused. + */crypto_kem/sntrup761/compact/kem.c) + sed -e '/ uint32_t urandom32/,/^}$/d' \ + -e '/ void Short_random/i\ +static void Short_random(small *out) {\ + uint32_t L[p];\ + randombytes(L, sizeof(L));\ + Short_fromlist(out, L);\ + explicit_bzero(L, sizeof(L));\ +}' \ + -e '/ void Short_random(/,/^}$/d' \ + -e '/ void Small_random/i\ +static void Small_random(small *out) {\ + int i;\ + uint32_t L[p];\ + randombytes(L, sizeof(L));\ + for (i = 0; i < p; ++i) out[i] = (((L[i] & 0x3fffffff) * 3) >> 30) - 1;\ + explicit_bzero(L, sizeof(L));\ +}' \ + -e '/ void Small_random(/,/^}$/d' + ;; # Remove unused function to prevent warning. */crypto_kem/sntrup761/ref/int32.c) sed -e '/ int32_div_uint14/,/^}$/d' From b0d0b71651b5a19d0dbd27b623ebb4fc43145560 Mon Sep 17 00:00:00 2001 From: "sthen@openbsd.org" Date: Wed, 21 Jan 2026 15:44:51 +0000 Subject: [PATCH 513/687] upstream: If editline has been switched to vi mode (i.e. via "bind -v" in .editrc), setup a keybinding so that command mode can be entered. Diff originally from Walter Alejandro Iglesias with tweaks. Feedback from Crystal Kolipe. ok djm OpenBSD-Commit-ID: 5786e17ccd83573e2d86418023f9bc768223336a --- sftp.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sftp.c b/sftp.c index c463899c4b06..b5adc09de881 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.247 2025/10/13 00:54:29 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.248 2026/01/21 15:44:51 sthen Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2228,6 +2228,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) int err, interactive; EditLine *el = NULL; #ifdef USE_LIBEDIT + const char *editor; History *hl = NULL; HistEvent hev; extern char *__progname; @@ -2261,6 +2262,10 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) el_set(el, EL_BIND, "\\e\\e[D", "ed-prev-word", NULL); /* make ^w match ksh behaviour */ el_set(el, EL_BIND, "^w", "ed-delete-prev-word", NULL); + + /* el_source() may have changed EL_EDITOR to vi */ + if (el_get(el, EL_EDITOR, &editor) == 0 && editor[0] == 'v') + el_set(el, EL_BIND, "^[", "vi-command-mode", NULL); } #endif /* USE_LIBEDIT */ From d7950aca8eacae8b889d92c669e913111af75984 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 21 Jan 2026 23:58:20 +0000 Subject: [PATCH 514/687] upstream: In ssh(1), don't try to match certificates held in an agent to private keys. This matching is done to support certificates that were loaded without their private key material, but is unnecessary for agent-hosted certificate which always have private key material loaded in the agent. Worse, this matching would mess up the request sent to the agent in such a way as to break usage of these keys when the key usage was restricted in the agent. Patch from Thibault Cools via bz3752, ok dtucker@ OpenBSD-Commit-ID: ebfe37817dad4841c53339930565242ec683d726 --- sshconnect2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshconnect2.c b/sshconnect2.c index b3679c9d7f3c..53e1f197de83 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.378 2025/09/15 04:51:35 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.379 2026/01/21 23:58:20 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1341,7 +1341,7 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) * This will try to set sign_id to the private key that will perform * the signature. */ - if (sshkey_is_cert(id->key)) { + if (id->agent_fd == -1 && sshkey_is_cert(id->key)) { TAILQ_FOREACH(private_id, &authctxt->keys, next) { if (sshkey_equal_public(id->key, private_id->key) && id->key->type != private_id->key->type) { From 76775b2b9c68618868c37af644393f3cc1d81f06 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 23 Jan 2026 12:27:46 -0500 Subject: [PATCH 515/687] fix tool to parse build log for success/failure and update instructions --- .github/agents/merge-upstream.agent.md | 44 +-- .github/instructions/build.instructions.md | 80 +++--- .../merge/merge-details.instructions.md | 12 +- .../merge-process-overview.instructions.md | 48 ++-- .github/instructions/testing.instructions.md | 6 +- .github/tools/Build-OpenSSH.ps1 | 254 ------------------ .github/tools/Start-OpenSSHBuild.ps1 | 31 ++- .github/tools/Test-MergePrerequisites.ps1 | 12 +- .github/tools/Test-OpenSSHBuild.ps1 | 86 +++++- 9 files changed, 194 insertions(+), 379 deletions(-) delete mode 100644 .github/tools/Build-OpenSSH.ps1 diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index a45f950eb2cf..36b8695b4809 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -35,16 +35,16 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - **Usage**: Use the MCP tool function directly - it handles all GitHub API calls - **If tool unavailable**: ERROR - This tool is required for the merge workflow -2. **Build-OpenSSH MCP Tool** - Build automation and verification - - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` - - **Parameters**: - - `Configuration` (string, optional): Build configuration - "Debug" or "Release" (default: "Release") - - `Architecture` (string, optional): Target architecture - "x64", "x86", "ARM", "ARM64" (default: "x64") - - `Clean` (boolean, optional): Perform clean build (default: false) - - **If tool unavailable**: ERROR - This tool is required for the merge workflow +2. **Start-OpenSSHBuild MCP Tool** - Build automation + - **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` + - **Parameters**: + - `Configuration` (string, optional): Build configuration - "Debug" or "Release" (default: "Release") + - `Architecture` (string, optional): Target architecture - "x64", "x86", "ARM", "ARM64" (default: "x64") + - `Clean` (boolean, optional): Perform clean build (default: false) + - **If tool unavailable**: ERROR - This tool is required for the merge workflow 3. **Test-OpenSSHFunctionality MCP Tool** - Functional testing - - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: - `Configuration` (string, optional): Build configuration - "Debug" or "Release" (default: "Release") - `Architecture` (string, optional): Target architecture - "x64", "x86", "ARM", "ARM64" (default: "x64") @@ -94,7 +94,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - **Parameters**: - `TargetVersion` (string, required): Upstream version/tag to merge (e.g., "V_10_0_P2") - `SkipBaselineBuild` (boolean, optional): Skip baseline build check (default: false) - + This single tool verifies: - Git, PowerShell, Visual Studio are available - Repository remotes are configured (origin, upstream, upstream-pwsh) @@ -124,11 +124,11 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Steps:** 1. **Get first commit batch** using Get-CommitGroups MCP tool: - - **MCP Tool Name**: `mcp_openssh-serve_Get_CommitGroups` + - **MCP Tool Name**: `mcp_openssh-server_Get_CommitGroups` - **Parameters**: - For first batch: `GitHubTag="V_10_0_P2"`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - For subsequent batches: `StartCommit=""`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - + **The tool returns structured data:** ```json { @@ -170,7 +170,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Steps:** 1. **Build the merged code:** - - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` + - **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` 2. **If build fails, fix compilation errors:** @@ -185,9 +185,9 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - Look for commits ending with `CIStatus: "success"` in the detailed output 4. **If CI was successful, run validation tests:** - - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults for Release/x64) - + This test installs service, creates test user, validates SSH connectivity. If tests fail, fix issues and commit fixes. **Do not proceed** to next batch until tests pass. @@ -216,31 +216,31 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for 1. **Generate batch summary:** ```markdown ## Batch Completion Summary - + **Batch:** [StartCommit]..[EndCommit] ( commits) **End Commit CI Status:** - + ### Changes in this Batch: - - - - + ### Conflicts Resolved: - : - : - + ### Build Status: - Build: ✅ Success / ❌ Failed - Build fixes applied: - + ### Validation Status: - Validation tests: ✅ Passed / ⏭️ Skipped (no successful CI) / ❌ Failed - Test fixes applied: - + ### Next Steps: - Next batch will start from commit: - Estimated remaining batches: - + **Ready to proceed to next batch?** ``` @@ -266,7 +266,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - Summarize and get approval 3. **Continue** until all target commits are merged or HEAD is reached 4. **Perform final comprehensive validation:** - - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults for Release/x64) **Success Criteria:** diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 52621f426530..0dca61bd3fb9 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -28,31 +28,11 @@ git --version ### Using MCP Build Tools (Recommended) -The repository includes MCP tools that automate the build, verification, and error analysis process. +The repository includes MCP tools that automate the build and error analysis process. -#### Option 1: Build & Verify (Recommended) -Use the Build-OpenSSH MCP tool: -- **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` -- **Parameters**: - - `Configuration` (optional): "Debug" or "Release" (default: "Release") - - `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") - - `Clean` (optional): Perform clean build (default: false) - -**Examples:** -- Complete build and verification: `Configuration="Release"`, `Architecture="x64"` -- Clean build: `Configuration="Release"`, `Architecture="x64"`, `Clean=true` -- Debug build: `Configuration="Debug"`, `Architecture="x64"` - -**Output includes:** -- Build success/failure status -- All 14 expected artifacts verification -- Parsed compilation errors with file/line/code/message -- Build warnings summary -- Build log location - -#### Option 2: Build Only +#### Build Use the Start-OpenSSHBuild MCP tool: -- **MCP Tool Name**: `mcp_openssh-serve_Start_OpenSSHBuild` +- **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` - **Parameters**: - `Configuration` (optional): "Debug" or "Release" (default: "Release") - `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") @@ -62,9 +42,9 @@ Use the Start-OpenSSHBuild MCP tool: - Incremental build: `Configuration="Release"`, `Architecture="x64"` - Clean build: `Configuration="Release"`, `Architecture="x64"`, `Clean=true` -#### Option 3: Test Existing Build -Use the Test-OpenSSHBuild MCP tool: -- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` +#### Test Existing Build (on failure only) +Use the Test-OpenSSHBuild MCP tool when a build fails: +- **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` ## Compilation Error Resolution @@ -140,29 +120,34 @@ fatal error C1083: Cannot open source file: 'newfile.c' ### Step-by-Step Error Resolution #### AI Agent Workflow: -1. **Attempt initial build using MCP tool** - - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` - - **Parameters**: `Configuration="Release"`, `Architecture="x64"` -2. **Review structured error output** from Build-OpenSSH tool -3. **Categorize error types** (preprocessor, Windows compatibility, build system) -4. **Apply appropriate resolution strategy** (see error categories above) -5. **Rebuild and verify** using Build-OpenSSH MCP tool again -6. **Commit fixes with detailed message** - -#### Reading Build Logs and Errors: -**ALWAYS use the Test-OpenSSHBuild MCP tool to read build logs and parse errors:** -- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` +1. **Run the build** + - Use: **Start-OpenSSHBuild** — `mcp_openssh-server_Start_OpenSSHBuild` with `Configuration` and `Architecture`. +2. **If build succeeded**, skip log parsing and proceed. +3. **If build failed**, **parse errors** using **Test-OpenSSHBuild** — `mcp_openssh-server_Test_OpenSSHBuild`. +4. **Categorize error types** (preprocessor, Windows compatibility, build system). +5. **Apply appropriate resolution strategy** (see error categories above) and **rebuild** with Start-OpenSSHBuild. +6. **Commit fixes with detailed message**. + +#### Reading Build Logs and Errors (on failure only) +Use the **Test-OpenSSHBuild** MCP tool to read build logs and parse errors **only when the build fails**: +- **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` **Why use this tool:** - Automatically locates and parses the build log file -- Provides structured error output with file paths, line numbers, error codes, and messages +- Provides structured error output with file paths, codes, and messages - Groups errors and warnings for easier analysis - Works reliably in MCP context where direct file reading may not be available **DO NOT** attempt to read log files directly with `Get-Content` or similar commands. **DO NOT** try to locate log files manually. +### Build Tools Invocation Policy + +- Use `Start-OpenSSHBuild.ps1` to run the build for each chunk/batch. +- Only if `Start-OpenSSHBuild.ps1` reports the build failed, invoke `Test-OpenSSHBuild.ps1` to parse errors and warnings from the build log. +- Skip `Test-OpenSSHBuild.ps1` when the build succeeded to avoid unnecessary log parsing. + #### Alternative: Direct MSBuild (Terminal Only) Only use this when running directly in a terminal (not via MCP): ```pwsh @@ -228,19 +213,18 @@ contrib\win32\openssh\ ### Build Verification Using MCP Tools ```pwsh -Use the Build-OpenSSH MCP tool (recommended): -- **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` +Use the Start-OpenSSHBuild MCP tool (recommended): +- **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` -Or test an existing build: -- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` -- **Parameters**: `Configuration="Release"`, `Architecture="x64" -**Expected Output:** -- Success/failure status -- 14 of 14 artifacts found +If the build fails, parse errors with: +- **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` +- **Parameters**: `Configuration="Release"`, `Architecture="x64"` +**Expected Output (on failure):** +- Build failure status - Parsed errors and warnings - Build log location - +``` **Expected Artifacts (14 executables):** - ssh.exe, sshd.exe, sshd-auth.exe, sshd-session.exe - ssh-agent.exe, ssh-add.exe, ssh-keygen.exe, ssh-keyscan.exe diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index 5c6f20d909d4..a2358a04cb2b 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -253,12 +253,14 @@ FUNCTION automated_build_fix(): iteration = 0 WHILE iteration < MAX_ITERATIONS: - build_result = attempt_build() + // Always start with Start-OpenSSHBuild.ps1 + build_result = start_openssh_build(Configuration="Release", Architecture="x64") IF build_result.success: RETURN SUCCESS - errors = parse_build_errors(build_result.output) + // Only invoke Test-OpenSSHBuild.ps1 when build failed + errors = test_openssh_build(Configuration="Release", Architecture="x64", LogFile=build_result.log) fixes_applied = [] FOR EACH error IN errors: @@ -289,6 +291,12 @@ FUNCTION determine_fix_strategy(error): RETURN null ``` +### Build Tools Invocation Policy + +- Use `Start-OpenSSHBuild.ps1` to run the build for each chunk/batch. +- Only if `Start-OpenSSHBuild.ps1` reports the build failed, invoke `Test-OpenSSHBuild.ps1` to parse errors and warnings from the build log. +- Skip `Test-OpenSSHBuild.ps1` when the build succeeded to avoid unnecessary log parsing. + ## Testing Automation Framework ### Automated Test Execution diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 07bbf4d42adb..857ffcc7aa3f 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -53,14 +53,14 @@ The process consists of several interconnected phases: # Run prerequisite check via MCP tool # MCP Tool Name: mcp_openssh-server_Test_MergePrerequisites # Parameters: TargetVersion (required), SkipBaselineBuild (optional) - + # Example invocation (replace with target like "V_10_0_P2"): # The MCP tool will verify: # - Git, PowerShell, Visual Studio installed # - Repository remotes configured (origin, upstream, upstream-pwsh) # - Target version exists in upstream # - Working directory is clean - + # Proceed only if tool reports "ALL PREREQUISITES MET" ``` @@ -68,7 +68,7 @@ The process consists of several interconnected phases: ```pwsh git config core.editor true ``` - + 3. **Create merge branch from current branch:** ```pwsh git checkout -b merge-v- @@ -78,20 +78,20 @@ The process consists of several interconnected phases: ### Perform Merge with Grouped Commits 4. **Identify merge range and group commits:** Use the Get-CommitGroups MCP tool with `-FirstChunkOnly -GroupByCIPresence` - - **MCP Tool Name**: `mcp_openssh-serve_Get_CommitGroups` - + + **MCP Tool Name**: `mcp_openssh-server_Get_CommitGroups` + **Parameters**: - `GitHubTag` (string, optional): Start from last merged tag (e.g., "V_10_0_P2") - `StartCommit` (string, optional): Start from specific commit SHA - `FirstChunkOnly` (boolean): Set to `true` - `GroupByCIPresence` (boolean): Set to `true` - + **Example for first batch**: - Find the last upstream tag in the fork - Call tool with `GitHubTag=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - This gets commits ending with any commit that has CI runs (not just successful CI) - + **Example output:** ```json { @@ -129,9 +129,9 @@ The process consists of several interconnected phases: Write-Host "Cherry-picking commit: $commit" git cherry-pick $commit - # Build after every commit so we can attribute failures precisely. - # Use MCP Tool: mcp_openssh-serve_Build_OpenSSH - # Parameters: Configuration="Release", Architecture="x64" + # Build after every commit to attribute failures precisely. + # Use MCP Tool: mcp_openssh-server_Start_OpenSSHBuild + # Parameters: Configuration="Release", Architecture="x64" } ``` @@ -154,25 +154,25 @@ The process consists of several interconnected phases: ``` 9. **Build after completing the batch:** - Use the Build-OpenSSH MCP tool: - - **MCP Tool Name**: `mcp_openssh-serve_Build_OpenSSH` - - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - - If build fails: - - **Use Test-OpenSSHBuild MCP tool to read the build log and parse errors**: - - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHBuild` + Use the Start-OpenSSHBuild MCP tool: + - **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - - **DO NOT** try to read log files directly with `Get-Content` or locate them manually - - Fix issues based on parsed error output - - Rebuild and verify - - Commit any build fixes separately with descriptive messages + + If build fails: + - **Use Test-OpenSSHBuild MCP tool to read the build log and parse errors**: + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` + - **DO NOT** try to read log files directly with `Get-Content` or locate them manually + - Fix issues based on parsed error output + - Rebuild and verify + - Commit any build fixes separately with descriptive messages 10. **Validate if batch ended with successful CI:** Check the end commit's CI status from Get-CommitGroups output. If CI was successful, run validation: - - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults for Release/x64) - + If no CI or failed CI, skip validation (build success is sufficient). 11. **Provide summary and get approval:** diff --git a/.github/instructions/testing.instructions.md b/.github/instructions/testing.instructions.md index 00a60db8fc4d..c4f675b3a83c 100644 --- a/.github/instructions/testing.instructions.md +++ b/.github/instructions/testing.instructions.md @@ -14,7 +14,7 @@ This document provides comprehensive testing procedures for validating OpenSSH-P The repository includes an MCP tool that automates end-to-end functional testing of OpenSSH on Windows. Use the Test-OpenSSHFunctionality MCP tool: -- **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` +- **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: - `Configuration` (optional): "Debug" or "Release" (default: "Release") - `Architecture` (optional): "x64", "x86", "ARM", "ARM64" (default: "x64") @@ -84,7 +84,7 @@ The MCP tool performs comprehensive end-to-end testing including: - Command execution verification - Complete cleanup of all test resources -**MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` +**MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` **Parameters**: - `Configuration` (optional): "Debug" or "Release" (default: "Release") @@ -245,7 +245,7 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} ### Recommended Testing Workflow for AI Agents 1. **After successful build**, run the automated functionality test: - - **MCP Tool Name**: `mcp_openssh-serve_Test_OpenSSHFunctionality` + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults) 2. **If test passes**, the merge is validated for basic SSH functionality diff --git a/.github/tools/Build-OpenSSH.ps1 b/.github/tools/Build-OpenSSH.ps1 deleted file mode 100644 index 692559066f0e..000000000000 --- a/.github/tools/Build-OpenSSH.ps1 +++ /dev/null @@ -1,254 +0,0 @@ -<# -.SYNOPSIS - MCP wrapper tool that builds and verifies OpenSSH in a single operation. - -.DESCRIPTION - This script combines Start-OpenSSHBuild and Test-OpenSSHBuild into a single - convenient operation. It first builds OpenSSH using the specified configuration - and architecture, then tests that all expected artifacts were produced and - parses the build log for errors. - - This is the recommended tool for most build operations as it provides - comprehensive feedback in one step. - -.PARAMETER Configuration - Build configuration type. Valid values: 'Debug', 'Release' - Default: 'Release' - -.PARAMETER Architecture - Target architecture for the build. Valid values: 'x64', 'x86', 'ARM', 'ARM64' - Default: 'x64' - -.PARAMETER Clean - When specified, performs a clean build by deleting existing build artifacts first. - Default: false (incremental build) - -.PARAMETER NoOpenSSL - Build without OpenSSL support. - Default: false - -.PARAMETER OneCore - Build for Windows OneCore API subset. - Default: false - -.OUTPUTS - Returns a consolidated hashtable with: - - BuildSuccess: Boolean indicating if build succeeded - - TestSuccess: Boolean indicating if test passed - - OverallSuccess: Boolean indicating both build and test succeeded - - BuildExitCode: MSBuild exit code - - BuildMessage: Build status message - - TotalArtifacts: Count of artifacts found - - ExpectedArtifacts: Count of artifacts expected (14) - - ArtifactsMissing: Array of missing artifacts - - Errors: Array of parsed error objects - - Warnings: Array of parsed warning objects - - LogFile: Path to build log file - - BuildPath: Path to build output directory - - Message: Overall summary message - -.EXAMPLE - .\Build-OpenSSH.ps1 -Configuration Release -Architecture x64 - - Performs an incremental release build for x64 and tests artifacts. - -.EXAMPLE - .\Build-OpenSSH.ps1 -Configuration Debug -Architecture x64 -Clean - - Performs a clean debug build for x64 and tests artifacts. - -.EXAMPLE - .\Build-OpenSSH.ps1 -Architecture ARM64 -OneCore - - Performs an incremental OneCore release build for ARM64 and tests artifacts. - -.NOTES - - This tool calls Start-OpenSSHBuild.ps1 and Test-OpenSSHBuild.ps1 - - Requires Visual Studio 2019 or later with C++ tools - - Requires Windows SDK 10.0.17763.0 or later - - Build artifacts output to: contrib\win32\openssh\{Architecture}\{Configuration}\ - - Build log written to: OpenSSH{Configuration}{Architecture}.log -#> - -param( - [Parameter(Mandatory=$false)] - [ValidateSet('Debug', 'Release')] - [string]$Configuration = 'Release', - - [Parameter(Mandatory=$false)] - [ValidateSet('x64', 'x86', 'ARM', 'ARM64')] - [string]$Architecture = 'x64', - - [Parameter(Mandatory=$false)] - [switch]$Clean, - - [Parameter(Mandatory=$false)] - [switch]$NoOpenSSL, - - [Parameter(Mandatory=$false)] - [switch]$OneCore -) - -$scriptRoot = $PSScriptRoot - -try { - Write-Host "========================================" -ForegroundColor Cyan - Write-Host "OpenSSH Build & Test Tool (MCP)" -ForegroundColor Cyan - Write-Host "========================================" -ForegroundColor Cyan - Write-Host "Configuration: $Configuration" -ForegroundColor White - Write-Host "Architecture: $Architecture" -ForegroundColor White - Write-Host "Clean Build: $Clean" -ForegroundColor White - Write-Host "No OpenSSL: $NoOpenSSL" -ForegroundColor White - Write-Host "OneCore: $OneCore" -ForegroundColor White - Write-Host "========================================`n" -ForegroundColor Cyan - - # Step 1: Build - Write-Host "STEP 1: Building OpenSSH..." -ForegroundColor Cyan - Write-Host "----------------------------------------`n" -ForegroundColor Cyan - - $buildParams = @{ - Configuration = $Configuration - Architecture = $Architecture - } - - if ($Clean) { - $buildParams['Clean'] = $true - } - - if ($NoOpenSSL) { - $buildParams['NoOpenSSL'] = $true - } - - if ($OneCore) { - $buildParams['OneCore'] = $true - } - - $buildScriptPath = Join-Path $scriptRoot "Start-OpenSSHBuild.ps1" - $buildResult = & $buildScriptPath @buildParams - - if (-not $buildResult.Success) { - Write-Host "`n⚠ Build failed, skipping test" -ForegroundColor Yellow - - # Return build result with test skipped - $result = @{ - BuildSuccess = $false - TestSuccess = $false - OverallSuccess = $false - BuildExitCode = $buildResult.ExitCode - BuildMessage = $buildResult.Message - TotalArtifacts = 0 - ExpectedArtifacts = 14 - ArtifactsMissing = @() - Errors = @() - Warnings = @() - LogFile = $buildResult.LogFile - BuildPath = $buildResult.BuildPath - Message = "Build failed: $($buildResult.Message)" - } - - return $result - } - - # Step 2: Test - Write-Host "`nSTEP 2: Testing Build Artifacts..." -ForegroundColor Cyan - Write-Host "----------------------------------------`n" -ForegroundColor Cyan - - $testParams = @{ - Configuration = $Configuration - Architecture = $Architecture - LogFile = $buildResult.LogFile - } - - $testScriptPath = Join-Path $scriptRoot "Test-OpenSSHBuild.ps1" - $testResult = & $testScriptPath @testParams - - # Step 3: Consolidate results - $overallSuccess = $buildResult.Success -and $testResult.Success - - Write-Host "`n========================================" -ForegroundColor $(if ($overallSuccess) { "Green" } else { "Red" }) - Write-Host "OVERALL RESULT: $(if ($overallSuccess) { 'SUCCESS' } else { 'FAILED' })" -ForegroundColor $(if ($overallSuccess) { "Green" } else { "Red" }) - Write-Host "========================================" -ForegroundColor $(if ($overallSuccess) { "Green" } else { "Red" }) - - if ($overallSuccess) { - Write-Host "✓ Build succeeded" -ForegroundColor Green - Write-Host "✓ All $($testResult.ExpectedArtifacts) artifacts tested" -ForegroundColor Green - Write-Host "✓ No errors found" -ForegroundColor Green - } else { - if (-not $buildResult.Success) { - Write-Host "✗ Build failed with exit code $($buildResult.ExitCode)" -ForegroundColor Red - } - if ($testResult.ArtifactsMissing.Count -gt 0) { - Write-Host "✗ $($testResult.ArtifactsMissing.Count) artifacts missing" -ForegroundColor Red - } - if ($testResult.Errors.Count -gt 0) { - Write-Host "✗ $($testResult.Errors.Count) error(s) found" -ForegroundColor Red - } - } - - Write-Host "`nBuild artifacts: $($buildResult.BuildPath)" -ForegroundColor White - Write-Host "Build log: $($buildResult.LogFile)" -ForegroundColor White - - # Build consolidated message - $messageParts = @() - if ($buildResult.Success) { - $messageParts += "Build succeeded" - } else { - $messageParts += "Build failed" - } - - if ($testResult.Success) { - $messageParts += "all artifacts tested" - } else { - if ($testResult.ArtifactsMissing.Count -gt 0) { - $messageParts += "$($testResult.ArtifactsMissing.Count) artifacts missing" - } - if ($testResult.Errors.Count -gt 0) { - $messageParts += "$($testResult.Errors.Count) errors" - } - } - - $consolidatedMessage = $messageParts -join ", " - - $result = @{ - BuildSuccess = $buildResult.Success - TestSuccess = $testResult.Success - OverallSuccess = $overallSuccess - BuildExitCode = $buildResult.ExitCode - BuildMessage = $buildResult.Message - TotalArtifacts = $testResult.TotalArtifacts - ExpectedArtifacts = $testResult.ExpectedArtifacts - ArtifactsMissing = $testResult.ArtifactsMissing - Errors = $testResult.Errors - Warnings = $testResult.Warnings - LogFile = $buildResult.LogFile - BuildPath = $buildResult.BuildPath - Message = $consolidatedMessage - } - - return $result - -} catch { - Write-Host "`n========================================" -ForegroundColor Red - Write-Host "ERROR" -ForegroundColor Red - Write-Host "========================================" -ForegroundColor Red - Write-Host $_.Exception.Message -ForegroundColor Red - Write-Host $_.ScriptStackTrace -ForegroundColor Gray - - $result = @{ - BuildSuccess = $false - TestSuccess = $false - OverallSuccess = $false - BuildExitCode = -1 - BuildMessage = "Tool error: $($_.Exception.Message)" - TotalArtifacts = 0 - ExpectedArtifacts = 14 - ArtifactsMissing = @() - Errors = @() - Warnings = @() - LogFile = "" - BuildPath = "" - Message = "Build & test tool error: $($_.Exception.Message)" - } - - return $result -} diff --git a/.github/tools/Start-OpenSSHBuild.ps1 b/.github/tools/Start-OpenSSHBuild.ps1 index c175b29c6394..b6b0c6e2c3d0 100644 --- a/.github/tools/Start-OpenSSHBuild.ps1 +++ b/.github/tools/Start-OpenSSHBuild.ps1 @@ -116,8 +116,8 @@ try { Write-Host "✓ Cleaned: $buildPath" -ForegroundColor Green } - # Build log file path - $logFile = Join-Path $repoRoot "OpenSSH$Configuration$Architecture.log" + # Build log file path (align with other tools under contrib\win32\openssh) + $logFile = Join-Path $repoRoot "contrib\win32\openssh\OpenSSH$Configuration$Architecture.log" Write-Host "`nBuild log: $logFile" -ForegroundColor Gray # Prepare parameters for Start-OpenSSHBuild @@ -140,8 +140,25 @@ try { $buildResult = Start-OpenSSHBuild @buildParams - # Check build result - if ($buildResult -eq 0) { + # Determine build success primarily via log markers, not exit code + $successByLog = $null + $buildLogTime = $null + if (Test-Path $logFile) { + $buildLogTime = (Get-Item $logFile -ErrorAction SilentlyContinue).LastWriteTime + $logLines = Get-Content $logFile -ErrorAction SilentlyContinue + if ($logLines) { + $lastMarker = $null + foreach ($line in $logLines) { + if ($line -match '(?i)Build\s+(FAILED|Failed)') { $lastMarker = 'FAILED' } + elseif ($line -match '(?i)Build\s+(SUCCEEDED|Succeeded)') { $lastMarker = 'SUCCEEDED' } + } + if ($lastMarker) { $successByLog = ($lastMarker -eq 'SUCCEEDED') } + } + } + + $derivedSuccess = if ($successByLog -ne $null) { $successByLog } else { $buildResult -eq 0 } + + if ($derivedSuccess) { Write-Host "`n========================================" -ForegroundColor Green Write-Host "BUILD SUCCEEDED" -ForegroundColor Green Write-Host "========================================" -ForegroundColor Green @@ -149,9 +166,10 @@ try { $result = @{ Success = $true - ExitCode = 0 + ExitCode = $buildResult LogFile = $logFile BuildPath = $buildPath + BuildLogTimestamp = $buildLogTime Message = "Build completed successfully" } } else { @@ -166,7 +184,8 @@ try { ExitCode = $buildResult LogFile = $logFile BuildPath = $buildPath - Message = "Build failed with exit code $buildResult. Check log file for details." + BuildLogTimestamp = $buildLogTime + Message = "Build failed (determined from log markers or exit code). Check log file for details." } } diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index 879ef45dc424..bd807746fa40 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -8,13 +8,13 @@ - Required tools (Git, PowerShell, Visual Studio) - Repository configuration (remotes, branch state) - Target version identification - + This tool should be run before starting Phase 1 of the merge workflow to ensure all prerequisites are met. It prevents wasted effort by catching configuration issues early. - + To verify baseline build capability, use the Test-OpenSSHBuild MCP tool: - mcp_openssh-serve_Test_OpenSSHBuild + mcp_openssh-server_Test_OpenSSHBuild .PARAMETER TargetVersion The upstream version/tag to merge (e.g., "V_10_0_P2", "V_9_9_P1") @@ -41,7 +41,7 @@ .NOTES - This is a Phase 1 Pre-Merge Setup verification tool - Should be run before creating the merge branch - - For baseline build verification, use: mcp_openssh-serve_Test_OpenSSHBuild + - For baseline build verification, use: mcp_openssh-server_Test_OpenSSHBuild - Part of the OpenSSH upstream merge workflow automation #> @@ -175,7 +175,7 @@ try { # Check if tag/branch ref exists in .git directory $tagPath = Join-Path $repoRoot ".git\refs\tags\$TargetVersion" $upstreamBranchPath = Join-Path $repoRoot ".git\refs\remotes\upstream\$TargetVersion" - + if (Test-Path $tagPath) { $result.TargetExists = $true Write-Host " ✓ Target tag exists locally: $TargetVersion" -ForegroundColor Green @@ -216,7 +216,7 @@ try { Write-Host " 1. Create merge branch: git checkout -b merge-$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray Write-Host " 2. Use Get-CommitGroups tool to identify first batch of commits" -ForegroundColor Gray Write-Host " 3. Begin cherry-picking commits from first batch" -ForegroundColor Gray - + $result.Message = "All prerequisites met. Ready to start merge." } else { Write-Host "✗ PREREQUISITES NOT MET" -ForegroundColor Red diff --git a/.github/tools/Test-OpenSSHBuild.ps1 b/.github/tools/Test-OpenSSHBuild.ps1 index a1a8c3389682..db50930c7d2b 100644 --- a/.github/tools/Test-OpenSSHBuild.ps1 +++ b/.github/tools/Test-OpenSSHBuild.ps1 @@ -48,8 +48,10 @@ .NOTES - Expected build artifact location: bin\{Architecture}\{Configuration}\ - - Error parsing regex: ^(?.*?)\((?\d+)[,)].*?error (?(C|LNK)\d+): (?.*)$ - - Warning parsing regex: ^(?.*?)\((?\d+)[,)].*?warning (?(C|LNK)\d+): (?.*)$ + - Error parsing regex (file/line form): ^(?.+?)\((?\d+)[,)].*?\s(?fatal error|error)\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$ + - Error parsing regex (generic/no line): ^(?:.*?:\s*)?(?fatal error|error)\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$ + - Warning parsing regex (file/line form): ^(?.+?)\((?\d+)[,)].*?\swarning\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$ + - Warning parsing regex (generic/no line): ^(?:.*?:\s*)?warning\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$ #> param( @@ -149,18 +151,38 @@ try { Write-Host "`nParsing build log: $LogFile" -ForegroundColor Cyan $logContent = Get-Content $LogFile -ErrorAction SilentlyContinue + $logTime = (Get-Item $LogFile -ErrorAction SilentlyContinue).LastWriteTime if ($logContent) { - # Error regex: file(line) : error CODE: message - # Example: c:\path\file.c(123): error C2065: 'identifier' : undeclared identifier - $errorRegex = '^(?.*?)\((?\d+)[,)].*?error (?(C|LNK)\d+): (?.*)$' + # Find the first build status marker and, if failed, only scan lines after it + $buildStatusIndex = $null + $buildFailed = $false + for ($i = 0; $i -lt $logContent.Count; $i++) { + $line = $logContent[$i] + if ($line -match 'Build\s+(FAILED|Failed)') { + $buildStatusIndex = $i + $buildFailed = $true + break + } elseif ($line -match 'Build\s+(SUCCEEDED|Succeeded)') { + $buildStatusIndex = $i + break + } + } - # Warning regex: similar pattern for warnings - $warningRegex = '^(?.*?)\((?\d+)[,)].*?warning (?(C|LNK)\d+): (?.*)$' + $linesToScan = $logContent + if ($buildFailed -and $buildStatusIndex -ne $null -and $buildStatusIndex + 1 -lt $logContent.Count) { + $linesToScan = $logContent[($buildStatusIndex + 1)..($logContent.Count - 1)] + } - foreach ($line in $logContent) { - # Check for errors - if ($line -match $errorRegex) { + # Broadened regex patterns to support linker/MSBuild messages without line numbers + $errorWithFileRegex = '^(?.+?)\((?\d+)[,)].*?\s(?fatal error|error)\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$' + $genericErrorRegex = '^(?:.*?:\s*)?(?fatal error|error)\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$' + $warningWithFileRegex = '^(?.+?)\((?\d+)[,)].*?\swarning\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$' + $genericWarningRegex = '^(?:.*?:\s*)?warning\s+(?(?:C|LNK|MSB)\d+)\s*:\s*(?.+)$' + + foreach ($line in $linesToScan) { + # Errors with file/line + if ($line -match $errorWithFileRegex) { $errors += [PSCustomObject]@{ File = $matches['file'] Line = [int]$matches['line'] @@ -168,9 +190,21 @@ try { Message = $matches['message'] RawLine = $line } + continue + } + # Generic errors (e.g., LINK/MSBuild without line numbers) + if ($line -match $genericErrorRegex) { + $errors += [PSCustomObject]@{ + File = '' + Line = $null + Code = $matches['code'] + Message = $matches['message'] + RawLine = $line + } + continue } - # Check for warnings - elseif ($line -match $warningRegex) { + # Warnings with file/line + if ($line -match $warningWithFileRegex) { $warnings += [PSCustomObject]@{ File = $matches['file'] Line = [int]$matches['line'] @@ -178,13 +212,29 @@ try { Message = $matches['message'] RawLine = $line } + continue + } + # Generic warnings + if ($line -match $genericWarningRegex) { + $warnings += [PSCustomObject]@{ + File = '' + Line = $null + Code = $matches['code'] + Message = $matches['message'] + RawLine = $line + } } } if ($errors.Count -gt 0) { Write-Host "`nFound $($errors.Count) error(s) in build log:" -ForegroundColor Red foreach ($e in $errors) { - Write-Host " $($e.File)($($e.Line)): error $($e.Code): $($e.Message)" -ForegroundColor Red + if ([string]::IsNullOrEmpty($e.File)) { + Write-Host " error $($e.Code): $($e.Message)" -ForegroundColor Red + } else { + $lineSuffix = if ($e.Line -ne $null) { "(" + $e.Line + ")" } else { "" } + Write-Host (" {0}{1}: error {2}: {3}" -f $e.File, $lineSuffix, $e.Code, $e.Message) -ForegroundColor Red + } } } else { Write-Host "`n✓ No errors found in build log" -ForegroundColor Green @@ -193,7 +243,12 @@ try { if ($warnings.Count -gt 0) { Write-Host "`nFound $($warnings.Count) warning(s) in build log:" -ForegroundColor Yellow foreach ($warning in $warnings | Select-Object -First 10) { - Write-Host " $($warning.File)($($warning.Line)): warning $($warning.Code): $($warning.Message)" -ForegroundColor Yellow + if ([string]::IsNullOrEmpty($warning.File)) { + Write-Host " warning $($warning.Code): $($warning.Message)" -ForegroundColor Yellow + } else { + $lineSuffix = if ($warning.Line -ne $null) { "(" + $warning.Line + ")" } else { "" } + Write-Host (" {0}{1}: warning {2}: {3}" -f $warning.File, $lineSuffix, $warning.Code, $warning.Message) -ForegroundColor Yellow + } } if ($warnings.Count -gt 10) { Write-Host " ... and $($warnings.Count - 10) more warnings" -ForegroundColor Gray @@ -202,6 +257,8 @@ try { } else { Write-Host "Log file is empty or could not be read" -ForegroundColor Yellow } + + # Timestamp freshness checks removed; rely on build log parsing instead } else { Write-Host "`nBuild log not found: $LogFile" -ForegroundColor Yellow } @@ -234,6 +291,7 @@ try { Errors = $errors Warnings = $warnings LogFile = $LogFile + # BuildLogTimestamp and stale artifact checks removed Message = $message } From e379310b0920b58b917f56337b07516529c47606 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 23 Jan 2026 12:47:40 -0500 Subject: [PATCH 516/687] add merge prompt file --- .github/prompt/merge.prompt.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/prompt/merge.prompt.md diff --git a/.github/prompt/merge.prompt.md b/.github/prompt/merge.prompt.md new file mode 100644 index 000000000000..d64421f7ef5c --- /dev/null +++ b/.github/prompt/merge.prompt.md @@ -0,0 +1,29 @@ +# Merge Upstream Prompt + +Assist with merging the commits from upstream into this branch starting from the provided GitHub tag or commit. + +Provide the following when you invoke this prompt: +- Start ref (tag or commit) — REQUIRED (e.g., `upstream/V_9_8_P1` or a commit SHA) +- Upstream remote — optional (default: `upstream`) +- Windows fork remote — optional (default: `upstream-pwsh`) +- Target branch — optional (default: current branch) + +Operating guidance: +- Use and follow merge-upstream.agent.md. Treat it as the primary operating guide. +- Rely on the provided for repository overview, setup, build, merge strategy, and testing. Do not re-fetch or re-search them; assume they are already attached in context. +- Perform chunked merges ending at commits with CI runs; build after each batch. Only parse build logs if the build fails. +- Build using the MCP tools: `mcp_openssh-server_Start_OpenSSHBuild` (Release/x64 by default). If the build fails, analyze with `mcp_openssh-server_Test_OpenSSHBuild`. +- Apply Windows compatibility strategies as documented (prefer win32compat layer; guard with `#ifdef WINDOWS` when necessary; update VS projects for build system changes). +- Summarize a plan, request approval between batches, and clearly list conflict resolutions and rationale. + +Expected outputs per batch: +- Planned commit range and rationale for the batch boundary +- Conflict resolutions (what, why, how), especially Windows-specific handling +- Build result summary and, on failure, parsed errors with applied fixes +- Next-step proposal and explicit ask to proceed + +Quick start examples: +- "Merge from tag `upstream/V_9_8_P1` into my current branch." +- "Merge starting at commit `3a1b2c3`, upstream remote `upstream`, target current branch." + +If the Start ref is not provided, ask for it before proceeding. From 5b55ec2ceb8519b4aba8eb0c21fce5fbb7f82bc4 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 09:49:55 -0800 Subject: [PATCH 517/687] update tools --- .github/agents/merge-upstream.agent.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index 36b8695b4809..e5b0e8f2b5dd 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -2,7 +2,7 @@ name: merge-upstream description: Assist with merging upstream OpenSSH commits into the PowerShell fork. tools: - ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'openssh-server/*', 'agent', 'todo'] + ['vscode', 'execute', 'read', 'agent', 'edit', 'search', 'web', 'openssh-server/*', 'todo'] --- # OpenSSH Upstream Merge Agent From 950bb1beae304ef8da15efa6bd8bb65de65967fe Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 12:21:13 -0800 Subject: [PATCH 518/687] update instructions to build only after batch of commits with a CI run --- .../merge-process-overview.instructions.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 857ffcc7aa3f..f8b26c6847cc 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -112,14 +112,12 @@ The process consists of several interconnected phases: - Call tool with `StartCommit=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - Continue this process until the upstream's HEAD has been successfully merged -5. **Execute chunked merge (commit-by-commit within the chunk):** +5. **Execute chunked merge (batch cherry-pick all commits in chunk):** - **Important:** Even though commits are *grouped* into chunks for planning/CI boundaries, **cherry-pick each commit individually** within the chunk and **build after each commit**. This catches Windows-specific build breaks early and makes it clear which upstream commit introduced a regression. + **Important:** Cherry-pick **all commits in the batch** before building. This is more efficient than building after each individual commit. If the build fails, you can identify the problematic commit(s) through git bisect or by examining the build errors. ```pwsh - # For each chunk (start..end), enumerate and cherry-pick commits one at a time. - # Then build after EACH commit. - # + # For each chunk (start..end), cherry-pick all commits in the batch # Example for a single chunk: $chunkStart = $result.StartCommitFull $chunkEnd = $result.EndCommitFull @@ -128,11 +126,12 @@ The process consists of several interconnected phases: foreach ($commit in $commits) { Write-Host "Cherry-picking commit: $commit" git cherry-pick $commit - - # Build after every commit to attribute failures precisely. - # Use MCP Tool: mcp_openssh-server_Start_OpenSSHBuild - # Parameters: Configuration="Release", Architecture="x64" + + # If conflicts occur, resolve them before continuing to next commit + # (see step 7 below for conflict resolution) } + + # After all commits in batch are cherry-picked, proceed to build (step 9) ``` 7. **Resolve merge conflicts (per commit):** From ead71d7b3fbdcede7049a0e7a0e0c5c69e8fca37 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 12:26:15 -0800 Subject: [PATCH 519/687] update prereq tool to use start-job with git cmd --- .github/tools/Test-MergePrerequisites.ps1 | 51 ++++++++++++++++++++--- 1 file changed, 45 insertions(+), 6 deletions(-) diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index bd807746fa40..dfd4c9c85972 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -82,7 +82,7 @@ try { Write-Host "" # Step 1: Verify Git - Write-Host "[1/5] Checking Git installation..." -ForegroundColor Cyan + Write-Host "[1/6] Checking Git installation..." -ForegroundColor Cyan try { $gitPath = Get-Command git -ErrorAction SilentlyContinue if ($gitPath) { @@ -98,7 +98,7 @@ try { } # Step 2: Verify PowerShell version - Write-Host "`n[2/5] Checking PowerShell version..." -ForegroundColor Cyan + Write-Host "`n[2/6] Checking PowerShell version..." -ForegroundColor Cyan $psVersion = $PSVersionTable.PSVersion if ($psVersion.Major -ge 5) { Write-Host " ✓ PowerShell $($psVersion.ToString()) (>= 5.0)" -ForegroundColor Green @@ -108,7 +108,7 @@ try { } # Step 3: Verify Visual Studio - Write-Host "`n[3/5] Checking Visual Studio installation..." -ForegroundColor Cyan + Write-Host "`n[3/6] Checking Visual Studio installation..." -ForegroundColor Cyan $msBuildPaths = @( "${env:ProgramFiles}\Microsoft Visual Studio\2022\*\MSBuild\Current\Bin\MSBuild.exe", "${env:ProgramFiles}\Microsoft Visual Studio\2019\*\MSBuild\Current\Bin\MSBuild.exe", @@ -133,7 +133,7 @@ try { } # Step 4: Verify repository remotes - Write-Host "`n[4/5] Checking repository remotes..." -ForegroundColor Cyan + Write-Host "`n[4/6] Checking repository remotes..." -ForegroundColor Cyan if ($result.GitInstalled) { try { $gitConfigPath = Join-Path $repoRoot ".git\config" @@ -169,7 +169,7 @@ try { } # Step 5: Verify target version exists - Write-Host "`n[5/5] Checking target version exists..." -ForegroundColor Cyan + Write-Host "`n[5/6] Checking target version exists..." -ForegroundColor Cyan if ($result.GitInstalled -and $result.RemotesConfigured) { try { # Check if tag/branch ref exists in .git directory @@ -195,6 +195,44 @@ try { Write-Host " ⊘ Skipped (prerequisites not met)" -ForegroundColor Yellow } + # Step 6: Verify working directory is clean + Write-Host "`n[6/6] Checking working directory status..." -ForegroundColor Cyan + if ($result.GitInstalled) { + try { + # Use Start-Job to run git status --porcelain + $job = Start-Job -ScriptBlock { + param($repoPath) + Set-Location $repoPath + git status --porcelain + } -ArgumentList $repoRoot + + $jobResult = Wait-Job $job -Timeout 10 + if ($jobResult) { + $statusOutput = Receive-Job $job + Remove-Job $job -Force + + if ([string]::IsNullOrWhiteSpace($statusOutput)) { + $result.WorkingDirClean = $true + Write-Host " ✓ Working directory is clean" -ForegroundColor Green + } else { + $result.Issues += "Working directory has uncommitted changes" + Write-Host " ✗ Working directory has uncommitted changes:" -ForegroundColor Red + $statusOutput | ForEach-Object { Write-Host " $_" -ForegroundColor Yellow } + Write-Host " Hint: Commit or stash changes before starting merge" -ForegroundColor Yellow + } + } else { + Remove-Job $job -Force + $result.Issues += "Git status check timed out" + Write-Host " ✗ Git status check timed out" -ForegroundColor Red + } + } catch { + $result.Issues += "Error checking working directory: $($_.Exception.Message)" + Write-Host " ✗ Error checking working directory status" -ForegroundColor Red + } + } else { + Write-Host " ⊘ Skipped (Git not available)" -ForegroundColor Yellow + } + # Final evaluation Write-Host "`n========================================" -ForegroundColor Cyan Write-Host "PREREQUISITE CHECK SUMMARY" -ForegroundColor Cyan @@ -204,7 +242,8 @@ try { $result.GitInstalled, $result.VSInstalled, $result.RemotesConfigured, - $result.TargetExists + $result.TargetExists, + $result.WorkingDirClean ) $result.Success = ($criticalChecks | Where-Object { $_ -eq $false }).Count -eq 0 From 071bfba1e3fa2e5116e40770018ddb5fff92c87c Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 12:32:01 -0800 Subject: [PATCH 520/687] update build instructions with paths.targets info --- .github/instructions/build.instructions.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 0dca61bd3fb9..435a3ede52e1 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -154,6 +154,28 @@ Only use this when running directly in a terminal (not via MCP): & "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\MSBuild.exe" .\contrib\win32\openssh\Win32-OpenSSH.sln /p:Configuration=Release /p:Platform=x64 /v:detailed ``` +### Important Note: paths.targets File Modification + +**The build process automatically modifies `.\contrib\win32\openssh\paths.targets`** to update SDK version paths based on the currently installed Windows SDK. This is normal and expected behavior. + +**Before committing any changes:** +```pwsh +# Check if paths.targets was modified by the build +git status .\contrib\win32\openssh\paths.targets + +# If it shows as modified, restore it to a clean state +git checkout .\contrib\win32\openssh\paths.targets +``` + +**Why this happens:** +- MSBuild automatically updates SDK paths to match your local environment +- These changes are environment-specific and should not be committed +- The file will be modified on every build + +**AI Agent Workflow:** +- After completing all build fixes and before final commit, restore paths.targets +- Only commit actual code changes, not build-generated path updates + ## Project File Management ### Understanding the Project Structure From 332176b17ec2a2e14819dc1de4adf90689d72f8b Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 12:46:11 -0800 Subject: [PATCH 521/687] refine instructions --- .github/instructions/build.instructions.md | 17 +++++++++++++---- .../merge-process-overview.instructions.md | 16 ++++++++++++++-- 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 435a3ede52e1..92c2ca11d842 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -126,7 +126,11 @@ fatal error C1083: Cannot open source file: 'newfile.c' 3. **If build failed**, **parse errors** using **Test-OpenSSHBuild** — `mcp_openssh-server_Test_OpenSSHBuild`. 4. **Categorize error types** (preprocessor, Windows compatibility, build system). 5. **Apply appropriate resolution strategy** (see error categories above) and **rebuild** with Start-OpenSSHBuild. -6. **Commit fixes with detailed message**. +6. **CRITICAL: Before committing, restore paths.targets**: + ```pwsh + git checkout .\contrib\win32\openssh\paths.targets + ``` +7. **Commit fixes with detailed message** (only actual code changes, not paths.targets). #### Reading Build Logs and Errors (on failure only) Use the **Test-OpenSSHBuild** MCP tool to read build logs and parse errors **only when the build fails**: @@ -172,9 +176,14 @@ git checkout .\contrib\win32\openssh\paths.targets - These changes are environment-specific and should not be committed - The file will be modified on every build -**AI Agent Workflow:** -- After completing all build fixes and before final commit, restore paths.targets -- Only commit actual code changes, not build-generated path updates +**AI Agent Workflow (CRITICAL):** +1. **ALWAYS restore paths.targets before committing**: + ```pwsh + # This MUST be done before every commit + git checkout .\contrib\win32\openssh\paths.targets + ``` +2. Only commit actual code changes, not build-generated path updates +3. Verify with `git status` that paths.targets is not staged before committing ## Project File Management diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index f8b26c6847cc..7b590a22a145 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -69,11 +69,19 @@ The process consists of several interconnected phases: git config core.editor true ``` -3. **Create merge branch from current branch:** +3. **Create merge branch (if not already created):** ```pwsh + # Check if branch already exists + git rev-parse --verify merge-v- 2>$null + + # If it doesn't exist, create it git checkout -b merge-v- # Example: merge-v9.8-20241010 + + # If it already exists, switch to it + git checkout merge-v- ``` + **Note:** The Test-MergePrerequisites tool will suggest the branch name. Create it once and reuse it throughout the merge process. ### Perform Merge with Grouped Commits 4. **Identify merge range and group commits:** @@ -164,7 +172,11 @@ The process consists of several interconnected phases: - **DO NOT** try to read log files directly with `Get-Content` or locate them manually - Fix issues based on parsed error output - Rebuild and verify - - Commit any build fixes separately with descriptive messages + - **CRITICAL: Before committing, restore paths.targets**: + ```pwsh + git checkout .\contrib\win32\openssh\paths.targets + ``` + - Commit any build fixes separately with descriptive messages (only actual code changes) 10. **Validate if batch ended with successful CI:** Check the end commit's CI status from Get-CommitGroups output. From 0bb51cd47730f5fdc0a7fbfb14000b88bf0471db Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 12:49:00 -0800 Subject: [PATCH 522/687] tweak instructions --- .../merge/merge-process-overview.instructions.md | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 7b590a22a145..f50a9eb03ec1 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -69,20 +69,6 @@ The process consists of several interconnected phases: git config core.editor true ``` -3. **Create merge branch (if not already created):** - ```pwsh - # Check if branch already exists - git rev-parse --verify merge-v- 2>$null - - # If it doesn't exist, create it - git checkout -b merge-v- - # Example: merge-v9.8-20241010 - - # If it already exists, switch to it - git checkout merge-v- - ``` - **Note:** The Test-MergePrerequisites tool will suggest the branch name. Create it once and reuse it throughout the merge process. - ### Perform Merge with Grouped Commits 4. **Identify merge range and group commits:** Use the Get-CommitGroups MCP tool with `-FirstChunkOnly -GroupByCIPresence` From 29ad1162babdcd2aacbe3e7ef1f2fcec5f6eca72 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 23 Jan 2026 12:50:53 -0800 Subject: [PATCH 523/687] update tool --- .github/tools/Test-MergePrerequisites.ps1 | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/tools/Test-MergePrerequisites.ps1 b/.github/tools/Test-MergePrerequisites.ps1 index dfd4c9c85972..3cd75bd87657 100644 --- a/.github/tools/Test-MergePrerequisites.ps1 +++ b/.github/tools/Test-MergePrerequisites.ps1 @@ -251,11 +251,6 @@ try { if ($result.Success) { Write-Host "✓ ALL PREREQUISITES MET" -ForegroundColor Green Write-Host "`nYou are ready to begin the merge process:" -ForegroundColor White - Write-Host " 0. (Optional) Verify baseline build: mcp_openssh-server_Test_OpenSSHBuild" -ForegroundColor Gray - Write-Host " 1. Create merge branch: git checkout -b merge-$TargetVersion-$(Get-Date -Format 'yyyyMMdd')" -ForegroundColor Gray - Write-Host " 2. Use Get-CommitGroups tool to identify first batch of commits" -ForegroundColor Gray - Write-Host " 3. Begin cherry-picking commits from first batch" -ForegroundColor Gray - $result.Message = "All prerequisites met. Ready to start merge." } else { Write-Host "✗ PREREQUISITES NOT MET" -ForegroundColor Red From 409dc952ab88b5232e809e34fd55662c6f75ad81 Mon Sep 17 00:00:00 2001 From: "millert@openbsd.org" Date: Thu, 22 Jan 2026 15:30:07 +0000 Subject: [PATCH 524/687] upstream: Make it clear that DenyUsers/DenyGroups overrides AllowUsers/AllowGroups. Previously we specified the order in which the directives are processed but it was ambiguous as to what happened if both matched. OK djm@ OpenBSD-Commit-ID: 6ae0ab52ff796b78486b92a45cd7ec9310e20f4e --- sshd_config.5 | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 8a51582a5a9e..80cb2cecbd88 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.392 2025/12/18 23:54:10 jsg Exp $ -.Dd $Mdocdate: December 18 2025 $ +.\" $OpenBSD: sshd_config.5,v 1.393 2026/01/22 15:30:07 millert Exp $ +.Dd $Mdocdate: January 22 2026 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -113,9 +113,9 @@ If specified, login is allowed only for users whose primary group or supplementary group list matches one of the patterns. Only group names are valid; a numerical group ID is not recognized. By default, login is allowed for all groups. -The allow/deny groups directives are processed in the following order: -.Cm DenyGroups , -.Cm AllowGroups . +.Cm AllowGroups +is not consulted for groups matched by +.Cm DenyGroups . .Pp See PATTERNS in .Xr ssh_config 5 @@ -173,9 +173,9 @@ are separately checked, restricting logins to particular users from particular hosts. HOST criteria may additionally contain addresses to match in CIDR address/masklen format. -The allow/deny users directives are processed in the following order: -.Cm DenyUsers , -.Cm AllowUsers . +.Cm AllowUsers +is not consulted for users matched by +.Cm DenyUsers . .Pp See PATTERNS in .Xr ssh_config 5 @@ -636,9 +636,9 @@ Login is disallowed for users whose primary group or supplementary group list matches one of the patterns. Only group names are valid; a numerical group ID is not recognized. By default, login is allowed for all groups. -The allow/deny groups directives are processed in the following order: -.Cm DenyGroups , -.Cm AllowGroups . +.Cm AllowGroups +is not consulted for groups matched by +.Cm DenyGroups . .Pp See PATTERNS in .Xr ssh_config 5 @@ -657,9 +657,9 @@ are separately checked, restricting logins to particular users from particular hosts. HOST criteria may additionally contain addresses to match in CIDR address/masklen format. -The allow/deny users directives are processed in the following order: -.Cm DenyUsers , -.Cm AllowUsers . +.Cm AllowUsers +is not consulted for users matched by +.Cm DenyUsers . .Pp See PATTERNS in .Xr ssh_config 5 From 832a77000abe61f61bddb9e595f45c7131c0269d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 27 Jan 2026 06:48:29 +0000 Subject: [PATCH 525/687] upstream: Implement "query" extension from draft-ietf-sshm-ssh-agent feedback jsg@, tb@; ok tb@ OpenBSD-Commit-ID: adb2b79473ff86ba781ed5ab2735c1437b590f07 --- authfd.h | 4 +++- ssh-agent.c | 26 ++++++++++++++++++++++++-- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/authfd.h b/authfd.h index 958d480de6c7..da4830a9664f 100644 --- a/authfd.h +++ b/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.53 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.54 2026/01/27 06:48:29 djm Exp $ */ /* * Author: Tatu Ylonen @@ -102,6 +102,8 @@ int ssh_agent_bind_hostkey(int sock, const struct sshkey *key, /* generic extension mechanism */ #define SSH_AGENTC_EXTENSION 27 +#define SSH_AGENT_EXTENSION_FAILURE 28 +#define SSH_AGENT_EXTENSION_RESPONSE 29 #define SSH_AGENT_CONSTRAIN_LIFETIME 1 #define SSH_AGENT_CONSTRAIN_CONFIRM 2 diff --git a/ssh-agent.c b/ssh-agent.c index 963f4feb32b2..3bf01ce84cd0 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.316 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.317 2026/01/27 06:48:29 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1756,6 +1756,26 @@ process_ext_session_bind(SocketEntry *e) return r == 0 ? 1 : 0; } +static int +process_ext_query(SocketEntry *e) +{ + int r; + struct sshbuf *msg = NULL; + + debug2_f("entering"); + if ((msg = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u8(msg, SSH_AGENT_EXTENSION_RESPONSE)) != 0 || + (r = sshbuf_put_cstring(msg, "query")) != 0 || + /* string[] supported extension types */ + (r = sshbuf_put_cstring(msg, "session-bind@openssh.com")) != 0) + fatal_fr(r, "compose"); + if ((r = sshbuf_put_stringb(e->output, msg)) != 0) + fatal_fr(r, "enqueue"); + sshbuf_free(msg); + return 1; +} + static void process_extension(SocketEntry *e) { @@ -1767,7 +1787,9 @@ process_extension(SocketEntry *e) error_fr(r, "parse"); goto send; } - if (strcmp(name, "session-bind@openssh.com") == 0) + if (strcmp(name, "query") == 0) + success = process_ext_query(e); + else if (strcmp(name, "session-bind@openssh.com") == 0) success = process_ext_session_bind(e); else debug_f("unsupported extension \"%s\"", name); From a1072a6099dad797252db312c3b1b8ad12bf8773 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 30 Jan 2026 10:30:24 -0800 Subject: [PATCH 526/687] fix bug in tool --- .github/tools/Get-CommitGroups.ps1 | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/tools/Get-CommitGroups.ps1 b/.github/tools/Get-CommitGroups.ps1 index 0c5411dcedb3..ef83730f31b2 100644 --- a/.github/tools/Get-CommitGroups.ps1 +++ b/.github/tools/Get-CommitGroups.ps1 @@ -254,21 +254,22 @@ try { $allCommits = @($comparison.commits) # If we hit the 250 commit limit, we need to get the actual first 250 commits - # by using the oldest commit from this batch as the end point - if ($comparison.total_commits -gt 250) { + # by iteratively narrowing the range until we get 250 or fewer commits + while ($comparison.total_commits -gt 250) { Write-Host "Warning: Total commits ($($comparison.total_commits)) exceeds API limit (250)." -ForegroundColor Yellow - Write-Host "Fetching first 250 commits by using oldest commit as endpoint..." -ForegroundColor Cyan + Write-Host "Fetching first 250 commits by narrowing the range..." -ForegroundColor Cyan - # Get the oldest commit SHA from the initial batch (first in chronological order) + # Get the oldest commit SHA from the current batch (first in chronological order) + # Since the batch is limited to 250, this is approximately the 250th commit from start $oldestCommitSha = $allCommits[0].sha - # Now compare from start to this oldest commit to get the actual first 250 + # Now compare from start to this oldest commit to narrow down the range $limitedCompareUrl = "$apiBase/compare/${startCommitSha}...${oldestCommitSha}" Write-Host "Comparing $startCommitSha...$oldestCommitSha" -ForegroundColor Gray - $limitedComparison = Invoke-RestMethod -Uri $limitedCompareUrl -Headers (Get-GitHubHeaders) + $comparison = Invoke-RestMethod -Uri $limitedCompareUrl -Headers (Get-GitHubHeaders) - $allCommits = @($limitedComparison.commits) - Write-Host "Fetched $($allCommits.Count) commits in the corrected range" -ForegroundColor Green + $allCommits = @($comparison.commits) + Write-Host "Narrowed to $($comparison.total_commits) total commits ($($allCommits.Count) returned)" -ForegroundColor Green } $startRef = if ($GitHubTag) { "tag $GitHubTag" } else { "commit $StartCommit" } From c19ad3f0af2d298bddf6c458d5cb6b480d698c47 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 30 Jan 2026 11:34:05 -0800 Subject: [PATCH 527/687] update instructions --- .github/instructions/build.instructions.md | 9 +++++++++ .../instructions/merge/merge-details.instructions.md | 11 ++++++++++- .../instructions/repository-overview.instructions.md | 7 ++++++- 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 92c2ca11d842..bcf6a3f8bc9f 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -110,6 +110,8 @@ fatal error C1083: Cannot open source file: 'newfile.c' ``` + + **Important:** Visual Studio project files (`.vcxproj`) use Windows-style line endings (`\r\n`). When programmatically adding lines to these files, ensure you use `\r\n` instead of just `\n` to maintain consistency with the existing file format. This prevents Git from showing the entire file as changed. 4. **Update solution if new binaries added:** ``` @@ -240,6 +242,13 @@ contrib\win32\openssh\ # Edit Win32-OpenSSH.sln to include new project ``` +**Important Note on Line Endings:** +Both `.vcxproj` and `.sln` files use Windows-style line endings (`\r\n`). When programmatically modifying these files: +- Use `\r\n` instead of `\n` when inserting new lines +- Maintain consistent line endings to avoid Git showing spurious changes +- Example in PowerShell: `$newLine = "`r`n"` +- Example in Python: `new_line = "\r\n"` + ## Validation and Testing ### Build Verification Using MCP Tools diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index a2358a04cb2b..3f1df5e4e98b 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -199,6 +199,14 @@ FUNCTION sync_build_system(): FOR EACH source_file IN makefile_changes.new_source_files: target_project = determine_target_project(source_file) add_source_to_project(target_project, source_file) + +// CRITICAL: When modifying .vcxproj or .sln files programmatically, +// ALWAYS use Windows line endings (\r\n) instead of Unix (\n). +// This prevents Git from showing the entire file as modified. +FUNCTION add_source_to_project(project_file, source_file): + // Example: Use \r\n for line endings + new_line = f" \r\n" + insert_into_project_file(project_file, new_line) ``` ## Common Conflict Patterns @@ -209,9 +217,10 @@ FUNCTION sync_build_system(): - **File permissions** → Adapt to Windows ACL model ### Build System Changes -- **Makefile additions** → Update Visual Studio project files +- **Makefile additions** → Update Visual Studio project files (use `\r\n` line endings) - **New dependencies** → Check Windows compatibility - **Compiler flags** → Translate to MSVC equivalents +- **Project file edits** → Maintain Windows line endings (`\r\n`) to avoid Git diffs ### Configuration Changes - **New config options** → Add to `./contrib/win32/openssh/config.h.vs` diff --git a/.github/instructions/repository-overview.instructions.md b/.github/instructions/repository-overview.instructions.md index aa343214f394..3fe4c9d6c2b8 100644 --- a/.github/instructions/repository-overview.instructions.md +++ b/.github/instructions/repository-overview.instructions.md @@ -79,7 +79,12 @@ When merging changes to `ssh-agent.c` or related agent files from upstream: - Flag for Windows team review - May require significant redesign work -3. **Do NOT**: +3. **New files** (additional agent-related source files): + - **Not all new upstream files need to be ported** to the Windows ssh-agent + - Evaluate whether the functionality is relevant to the Windows implementation + - If not applicable, document the decision and skip porting + +4. **Do NOT**: - Directly apply upstream ssh-agent patches to Windows version - Assume one-to-one code correspondence - Merge without understanding Windows implementation differences From 6463960c58cd0adcb26bfbddceb9d4efcfbd9dd0 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 5 Feb 2026 22:05:49 +0000 Subject: [PATCH 528/687] upstream: Implement missing pieces of FIDO/webauthn signature support, mostly related to certificate handling and enable acceptance of this signature format by default. bz3748 GHPR624 GHPR625 Feedback tb / James Zhang; ok tb OpenBSD-Commit-ID: ce3327b508086b24a3f7a6507aa5c49d8e9505e6 --- myproposal.h | 5 ++++- ssh-ecdsa-sk.c | 18 ++++++++++++++++-- ssh_config.5 | 10 ++++++++-- sshconnect2.c | 5 +++-- sshd_config.5 | 10 ++++++++-- sshkey.c | 15 ++++++++++++++- 6 files changed, 53 insertions(+), 10 deletions(-) diff --git a/myproposal.h b/myproposal.h index 8fe9276c21f9..d992d8b12db0 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.77 2024/12/02 14:06:42 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.78 2026/02/05 22:05:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -47,6 +47,7 @@ "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ "sk-ssh-ed25519-cert-v01@openssh.com," \ "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \ + "webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \ "rsa-sha2-512-cert-v01@openssh.com," \ "rsa-sha2-256-cert-v01@openssh.com," \ "ssh-ed25519," \ @@ -55,6 +56,7 @@ "ecdsa-sha2-nistp521," \ "sk-ssh-ed25519@openssh.com," \ "sk-ecdsa-sha2-nistp256@openssh.com," \ + "webauthn-sk-ecdsa-sha2-nistp256@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256" @@ -87,6 +89,7 @@ "ecdsa-sha2-nistp521," \ "sk-ssh-ed25519@openssh.com," \ "sk-ecdsa-sha2-nistp256@openssh.com," \ + "webauthn-sk-ecdsa-sha2-nistp256@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256" diff --git a/ssh-ecdsa-sk.c b/ssh-ecdsa-sk.c index 3588b11a4a8b..9be9e6b48833 100644 --- a/ssh-ecdsa-sk.c +++ b/ssh-ecdsa-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa-sk.c,v 1.19 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: ssh-ecdsa-sk.c,v 1.20 2026/02/05 22:05:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -273,7 +273,9 @@ ssh_ecdsa_sk_verify(const struct sshkey *key, ret = SSH_ERR_INVALID_FORMAT; goto out; } - if (strcmp(ktype, "webauthn-sk-ecdsa-sha2-nistp256@openssh.com") == 0) + if (strcmp(ktype, "webauthn-sk-ecdsa-sha2-nistp256@openssh.com") == 0 || + strcmp(ktype, "webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com") + == 0) is_webauthn = 1; else if (strcmp(ktype, "sk-ecdsa-sha2-nistp256@openssh.com") != 0) { ret = SSH_ERR_INVALID_FORMAT; @@ -489,4 +491,16 @@ const struct sshkey_impl sshkey_ecdsa_sk_webauthn_impl = { /* .funcs = */ &sshkey_ecdsa_sk_funcs, }; +const struct sshkey_impl sshkey_ecdsa_sk_webauthn_cert_impl = { + /* .name = */ "webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", + /* .shortname = */ "ECDSA-SK-CERT", + /* .sigalg = */ NULL, + /* .type = */ KEY_ECDSA_SK_CERT, + /* .nid = */ NID_X9_62_prime256v1, + /* .cert = */ 1, + /* .sigonly = */ 1, + /* .keybits = */ 256, + /* .funcs = */ &sshkey_ecdsa_sk_funcs, +}; + #endif /* OPENSSL_HAS_ECC */ diff --git a/ssh_config.5 b/ssh_config.5 index f7066cbaab78..6e9bde1acf46 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.420 2025/10/04 21:41:35 naddy Exp $ -.Dd $Mdocdate: October 4 2025 $ +.\" $OpenBSD: ssh_config.5,v 1.421 2026/02/05 22:05:49 djm Exp $ +.Dd $Mdocdate: February 5 2026 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1020,12 +1020,14 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256@openssh.com, rsa-sha2-512,rsa-sha2-256 .Ed .Pp @@ -1066,11 +1068,13 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256@openssh.com sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256 .Ed @@ -1689,12 +1693,14 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256@openssh.com, rsa-sha2-512,rsa-sha2-256 .Ed .Pp diff --git a/sshconnect2.c b/sshconnect2.c index 53e1f197de83..5e99d293fd5e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.379 2026/01/21 23:58:20 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.380 2026/02/05 22:05:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1273,7 +1273,8 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, * PKCS#11 tokens may not support all signature algorithms, * so check what we get back. */ - if ((r = sshkey_check_sigtype(*sigp, *lenp, alg)) != 0) { + if ((id->key->flags & SSHKEY_FLAG_EXT) != 0 && + (r = sshkey_check_sigtype(*sigp, *lenp, alg)) != 0) { debug_fr(r, "sshkey_check_sigtype"); goto out; } diff --git a/sshd_config.5 b/sshd_config.5 index 80cb2cecbd88..e0e23a77f46c 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.393 2026/01/22 15:30:07 millert Exp $ -.Dd $Mdocdate: January 22 2026 $ +.\" $OpenBSD: sshd_config.5,v 1.394 2026/02/05 22:05:49 djm Exp $ +.Dd $Mdocdate: February 5 2026 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -788,12 +788,14 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256@openssh.com, rsa-sha2-512,rsa-sha2-256 .Ed .Pp @@ -872,12 +874,14 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256@openssh.com, rsa-sha2-512,rsa-sha2-256 .Ed .Pp @@ -1738,12 +1742,14 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, +webauthn-sk-ecdsa-sha2-nistp256@openssh.com, rsa-sha2-512,rsa-sha2-256 .Ed .Pp diff --git a/sshkey.c b/sshkey.c index 51706533206f..96c4c6c07ca4 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.159 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.160 2026/02/05 22:05:49 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -96,6 +96,7 @@ extern const struct sshkey_impl sshkey_ed25519_sk_cert_impl; extern const struct sshkey_impl sshkey_ecdsa_sk_impl; extern const struct sshkey_impl sshkey_ecdsa_sk_cert_impl; extern const struct sshkey_impl sshkey_ecdsa_sk_webauthn_impl; +extern const struct sshkey_impl sshkey_ecdsa_sk_webauthn_cert_impl; # endif /* ENABLE_SK */ extern const struct sshkey_impl sshkey_ecdsa_nistp256_impl; extern const struct sshkey_impl sshkey_ecdsa_nistp256_cert_impl; @@ -135,6 +136,7 @@ const struct sshkey_impl * const keyimpls[] = { &sshkey_ecdsa_sk_impl, &sshkey_ecdsa_sk_cert_impl, &sshkey_ecdsa_sk_webauthn_impl, + &sshkey_ecdsa_sk_webauthn_cert_impl, # endif /* ENABLE_SK */ # endif /* OPENSSL_HAS_ECC */ &sshkey_rsa_impl, @@ -300,6 +302,17 @@ sshkey_match_keyname_to_sigalgs(const char *keyname, const char *sigalgs) sigalgs, 0) == 1 || match_pattern_list("rsa-sha2-512-cert-v01@openssh.com", sigalgs, 0) == 1; + } else if (ktype == KEY_ECDSA_SK) { + return match_pattern_list("sk-ecdsa-sha2-nistp256@openssh.com", + sigalgs, 0) == 1 || match_pattern_list( + "webauthn-sk-ecdsa-sha2-nistp256@openssh.com", + sigalgs, 0) == 1; + } else if (ktype == KEY_ECDSA_SK_CERT) { + return match_pattern_list( + "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", + sigalgs, 0) == 1 || match_pattern_list( + "webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com", + sigalgs, 0) == 1; } else return match_pattern_list(keyname, sigalgs, 0) == 1; } From 91c4d422cc0af2ae592f5e6c0cc505a5d8d7a6d2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 6 Feb 2026 01:24:36 +0000 Subject: [PATCH 529/687] upstream: remove vestige of when we supported running without privsep OpenBSD-Commit-ID: 5342c24d2330ef5ce357c294056f72b8123122c0 --- auth-bsdauth.c | 10 +--------- auth.h | 4 +--- auth2-chall.c | 32 +++++--------------------------- sshd-auth.c | 5 +---- 4 files changed, 8 insertions(+), 43 deletions(-) diff --git a/auth-bsdauth.c b/auth-bsdauth.c index d124e994e776..d2fe51ae2c72 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-bsdauth.c,v 1.15 2018/07/09 21:35:50 markus Exp $ */ +/* $OpenBSD: auth-bsdauth.c,v 1.16 2026/02/06 01:24:36 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -125,14 +125,6 @@ bsdauth_free_ctx(void *ctx) } } -KbdintDevice bsdauth_device = { - "bsdauth", - bsdauth_init_ctx, - bsdauth_query, - bsdauth_respond, - bsdauth_free_ctx -}; - KbdintDevice mm_bsdauth_device = { "bsdauth", bsdauth_init_ctx, diff --git a/auth.h b/auth.h index 98bb23d4c5ce..634a84aa85f7 100644 --- a/auth.h +++ b/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.108 2024/05/17 06:42:04 jsg Exp $ */ +/* $OpenBSD: auth.h,v 1.109 2026/02/06 01:24:36 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -182,8 +182,6 @@ int auth2_update_methods_lists(Authctxt *, const char *, const char *); int auth2_setup_methods_lists(Authctxt *); int auth2_method_allowed(Authctxt *, const char *, const char *); -void privsep_challenge_enable(void); - int auth2_challenge(struct ssh *, char *); void auth2_challenge_stop(struct ssh *); int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); diff --git a/auth2-chall.c b/auth2-chall.c index a6d916598263..dc63091cf641 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.57 2025/10/02 08:38:43 dtucker Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.58 2026/02/06 01:24:36 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -54,19 +54,19 @@ static int send_userauth_info_request(struct ssh *); static int input_userauth_info_response(int, u_int32_t, struct ssh *); #ifdef BSD_AUTH -extern KbdintDevice bsdauth_device; +extern KbdintDevice mm_bsdauth_device; #else #ifdef USE_PAM -extern KbdintDevice sshpam_device; +extern KbdintDevice mm_sshpam_device; #endif #endif KbdintDevice *devices[] = { #ifdef BSD_AUTH - &bsdauth_device, + &mm_bsdauth_device, #else #ifdef USE_PAM - &sshpam_device, + &mm_sshpam_device, #endif #endif NULL @@ -362,25 +362,3 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) devicename); return 0; } - -void -privsep_challenge_enable(void) -{ -#if defined(BSD_AUTH) || defined(USE_PAM) - int n = 0; -#endif -#ifdef BSD_AUTH - extern KbdintDevice mm_bsdauth_device; -#endif -#ifdef USE_PAM - extern KbdintDevice mm_sshpam_device; -#endif - -#ifdef BSD_AUTH - devices[n++] = &mm_bsdauth_device; -#else -#ifdef USE_PAM - devices[n++] = &mm_sshpam_device; -#endif -#endif -} diff --git a/sshd-auth.c b/sshd-auth.c index 0fff1b33fd0f..0f238e1b3743 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.10 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.11 2026/02/06 01:24:36 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -750,9 +750,6 @@ main(int ac, char **av) fatal("sshbuf_new loginmsg failed"); auth_debug_reset(); - /* Enable challenge-response authentication for privilege separation */ - privsep_challenge_enable(); - #ifdef GSSAPI /* Cache supported mechanism OIDs for later use */ ssh_gssapi_prepare_supported_oids(); From 01bddc0663e5239df9342fcf7b373e5f58ff1b49 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 31 Dec 2025 16:25:16 +1100 Subject: [PATCH 530/687] Add OpenIndiana VM test target. --- .github/workflows/vm.yml | 52 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 1da1e9fc6ecd..0d0536263f45 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -206,7 +206,7 @@ jobs: sudo -u builder env SUDO=sudo SSHD_CONFOPTS="UsePam yes" make tests - ominios: + omnios: name: "omnios-${{ matrix.target }}" if: github.repository != 'openssh/openssh-portable-selfhosted' strategy: @@ -257,6 +257,56 @@ jobs: sudo -u builder make tests + openindiana: + name: "openindiana-${{ matrix.target }}" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + matrix: + # First we test all OSes in the default configuration. + target: + - "202510" + config: [default] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - name: autoreconf + run: sh -c autoreconf + + - name: start OpenIndiana ${{ matrix.target }} VM + uses: vmactions/openindiana-vm@v0 + with: + release: ${{ matrix.target }} + usesh: true + prepare: | + set -x + pfexec pkg install build-essential sudo + useradd -m builder + sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers + mv /tmp/sudoers /etc/sudoers + echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers + mkdir -p /var/empty /usr/local/etc + cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli + + - name: set file perms + shell: openindiana {0} + run: cd $GITHUB_WORKSPACE && chown -R builder . + - name: configure + shell: openindiana {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --without-openssl + - name: make clean + shell: openindiana {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make clean + - name: make + shell: openindiana {0} + run: cd $GITHUB_WORKSPACE && sudo -u builder make + - name: make tests + shell: openindiana {0} + run: | + cd $GITHUB_WORKSPACE + sudo -u builder make t-exec + + openbsd: name: "openbsd-${{ matrix.target }}" if: github.repository != 'openssh/openssh-portable-selfhosted' From f0b7ecf7f5976c11f8c89ee9b0ca19383b573764 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 31 Dec 2025 16:26:23 +1100 Subject: [PATCH 531/687] Run tests on older OmniOS version too. --- .github/workflows/vm.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 0d0536263f45..0de37b2b7a49 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -215,6 +215,7 @@ jobs: # First we test all OSes in the default configuration. target: - "r151054" + - "r151046" config: [default] runs-on: ubuntu-latest steps: From dfbb8526b5006cfe368193fb15e16f58cce6e1d1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 31 Dec 2025 16:35:29 +1100 Subject: [PATCH 532/687] Remove obsolete comments. --- .github/workflows/vm.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 0de37b2b7a49..b3c4bbd9fe6d 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -22,7 +22,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "6.4.2" config: [default] @@ -83,7 +82,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "13.5" - "14.3" @@ -147,7 +145,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "9.0" - "9.4" @@ -212,7 +209,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "r151054" - "r151046" @@ -264,7 +260,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "202510" config: [default] @@ -314,7 +309,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "7.3" - "7.5" @@ -368,7 +362,6 @@ jobs: strategy: fail-fast: false matrix: - # First we test all OSes in the default configuration. target: - "11.4-gcc" config: [default] From 86e0f4aa2c72d5e96618f0c7214109f5a46ca70d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 1 Jan 2026 21:41:10 +1100 Subject: [PATCH 533/687] Split sudo out to its own install line. --- .github/workflows/vm.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index b3c4bbd9fe6d..b3e3e1bf1a29 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -276,7 +276,8 @@ jobs: usesh: true prepare: | set -x - pfexec pkg install build-essential sudo + pfexec pkg install build-essential + pfexec pkg install sudo useradd -m builder sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers mv /tmp/sudoers /etc/sudoers From d84dbccee4371ce395d28543f146e7b62d8c0d36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavol=20=C5=BD=C3=A1=C4=8Dik?= Date: Thu, 29 Jan 2026 11:01:19 +0100 Subject: [PATCH 534/687] Add a GSSAPI authentication test --- .github/setup_ci.sh | 4 +- regress/gss-auth.sh | 196 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 198 insertions(+), 2 deletions(-) create mode 100644 regress/gss-auth.sh diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 95c759a59a36..52e71c7f252c 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -102,10 +102,10 @@ for TARGET in $TARGETS; do PACKAGES="$PACKAGES $compiler" ;; krb5) - PACKAGES="$PACKAGES libkrb5-dev" + PACKAGES="$PACKAGES libkrb5-dev libnss-wrapper krb5-admin-server" ;; heimdal) - PACKAGES="$PACKAGES heimdal-dev" + PACKAGES="$PACKAGES heimdal-dev libnss-wrapper krb5-admin-server" ;; libedit) case "$PACKAGER" in diff --git a/regress/gss-auth.sh b/regress/gss-auth.sh new file mode 100644 index 000000000000..c349fbeb9a87 --- /dev/null +++ b/regress/gss-auth.sh @@ -0,0 +1,196 @@ +tid="GSSAPI Authentication" + +# Skip the test if GSSAPI support is not configured +if ! grep -E '^#define GSSAPI' "$BUILDDIR/config.h" >/dev/null 2>&1; then + skip "GSSAPI not enabled" +fi + +# We test with MIT Kerberos KDC, skip if not installed +if ! which krb5kdc >/dev/null 2>&1; then + skip "MIT Kerberos KDC not installed" +fi + +# The test needs nss_wrapper to emulate gethostname() and /etc/hosts, +# we skip if the shared library is not installed +nss_wrapper="libnss_wrapper.so" +if ! ldconfig -p | grep "$nss_wrapper" >/dev/null 2>&1; then + skip "$nss_wrapper not installed" +fi + +# Set up the username of the SSH client +client="$LOGNAME" +if [ "x$client" = "x" ]; then + client="$(whoami)" +fi + +# Set up SSHD and KDC hostnames and resolve both to localhost +sshd_hostname="sshd.example.org" +bad_hostname="bad.example.org" +kdc_hostname="kdc.example.org" +kdc_port=2088 +hosts="$OBJ/hosts" +echo "127.0.0.1 $sshd_hostname $kdc_hostname" > "$hosts" + +# Set up a directory to store Kerberos data +# (configuration, ticket cache,...) +gssdir="$OBJ/gss" +mkdir -p "$gssdir" +export KRB5CCNAME="$gssdir/cc" +export KRB5_CONFIG="$gssdir/krb5.conf" +export KRB5_KDC_PROFILE="$gssdir/kdc.conf" +export KRB5_KTNAME="$gssdir/ssh.keytab" +export KRB5RCACHETYPE="none" +kdc_pidfile="$gssdir/pid" + +# Configure Kerberos +cat< "$KRB5_KDC_PROFILE" +[realms] + EXAMPLE.ORG = { + database_name = $gssdir/principal + key_stash_file = $gssdir/stash + kdc_listen = $kdc_hostname:$kdc_port + kdc_tcp_listen = $kdc_hostname:$kdc_port + } +[logging] + kdc = FILE:$gssdir/kdc.log + debug = true +EOF + +cat< "$KRB5_CONFIG" +[libdefaults] + default_realm = EXAMPLE.ORG +[realms] + EXAMPLE.ORG = { + kdc = $kdc_hostname:$kdc_port + } +EOF + +# Back up the default sshd_config +cp "$OBJ/sshd_config" "$OBJ/sshd_config.orig" + +setup_sshd() { + mock_hostname="$1" + strict_acceptor="$2" + + cp "$OBJ/sshd_config.orig" "$OBJ/sshd_config" + + cat<> "$OBJ/sshd_config" +PubkeyAuthentication No +PasswordAuthentication No +GSSAPIAuthentication Yes +EOF + + if ! $strict_acceptor; then + echo "GSSAPIStrictAcceptorCheck No" >> "$OBJ/sshd_config" + fi + + test_ssh_sshd_env_backup="$TEST_SSH_SSHD_ENV" + TEST_SSH_SSHD_ENV="$TEST_SSH_SSHD_ENV \ + LD_PRELOAD=$nss_wrapper \ + NSS_WRAPPER_HOSTS=$hosts \ + NSS_WRAPPER_HOSTNAME=$mock_hostname \ + KRB5_CONFIG=$KRB5_CONFIG \ + KRB5_KDC_PROFILE=$KRB5_KDC_PROFILE \ + KRB5CCNAME=$KRB5CCNAME \ + KRB5_KTNAME=$KRB5_KTNAME \ + KRB5RCACHETYPE=$KRB5RCACHETYPE" + start_sshd +} + +teardown_sshd() { + TEST_SSH_SSHD_ENV="$test_ssh_sshd_env_backup" + stop_sshd +} + +setup_kdc() { + kdb5_util create -P "foo" -s + krb5kdc -w 1 -P "$kdc_pidfile" + i=0; + while [ ! -f "$kdc_pidfile" -a $i -lt 10 ]; do + i=$((i + 1)) + sleep 1 + done + test -f "$kdc_pidfile" || fatal "KDC failed to start" +} + +teardown_kdc() { + kill "$(cat "$kdc_pidfile")" + kdestroy + rm -f "$KRB5_KTNAME" "$kdc_pidfile" + kdb5_util destroy -f +} + +setup_nss_emulation() { + export LD_PRELOAD="$nss_wrapper" + export NSS_WRAPPER_HOSTS="$hosts" +} + +teardown_nss_emulation() { + unset LD_PRELOAD + unset NSS_WRAPPER_HOSTS +} + +setup_krb_principal_with_key() { + name="$1" + add_to_keytab="$2" + kadmin.local add_principal -randkey "$name" + if $add_to_keytab; then + kadmin.local ktadd "$name" + fi +} + +setup_krb_principal_with_pw() { + name="$1" + password="$2" + authenticate="$3" + kadmin.local add_principal -pw "$password" "$name" + if $authenticate; then + echo "$password" | kinit "$name" + fi +} + +test_gss_auth() { + sshd_mock_hostname="$1" # the name that gethostname() will return within sshd + sshd_principal="$2" # the hostname for which a Kerberos principal will be created + auth_sshd="$3" # whether sshd will be authenticated via a keytab + auth_client="$4" # whether the client will be authenticated via kinit + strict_acceptor="$5" # whether to be strict about the identity of the sshd server + expect="$6" # the expected return value of the sshd command + + setup_sshd "$sshd_mock_hostname" "$strict_acceptor" + setup_nss_emulation + setup_kdc + + setup_krb_principal_with_key "host/$sshd_principal" "$auth_sshd" + setup_krb_principal_with_pw "$client" "foo" "$auth_client" + + ${SSH} -F "$OBJ/ssh_config" -o "GSSAPIAuthentication Yes" "$client@$sshd_hostname" true + status=$? + + teardown_kdc + teardown_nss_emulation + teardown_sshd + + [ $status -eq $expect ] +} + +# sshd_mock_hostname sshd_principal auth_sshd auth_client strict_acceptor expect +test_gss_auth $sshd_hostname $sshd_hostname true true true 0 \ + || fail "valid authentication attempt failed" +test_gss_auth $sshd_hostname $sshd_hostname false true true 255 \ + || fail "authentication succeeded without a keytab entry for the host" +test_gss_auth $sshd_hostname $sshd_hostname true false true 255 \ + || fail "authentication succeeded without a ticket-granting ticket" +test_gss_auth $bad_hostname $sshd_hostname true true true 255 \ + || fail "authentication succeeded with a hostname/principal mismatch on server side" +test_gss_auth $bad_hostname $sshd_hostname true true false 0 \ + || fail "valid authentication without strict acceptor check failed" +test_gss_auth $bad_hostname $bad_hostname true true true 255 \ + || fail "authentication succeeded with a hostname/principal mismatch on client side" + +unset KRB5CCNAME +unset KRB5_CONFIG +unset KRB5_KDC_PROFILE +unset KRB5_KTNAME +unset KRB5RCACHETYPE +rm -r "$gssdir" From b83c0bb5109eb245dd4f06e4af4a960f96a0c193 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 7 Feb 2026 06:58:59 +1100 Subject: [PATCH 535/687] Enable gss-auth tests on Kerberos test configs. --- .github/configs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/configs b/.github/configs index 230258f93f24..7e16a8c9af31 100755 --- a/.github/configs +++ b/.github/configs @@ -135,6 +135,7 @@ case "$config" in CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux" CONFIGFLAGS="${CONFIGFLAGS} --with-linux-memlock-onfault" CFLAGS="-DSK_DEBUG -DSANDBOX_SECCOMP_FILTER_DEBUG" + EXTRA_TESTS="gss-auth" ;; hardenedmalloc) CONFIGFLAGS="--with-ldflags=-lhardened_malloc" @@ -153,6 +154,7 @@ case "$config" in ;; krb5|heimdal) CONFIGFLAGS="--with-kerberos5" + EXTRA_TESTS="gss-auth" ;; libedit) CONFIGFLAGS="--with-libedit" @@ -166,6 +168,7 @@ case "$config" in pam-krb5) CONFIGFLAGS="--with-pam --with-kerberos5" SSHD_CONFOPTS="UsePam yes" + EXTRA_TESTS="gss-auth" ;; *pam) CONFIGFLAGS="--with-pam" From 11600929832e04aa6ad20a57af7187c3feb973d4 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 6 Feb 2026 22:59:18 +0000 Subject: [PATCH 536/687] upstream: Typo fixes, mostly in comments. From THE-Spellchecker via github PR#620. OpenBSD-Commit-ID: 64929fafa3caae5a162f23257917ecf33f8a3764 --- addrmatch.c | 4 ++-- auth2-chall.c | 4 ++-- channels.c | 4 ++-- scp.c | 4 ++-- session.c | 4 ++-- ssh-ecdsa-sk.c | 4 ++-- ssh-pkcs11.c | 4 ++-- sshkey.c | 4 ++-- sshkey.h | 6 +++--- umac.c | 6 +++--- 10 files changed, 22 insertions(+), 22 deletions(-) diff --git a/addrmatch.c b/addrmatch.c index b0dc096804db..4dd2f285be8c 100644 --- a/addrmatch.c +++ b/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.17 2021/04/03 06:18:40 djm Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.18 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -128,7 +128,7 @@ addr_match_cidr_list(const char *addr, const char *_list) /* * NB. This function is called in pre-auth with untrusted data, - * so be extra paranoid about junk reaching getaddrino (via + * so be extra paranoid about junk reaching getaddrinfo (via * addr_pton_cidr). */ diff --git a/auth2-chall.c b/auth2-chall.c index dc63091cf641..f74a214077f5 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.58 2026/02/06 01:24:36 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.59 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -167,7 +167,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) for (i = 0; devices[i]; i++) { if (i >= sizeof(kbdintctxt->devices_done) * 8 || i >= sizeof(devices) / sizeof(devices[0])) - fatal_f("internal error: too may devices"); + fatal_f("internal error: too many devices"); if ((kbdintctxt->devices_done & (1 << i)) != 0 || !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) diff --git a/channels.c b/channels.c index efade6d810c4..83ff8bb8e237 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.453 2026/01/04 09:52:58 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.454 2026/02/06 22:59:18 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -4754,7 +4754,7 @@ connect_to_helper(struct ssh *ssh, const char *name, int port, int socktype, /* * Fake up a struct addrinfo for AF_UNIX connections. * channel_connect_ctx_free() must check ai_family - * and use free() not freeaddirinfo() for AF_UNIX. + * and use free() not freeaddrinfo() for AF_UNIX. */ ai = xcalloc(1, sizeof(*ai) + sizeof(*sunaddr)); ai->ai_addr = (struct sockaddr *)(ai + 1); diff --git a/scp.c b/scp.c index 88cad77410f1..86418d85e2fc 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.270 2025/12/03 06:29:50 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.271 2026/02/06 22:59:18 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -969,7 +969,7 @@ brace_expand(const char *pattern, char ***patternsp, size_t *npatternsp) continue; } /* - * Pattern did not expand; append the finename component to + * Pattern did not expand; append the filename component to * the completed list */ if ((cp2 = strrchr(cp, '/')) != NULL) diff --git a/session.c b/session.c index 34b049a0f5d9..778b6d63cfd7 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.345 2025/11/17 12:59:29 jca Exp $ */ +/* $OpenBSD: session.c,v 1.346 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -314,7 +314,7 @@ do_authenticated(struct ssh *ssh, Authctxt *authctxt) auth_log_authopts("active", auth_opts, 0); - /* setup the channel layer */ + /* set up the channel layer */ /* XXX - streamlocal? */ set_fwdpermit_from_authopts(ssh, auth_opts); diff --git a/ssh-ecdsa-sk.c b/ssh-ecdsa-sk.c index 9be9e6b48833..eb5c8bc1eb0d 100644 --- a/ssh-ecdsa-sk.c +++ b/ssh-ecdsa-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa-sk.c,v 1.20 2026/02/05 22:05:49 djm Exp $ */ +/* $OpenBSD: ssh-ecdsa-sk.c,v 1.21 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -210,7 +210,7 @@ webauthn_check_prepare_hash(const u_char *data, size_t datalen, fprintf(stderr, "%s: received origin: %s\n", __func__, origin); fprintf(stderr, "%s: received clientData:\n", __func__); sshbuf_dump(wrapper, stderr); - fprintf(stderr, "%s: expected clientData premable:\n", __func__); + fprintf(stderr, "%s: expected clientData preamble:\n", __func__); sshbuf_dump(m, stderr); #endif /* Check that the supplied clientData has the preamble we expect */ diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 0691b618e77c..c490974d8cfa 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.75 2025/11/23 07:04:18 tb Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.76 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -1890,7 +1890,7 @@ pkcs11_register_provider(char *provider_id, char *pin, p = xcalloc(1, sizeof(*p)); p->name = xstrdup(provider_id); p->handle = handle; - /* setup the pkcs11 callbacks */ + /* set up the pkcs11 callbacks */ if ((rv = (*getfunctionlist)(&f)) != CKR_OK) { error("C_GetFunctionList for provider %s failed: %lu", provider_id, rv); diff --git a/sshkey.c b/sshkey.c index 96c4c6c07ca4..59d14531c473 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.160 2026/02/05 22:05:49 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.161 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2218,7 +2218,7 @@ sshkey_sign(struct sshkey *key, } /* - * ssh_key_verify returns 0 for a correct signature and < 0 on error. + * ssh_key_verify returns 0 for a correct signature and < 0 on error. * If "alg" specified, then the signature must use that algorithm. */ int diff --git a/sshkey.h b/sshkey.h index 37231847916a..c7e6cbd89c2e 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.71 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.72 2026/02/06 22:59:18 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -98,7 +98,7 @@ enum sshkey_private_format { #define SSHKEY_FLAG_EXT 0x0001 #define SSHKEY_CERT_MAX_PRINCIPALS 256 -/* XXX opaquify? */ +/* XXX opacify? */ struct sshkey_cert { struct sshbuf *certblob; /* Kept around for use on wire */ u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */ @@ -113,7 +113,7 @@ struct sshkey_cert { char *signature_type; }; -/* XXX opaquify? */ +/* XXX opacify? */ struct sshkey { int type; int flags; diff --git a/umac.c b/umac.c index 8d6e1641521c..6e31b115b409 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.27 2025/09/05 10:34:35 dtucker Exp $ */ +/* $OpenBSD: umac.c,v 1.28 2026/02/06 22:59:18 dtucker Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -40,7 +40,7 @@ * "Barreto"). The only two files needed are rijndael-alg-fst.c and * rijndael-alg-fst.h. Brian Gladman's version is distributed with the GNU * Public license at http://fp.gladman.plus.com/AES/index.htm. It - * includes a fast IA-32 assembly version. The OpenSSL crypo library is + * includes a fast IA-32 assembly version. The OpenSSL crypto library is * the third. * * 5) With FORCE_C_ONLY flags set to 0, incorrect results are sometimes @@ -53,7 +53,7 @@ /* ---------------------------------------------------------------------- */ #ifndef UMAC_OUTPUT_LEN -#define UMAC_OUTPUT_LEN 8 /* Alowable: 4, 8, 12, 16 */ +#define UMAC_OUTPUT_LEN 8 /* Allowable: 4, 8, 12, 16 */ #endif #if UMAC_OUTPUT_LEN != 4 && UMAC_OUTPUT_LEN != 8 && \ From 5b12d836e7c42c146ac1a69a9600db05282dbbb8 Mon Sep 17 00:00:00 2001 From: THE-Spellchecker Date: Sat, 3 Jan 2026 22:11:39 -0600 Subject: [PATCH 537/687] Typographical Fixes --- auth-pam.c | 2 +- loginrec.c | 4 ++-- sshd-session.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 7b1002943517..fad098d6839b 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -158,7 +158,7 @@ sshpam_sigchld_handler(int sig) return; /* handler called after PAM cleanup, shouldn't happen */ if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG) <= 0) { - /* PAM thread has not exitted, privsep slave must have */ + /* PAM thread has not exited, privsep slave must have */ kill(cleanup_ctxt->pam_thread, SIGTERM); while (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) == -1) { diff --git a/loginrec.c b/loginrec.c index 7d1c9dd43de9..d57a9d14632e 100644 --- a/loginrec.c +++ b/loginrec.c @@ -66,7 +66,7 @@ * code should suffice. * * Retrieving the time of last login ('lastlog') is in some ways even - * more problemmatic than login recording. Some systems provide a + * more problematic than login recording. Some systems provide a * simple table of all users which we seek based on uid and retrieve a * relatively standard structure. Others record the same information in * a directory with a separate file, and others don't record the @@ -975,7 +975,7 @@ utmp_write_entry(struct logininfo *li) /* not much point if we don't want utmpx entries */ #ifdef USE_UTMPX -/* if we have the wherewithall, use pututxline etc. */ +/* if we have the wherewithal, use pututxline etc. */ # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \ defined(HAVE_PUTUTXLINE) # define UTMPX_USE_LIBRARY diff --git a/sshd-session.c b/sshd-session.c index 5f34f6444cba..a3ad3a2bcb92 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -405,7 +405,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) * Hack for systems that don't support FD passing: retain privileges * in the post-auth privsep process so it can allocate PTYs directly. * This is basically equivalent to what we did <= 9.7, which was to - * disable post-auth privsep entriely. + * disable post-auth privsep entirely. * Cygwin doesn't need to drop privs here although it doesn't support * fd passing, as AFAIK PTY allocation on this platform doesn't require * special privileges to begin with. From 9c4949c11d8da1a5422e2174afb1a4f5b3dc8914 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 6 Feb 2026 23:31:29 +0000 Subject: [PATCH 538/687] upstream: Fetch the error reason from libcrypto if available, append it to the corresponding ssh error message and optionall print the libcrypto full error stack (at debug1). with & ok tb@ djm@ millert@ schwarze@ Note that the quality of errors obtainable from libcrypto is somewhat variable, so these may be any of: useful, misleading, incomplete or missing entirely. As a result we reserve the right to change what is returned or even stop returning it if it does more harm than good. OpenBSD-Commit-ID: 1ad599ac3eeddbe254fec6b9c1cf658fa70d572e --- Makefile.in | 8 +++--- ssherr-libcrypto.c | 59 ++++++++++++++++++++++++++++++++++++++++++++ ssherr-nolibcrypto.c | 26 +++++++++++++++++++ ssherr.c | 7 ++++-- ssherr.h | 4 ++- 5 files changed, 97 insertions(+), 7 deletions(-) create mode 100644 ssherr-libcrypto.c create mode 100644 ssherr-nolibcrypto.c diff --git a/Makefile.in b/Makefile.in index 7f7d2c5dd43f..2aac879c1eaf 100644 --- a/Makefile.in +++ b/Makefile.in @@ -107,7 +107,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kexgexc.o kexgexs.o \ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o misc-agent.o + sshbuf-io.o misc-agent.o ssherr-libcrypto.o P11OBJS= ssh-pkcs11-client.o @@ -150,7 +150,7 @@ SSHD_AUTH_OBJS=sshd-auth.o \ sftp-server.o sftp-common.o \ uidswap.o $(P11OBJS) $(SKOBJS) -SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o +SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o ssherr-nolibcrypto.o SCP_OBJS= scp.o progressmeter.o $(SFTP_CLIENT_OBJS) @@ -164,11 +164,11 @@ SSHKEYSIGN_OBJS=ssh-keysign.o readconf.o uidswap.o $(P11OBJS) $(SKOBJS) P11HELPER_OBJS= ssh-pkcs11-helper.o ssh-pkcs11.o $(SKOBJS) -SKHELPER_OBJS= ssh-sk-helper.o ssh-sk.o sk-usbhid.o +SKHELPER_OBJS= ssh-sk-helper.o ssh-sk.o sk-usbhid.o ssherr-nolibcrypto.o SSHKEYSCAN_OBJS=ssh-keyscan.o $(P11OBJS) $(SKOBJS) -SFTPSERVER_OBJS=sftp-common.o sftp-server.o sftp-server-main.o +SFTPSERVER_OBJS=sftp-common.o sftp-server.o sftp-server-main.o ssherr-nolibcrypto.o SFTP_OBJS= sftp.o sftp-usergroup.o progressmeter.o $(SFTP_CLIENT_OBJS) diff --git a/ssherr-libcrypto.c b/ssherr-libcrypto.c new file mode 100644 index 000000000000..5b817e54aa80 --- /dev/null +++ b/ssherr-libcrypto.c @@ -0,0 +1,59 @@ +/* $OpenBSD: ssherr-libcrypto.c,v 1.1 2026/02/06 23:31:29 dtucker Exp $ */ +/* + * Copyright (c) 2026 Darren Tucker + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "includes.h" + +#include + +#include +#include + +#include "log.h" + +#ifdef WITH_OPENSSL +#include + +const char * +ssherr_libcrypto(void) +{ + unsigned long e; + static char buf[512]; + char msg[4096]; + const char *reason = NULL, *file, *data; + int ln, fl; + + ERR_load_crypto_strings(); + while ((e = ERR_get_error_line_data(&file, &ln, &data, &fl)) != 0) { + ERR_error_string_n(e, buf, sizeof(buf)); + snprintf(msg, sizeof(msg), "%s:%s:%d:%s", buf, file, ln, + (fl & ERR_TXT_STRING) ? data : ""); + debug("libcrypto: '%s'", msg); + if ((reason = ERR_reason_error_string(e)) != NULL) + snprintf(buf, sizeof(buf), "error in libcrypto: %s", + reason); + } + if (reason == NULL) + return NULL; + return buf; +} +#else +const char * +ssherr_libcrypto(void) +{ + return NULL; +} +#endif diff --git a/ssherr-nolibcrypto.c b/ssherr-nolibcrypto.c new file mode 100644 index 000000000000..039d69d06432 --- /dev/null +++ b/ssherr-nolibcrypto.c @@ -0,0 +1,26 @@ +/* $OpenBSD: ssherr-nolibcrypto.c,v 1.1 2026/02/06 23:31:29 dtucker Exp $ */ +/* + * Copyright (c) 2026 Darren Tucker + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include "ssherr.h" + +const char * +ssherr_libcrypto(void) +{ + return NULL; +} diff --git a/ssherr.c b/ssherr.c index bd954aadd729..d22072de7966 100644 --- a/ssherr.c +++ b/ssherr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssherr.c,v 1.10 2020/01/25 23:13:09 djm Exp $ */ +/* $OpenBSD: ssherr.c,v 1.11 2026/02/06 23:31:29 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -22,6 +22,8 @@ const char * ssh_err(int n) { + const char *msg = NULL; + switch (n) { case SSH_ERR_SUCCESS: return "success"; @@ -68,7 +70,8 @@ ssh_err(int n) case SSH_ERR_SIGNATURE_INVALID: return "incorrect signature"; case SSH_ERR_LIBCRYPTO_ERROR: - return "error in libcrypto"; /* XXX fetch and return */ + msg = ssherr_libcrypto(); + return msg != NULL ? msg : "error in libcrypto"; case SSH_ERR_UNEXPECTED_TRAILING_DATA: return "unexpected bytes remain after decoding"; case SSH_ERR_SYSTEM_ERROR: diff --git a/ssherr.h b/ssherr.h index 085e752744d8..3dac27ab0234 100644 --- a/ssherr.h +++ b/ssherr.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssherr.h,v 1.8 2020/01/25 23:13:09 djm Exp $ */ +/* $OpenBSD: ssherr.h,v 1.9 2026/02/06 23:31:29 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -85,5 +85,7 @@ /* Translate a numeric error code to a human-readable error string */ const char *ssh_err(int n); +/* Return most recent error from libcrypto. */ +const char *ssherr_libcrypto(void); #endif /* _SSHERR_H */ From 670f7d210ceae59db73b16b67e52d8fd8def3012 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 6 Feb 2026 23:39:14 +0000 Subject: [PATCH 539/687] upstream: Adjust Makefiles to include just-added ssherr_libcrypto where necessary. OpenBSD-Regress-ID: 53d179a2db3ab931f2aa0e5447cf20cb9787a8bb --- regress/unittests/authopt/Makefile | 3 ++- regress/unittests/bitmap/Makefile | 3 ++- regress/unittests/conversion/Makefile | 4 ++-- regress/unittests/hostkeys/Makefile | 4 ++-- regress/unittests/kex/Makefile | 4 ++-- regress/unittests/match/Makefile | 4 ++-- regress/unittests/misc/Makefile | 4 ++-- regress/unittests/sshbuf/Makefile | 6 ++---- regress/unittests/sshkey/Makefile | 4 ++-- regress/unittests/sshsig/Makefile | 4 ++-- regress/unittests/utf8/Makefile | 3 ++- 11 files changed, 22 insertions(+), 21 deletions(-) diff --git a/regress/unittests/authopt/Makefile b/regress/unittests/authopt/Makefile index 1860b3fe9582..a7b8a867da3d 100644 --- a/regress/unittests/authopt/Makefile +++ b/regress/unittests/authopt/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.11 2025/10/30 23:55:09 djm Exp $ +# $OpenBSD: Makefile,v 1.12 2026/02/06 23:39:14 dtucker Exp $ PROG=test_authopt SRCS=tests.c @@ -13,6 +13,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c +SRCS+=ssherr-libcrypto.c SRCS+=digest-openssl.c ed25519-openssl.c #SRCS+=digest-libc.c ed25519.c diff --git a/regress/unittests/bitmap/Makefile b/regress/unittests/bitmap/Makefile index c38cc7918cc1..22bc00c340ce 100644 --- a/regress/unittests/bitmap/Makefile +++ b/regress/unittests/bitmap/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.5 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.6 2026/02/06 23:39:14 dtucker Exp $ PROG=test_bitmap SRCS=tests.c @@ -6,6 +6,7 @@ SRCS=tests.c # From usr.sbin/ssh SRCS+=bitmap.c atomicio.c misc.c xmalloc.c fatal.c log.c cleanup.c match.c SRCS+=sshbuf.c sshbuf-getput-basic.c sshbuf-misc.c ssherr.c addr.c addrmatch.c +SRCS+=ssherr-libcrypto.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/conversion/Makefile b/regress/unittests/conversion/Makefile index f9f5859ac5e8..93dffa55319b 100644 --- a/regress/unittests/conversion/Makefile +++ b/regress/unittests/conversion/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.5 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.6 2026/02/06 23:39:14 dtucker Exp $ PROG=test_conversion SRCS=tests.c @@ -6,7 +6,7 @@ SRCS=tests.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=atomicio.c misc.c xmalloc.c log.c uidswap.c cleanup.c fatal.c ssherr.c -SRCS+=match.c addr.c addrmatch.c +SRCS+=match.c addr.c addrmatch.c ssherr-libcrypto.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/hostkeys/Makefile b/regress/unittests/hostkeys/Makefile index a07e924f6356..2e154e12f755 100644 --- a/regress/unittests/hostkeys/Makefile +++ b/regress/unittests/hostkeys/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.14 2025/10/30 23:55:09 djm Exp $ +# $OpenBSD: Makefile,v 1.15 2026/02/06 23:39:14 dtucker Exp $ PROG=test_hostkeys SRCS=tests.c test_iterate.c @@ -10,7 +10,7 @@ SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c hostfile.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c ssherr-libcrypto.c SRCS+=digest-openssl.c ed25519-openssl.c #SRCS+=digest-libc.c ed25519.c diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index fe871d628ea8..7a53978f1749 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.20 2025/10/30 23:55:09 djm Exp $ +# $OpenBSD: Makefile,v 1.21 2026/02/06 23:39:14 dtucker Exp $ PROG=test_kex SRCS=tests.c test_kex.c test_proposal.c @@ -11,7 +11,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c SRCS+=compat.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c ssherr-libcrypto.c SRCS+= kex.c SRCS+= kex-names.c diff --git a/regress/unittests/match/Makefile b/regress/unittests/match/Makefile index 7b17e5689344..558e10bd415e 100644 --- a/regress/unittests/match/Makefile +++ b/regress/unittests/match/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.6 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.7 2026/02/06 23:39:14 dtucker Exp $ PROG=test_match SRCS=tests.c @@ -6,7 +6,7 @@ SRCS=tests.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=match.c misc.c log.c uidswap.c fatal.c ssherr.c addrmatch.c xmalloc.c -SRCS+=cleanup.c atomicio.c addr.c +SRCS+=cleanup.c atomicio.c addr.c ssherr-libcrypto.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/misc/Makefile b/regress/unittests/misc/Makefile index 77575061d456..c2d39244dee7 100644 --- a/regress/unittests/misc/Makefile +++ b/regress/unittests/misc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.12 2025/09/04 00:34:17 djm Exp $ +# $OpenBSD: Makefile,v 1.13 2026/02/06 23:39:14 dtucker Exp $ PROG=test_misc SRCS=tests.c @@ -25,7 +25,7 @@ SRCS+= addr.c SRCS+= addrmatch.c # From usr.bin/ssh/sshd/Makefile -SRCS+= atomicio.c cleanup.c fatal.c +SRCS+= atomicio.c cleanup.c fatal.c ssherr-libcrypto.c REGRESS_TARGETS=run-regress-${PROG} diff --git a/regress/unittests/sshbuf/Makefile b/regress/unittests/sshbuf/Makefile index a8ddfaf7ed24..27106247e2a1 100644 --- a/regress/unittests/sshbuf/Makefile +++ b/regress/unittests/sshbuf/Makefile @@ -1,6 +1,4 @@ -# $OpenBSD: Makefile,v 1.10 2021/01/09 12:24:31 dtucker Exp $ - -# $OpenBSD: Makefile,v 1.8 2020/01/26 00:09:50 djm Exp $ +# $OpenBSD: Makefile,v 1.11 2026/02/06 23:39:14 dtucker Exp $ PROG=test_sshbuf SRCS=tests.c @@ -15,7 +13,7 @@ SRCS+=test_sshbuf_fixed.c # From usr.bin/ssh SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c SRCS+=sshbuf-io.c atomicio.c misc.c xmalloc.c log.c fatal.c ssherr.c cleanup.c -SRCS+=match.c addr.c addrmatch.c +SRCS+=match.c addr.c addrmatch.c ssherr-libcrypto.c run-regress-${PROG}: ${PROG} env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile index e592b012fb05..083175cbf264 100644 --- a/regress/unittests/sshkey/Makefile +++ b/regress/unittests/sshkey/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.15 2025/10/30 23:55:09 djm Exp $ +# $OpenBSD: Makefile,v 1.16 2026/02/06 23:39:14 dtucker Exp $ PROG=test_sshkey SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c @@ -11,7 +11,7 @@ SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c -SRCS+=utf8.c +SRCS+=utf8.c ssherr-libcrypto.c SRCS+=digest-openssl.c ed25519-openssl.c #SRCS+=digest-libc.c ed25519.c diff --git a/regress/unittests/sshsig/Makefile b/regress/unittests/sshsig/Makefile index a982ccc7ff73..54abd8499b07 100644 --- a/regress/unittests/sshsig/Makefile +++ b/regress/unittests/sshsig/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.6 2025/10/30 23:55:09 djm Exp $ +# $OpenBSD: Makefile,v 1.7 2026/02/06 23:39:14 dtucker Exp $ PROG=test_sshsig SRCS=tests.c @@ -10,7 +10,7 @@ SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c SRCS+=addr.c addrmatch.c bitmap.c sshsig.c SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c -SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c +SRCS+=ssh-ed25519-sk.c sk-usbhid.c ssh-pkcs11-client.c ssherr-libcrypto.c SRCS+=digest-openssl.c ed25519-openssl.c #SRCS+=digest-libc.c ed25519.c diff --git a/regress/unittests/utf8/Makefile b/regress/unittests/utf8/Makefile index e89536500822..a5495735906b 100644 --- a/regress/unittests/utf8/Makefile +++ b/regress/unittests/utf8/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.6 2025/04/15 04:00:42 djm Exp $ +# $OpenBSD: Makefile,v 1.7 2026/02/06 23:39:14 dtucker Exp $ PROG=test_utf8 SRCS=tests.c @@ -6,6 +6,7 @@ SRCS=tests.c # From usr.bin/ssh SRCS+=utf8.c atomicio.c misc.c xmalloc.c match.c ssherr.c cleanup.c fatal.c SRCS+=sshbuf.c sshbuf-getput-basic.c sshbuf-misc.c addr.c addrmatch.c log.c +SRCS+=ssherr-libcrypto.c REGRESS_TARGETS=run-regress-${PROG} From 15fe1ceb29760d72398c6ac7df5a403416cba207 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 7 Feb 2026 02:02:00 +0000 Subject: [PATCH 540/687] upstream: bit of webauthn support missed in previous commit OpenBSD-Commit-ID: 9768454543ded01b7c61567fc5b3e78664346be2 --- authfd.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/authfd.c b/authfd.c index 2bbe646e304a..9b103b524a0e 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.136 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.137 2026/02/07 02:02:00 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -437,8 +437,15 @@ ssh_agent_sign(int sock, const struct sshkey *key, } if ((r = sshbuf_get_string(msg, &sig, &len)) != 0) goto out; - /* Check what we actually got back from the agent. */ - if ((r = sshkey_check_sigtype(sig, len, alg)) != 0) + /* + * Check what we actually got back from the agent, in case it returned + * an incorrect RSA signature algorithm (e.g. "ssh-rsa" (RSA/SHA1) vs. + * "rsa-sha2-256"). + * We don't do this for FIDO signatures as webauthn vs plain are just + * different signature formats and not entirely different algorithms. + */ + if (!sshkey_is_sk(key) && + (r = sshkey_check_sigtype(sig, len, alg)) != 0) goto out; /* success */ *sigp = sig; From a393759f9693a08a7fba18d4824b74f2dda1fe3d Mon Sep 17 00:00:00 2001 From: Artem Savkov Date: Tue, 18 Nov 2025 16:26:11 +0100 Subject: [PATCH 541/687] Fix ut_type for btmp records According to man utmp ut_type is supposed to be only switched from LOGIN_PROCESS to USER_PROCESS after succesfull authentication and this is how sshd behaved before 671c44078. Fixes: 671c44078 ("use construct_utmp to construct btmp records") Signed-off-by: Artem Savkov --- loginrec.c | 5 ++++- loginrec.h | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/loginrec.c b/loginrec.c index d57a9d14632e..7499aa975625 100644 --- a/loginrec.c +++ b/loginrec.c @@ -651,6 +651,9 @@ construct_utmp(struct logininfo *li, # ifdef HAVE_TYPE_IN_UTMP /* This is done here to keep utmp constants out of struct logininfo */ switch (li->type) { + case LTYPE_FAILED: + ut->ut_type = LOGIN_PROCESS; + break; case LTYPE_LOGIN: ut->ut_type = USER_PROCESS; break; @@ -1732,7 +1735,7 @@ record_failed_login(struct ssh *ssh, const char *username, const char *hostname, /* Construct a logininfo and turn it into a utmp */ memset(&li, 0, sizeof(li)); - li.type = LTYPE_LOGIN; + li.type = LTYPE_FAILED; li.pid = getpid(); strlcpy(li.line, "ssh:notty", sizeof(li.line)); strlcpy(li.username, username, sizeof(li.username)); diff --git a/loginrec.h b/loginrec.h index 62ddd01d515a..42b45f040c04 100644 --- a/loginrec.h +++ b/loginrec.h @@ -52,6 +52,7 @@ union login_netinfo { */ /* types - different to utmp.h 'type' macros */ /* (though set to the same value as linux, openbsd and others...) */ +#define LTYPE_FAILED 6 #define LTYPE_LOGIN 7 #define LTYPE_LOGOUT 8 From 77e41d0c1c8801c553b43eef5974268425395667 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Feb 2026 03:52:31 +1100 Subject: [PATCH 542/687] Resync with upstream (unused header and whitespace). --- auth2-gss.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/auth2-gss.c b/auth2-gss.c index 75eb4e3a357b..3b79128b145f 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -41,7 +41,6 @@ #include "dispatch.h" #include "sshbuf.h" #include "ssherr.h" -#include "misc.h" #include "servconf.h" #include "packet.h" #include "kex.h" @@ -328,5 +327,4 @@ Authmethod method_gssapi = { &methodcfg_gssapi, userauth_gssapi, }; - -#endif /* GSSAPI */ +#endif From 3fd88caa36a94d85ae66bff297142606d08decde Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Feb 2026 03:56:15 +1100 Subject: [PATCH 543/687] Resync headers with upstream. --- auth2-none.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/auth2-none.c b/auth2-none.c index c3ed53ff144a..900cae98fbbf 100644 --- a/auth2-none.c +++ b/auth2-none.c @@ -26,16 +26,9 @@ #include "includes.h" #include -#include -#include - -#include -#include -#include #include #include -#include "atomicio.h" #include "xmalloc.h" #include "sshkey.h" #include "hostfile.h" From 9e585f11bb71115fb0376b2b6118892ab600aa4f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Feb 2026 04:25:42 +1100 Subject: [PATCH 544/687] Resync minor format diffs with upstream. --- misc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misc.c b/misc.c index d1369b956517..9d9282174624 100644 --- a/misc.c +++ b/misc.c @@ -1831,7 +1831,7 @@ monotime(void) struct timespec ts; monotime_ts(&ts); - return ts.tv_sec; + return (ts.tv_sec); } double @@ -1840,7 +1840,7 @@ monotime_double(void) struct timespec ts; monotime_ts(&ts); - return ts.tv_sec + ((double)ts.tv_nsec / 1000000000); + return (double)ts.tv_sec + (double)ts.tv_nsec / 1000000000.0; } void From 4fe79e3deb5457af588ab67ee5db642afedd935f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Feb 2026 04:28:28 +1100 Subject: [PATCH 545/687] Move poll.h include to resync with upstream. --- monitor_fdpass.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/monitor_fdpass.c b/monitor_fdpass.c index 21697ca88937..786d29ab7ea8 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c @@ -32,11 +32,10 @@ #include #include +#include #include #include -#include - #include "log.h" #include "monitor_fdpass.h" From 6decbb90413c67c10ac2fd5b17a9c161196641ea Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Feb 2026 04:30:40 +1100 Subject: [PATCH 546/687] Move paths.h and poll.h includes to resync with upstream. --- mux.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mux.c b/mux.c index bbeb505b46d8..629cc0f73af7 100644 --- a/mux.c +++ b/mux.c @@ -26,6 +26,7 @@ #include #include +#include #include #include #include @@ -34,13 +35,12 @@ #include #include #include -#include - -#include - #include +#include #include "openbsd-compat/sys-queue.h" + +#include "atomicio.h" #include "xmalloc.h" #include "log.h" #include "ssh.h" From ccc1faf67df795d5cd757df754703823d0874028 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 7 Feb 2026 17:04:22 +0000 Subject: [PATCH 547/687] upstream: Move ssherr.h to where portable needs it. (ID sync only) OpenBSD-Commit-ID: 0488ce85f24864186678dcac7c9973ca44bd2cd5 --- auth2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth2.c b/auth2.c index b9bb46f5943d..a9d76a59a633 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.170 2025/01/17 00:09:41 dtucker Exp $ */ +/* $OpenBSD: auth2.c,v 1.171 2026/02/07 17:04:22 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * From 9ebce88be9d88605e02551fe7f65ef6a16f72667 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 7 Feb 2026 17:10:34 +0000 Subject: [PATCH 548/687] upstream: Also check for EWOULDBLOCK on system error. This is the same as EAGAIN on OpenBSD so is a no-op but removes a diff making portable syncs easier. (ID sync only). OpenBSD-Commit-ID: 68a5dcc5e2a506208c40396c6366f67bbf3b1dbe --- clientloop.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clientloop.c b/clientloop.c index a78dfa6e04b2..d91d5de5524d 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.418 2025/11/27 02:18:48 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.419 2026/02/07 17:10:34 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland From ad632364fb06f3bd1e9177e587d0040cf7958676 Mon Sep 17 00:00:00 2001 From: Jonas 'Sortie' Termansen Date: Sat, 2 Nov 2024 22:30:07 +0100 Subject: [PATCH 549/687] Remove unused includes. netinet/in_systm.h is no longer in upstream and anything that actually needs it will get it from includes.h. --- defines.h | 1 - misc.c | 1 - readconf.c | 1 - servconf.c | 1 - 4 files changed, 4 deletions(-) diff --git a/defines.h b/defines.h index 43d3c0a3f076..8901da47a5fe 100644 --- a/defines.h +++ b/defines.h @@ -55,7 +55,6 @@ enum /* * Definitions for IP type of service (ip_tos) */ -#include #include #ifndef IPTOS_LOWDELAY # define IPTOS_LOWDELAY 0x10 diff --git a/misc.c b/misc.c index 9d9282174624..3189e30aa99c 100644 --- a/misc.c +++ b/misc.c @@ -43,7 +43,6 @@ #include #include -#include #include #include #include diff --git a/readconf.c b/readconf.c index eca1e780896d..48529540a175 100644 --- a/readconf.c +++ b/readconf.c @@ -22,7 +22,6 @@ #include #include -#include #include #include diff --git a/servconf.c b/servconf.c index 94184b5b479e..75f3f5dbd43c 100644 --- a/servconf.c +++ b/servconf.c @@ -20,7 +20,6 @@ #endif #include -#include #include #ifdef HAVE_NET_ROUTE_H #include From 2a1a257612b7c6bcacd934149146a3da7411c485 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sat, 7 Feb 2026 18:04:53 +0000 Subject: [PATCH 550/687] upstream: misc.h is needed for ForwardOptions in servconf.h. OpenBSD-Commit-ID: b241d81c499e273fc2d81c82d5b7c7b280827416 --- auth2-gss.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/auth2-gss.c b/auth2-gss.c index 3b79128b145f..0a91af7e266c 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.36 2024/05/17 04:42:13 djm Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.37 2026/02/07 18:04:53 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -41,6 +41,7 @@ #include "dispatch.h" #include "sshbuf.h" #include "ssherr.h" +#include "misc.h" #include "servconf.h" #include "packet.h" #include "kex.h" From ecaaa4f9e44764e55c152a84af3d7efb63c50ce7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Feb 2026 11:30:21 +1100 Subject: [PATCH 551/687] Move USE_SYSTEM_GLOB into a glob.h compat shim. This moves the logic for selecting whether or not we can use the system glob into configure, and if either don't have glob or can't use it, we create the shim. Removes several diffs vs upstream. --- auth2-pubkey.c | 6 +----- configure.ac | 44 ++++++++++++++++++++++++++++++++++++-------- defines.h | 7 ------- readconf.c | 6 +----- scp.c | 6 +----- servconf.c | 6 +----- sftp-client.h | 6 ------ sftp-glob.c | 1 + sftp-usergroup.c | 1 + sftp.c | 2 +- 10 files changed, 43 insertions(+), 42 deletions(-) diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 5d5d79196a09..be378f266c87 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include #include @@ -39,11 +40,6 @@ #include #include #include -#ifdef USE_SYSTEM_GLOB -# include -#else -# include "openbsd-compat/glob.h" -#endif #include "xmalloc.h" #include "ssh.h" diff --git a/configure.ac b/configure.ac index 60d45716bdef..a8823d68b5a0 100644 --- a/configure.ac +++ b/configure.ac @@ -464,7 +464,6 @@ AC_CHECK_HEADERS([ \ floatingpoint.h \ fnmatch.h \ getopt.h \ - glob.h \ ia.h \ iaf.h \ inttypes.h \ @@ -553,7 +552,6 @@ AC_CHECK_HEADERS([ \ *) ;; esac >"$header" ]) -AC_SUBST([COMPATINCLUDES]) AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H @@ -805,7 +803,7 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE([SETEUID_BREAKS_SETUID]) AC_DEFINE([BROKEN_SETREUID]) AC_DEFINE([BROKEN_SETREGID]) - AC_DEFINE([BROKEN_GLOB], [1], [OS X glob does not do what we expect]) + broken_glob=yes # OS X glob does not do what we expect AC_DEFINE_UNQUOTED([BIND_8_COMPAT], [1], [Define if your resolver libs need this for getrrsetbyname]) AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) @@ -1123,7 +1121,7 @@ mips-sony-bsd|mips-sony-newsos4) [Use tunnel device compatibility to OpenBSD]) AC_CHECK_HEADER([net/if_tap.h], , AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) - AC_DEFINE([BROKEN_GLOB], [1], [FreeBSD glob does not do what we need]) + broken_glob=yes # FreeBSD glob does not do what we need TEST_MALLOC_OPTIONS="AJRX" # Preauth crypto occasionally uses file descriptors for crypto offload # and will crash if they cannot be opened. @@ -1678,6 +1676,15 @@ else [Define to rpl_calloc if the replacement function should be used.]) fi +dnl Figure out if we have a system glob, and if so if we can use it. +AC_CHECK_FUNCS([glob], + [ AC_CHECK_HEADERS([glob.h], + [use_system_glob=yes], + [use_system_glob=no]) + ], + use_system_glob=no +) + # Check for ALTDIRFUNC glob() extension AC_MSG_CHECKING([for GLOB_ALTDIRFUNC support]) AC_EGREP_CPP([FOUNDIT], @@ -1695,6 +1702,7 @@ AC_EGREP_CPP([FOUNDIT], ], [ AC_MSG_RESULT([no]) + use_system_glob=no ] ) @@ -1709,7 +1717,9 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include ]], AC_MSG_RESULT([yes]) ], [ AC_MSG_RESULT([no]) -]) + use_system_glob=no + ] +) # Check for g.gl_statv glob() extension AC_MSG_CHECKING([for gl_statv and GLOB_KEEPSTAT extensions for glob]) @@ -1727,10 +1737,28 @@ g.gl_statv = NULL; AC_MSG_RESULT([yes]) ], [ AC_MSG_RESULT([no]) + use_system_glob=no + ] +) -]) +AC_CHECK_DECLS([GLOB_NOMATCH], , [use_system_glob=no], [#include ]) -AC_CHECK_DECLS([GLOB_NOMATCH], , , [#include ]) +if test "x$broken_glob" = "xyes"; then + AC_DEFINE([BROKEN_GLOB], [1], [Do not use system glob]) + use_system_glob=no +fi + +dnl If we don't have a system glob, or we do but we're not using it, then +dnl create a glob.h shim so we don't have to sprinkle ifdefs everywhere. +AC_MSG_CHECKING([if we can use the system glob]) +if test "x$use_system_glob" = "xyes" ; then + AC_MSG_RESULT([yes]) +else + AC_MSG_RESULT([no]) + COMPATINCLUDES="openbsd-compat/include" + mkdir -p "$COMPATINCLUDES" + echo '# include "openbsd-compat/glob.h"' >$COMPATINCLUDES/glob.h +fi AC_CHECK_DECL([VIS_ALL], , AC_DEFINE(BROKEN_STRNVIS, 1, [missing VIS_ALL]), [#include ]) @@ -2089,7 +2117,6 @@ AC_CHECK_FUNCS([ \ getrandom \ getsid \ getttyent \ - glob \ group_from_gid \ inet_aton \ inet_ntoa \ @@ -5830,6 +5857,7 @@ LDFLAGS_NOPIE=`echo "$LDFLAGS" | sed 's/^-pie //;s/ -pie//g'` CFLAGS_NOPIE=`echo "$CFLAGS" | sed 's/^-fPIE //;s/ -fPIE//g'` AC_SUBST([LDFLAGS_NOPIE]) AC_SUBST([CFLAGS_NOPIE]) +AC_SUBST([COMPATINCLUDES]) AC_EXEEXT AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ diff --git a/defines.h b/defines.h index 8901da47a5fe..1988b730c8a8 100644 --- a/defines.h +++ b/defines.h @@ -979,13 +979,6 @@ struct winsize { # endif /* gcc version */ #endif /* __predict_true */ -#if defined(HAVE_GLOB_H) && defined(GLOB_HAS_ALTDIRFUNC) && \ - defined(GLOB_HAS_GL_MATCHC) && defined(GLOB_HAS_GL_STATV) && \ - defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 && \ - !defined(BROKEN_GLOB) -# define USE_SYSTEM_GLOB -#endif - /* * sntrup761 uses variable length arrays and c99-style declarations after code, * so only enable if the compiler supports them. diff --git a/readconf.c b/readconf.c index 48529540a175..580026431d96 100644 --- a/readconf.c +++ b/readconf.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #include #include @@ -38,11 +39,6 @@ #include #include #include -#ifdef USE_SYSTEM_GLOB -# include -#else -# include "openbsd-compat/glob.h" -#endif #include #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) # include diff --git a/scp.c b/scp.c index 86418d85e2fc..f27c8fe3fedc 100644 --- a/scp.c +++ b/scp.c @@ -87,11 +87,7 @@ #ifdef HAVE_FNMATCH_H #include #endif -#ifdef USE_SYSTEM_GLOB -# include -#else -# include "openbsd-compat/glob.h" -#endif +#include #include #include #include diff --git a/servconf.c b/servconf.c index 75f3f5dbd43c..be9cc827b8d2 100644 --- a/servconf.c +++ b/servconf.c @@ -26,6 +26,7 @@ #endif #include +#include #include #include #include @@ -37,11 +38,6 @@ #include #include #include -#ifdef USE_SYSTEM_GLOB -# include -#else -# include "openbsd-compat/glob.h" -#endif #include "openbsd-compat/sys-queue.h" #include "xmalloc.h" diff --git a/sftp-client.h b/sftp-client.h index 873ad3849f5b..7b2a94af8176 100644 --- a/sftp-client.h +++ b/sftp-client.h @@ -21,12 +21,6 @@ #ifndef _SFTP_CLIENT_H #define _SFTP_CLIENT_H -#ifdef USE_SYSTEM_GLOB -# include -#else -# include "openbsd-compat/glob.h" -#endif - typedef struct SFTP_DIRENT SFTP_DIRENT; struct SFTP_DIRENT { diff --git a/sftp-glob.c b/sftp-glob.c index e054e75e80af..a8d3e07fc690 100644 --- a/sftp-glob.c +++ b/sftp-glob.c @@ -21,6 +21,7 @@ #include #include +#include #include #include #include diff --git a/sftp-usergroup.c b/sftp-usergroup.c index 93396ffc63db..3cfcefea580e 100644 --- a/sftp-usergroup.c +++ b/sftp-usergroup.c @@ -21,6 +21,7 @@ #include #include +#include #include #include #include diff --git a/sftp.c b/sftp.c index b5adc09de881..1e509f897a81 100644 --- a/sftp.c +++ b/sftp.c @@ -28,7 +28,7 @@ #include #include - +#include #include #include #ifdef HAVE_LOCALE_H From 8605ed26334b9ae704b8abe51940b61bdfe1e974 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 8 Feb 2026 00:16:34 +0000 Subject: [PATCH 552/687] upstream: Move setting of user, service and style earlier since -portable needs to use these when setting up PAM. Removes two diffs vs portable. OpenBSD-Commit-ID: 8db130d42a3581b7a1eaed65917673d4474fc4fe --- auth2.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/auth2.c b/auth2.c index a9d76a59a633..2e6808152d9f 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.171 2026/02/07 17:04:22 dtucker Exp $ */ +/* $OpenBSD: auth2.c,v 1.172 2026/02/08 00:16:34 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -293,6 +293,8 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) /* setup auth context */ authctxt->pw = mm_getpwnamallow(ssh, user); authctxt->user = xstrdup(user); + authctxt->service = xstrdup(service); + authctxt->style = style ? xstrdup(style) : NULL; if (authctxt->pw && strcmp(service, "ssh-connection")==0) { authctxt->valid = 1; debug2_f("setting up authctxt for %s", user); @@ -311,8 +313,6 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) ssh_packet_set_log_preamble(ssh, "%suser %s", authctxt->valid ? "authenticating " : "invalid ", user); setproctitle("%s [net]", authctxt->valid ? user : "unknown"); - authctxt->service = xstrdup(service); - authctxt->style = style ? xstrdup(style) : NULL; mm_inform_authserv(service, style); userauth_banner(ssh); if ((r = kex_server_update_ext_info(ssh)) != 0) From d6c672a8c16c8962e6b3022e279441fa6630cb86 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 8 Feb 2026 03:30:15 +0000 Subject: [PATCH 553/687] upstream: Remove sys/poll.h since we also have poll.h. Also removes one line of diff vs portable. (ID sync only). OpenBSD-Commit-ID: 461bd0cd35bfad82bd06892ccb0ff0fac15d1d27 --- sftp-client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sftp-client.c b/sftp-client.c index 21f5330900c5..8f52bcc4d767 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.181 2025/12/22 01:20:39 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.182 2026/02/08 03:30:15 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * From 6adb65508efc2def558f50a56c5eada09ca500c9 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 8 Feb 2026 15:28:01 +0000 Subject: [PATCH 554/687] upstream: Make ssh optionally build with Kerberos 5 against the Heimdal port. This updates the Makefiles and repairs some bitrot in headers, resyncing them against Portable. To do this, "pkg_add heimdal" then "make KERBEROS5=yes". ok djm@ (ID sync only) OpenBSD-Commit-ID: 31f95c9ba58aa7ba89264f1d80c79106042b1095 --- auth2-gss.c | 2 +- gss-serv-krb5.c | 2 +- gss-serv.c | 2 +- session.c | 2 +- sshd.c | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/auth2-gss.c b/auth2-gss.c index 0a91af7e266c..9228f775d27f 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.37 2026/02/07 18:04:53 dtucker Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.38 2026/02/08 15:28:01 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index a151bc1e4ad2..4caac337c1d2 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ +/* $OpenBSD: gss-serv-krb5.c,v 1.10 2026/02/08 15:28:01 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. diff --git a/gss-serv.c b/gss-serv.c index 0ef5018e569b..877333ce9c04 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.35 2025/12/22 03:12:05 djm Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.36 2026/02/08 15:28:01 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. diff --git a/session.c b/session.c index 778b6d63cfd7..926cc2b81c2d 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.346 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: session.c,v 1.347 2026/02/08 15:28:01 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved diff --git a/sshd.c b/sshd.c index 03c40f66ca8e..2d5634057945 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.624 2025/12/16 08:32:50 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.625 2026/02/08 15:28:01 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. From 249476f45dba9a92056bd2935aae7429f0f3b17c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 9 Feb 2026 03:47:25 +1100 Subject: [PATCH 555/687] Test KERBEROS5=yes builds on OpenBSD. --- .github/workflows/upstream.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 420b2439b009..8bcb87b38e70 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -22,9 +22,11 @@ jobs: host: - libvirt target: [ obsdsnap, obsdsnap-i386 ] - config: [ default, without-openssl ] # TODO: restore 'ubsan' once fixed + # TODO: restore 'ubsan' once fixed + config: [ default, kerberos5, without-openssl ] include: - { host: libvirt-arm64, target: obsdsnap-arm64, config: default } + - { host: libvirt-arm64, target: obsdsnap-arm64, config: kerberos5 } - { host: libvirt-arm64, target: obsdsnap-arm64, config: without-openssl } # - { host: libvirt-arm64, target: obsdsnap-arm64, config: ubsan } steps: @@ -48,7 +50,7 @@ jobs: - name: make clean run: vmrun "cd /usr/src/usr.bin/ssh && make obj && make clean && cd /usr/src/regress/usr.bin/ssh && make obj && make clean && sudo chmod -R g-w /usr/src /usr/obj" - name: make - run: vmrun "cd /usr/src/usr.bin/ssh && case ${{ matrix.config }} in without-openssl) make OPENSSL=no;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac" + run: vmrun "cd /usr/src/usr.bin/ssh && case ${{ matrix.config }} in without-openssl) make OPENSSL=no;; kerberos5) make KERBEROS5=yes;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac" - name: make install run: vmrun "cd /usr/src/usr.bin/ssh && sudo make install && sudo /etc/rc.d/sshd -f restart" - name: make tests` From 98fdb05f0c0d7a89a066225a94eafd7fce10163d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 9 Feb 2026 04:09:26 +1100 Subject: [PATCH 556/687] Remove generic check for getpagesize. We have a more specific check later. --- configure.ac | 1 - 1 file changed, 1 deletion(-) diff --git a/configure.ac b/configure.ac index a8823d68b5a0..962c43540bfe 100644 --- a/configure.ac +++ b/configure.ac @@ -2108,7 +2108,6 @@ AC_CHECK_FUNCS([ \ getline \ getnameinfo \ getopt \ - getpagesize \ getpeereid \ getpeerucred \ getpgid \ From b62198a19a53227ca166c62825ac72a7696c42ed Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 9 Feb 2026 05:02:36 +1100 Subject: [PATCH 557/687] Sync header order with upstream. --- gss-serv.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gss-serv.c b/gss-serv.c index 877333ce9c04..82f4cacddda9 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -30,7 +30,9 @@ #include #include +#include +#include #include #include #include From a3742cc38a6aa48a653a1a6300bc825f083955af Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 9 Feb 2026 06:41:07 +1100 Subject: [PATCH 558/687] Sync whitespace with upstream. --- log.c | 1 - sftp.c | 1 - 2 files changed, 2 deletions(-) diff --git a/log.c b/log.c index 679c24356397..2dba5b57fec1 100644 --- a/log.c +++ b/log.c @@ -64,7 +64,6 @@ static log_handler_fn *log_handler; static void *log_handler_ctx; static char **log_verbose; static size_t nlog_verbose; - extern char *__progname; #define LOG_SYSLOG_VIS (VIS_CSTYLE|VIS_NL|VIS_TAB|VIS_OCTAL) diff --git a/sftp.c b/sftp.c index 1e509f897a81..78b37ebbdc67 100644 --- a/sftp.c +++ b/sftp.c @@ -46,7 +46,6 @@ typedef void EditLine; #include #include #include - #include #include "xmalloc.h" From 43d0bf02d84a20a3f7c9992dabf8c109d9c25bed Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 9 Feb 2026 06:42:27 +1100 Subject: [PATCH 559/687] Sync header order with upstream and KNF. --- monitor.c | 6 +++--- scp.c | 2 +- sftp-client.c | 2 +- sftp-common.c | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/monitor.c b/monitor.c index eac5aa819578..b49ab3cc947b 100644 --- a/monitor.c +++ b/monitor.c @@ -35,15 +35,15 @@ #include #include #include +#include #include #include +#include #include +#include #include #include -#include -#include #include -#include #ifdef WITH_OPENSSL #include diff --git a/scp.c b/scp.c index f27c8fe3fedc..dae585daffa6 100644 --- a/scp.c +++ b/scp.c @@ -75,7 +75,6 @@ #include #include -#include #include #include #include @@ -92,6 +91,7 @@ #include #include #include +#include #include #include #include diff --git a/sftp-client.c b/sftp-client.c index 8f52bcc4d767..02bd6ac3e8d7 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -33,8 +33,8 @@ #include #include -#include #include +#include #include #include #include diff --git a/sftp-common.c b/sftp-common.c index 4abd54a07a1a..1924e4be0745 100644 --- a/sftp-common.c +++ b/sftp-common.c @@ -32,10 +32,10 @@ #include #include #include -#include #include -#include #include +#include +#include #include #include From 62439369181b9b1dabf1ec3c2de6a7fbfcfb45eb Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 9 Feb 2026 06:56:35 +1100 Subject: [PATCH 560/687] Remove openindiana VM test. When it works it's by far the slowest (>1h to install packages) and the package installation is flaky. We can bring it back if their infra ever improves. --- .github/workflows/vm.yml | 50 ---------------------------------------- 1 file changed, 50 deletions(-) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index b3e3e1bf1a29..4bc42ff610ac 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -254,56 +254,6 @@ jobs: sudo -u builder make tests - openindiana: - name: "openindiana-${{ matrix.target }}" - if: github.repository != 'openssh/openssh-portable-selfhosted' - strategy: - fail-fast: false - matrix: - target: - - "202510" - config: [default] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - name: autoreconf - run: sh -c autoreconf - - - name: start OpenIndiana ${{ matrix.target }} VM - uses: vmactions/openindiana-vm@v0 - with: - release: ${{ matrix.target }} - usesh: true - prepare: | - set -x - pfexec pkg install build-essential - pfexec pkg install sudo - useradd -m builder - sed -e "s/^root.*ALL$/root ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers >>/tmp/sudoers - mv /tmp/sudoers /etc/sudoers - echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers - mkdir -p /var/empty /usr/local/etc - cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli - - - name: set file perms - shell: openindiana {0} - run: cd $GITHUB_WORKSPACE && chown -R builder . - - name: configure - shell: openindiana {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --without-openssl - - name: make clean - shell: openindiana {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make clean - - name: make - shell: openindiana {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder make - - name: make tests - shell: openindiana {0} - run: | - cd $GITHUB_WORKSPACE - sudo -u builder make t-exec - - openbsd: name: "openbsd-${{ matrix.target }}" if: github.repository != 'openssh/openssh-portable-selfhosted' From 9385d72dd36ba6050b5f7728c14e3edc8329fe95 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 8 Feb 2026 17:50:49 +0000 Subject: [PATCH 561/687] upstream: Reorder headers as per KNF. OpenBSD-Commit-ID: 3e29fabe20422454fd5d77f85c853e1e557f2181 --- packet.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packet.h b/packet.h index 355fd6bd8fa2..b63b7709d151 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.104 2025/11/27 02:18:48 dtucker Exp $ */ +/* $OpenBSD: packet.h,v 1.105 2026/02/08 17:50:49 dtucker Exp $ */ /* * Author: Tatu Ylonen From c73b8b09bf43be3dfe14bc0da349b352b280a74a Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 8 Feb 2026 17:51:43 +0000 Subject: [PATCH 562/687] upstream: Include sys/socket.h to match -portable, eliminating one diff. OpenBSD-Commit-ID: 7670fdf35b0c7aee41cd0d6ded86b4792e261f36 --- ssh-agent.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index 3bf01ce84cd0..848b0f9a518c 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.317 2026/01/27 06:48:29 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.318 2026/02/08 17:51:43 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -52,15 +52,15 @@ #include #include -#include #include #include #include -#include -#include #include -#include +#include #include +#include +#include +#include #include #include From 47828dbd95c095d0cad327e12bb6859a510833c8 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 8 Feb 2026 19:54:31 +0000 Subject: [PATCH 563/687] upstream: Reorder headers according to KNF, and pull in a few we don't have from Portable. OpenBSD-Commit-ID: d83f6c75da7bfb16bbff40fd2133d6eba4aba272 --- auth-krb5.c | 2 +- authfile.c | 2 +- dh.c | 5 ++--- gss-genr.c | 2 +- kex.c | 2 +- kexgen.c | 2 +- kexgexc.c | 4 ++-- kexgexs.c | 4 ++-- monitor.c | 2 +- monitor_fdpass.c | 2 +- monitor_wrap.c | 2 +- packet.c | 2 +- readconf.c | 2 +- scp.c | 6 +++--- sftp-common.c | 2 +- sftp-server.c | 4 ++-- sftp.c | 2 +- 17 files changed, 23 insertions(+), 24 deletions(-) diff --git a/auth-krb5.c b/auth-krb5.c index 9d2f1f0ea2a0..3c6dc0622826 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-krb5.c,v 1.25 2025/09/29 21:29:22 dtucker Exp $ */ +/* $OpenBSD: auth-krb5.c,v 1.26 2026/02/08 19:54:31 dtucker Exp $ */ /* * Kerberos v5 authentication and ticket-passing routines. * diff --git a/authfile.c b/authfile.c index 16e02d9d0580..e3ca1005f6f4 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.147 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.148 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * diff --git a/dh.c b/dh.c index 168dea1dd648..b291750d89ec 100644 --- a/dh.c +++ b/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.75 2024/12/03 16:27:53 dtucker Exp $ */ +/* $OpenBSD: dh.c,v 1.76 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -26,6 +26,7 @@ #include "includes.h" #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" #include #include @@ -43,8 +44,6 @@ #include "misc.h" #include "ssherr.h" -#include "openbsd-compat/openssl-compat.h" - static const char *moduli_filename; void dh_set_moduli_file(const char *filename) diff --git a/gss-genr.c b/gss-genr.c index 8f1f54afb4be..7088d93b43eb 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.30 2025/09/29 21:28:33 dtucker Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.31 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. diff --git a/kex.c b/kex.c index 814fad9476c2..ee2e1cc0ab99 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.189 2025/09/15 04:40:34 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.190 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * diff --git a/kexgen.c b/kexgen.c index 494d4b233561..1541ab975cde 100644 --- a/kexgen.c +++ b/kexgen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgen.c,v 1.10 2024/09/09 02:39:57 djm Exp $ */ +/* $OpenBSD: kexgen.c,v 1.11 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * diff --git a/kexgexc.c b/kexgexc.c index 097d83f3072a..a114be944706 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.39 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.40 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -27,10 +27,10 @@ #include "includes.h" #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" #include -#include "openbsd-compat/openssl-compat.h" #include #include diff --git a/kexgexs.c b/kexgexs.c index d02cca6dcf82..aa61a9c1aac5 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.49 2025/10/03 00:09:26 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.50 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -27,13 +27,13 @@ #include "includes.h" #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" #include #include #include #include -#include "openbsd-compat/openssl-compat.h" #include #include diff --git a/monitor.c b/monitor.c index b49ab3cc947b..fa66b60cbd5c 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.251 2025/12/19 00:56:34 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.252 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl diff --git a/monitor_fdpass.c b/monitor_fdpass.c index 786d29ab7ea8..a2472abdb01b 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_fdpass.c,v 1.22 2020/10/18 11:32:01 djm Exp $ */ +/* $OpenBSD: monitor_fdpass.c,v 1.23 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright 2001 Niels Provos * All rights reserved. diff --git a/monitor_wrap.c b/monitor_wrap.c index a5c6308be818..c56f46768aa3 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.144 2025/12/19 00:56:34 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.145 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl diff --git a/packet.c b/packet.c index 05c2adfac54b..8785db9d8314 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.331 2025/12/30 04:28:42 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.332 2026/02/08 19:54:31 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/readconf.c b/readconf.c index 580026431d96..1e7e240027dd 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.407 2025/11/20 05:10:11 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.408 2026/02/08 19:54:31 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/scp.c b/scp.c index dae585daffa6..e46daef90b22 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.271 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.272 2026/02/08 19:54:31 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -88,8 +88,6 @@ #endif #include #include -#include -#include #include #include #include @@ -101,6 +99,8 @@ #include #include #include +#include +#include #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) #include #endif diff --git a/sftp-common.c b/sftp-common.c index 1924e4be0745..912b332d914e 100644 --- a/sftp-common.c +++ b/sftp-common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.c,v 1.34 2023/03/31 04:00:37 djm Exp $ */ +/* $OpenBSD: sftp-common.c,v 1.35 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Damien Miller. All rights reserved. diff --git a/sftp-server.c b/sftp-server.c index b98c3cd41c7f..2f725d2653cd 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.150 2025/12/08 00:41:46 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.151 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -18,8 +18,8 @@ #include "includes.h" #include -#include #include +#include #include #ifdef HAVE_SYS_MOUNT_H #include diff --git a/sftp.c b/sftp.c index 78b37ebbdc67..f2be1fe38112 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.248 2026/01/21 15:44:51 sthen Exp $ */ +/* $OpenBSD: sftp.c,v 1.249 2026/02/08 19:54:31 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * From eeb671fa2f0fd7dda4c6b726098fe28016dc185b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 10 Feb 2026 03:39:45 +1100 Subject: [PATCH 564/687] Shim and . This significantly reduces the diff vs upstream making future syncs less painful. ok djm@ --- auth-options.c | 3 +-- channels.c | 2 +- clientloop.c | 2 +- configure.ac | 16 ++++++++++++++++ gss-serv.c | 1 - krl.c | 4 ++-- monitor.c | 6 +++--- monitor_wrap.c | 2 +- mux.c | 3 +-- nchan.c | 2 +- packet.c | 2 +- packet.h | 6 +++--- servconf.c | 2 +- servconf.h | 2 +- serverloop.c | 2 +- session.c | 6 +++--- sftp-client.c | 2 +- sftp-usergroup.c | 2 +- srclimit.c | 2 +- ssh-agent.c | 7 ++++--- ssh-keyscan.c | 5 +++-- ssh-pkcs11.c | 4 +--- ssh.c | 7 ++++--- ssh_api.h | 3 +-- sshconnect2.c | 3 +-- sshd-auth.c | 5 ++--- sshd-session.c | 8 ++++---- sshd.c | 3 +-- 28 files changed, 61 insertions(+), 51 deletions(-) diff --git a/auth-options.c b/auth-options.c index 90be7b02d49d..e15f600abbf6 100644 --- a/auth-options.c +++ b/auth-options.c @@ -18,6 +18,7 @@ #include "includes.h" #include +#include #include #include @@ -29,8 +30,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" - #include "xmalloc.h" #include "ssherr.h" #include "log.h" diff --git a/channels.c b/channels.c index 83ff8bb8e237..c7e75418f9e1 100644 --- a/channels.c +++ b/channels.c @@ -47,6 +47,7 @@ #include #include #include +#include #include #include @@ -64,7 +65,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "ssh.h" #include "ssh2.h" diff --git a/clientloop.c b/clientloop.c index d91d5de5524d..05d82e1599b3 100644 --- a/clientloop.c +++ b/clientloop.c @@ -66,6 +66,7 @@ #include #include #include +#include #include #include @@ -81,7 +82,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "ssh.h" #include "ssh2.h" diff --git a/configure.ac b/configure.ac index 962c43540bfe..c6245305dabf 100644 --- a/configure.ac +++ b/configure.ac @@ -553,6 +553,22 @@ AC_CHECK_HEADERS([ \ esac >"$header" ]) +dnl Now create replacement headers for those that we always want to shim. +for include in sys/queue.h sys/tree.h; do + COMPATINCLUDES="openbsd-compat/include" + header="$COMPATINCLUDES/$include" + dir=`dirname "$header"` + mkdir -p "$dir" + case "$include" in + sys/queue.h) + echo '#include "openbsd-compat/sys-queue.h"' + ;; + sys/tree.h) + echo '#include "openbsd-compat/sys-tree.h"' + ;; + esac >"$header" +done + AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H # include diff --git a/gss-serv.c b/gss-serv.c index 82f4cacddda9..ae3465c3ba89 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -37,7 +37,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "sshkey.h" #include "hostfile.h" diff --git a/krl.c b/krl.c index bea5b1b98c43..eb4b7c249996 100644 --- a/krl.c +++ b/krl.c @@ -18,8 +18,8 @@ #include "includes.h" #include -#include -#include +#include +#include #include #include diff --git a/monitor.c b/monitor.c index fa66b60cbd5c..55c4a47baed2 100644 --- a/monitor.c +++ b/monitor.c @@ -28,8 +28,10 @@ #include "includes.h" #include -#include #include +#include +#include +#include #include #include @@ -49,8 +51,6 @@ #include #endif -#include "openbsd-compat/sys-tree.h" -#include "openbsd-compat/sys-queue.h" #include "openbsd-compat/openssl-compat.h" #include "atomicio.h" diff --git a/monitor_wrap.c b/monitor_wrap.c index c56f46768aa3..383bae4b0271 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -29,6 +29,7 @@ #include #include +#include #include #include @@ -45,7 +46,6 @@ #include #endif -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "ssh.h" #ifdef WITH_OPENSSL diff --git a/mux.c b/mux.c index 629cc0f73af7..be3263c50797 100644 --- a/mux.c +++ b/mux.c @@ -20,6 +20,7 @@ #include "includes.h" #include +#include #include #include #include @@ -38,8 +39,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" - #include "atomicio.h" #include "xmalloc.h" #include "log.h" diff --git a/nchan.c b/nchan.c index bd4758ac120e..4bf5e8bb1e33 100644 --- a/nchan.c +++ b/nchan.c @@ -27,12 +27,12 @@ #include #include +#include #include #include #include -#include "openbsd-compat/sys-queue.h" #include "ssh2.h" #include "sshbuf.h" #include "ssherr.h" diff --git a/packet.c b/packet.c index 8785db9d8314..2551c2a4e8fb 100644 --- a/packet.c +++ b/packet.c @@ -40,7 +40,7 @@ #include "includes.h" #include -#include "openbsd-compat/sys-queue.h" +#include #include #include diff --git a/packet.h b/packet.h index b63b7709d151..6d6a064bdf41 100644 --- a/packet.h +++ b/packet.h @@ -16,6 +16,9 @@ #ifndef PACKET_H #define PACKET_H +#include + +#include #include #ifdef WITH_OPENSSL @@ -36,9 +39,6 @@ # define EVP_PKEY void #endif /* WITH_OPENSSL */ -#include -#include "openbsd-compat/sys-queue.h" - struct kex; struct sshkey; struct sshbuf; diff --git a/servconf.c b/servconf.c index be9cc827b8d2..252e49ccb795 100644 --- a/servconf.c +++ b/servconf.c @@ -14,6 +14,7 @@ #include #include +#include #include #ifdef __OpenBSD__ #include @@ -39,7 +40,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "ssh.h" #include "log.h" diff --git a/servconf.h b/servconf.h index e1ccc04314a1..f588f02e9991 100644 --- a/servconf.h +++ b/servconf.h @@ -16,7 +16,7 @@ #ifndef SERVCONF_H #define SERVCONF_H -#include +#include #define MAX_PORTS 256 /* Max # ports. */ diff --git a/serverloop.c b/serverloop.c index dba2fc3053e9..53842f7d3864 100644 --- a/serverloop.c +++ b/serverloop.c @@ -41,6 +41,7 @@ #include #include #include +#include #include @@ -55,7 +56,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "packet.h" #include "sshbuf.h" diff --git a/session.c b/session.c index 926cc2b81c2d..227881ec94ff 100644 --- a/session.c +++ b/session.c @@ -36,10 +36,11 @@ #include "includes.h" #include +#include +#include #include #include -#include -#include +#include #include @@ -58,7 +59,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "ssh.h" #include "ssh2.h" diff --git a/sftp-client.c b/sftp-client.c index 02bd6ac3e8d7..d8b364581023 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -23,10 +23,10 @@ #include "includes.h" #include +#include #ifdef HAVE_SYS_STATVFS_H #include #endif -#include "openbsd-compat/sys-queue.h" #include #include #include diff --git a/sftp-usergroup.c b/sftp-usergroup.c index 3cfcefea580e..d931b29113b3 100644 --- a/sftp-usergroup.c +++ b/sftp-usergroup.c @@ -19,7 +19,7 @@ #include "includes.h" #include -#include +#include #include #include diff --git a/srclimit.c b/srclimit.c index dacc570aa406..05f22ee136ce 100644 --- a/srclimit.c +++ b/srclimit.c @@ -19,7 +19,7 @@ #include #include -#include +#include #include #include diff --git a/ssh-agent.c b/ssh-agent.c index 848b0f9a518c..f86749353e3f 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -37,13 +37,14 @@ #include "includes.h" #include +#include +#include #include +#include #include +#include #include #include -#include -#include -#include "openbsd-compat/sys-queue.h" #ifdef WITH_OPENSSL #include diff --git a/ssh-keyscan.c b/ssh-keyscan.c index f9788114df8d..9bd3e78ebbd3 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -10,9 +10,10 @@ #include "includes.h" #include -#include "openbsd-compat/sys-queue.h" -#include +#include +#include #include +#include #include #include diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c490974d8cfa..c147ef2a702a 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -23,6 +23,7 @@ #include #include +#include #include #include @@ -30,9 +31,6 @@ #include #include -#include "openbsd-compat/sys-queue.h" -#include "openbsd-compat/openssl-compat.h" - #ifdef WITH_OPENSSL #include "openbsd-compat/openssl-compat.h" #include diff --git a/ssh.c b/ssh.c index 0b1a6e158fac..e15cb44c242f 100644 --- a/ssh.c +++ b/ssh.c @@ -43,10 +43,12 @@ #include "includes.h" #include -#include -#include #include +#include +#include #include +#include +#include #include #include @@ -75,7 +77,6 @@ #include #endif #include "openbsd-compat/openssl-compat.h" -#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "ssh.h" diff --git a/ssh_api.h b/ssh_api.h index 584f896a78c4..d5ba574802b3 100644 --- a/ssh_api.h +++ b/ssh_api.h @@ -18,11 +18,10 @@ #ifndef API_H #define API_H +#include #include #include -#include "openbsd-compat/sys-queue.h" - #include "cipher.h" #include "sshkey.h" #include "kex.h" diff --git a/sshconnect2.c b/sshconnect2.c index 5e99d293fd5e..efef5cd6f320 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -45,8 +46,6 @@ #include #endif -#include "openbsd-compat/sys-queue.h" - #include "xmalloc.h" #include "ssh.h" #include "ssh2.h" diff --git a/sshd-auth.c b/sshd-auth.c index 0f238e1b3743..9f19ead2aedd 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -32,12 +32,11 @@ #include #include #include +#include #include #include #include - -#include "openbsd-compat/sys-tree.h" -#include "openbsd-compat/sys-queue.h" +#include #include #include diff --git a/sshd-session.c b/sshd-session.c index a3ad3a2bcb92..fdaa401b91f2 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -31,12 +31,12 @@ #include #include -#include +#include +#include #include +#include #include -#include "openbsd-compat/sys-tree.h" -#include "openbsd-compat/sys-queue.h" -#include +#include #include #include diff --git a/sshd.c b/sshd.c index 2d5634057945..e296ed7897ed 100644 --- a/sshd.c +++ b/sshd.c @@ -31,8 +31,7 @@ #include #include #include -#include "openbsd-compat/sys-tree.h" -#include "openbsd-compat/sys-queue.h" +#include #include #include From 3e9c4ed3b0e5d3890fcd2cbc9c3b595f17ea1946 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 10 Feb 2026 05:34:46 +1100 Subject: [PATCH 565/687] Provide compat shims for sys/{mount.h,statvfs.h). In addition to shimming on platforms that don't have them, we also need to shim sys/mount.h on DragonFlyBSD since it uses its native STAILQ_ENTRYs which our compat queues.h does not have, which causes sftp-server.o to not build. This is a little icky, but it limits the blast radius to just one source file on only DragonFly. ok djm@ --- configure.ac | 12 ++++++++++++ sftp-client.c | 4 +--- sftp-server.c | 4 ---- sftp.c | 4 +--- 4 files changed, 14 insertions(+), 10 deletions(-) diff --git a/configure.ac b/configure.ac index c6245305dabf..42dffd154516 100644 --- a/configure.ac +++ b/configure.ac @@ -536,7 +536,9 @@ AC_CHECK_HEADERS([ \ poll.h \ stdint.h \ sys/mman.h \ + sys/mount.h \ sys/stat.h \ + sys/statvfs.h \ sys/time.h \ sys/un.h \ time.h \ @@ -569,6 +571,16 @@ for include in sys/queue.h sys/tree.h; do esac >"$header" done +# DragonFly uses STAILQ_* in its sys/mount.h, so we explicitly +# need to include the system one first, not our shim. +case "$host" in +*-*-dragonfly*) + mkdir -p openbsd-compat/include/sys + echo '#include "/usr/include/sys/queue.h"' + echo '#include "/usr/include/sys/mount.h"' + ;; +esac > "openbsd-compat/include/sys/mount.h" + AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H # include diff --git a/sftp-client.c b/sftp-client.c index d8b364581023..164ab4072901 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -24,11 +24,9 @@ #include #include -#ifdef HAVE_SYS_STATVFS_H -#include -#endif #include #include +#include #include #include diff --git a/sftp-server.c b/sftp-server.c index 2f725d2653cd..feb2ad8ac675 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -21,12 +21,8 @@ #include #include #include -#ifdef HAVE_SYS_MOUNT_H #include -#endif -#ifdef HAVE_SYS_STATVFS_H #include -#endif #include #include diff --git a/sftp.c b/sftp.c index f2be1fe38112..b4d2c802d3c0 100644 --- a/sftp.c +++ b/sftp.c @@ -21,10 +21,8 @@ #include #include #include -#include -#ifdef HAVE_SYS_STATVFS_H #include -#endif +#include #include #include From 4922635d3e66f9107c5b68a0a3fa57ddf0d820ae Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 10 Feb 2026 07:22:30 +1100 Subject: [PATCH 566/687] Factor out COMPATINCLUDES into its own variable. --- configure.ac | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 42dffd154516..b6c551dae768 100644 --- a/configure.ac +++ b/configure.ac @@ -525,6 +525,7 @@ AC_CHECK_HEADERS([ \ # platform. Usually these are just empty, but in some cases they'll include # the equivalent file. This avoids having to wrap those includes in # '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. +COMPATINCLUDESDIR="openbsd-compat/include" COMPATINCLUDES="" AC_CHECK_HEADERS([ \ endian.h \ @@ -543,7 +544,7 @@ AC_CHECK_HEADERS([ \ sys/un.h \ time.h \ util.h], [], [ - COMPATINCLUDES="openbsd-compat/include" + COMPATINCLUDES="$COMPATINCLUDESDIR" header="$COMPATINCLUDES/$ac_header" dir=`dirname "$header"` mkdir -p "$dir" @@ -557,7 +558,7 @@ AC_CHECK_HEADERS([ \ dnl Now create replacement headers for those that we always want to shim. for include in sys/queue.h sys/tree.h; do - COMPATINCLUDES="openbsd-compat/include" + COMPATINCLUDES="$COMPATINCLUDESDIR" header="$COMPATINCLUDES/$include" dir=`dirname "$header"` mkdir -p "$dir" @@ -575,11 +576,12 @@ done # need to include the system one first, not our shim. case "$host" in *-*-dragonfly*) - mkdir -p openbsd-compat/include/sys + COMPATINCLUDES="$COMPATINCLUDESDIR" + mkdir -p "$COMPATINCLUDES/sys" echo '#include "/usr/include/sys/queue.h"' echo '#include "/usr/include/sys/mount.h"' ;; -esac > "openbsd-compat/include/sys/mount.h" +esac > "$COMPATINCLUDES/sys/mount.h" AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H From 957cb0fbe87b6ab76045e8dc99426db6afb54057 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 10 Feb 2026 08:55:53 +1100 Subject: [PATCH 567/687] Minor resync with upstream Reorder definitions add whitespace to eliminate diffs vs upstream. --- auth.c | 2 +- misc.h | 1 + pathnames.h | 11 +++++------ sshbuf-getput-basic.c | 2 +- sshbuf-getput-crypto.c | 2 +- sshbuf.h | 1 + 6 files changed, 10 insertions(+), 9 deletions(-) diff --git a/auth.c b/auth.c index 8d94047439be..ad7c5774e124 100644 --- a/auth.c +++ b/auth.c @@ -98,8 +98,8 @@ allowed_user(struct ssh *ssh, struct passwd * pw) { struct stat st; const char *hostname = NULL, *ipaddr = NULL; - u_int i; int r; + u_int i; /* Shouldn't be called if pw is NULL, but better safe than sorry... */ if (!pw || !pw->pw_name) diff --git a/misc.h b/misc.h index 5b401c5c444c..b633fc4f4b72 100644 --- a/misc.h +++ b/misc.h @@ -118,6 +118,7 @@ void sock_set_v6only(int); struct passwd *pwcopy(struct passwd *); void pwfree(struct passwd *); /* NB. only use with pwcopy */ + const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); diff --git a/pathnames.h b/pathnames.h index 0dcc4955241f..ae01c69e2d91 100644 --- a/pathnames.h +++ b/pathnames.h @@ -37,8 +37,8 @@ #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" -#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" +#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" #define _PATH_DH_MODULI SSHDIR "/moduli" #ifndef _PATH_SSH_PROGRAM @@ -169,6 +169,9 @@ #ifndef _PATH_SFTP_SERVER #define _PATH_SFTP_SERVER "/usr/libexec/sftp-server" #endif +#ifndef _PATH_LS +#define _PATH_LS "ls" +#endif /* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */ #ifndef _PATH_PRIVSEP_CHROOT_DIR @@ -177,11 +180,7 @@ /* for passwd change */ #ifndef _PATH_PASSWD_PROG -#define _PATH_PASSWD_PROG "/usr/bin/passwd" -#endif - -#ifndef _PATH_LS -#define _PATH_LS "ls" +#define _PATH_PASSWD_PROG "/usr/bin/passwd" #endif /* Askpass program define */ diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 405f7eb60e02..b3c06ce99a9f 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -15,7 +15,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#define SSHBUF_INTERNAL #include "includes.h" #include @@ -27,6 +26,7 @@ #include #include "ssherr.h" +#define SSHBUF_INTERNAL #include "sshbuf.h" int diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index e7bffe225cd9..7516fd588065 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c @@ -15,7 +15,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#define SSHBUF_INTERNAL #include "includes.h" #include @@ -30,6 +29,7 @@ #endif /* OPENSSL_HAS_ECC */ #include "ssherr.h" +#define SSHBUF_INTERNAL #include "sshbuf.h" int diff --git a/sshbuf.h b/sshbuf.h index 052b0879849e..7826cd37e9ef 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -21,6 +21,7 @@ #include #include #include + #ifdef WITH_OPENSSL # include # include From 8a5d591c9f42933c49ece95e49c116d684d6cca0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 11 Feb 2026 11:38:58 -0500 Subject: [PATCH 568/687] Don't create sys/mount.h shim except on DragonFly. Fixes build on Mac OS X. --- configure.ac | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index b6c551dae768..852babbc7e49 100644 --- a/configure.ac +++ b/configure.ac @@ -578,10 +578,11 @@ case "$host" in *-*-dragonfly*) COMPATINCLUDES="$COMPATINCLUDESDIR" mkdir -p "$COMPATINCLUDES/sys" - echo '#include "/usr/include/sys/queue.h"' - echo '#include "/usr/include/sys/mount.h"' + (echo '#include "/usr/include/sys/queue.h"' + echo '#include "/usr/include/sys/mount.h"') \ + >"$COMPATINCLUDES/sys/mount.h" ;; -esac > "$COMPATINCLUDES/sys/mount.h" +esac AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H From bb2703365ede3b4e13fdfa1c250ac88408e75f38 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 21:21:39 +0000 Subject: [PATCH 569/687] upstream: Remove now-unused openssl includes since sshd.c no longer needs them, even when built with OpenSSL. OpenBSD-Commit-ID: ceaa0394db1520e92d75c37eea58130d44ba93c9 --- sshd.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/sshd.c b/sshd.c index e296ed7897ed..0bea8892763e 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.625 2026/02/08 15:28:01 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.626 2026/02/09 21:21:39 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -51,12 +51,6 @@ #include #include -#ifdef WITH_OPENSSL -#include -#include -#include "openbsd-compat/openssl-compat.h" -#endif - #ifdef HAVE_SECUREWARE #include #include From 280cf58afe71bf34141e732d30676367f0150bbe Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 21:23:35 +0000 Subject: [PATCH 570/687] upstream: Remove now-unused SKEYQUERY enums from monitor_reqtype. ID sync only. OpenBSD-Commit-ID: dab93b58e69c754887507e5557a81a0b5b84d734 --- monitor.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monitor.h b/monitor.h index dc7cd5c7eb03..a6211af9986a 100644 --- a/monitor.h +++ b/monitor.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.h,v 1.26 2025/12/16 08:32:50 dtucker Exp $ */ +/* $OpenBSD: monitor.h,v 1.27 2026/02/09 21:23:35 dtucker Exp $ */ /* * Copyright 2002 Niels Provos From c3eaa953ae78e581d7ba2327beea35206a14bc1e Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 21:38:14 +0000 Subject: [PATCH 571/687] upstream: Remove unused OpenSSL includes, which are no longer used even when building with OPENSSL=yes. OpenBSD-Commit-ID: 31adb21bf3f8f5c13cde59229f1b85c20f19a858 --- sshd-session.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/sshd-session.c b/sshd-session.c index fdaa401b91f2..d8dfc7432cf0 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.19 2025/12/30 00:35:37 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.20 2026/02/09 21:38:14 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -52,13 +52,6 @@ #include #include -#ifdef WITH_OPENSSL -#include -#include -#include -#include "openbsd-compat/openssl-compat.h" -#endif - #ifdef HAVE_SECUREWARE #include #include From 8ec21f6274108e93601173ec4e6f7528b90b0003 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 22:09:48 +0000 Subject: [PATCH 572/687] upstream: Use https for URLs. ID sync only. OpenBSD-Commit-ID: 85b2919e95e6d2bfdeddf5e3b0709fb5b6b4c438 --- PROTOCOL | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PROTOCOL b/PROTOCOL index a94b36ba6c7e..06081f82a9c9 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -718,4 +718,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.59 2025/08/06 11:22:53 dtucker Exp $ +$OpenBSD: PROTOCOL,v 1.60 2026/02/09 22:09:48 dtucker Exp $ From db779679839d2798de7cda196a3fe750a12845e8 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 22:11:39 +0000 Subject: [PATCH 573/687] upstream: Remove unused OpenSSL includes, that are no longer used, even when building with OPENSSL=yes. OpenBSD-Commit-ID: e97e3e551ade9aee994b80a1d5851be6f32288e3 --- ssh-pkcs11-client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index e58292628b0a..6d74d728083f 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.25 2025/10/31 01:50:43 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.26 2026/02/09 22:11:39 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. From c8972792e5ce599e584bbe1aa084cc4056f1afe5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 22:12:48 +0000 Subject: [PATCH 574/687] upstream: Remove references to skey auth which is long gone. ID sync only. OpenBSD-Commit-ID: 0c2340566c399f7f74fe4c5366394974cd6fd122 --- ssh_config.5 | 4 ++-- sshd_config.5 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ssh_config.5 b/ssh_config.5 index 6e9bde1acf46..c5bf8338d813 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.421 2026/02/05 22:05:49 djm Exp $ -.Dd $Mdocdate: February 5 2026 $ +.\" $OpenBSD: ssh_config.5,v 1.422 2026/02/09 22:12:48 dtucker Exp $ +.Dd $Mdocdate: February 9 2026 $ .Dt SSH_CONFIG 5 .Os .Sh NAME diff --git a/sshd_config.5 b/sshd_config.5 index e0e23a77f46c..3b9303b8218b 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.394 2026/02/05 22:05:49 djm Exp $ -.Dd $Mdocdate: February 5 2026 $ +.\" $OpenBSD: sshd_config.5,v 1.395 2026/02/09 22:12:48 dtucker Exp $ +.Dd $Mdocdate: February 9 2026 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME From 4ef24496b7c4c918d4d3a049f83739fbe2e36e9f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 9 Feb 2026 22:15:45 +0000 Subject: [PATCH 575/687] upstream: De-underscore __inline__ to match -portable (and every other use of it in ssh). ID sync only. OpenBSD-Commit-ID: 83c913d5e2345635bc5434167ed67cec5409d494 --- cipher-aesctr.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cipher-aesctr.c b/cipher-aesctr.c index eed95c3e6e3c..2a8d446f15d3 100644 --- a/cipher-aesctr.c +++ b/cipher-aesctr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher-aesctr.c,v 1.2 2015/01/14 10:24:42 markus Exp $ */ +/* $OpenBSD: cipher-aesctr.c,v 1.3 2026/02/09 22:15:45 dtucker Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. * @@ -17,11 +17,11 @@ #include "includes.h" +#ifndef WITH_OPENSSL + #include #include -#ifndef WITH_OPENSSL - #include "cipher-aesctr.h" /* From f1b9e0f7f1f1ed5be2bd1c39bda03fc99a1cf5d8 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Feb 2026 16:57:38 +0000 Subject: [PATCH 576/687] upstream: Pass actual size of the buffer to hostname() instead of a define that's probably the same. ok millert@ djm@ OpenBSD-Commit-ID: 7c97b22439100b4193404ccfa1e5f539c5a8d039 --- gss-serv.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gss-serv.c b/gss-serv.c index ae3465c3ba89..f9ae303b5b14 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.36 2026/02/08 15:28:01 dtucker Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.37 2026/02/11 16:57:38 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -107,7 +107,7 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx) gss_create_empty_oid_set(&status, &oidset); gss_add_oid_set_member(&status, ctx->oid, &oidset); - if (gethostname(lname, HOST_NAME_MAX)) { + if (gethostname(lname, sizeof(lname))) { gss_release_oid_set(&status, &oidset); return (-1); } From 81746188e9333b166b4c31f9654d8eb249ddd897 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 11 Feb 2026 16:47:27 -0500 Subject: [PATCH 577/687] Remove do_pam_chauthtok since it's no longer used. --- auth-pam.c | 105 --------------------------------------------------- auth-pam.h | 1 - configure.ac | 5 --- 3 files changed, 111 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index fad098d6839b..3192323d9d5e 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -272,31 +272,6 @@ pam_putenv(pam_handle_t *pamh, const char *name_value) } #endif /* HAVE_PAM_PUTENV */ -/* - * Some platforms, notably Solaris, do not enforce password complexity - * rules during pam_chauthtok() if the real uid of the calling process - * is 0, on the assumption that it's being called by "passwd" run by root. - * This wraps pam_chauthtok and sets/restore the real uid so PAM will do - * the right thing. - */ -#ifdef SSHPAM_CHAUTHTOK_NEEDS_RUID -static int -sshpam_chauthtok_ruid(pam_handle_t *pamh, int flags) -{ - int result; - - if (sshpam_authctxt == NULL) - fatal("PAM: sshpam_authctxt not initialized"); - if (setreuid(sshpam_authctxt->pw->pw_uid, -1) == -1) - fatal_f("setreuid failed: %s", strerror(errno)); - result = pam_chauthtok(pamh, flags); - if (setreuid(0, -1) == -1) - fatal_f("setreuid failed: %s", strerror(errno)); - return result; -} -# define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b))) -#endif - static void sshpam_password_change_required(int reqd) { @@ -1147,86 +1122,6 @@ do_pam_setcred(void) pam_strerror(sshpam_handle, sshpam_err)); } -#if 0 -static int -sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, - struct pam_response **resp, void *data) -{ - char input[PAM_MAX_MSG_SIZE]; - struct pam_response *reply; - int i; - - debug3_f("PAM: called with %d messages", n); - - *resp = NULL; - - if (n <= 0 || n > PAM_MAX_NUM_MSG || !isatty(STDIN_FILENO)) - return (PAM_CONV_ERR); - - if ((reply = calloc(n, sizeof(*reply))) == NULL) - return (PAM_CONV_ERR); - - for (i = 0; i < n; ++i) { - switch (PAM_MSG_MEMBER(msg, i, msg_style)) { - case PAM_PROMPT_ECHO_OFF: - reply[i].resp = - read_passphrase(PAM_MSG_MEMBER(msg, i, msg), - RP_ALLOW_STDIN); - reply[i].resp_retcode = PAM_SUCCESS; - break; - case PAM_PROMPT_ECHO_ON: - fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); - if (fgets(input, sizeof input, stdin) == NULL) - input[0] = '\0'; - if ((reply[i].resp = strdup(input)) == NULL) - goto fail; - reply[i].resp_retcode = PAM_SUCCESS; - break; - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: - fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); - reply[i].resp_retcode = PAM_SUCCESS; - break; - default: - goto fail; - } - } - *resp = reply; - return (PAM_SUCCESS); - - fail: - for(i = 0; i < n; i++) { - free(reply[i].resp); - } - free(reply); - return (PAM_CONV_ERR); -} - -static struct pam_conv tty_conv = { sshpam_tty_conv, NULL }; -#endif - -/* - * XXX this should be done in the authentication phase, but ssh1 doesn't - * support that - */ -void -do_pam_chauthtok(void) -{ - fatal("Password expired"); -#if 0 - sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, - (const void *)&tty_conv); - if (sshpam_err != PAM_SUCCESS) - fatal("PAM: failed to set PAM_CONV: %s", - pam_strerror(sshpam_handle, sshpam_err)); - debug("PAM: changing password"); - sshpam_err = pam_chauthtok(sshpam_handle, PAM_CHANGE_EXPIRED_AUTHTOK); - if (sshpam_err != PAM_SUCCESS) - fatal("PAM: pam_chauthtok(): %s", - pam_strerror(sshpam_handle, sshpam_err)); -#endif -} - void do_pam_session(struct ssh *ssh) { diff --git a/auth-pam.h b/auth-pam.h index 8d801c689aa6..c068bc8969d7 100644 --- a/auth-pam.h +++ b/auth-pam.h @@ -32,7 +32,6 @@ void finish_pam(void); u_int do_pam_account(void); void do_pam_session(struct ssh *); void do_pam_setcred(void); -void do_pam_chauthtok(void); int do_pam_putenv(char *, char *); char ** fetch_pam_environment(void); char ** fetch_pam_child_environment(void); diff --git a/configure.ac b/configure.ac index 852babbc7e49..ddb621670a21 100644 --- a/configure.ac +++ b/configure.ac @@ -775,8 +775,6 @@ case "$host" in AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV], [Define to a Set Process Title type if your system is supported by bsd-setproctitle.c]) - AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1], - [AIX 5.2 and 5.3 (and presumably newer) require this]) AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd]) AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)]) AC_DEFINE([BROKEN_STRNDUP], 1, [strndup broken, see APAR IY61211]) @@ -1216,9 +1214,6 @@ if (setsockopt(s, IPPROTO_IP, IP_TOS, &one, sizeof(one)) == -1) AC_DEFINE([PAM_SUN_CODEBASE]) AC_DEFINE([LOGIN_NEEDS_UTMPX]) AC_DEFINE([PAM_TTY_KLUDGE]) - AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1], - [Define if pam_chauthtok wants real uid set - to the unpriv'ed user]) AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) # Pushing STREAMS modules will cause sshd to acquire a controlling tty. AC_DEFINE([SSHD_ACQUIRES_CTTY], [1], From 1a4eb511abaf3522b84fa5697524b81b4865279b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 11 Feb 2026 17:36:42 -0500 Subject: [PATCH 578/687] Factor out RNG reseeding in to a single function. sshd and sshd-session both reseed the RNG after a fork. Move the existing reseed_prngs() function into entropy.c and use for both. Clean up entropy.h too. ok djm@ --- entropy.c | 21 +++++++++++++++++++++ entropy.h | 9 ++++----- sshd-session.c | 21 --------------------- sshd.c | 10 +--------- 4 files changed, 26 insertions(+), 35 deletions(-) diff --git a/entropy.c b/entropy.c index 65ef922379a1..8bb3accbd3ad 100644 --- a/entropy.c +++ b/entropy.c @@ -108,3 +108,24 @@ seed_rng(void) } #endif /* WITH_OPENSSL */ + +void +reseed_prngs(void) +{ + u_int32_t rnd[256]; + +#ifdef WITH_OPENSSL + RAND_poll(); +#endif + arc4random_stir(); /* noop on recent arc4random() implementations */ + arc4random_buf(rnd, sizeof(rnd)); /* let arc4random notice PID change */ + +#ifdef WITH_OPENSSL + RAND_seed(rnd, sizeof(rnd)); + /* give libcrypto a chance to notice the PID change */ + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal_f("RAND_bytes failed"); +#endif + + explicit_bzero(rnd, sizeof(rnd)); +} diff --git a/entropy.h b/entropy.h index 870164d30e90..45d56a339363 100644 --- a/entropy.h +++ b/entropy.h @@ -22,13 +22,12 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef _RANDOMS_H -#define _RANDOMS_H +#ifndef _ENTROPY_H +#define _ENTROPY_H struct sshbuf; void seed_rng(void); -void rexec_send_rng_seed(struct sshbuf *); -void rexec_recv_rng_seed(struct sshbuf *); +void reseed_prngs(void); -#endif /* _RANDOMS_H */ +#endif /* _ENTROPY_H */ diff --git a/sshd-session.c b/sshd-session.c index d8dfc7432cf0..29de97fa619a 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -262,27 +262,6 @@ demote_sensitive_data(void) } } -static void -reseed_prngs(void) -{ - u_int32_t rnd[256]; - -#ifdef WITH_OPENSSL - RAND_poll(); -#endif - arc4random_stir(); /* noop on recent arc4random() implementations */ - arc4random_buf(rnd, sizeof(rnd)); /* let arc4random notice PID change */ - -#ifdef WITH_OPENSSL - RAND_seed(rnd, sizeof(rnd)); - /* give libcrypto a chance to notice the PID change */ - if ((RAND_bytes((u_char *)rnd, 1)) != 1) - fatal_f("RAND_bytes failed"); -#endif - - explicit_bzero(rnd, sizeof(rnd)); -} - struct sshbuf * pack_hostkeys(void) { diff --git a/sshd.c b/sshd.c index 0bea8892763e..74d25fc73fbe 100644 --- a/sshd.c +++ b/sshd.c @@ -922,7 +922,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, struct early_child *child; struct sshbuf *buf; socklen_t fromlen; - u_char rnd[256]; sigset_t nsigset, osigset; /* pipes connected to unauthenticated child sshd processes */ @@ -1219,14 +1218,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, * Ensure that our random state differs * from that of the child */ - arc4random_stir(); - arc4random_buf(rnd, sizeof(rnd)); -#ifdef WITH_OPENSSL - RAND_seed(rnd, sizeof(rnd)); - if ((RAND_bytes((u_char *)rnd, 1)) != 1) - fatal_f("RAND_bytes failed"); -#endif - explicit_bzero(rnd, sizeof(rnd)); + reseed_prngs(); } } } From c169300df12b9aa7005ff6e61880a7e007e83bc5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Feb 2026 17:01:34 +0000 Subject: [PATCH 579/687] upstream: Reorder includes and defines to match both KNF and Portable. OpenBSD-Commit-ID: f3f179c095f8e4787ded5f450e2842881f6b8ab2 --- sftp.c | 2 +- ssh-add.c | 2 +- ssh-ed25519.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/sftp.c b/sftp.c index b4d2c802d3c0..eebb166e8de4 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.249 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: sftp.c,v 1.250 2026/02/11 17:01:34 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * diff --git a/ssh-add.c b/ssh-add.c index ac1891f62788..dcdbbfeca06b 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.184 2025/11/24 23:43:10 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.185 2026/02/11 17:01:34 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/ssh-ed25519.c b/ssh-ed25519.c index c8caa22214b7..c7a84dccb6e6 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519.c,v 1.20 2025/07/24 06:12:08 djm Exp $ */ +/* $OpenBSD: ssh-ed25519.c,v 1.21 2026/02/11 17:01:34 dtucker Exp $ */ /* * Copyright (c) 2013 Markus Friedl * From 6a756f3f7b9f87f24e948ec1de0266f5c1587811 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Feb 2026 17:03:17 +0000 Subject: [PATCH 580/687] upstream: Remove unused sys/queue.h include. OpenBSD-Commit-ID: 564f75672e27f1006f280614934eb304abe69167 --- ssh-pkcs11-helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 838610d96d27..f7b7b2e81ebf 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.30 2025/10/31 01:50:43 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.31 2026/02/11 17:03:17 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * From 3160f2a97e875bfa9454f98899cbccad48c96ff4 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Feb 2026 17:05:32 +0000 Subject: [PATCH 581/687] upstream: Add includes used in Portable to reduce diffs. OpenBSD-Commit-ID: 186c60cf2da0ddb075d5bc4879e87bbd8779b7e4 --- misc-agent.c | 2 +- misc.c | 2 +- rijndael.c | 2 +- sftp-common.c | 2 +- ssh-keygen.c | 2 +- ssh-rsa.c | 2 +- ssh.c | 2 +- sshconnect.c | 2 +- sshd-auth.c | 2 +- sshlogin.c | 2 +- sshpty.c | 3 ++- uidswap.c | 5 ++--- 12 files changed, 14 insertions(+), 14 deletions(-) diff --git a/misc-agent.c b/misc-agent.c index 07c8fb136ec4..cb61405a7f49 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc-agent.c,v 1.6 2025/06/17 01:19:27 djm Exp $ */ +/* $OpenBSD: misc-agent.c,v 1.7 2026/02/11 17:05:32 dtucker Exp $ */ /* * Copyright (c) 2025 Damien Miller * diff --git a/misc.c b/misc.c index 3189e30aa99c..fa508a96d01f 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.211 2025/12/05 17:48:47 phessler Exp $ */ +/* $OpenBSD: misc.c,v 1.212 2026/02/11 17:05:32 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. diff --git a/rijndael.c b/rijndael.c index 40ab7b1f5103..805687b82bd9 100644 --- a/rijndael.c +++ b/rijndael.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rijndael.c,v 1.20 2015/03/16 11:09:52 djm Exp $ */ +/* $OpenBSD: rijndael.c,v 1.21 2026/02/11 17:05:32 dtucker Exp $ */ /** * rijndael-alg-fst.c diff --git a/sftp-common.c b/sftp-common.c index 912b332d914e..eb5cc2b8212d 100644 --- a/sftp-common.c +++ b/sftp-common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.c,v 1.35 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: sftp-common.c,v 1.36 2026/02/11 17:05:32 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Damien Miller. All rights reserved. diff --git a/ssh-keygen.c b/ssh-keygen.c index 8d9e5f885db4..d8fe67ee233f 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.488 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.489 2026/02/11 17:05:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland diff --git a/ssh-rsa.c b/ssh-rsa.c index fe1518984849..d6520c21c2b1 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.c,v 1.82 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: ssh-rsa.c,v 1.83 2026/02/11 17:05:32 dtucker Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl * diff --git a/ssh.c b/ssh.c index e15cb44c242f..ce4648f99dbf 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.622 2025/12/22 01:17:31 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.623 2026/02/11 17:05:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/sshconnect.c b/sshconnect.c index 9dd1d02ea93f..a0dcf6f5f958 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.378 2025/12/30 00:35:37 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.379 2026/02/11 17:05:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/sshd-auth.c b/sshd-auth.c index 9f19ead2aedd..8f9066122f1c 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.11 2026/02/06 01:24:36 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.12 2026/02/11 17:05:32 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: diff --git a/sshlogin.c b/sshlogin.c index fb55cadd677b..7e0216f1d92d 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshlogin.c,v 1.35 2020/10/18 11:32:02 djm Exp $ */ +/* $OpenBSD: sshlogin.c,v 1.36 2026/02/11 17:05:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/sshpty.c b/sshpty.c index 0a82b7d3bea9..e6a66c12dd02 100644 --- a/sshpty.c +++ b/sshpty.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshpty.c,v 1.34 2019/07/04 16:20:10 deraadt Exp $ */ +/* $OpenBSD: sshpty.c,v 1.35 2026/02/11 17:05:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include diff --git a/uidswap.c b/uidswap.c index 793688eb5817..413b2c63a373 100644 --- a/uidswap.c +++ b/uidswap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.c,v 1.42 2019/06/28 13:35:04 deraadt Exp $ */ +/* $OpenBSD: uidswap.c,v 1.43 2026/02/11 17:05:32 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -15,6 +15,7 @@ #include "includes.h" #include +#include #include #include #include @@ -22,8 +23,6 @@ #include #include -#include - #include "log.h" #include "uidswap.h" #include "xmalloc.h" From 135a62238a479c7369f2b2d5dafb921ddc1c2b74 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 11 Feb 2026 22:57:16 +0000 Subject: [PATCH 582/687] upstream: support multiple files in a sshd_config RevokedKeys directive bz3918; ok dtucker OpenBSD-Commit-ID: 9fc58c4e676f8e9ed2e3a0da666242a17b8a55b2 --- auth.c | 34 +++++++++++++++++++--------------- servconf.c | 34 +++++++++++++++++++++++++--------- servconf.h | 8 +++++--- 3 files changed, 49 insertions(+), 27 deletions(-) diff --git a/auth.c b/auth.c index ad7c5774e124..a0217a81180c 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.163 2025/09/15 04:39:15 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.164 2026/02/11 22:57:16 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -545,9 +545,10 @@ int auth_key_is_revoked(struct sshkey *key) { char *fp = NULL; + u_int i; int r; - if (options.revoked_keys_file == NULL) + if (options.num_revoked_keys_files == 0) return 0; if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) { @@ -556,19 +557,22 @@ auth_key_is_revoked(struct sshkey *key) goto out; } - r = sshkey_check_revoked(key, options.revoked_keys_file); - switch (r) { - case 0: - break; /* not revoked */ - case SSH_ERR_KEY_REVOKED: - error("Authentication key %s %s revoked by file %s", - sshkey_type(key), fp, options.revoked_keys_file); - goto out; - default: - error_r(r, "Error checking authentication key %s %s in " - "revoked keys file %s", sshkey_type(key), fp, - options.revoked_keys_file); - goto out; + for (i = 0; i < options.num_revoked_keys_files; i++) { + r = sshkey_check_revoked(key, options.revoked_keys_files[i]); + switch (r) { + case 0: + break; /* not revoked */ + case SSH_ERR_KEY_REVOKED: + error("Authentication key %s %s revoked by file %s", + sshkey_type(key), fp, + options.revoked_keys_files[i]); + goto out; + default: + error_r(r, "Error checking authentication key %s %s in " + "revoked keys file %s", sshkey_type(key), fp, + options.revoked_keys_files[i]); + goto out; + } } /* Success */ diff --git a/servconf.c b/servconf.c index 252e49ccb795..a43995fdd835 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.443 2025/12/19 01:26:39 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.444 2026/02/11 22:57:16 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -193,7 +193,8 @@ initialize_server_options(ServerOptions *options) options->chroot_directory = NULL; options->authorized_keys_command = NULL; options->authorized_keys_command_user = NULL; - options->revoked_keys_file = NULL; + options->revoked_keys_files = NULL; + options->num_revoked_keys_files = 0; options->sk_provider = NULL; options->trusted_user_ca_keys = NULL; options->authorized_principals_file = NULL; @@ -518,7 +519,6 @@ fill_default_server_options(ServerOptions *options) CLEAR_ON_NONE(options->xauth_location); CLEAR_ON_NONE(options->banner); CLEAR_ON_NONE(options->trusted_user_ca_keys); - CLEAR_ON_NONE(options->revoked_keys_file); CLEAR_ON_NONE(options->sk_provider); CLEAR_ON_NONE(options->authorized_principals_file); CLEAR_ON_NONE(options->adm_forced_command); @@ -534,6 +534,8 @@ fill_default_server_options(ServerOptions *options) CLEAR_ON_NONE_ARRAY(channel_timeouts, num_channel_timeouts, "none"); CLEAR_ON_NONE_ARRAY(auth_methods, num_auth_methods, "any"); + CLEAR_ON_NONE_ARRAY(revoked_keys_files, num_revoked_keys_files, "none"); + CLEAR_ON_NONE_ARRAY(authorized_keys_files, num_authkeys_files, "none"); #undef CLEAR_ON_NONE #undef CLEAR_ON_NONE_ARRAY } @@ -2191,13 +2193,25 @@ process_server_config_line_depth(ServerOptions *options, char *line, * AuthorizedKeysFile /etc/ssh_keys/%u */ case sAuthorizedKeysFile: - found = options->num_authkeys_files == 0; + uintptr = &options->num_authkeys_files; + chararrayptr = &options->authorized_keys_files; + parse_filenames: + found = *uintptr == 0; while ((arg = argv_next(&ac, &av)) != NULL) { if (*arg == '\0') { error("%s line %d: keyword %s empty argument", filename, linenum, keyword); goto out; } + /* Allow "none" only in first position */ + if (strcasecmp(arg, "none") == 0) { + if (nstrs > 0 || ac > 0) { + error("%s line %d: keyword %s \"none\" " + "argument must appear alone.", + filename, linenum, keyword); + goto out; + } + } arg2 = tilde_expand_filename(arg, getuid()); opt_array_append(filename, linenum, keyword, &strs, &nstrs, arg2); @@ -2208,8 +2222,8 @@ process_server_config_line_depth(ServerOptions *options, char *line, filename, linenum, keyword); } if (found && *activep) { - options->authorized_keys_files = strs; - options->num_authkeys_files = nstrs; + *chararrayptr = strs; + *uintptr = nstrs; strs = NULL; /* transferred */ nstrs = 0; } @@ -2500,8 +2514,9 @@ process_server_config_line_depth(ServerOptions *options, char *line, goto parse_filename; case sRevokedKeys: - charptr = &options->revoked_keys_file; - goto parse_filename; + uintptr = &options->num_revoked_keys_files; + chararrayptr = &options->revoked_keys_files; + goto parse_filenames; case sSecurityKeyProvider: charptr = &options->sk_provider; @@ -3314,7 +3329,6 @@ dump_config(ServerOptions *o) dump_cfg_string(sForceCommand, o->adm_forced_command); dump_cfg_string(sChrootDirectory, o->chroot_directory); dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); - dump_cfg_string(sRevokedKeys, o->revoked_keys_file); dump_cfg_string(sSecurityKeyProvider, o->sk_provider); dump_cfg_string(sAuthorizedPrincipalsFile, o->authorized_principals_file); @@ -3344,6 +3358,8 @@ dump_config(ServerOptions *o) /* string array arguments */ dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files, o->authorized_keys_files); + dump_cfg_strarray_oneline(sRevokedKeys, o->num_revoked_keys_files, + o->revoked_keys_files); dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, o->host_key_files); dump_cfg_strarray(sHostCertificate, o->num_host_cert_files, diff --git a/servconf.h b/servconf.h index f588f02e9991..178dd1998e5f 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.174 2025/12/19 01:27:19 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.175 2026/02/11 22:57:16 djm Exp $ */ /* * Author: Tatu Ylonen @@ -223,7 +223,8 @@ typedef struct { u_int num_permitted_listens; char *chroot_directory; - char *revoked_keys_file; + uint num_revoked_keys_files; + char **revoked_keys_files; char *trusted_user_ca_keys; char *authorized_keys_command; char *authorized_keys_command_user; @@ -291,7 +292,6 @@ TAILQ_HEAD(include_list, include_item); #define COPY_MATCH_STRING_OPTS() do { \ M_CP_STROPT(banner); \ M_CP_STROPT(trusted_user_ca_keys); \ - M_CP_STROPT(revoked_keys_file); \ M_CP_STROPT(authorized_keys_command); \ M_CP_STROPT(authorized_keys_command_user); \ M_CP_STROPT(authorized_principals_file); \ @@ -304,6 +304,8 @@ TAILQ_HEAD(include_list, include_item); M_CP_STROPT(permit_user_env_allowlist); \ M_CP_STROPT(pam_service_name); \ M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files, 1);\ + M_CP_STRARRAYOPT(revoked_keys_files, \ + num_revoked_keys_files, 1); \ M_CP_STRARRAYOPT(allow_users, num_allow_users, 1); \ M_CP_STRARRAYOPT(deny_users, num_deny_users, 1); \ M_CP_STRARRAYOPT(allow_groups, num_allow_groups, 1); \ From 2f51e29b9a0ffd7acb9dc70d90defa466b5695d4 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 11 Feb 2026 22:57:55 +0000 Subject: [PATCH 583/687] upstream: support multiple files in a ssh_config RevokedHostKeys directive bz3918; ok dtucker OpenBSD-Commit-ID: 0ad2eacf836f912f347846ab84760799033dd348 --- readconf.c | 42 +++++++++++++++++++++++++++++++++++++----- readconf.h | 5 +++-- ssh.c | 11 ++++++----- sshconnect.c | 13 +++++++------ 4 files changed, 53 insertions(+), 18 deletions(-) diff --git a/readconf.c b/readconf.c index 1e7e240027dd..064fd33a7d7b 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.408 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.409 2026/02/11 22:57:55 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2326,8 +2326,38 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, goto parse_flag; case oRevokedHostKeys: - charptr = &options->revoked_host_keys; - goto parse_string; + uintptr = &options->num_revoked_host_keys; + cppptr = &options->revoked_host_keys; + found = *uintptr == 0; + while ((arg = argv_next(&ac, &av)) != NULL) { + if (*arg == '\0') { + error("%s line %d: keyword %s empty argument", + filename, linenum, keyword); + goto out; + } + /* Allow "none" only in first position */ + if (strcasecmp(arg, "none") == 0) { + if (nstrs > 0 || ac > 0) { + error("%s line %d: keyword %s \"none\" " + "argument must appear alone.", + filename, linenum, keyword); + goto out; + } + } + opt_array_append(filename, linenum, keyword, + &strs, &nstrs, arg); + } + if (nstrs == 0) { + fatal("%s line %d: no %s specified", + filename, linenum, keyword); + } + if (found && *activep) { + *cppptr = strs; + *uintptr = nstrs; + strs = NULL; /* transferred */ + nstrs = 0; + } + break; case oFingerprintHash: intptr = &options->fingerprint_hash; @@ -2785,6 +2815,7 @@ initialize_options(Options * options) options->canonicalize_fallback_local = -1; options->canonicalize_hostname = -1; options->revoked_host_keys = NULL; + options->num_revoked_host_keys = 0; options->fingerprint_hash = -1; options->update_hostkeys = -1; options->hostbased_accepted_algos = NULL; @@ -3053,11 +3084,11 @@ fill_default_options(Options * options) CLEAR_ON_NONE(options->remote_command); CLEAR_ON_NONE(options->proxy_command); CLEAR_ON_NONE(options->control_path); - CLEAR_ON_NONE(options->revoked_host_keys); CLEAR_ON_NONE(options->pkcs11_provider); CLEAR_ON_NONE(options->sk_provider); CLEAR_ON_NONE(options->known_hosts_command); CLEAR_ON_NONE_ARRAY(channel_timeouts, num_channel_timeouts, "none"); + CLEAR_ON_NONE_ARRAY(revoked_host_keys, num_revoked_host_keys, "none"); #undef CLEAR_ON_NONE #undef CLEAR_ON_NONE_ARRAY if (options->jump_host != NULL && @@ -3168,6 +3199,7 @@ free_options(Options *o) free(o->permitted_cnames[i].source_list); free(o->permitted_cnames[i].target_list); } + FREE_ARRAY(u_int, o->num_revoked_host_keys, o->revoked_host_keys); free(o->revoked_host_keys); free(o->hostbased_accepted_algos); free(o->pubkey_accepted_algos); @@ -3747,7 +3779,6 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oSecurityKeyProvider, o->sk_provider); dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); dump_cfg_string(oPubkeyAcceptedAlgorithms, o->pubkey_accepted_algos); - dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); dump_cfg_string(oXAuthLocation, o->xauth_location); dump_cfg_string(oKnownHostsCommand, o->known_hosts_command); dump_cfg_string(oTag, o->tag); @@ -3764,6 +3795,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_strarray(oCertificateFile, o->num_certificate_files, o->certificate_files); dump_cfg_strarray_oneline(oGlobalKnownHostsFile, o->num_system_hostfiles, o->system_hostfiles); dump_cfg_strarray_oneline(oUserKnownHostsFile, o->num_user_hostfiles, o->user_hostfiles); + dump_cfg_strarray_oneline(oRevokedHostKeys, o->num_revoked_host_keys, o->revoked_host_keys); dump_cfg_strarray(oSendEnv, o->num_send_env, o->send_env); dump_cfg_strarray(oSetEnv, o->num_setenv, o->setenv); dump_cfg_strarray_oneline(oLogVerbose, diff --git a/readconf.h b/readconf.h index 942149f9ae3f..4626d74a20af 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.161 2025/08/11 10:55:38 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.162 2026/02/11 22:57:55 djm Exp $ */ /* * Author: Tatu Ylonen @@ -162,7 +162,8 @@ typedef struct { int num_permitted_cnames; struct allowed_cname *permitted_cnames; - char *revoked_host_keys; + u_int num_revoked_host_keys; + char **revoked_host_keys; int fingerprint_hash; diff --git a/ssh.c b/ssh.c index ce4648f99dbf..8c4b79be46b9 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.623 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.624 2026/02/11 22:57:55 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1536,12 +1536,13 @@ main(int ac, char **av) options.identity_agent = cp; } - if (options.revoked_host_keys != NULL) { - p = tilde_expand_filename(options.revoked_host_keys, getuid()); + for (j = 0; j < options.num_revoked_host_keys; j++) { + p = tilde_expand_filename(options.revoked_host_keys[j], + getuid()); cp = default_client_percent_dollar_expand(p, cinfo); free(p); - free(options.revoked_host_keys); - options.revoked_host_keys = cp; + free(options.revoked_host_keys[j]); + options.revoked_host_keys[j] = cp; } if (options.forward_agent_sock_path != NULL) { diff --git a/sshconnect.c b/sshconnect.c index a0dcf6f5f958..16bdb1c1e474 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.379 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.380 2026/02/11 22:57:55 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1508,22 +1508,23 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key, goto out; } - /* Check in RevokedHostKeys file if specified */ - if (options.revoked_host_keys != NULL) { - r = sshkey_check_revoked(host_key, options.revoked_host_keys); + /* Check in RevokedHostKeys files if specified */ + for (i = 0; i < options.num_revoked_host_keys; i++) { + r = sshkey_check_revoked(host_key, + options.revoked_host_keys[i]); switch (r) { case 0: break; /* not revoked */ case SSH_ERR_KEY_REVOKED: error("Host key %s %s revoked by file %s", sshkey_type(host_key), fp, - options.revoked_host_keys); + options.revoked_host_keys[i]); r = -1; goto out; default: error_r(r, "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), - fp, options.revoked_host_keys); + fp, options.revoked_host_keys[i]); r = -1; goto out; } From ae51e05dbd840ad674fee754f33c0e2fd141074e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 11 Feb 2026 22:58:23 +0000 Subject: [PATCH 584/687] upstream: very basic testing of multiple files in RevokedKeys and RevokedHostkeys OpenBSD-Regress-ID: 6cee76bcc4bd6840bc8d39dd0d32d724e1427aa7 --- regress/cert-hostkey.sh | 4 +++- regress/cert-userkey.sh | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index f1551223280f..0c160775388f 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-hostkey.sh,v 1.30 2025/12/22 03:36:43 djm Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.31 2026/02/11 22:58:23 djm Exp $ # Placed in the Public Domain. tid="certified host keys" @@ -143,6 +143,8 @@ for ktype in $PLAIN_TYPES ; do attempt_connect "$ktype basic connect" "yes" attempt_connect "$ktype empty KRL" "yes" \ -oRevokedHostKeys=$OBJ/host_krl_empty + attempt_connect "$ktype multiple KRL files" "no" \ + -oRevokedHostKeys="/dev/null $OBJ/host_krl_plain" attempt_connect "$ktype KRL w/ plain key revoked" "no" \ -oRevokedHostKeys=$OBJ/host_krl_plain attempt_connect "$ktype KRL w/ cert revoked" "no" \ diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 6e2713bdd04b..c0decf065cd3 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-userkey.sh,v 1.31 2025/12/22 01:50:46 djm Exp $ +# $OpenBSD: cert-userkey.sh,v 1.32 2026/02/11 22:58:23 djm Exp $ # Placed in the Public Domain. tid="certified user keys" @@ -226,7 +226,8 @@ basic_tests() { verbose "$tid: ${_prefix} revoked key" ( cat $OBJ/sshd_proxy_bak - echo "RevokedKeys $OBJ/cert_user_key_revoked" + # Also test multiple RevokedKeys files. + echo "RevokedKeys /dev/null $OBJ/cert_user_key_revoked" echo "PubkeyAcceptedAlgorithms ${t}" echo "$extra_sshd" ) > $OBJ/sshd_proxy From db475199639667197b12b3aa5205de71ef102e23 Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Fri, 13 Feb 2026 01:04:47 +0000 Subject: [PATCH 585/687] upstream: remove unneeded forward struct declaration ok djm@ OpenBSD-Commit-ID: a0c97e919667394bef8dbf31df72af3ba07542e9 --- sshconnect.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sshconnect.h b/sshconnect.h index 308270160405..4c19490da487 100644 --- a/sshconnect.h +++ b/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.49 2025/03/01 06:11:26 dtucker Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.50 2026/02/13 01:04:47 jsg Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -50,7 +50,6 @@ struct ssh_conn_info { struct addrinfo; struct ssh; struct hostkeys; -struct ssh_conn_info; /* default argument for client percent expansions, minus remote user */ #define DEFAULT_CLIENT_PERCENT_EXPAND_ARGS_NOUSER(conn_info) \ From 8b3a0552054106feb036c632fc844f878568799f Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 13 Feb 2026 19:06:18 +0000 Subject: [PATCH 586/687] upstream: Replace with The former is a portability hassle, but it turns out the only thing we need from it is PATH_MAX which we can get directly from limits.h. OpenBSD-Commit-ID: ccfbbd678bef3a3930ae89da456645c3ee5f83c0 --- sftp-server.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sftp-server.c b/sftp-server.c index feb2ad8ac675..fffdef852376 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.151 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.152 2026/02/13 19:06:18 dtucker Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -21,12 +21,12 @@ #include #include #include -#include #include #include #include #include +#include #include #include #include From c2447697aaecae11d164f1ba30e06d14b5cabcdd Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 13 Feb 2026 15:34:44 -0500 Subject: [PATCH 587/687] Remove DragonFlyBSD workaround for sys/mount.h. ... since we're not not including it at all any more. --- configure.ac | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/configure.ac b/configure.ac index ddb621670a21..e537c982aa83 100644 --- a/configure.ac +++ b/configure.ac @@ -537,7 +537,6 @@ AC_CHECK_HEADERS([ \ poll.h \ stdint.h \ sys/mman.h \ - sys/mount.h \ sys/stat.h \ sys/statvfs.h \ sys/time.h \ @@ -572,18 +571,6 @@ for include in sys/queue.h sys/tree.h; do esac >"$header" done -# DragonFly uses STAILQ_* in its sys/mount.h, so we explicitly -# need to include the system one first, not our shim. -case "$host" in -*-*-dragonfly*) - COMPATINCLUDES="$COMPATINCLUDESDIR" - mkdir -p "$COMPATINCLUDES/sys" - (echo '#include "/usr/include/sys/queue.h"' - echo '#include "/usr/include/sys/mount.h"') \ - >"$COMPATINCLUDES/sys/mount.h" - ;; -esac - AC_CHECK_DECLS([le32toh, le64toh, htole64], [], [], [ #ifdef HAVE_SYS_TYPES_H # include From 9b0e50b4132679f0c09c0f1272bf1c45959103ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Tue, 17 Oct 2023 04:35:17 +0200 Subject: [PATCH 588/687] auth-pam: Add debugging information when we receive PAM messages --- auth-pam.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/auth-pam.c b/auth-pam.c index 3192323d9d5e..1a5604690f33 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -417,6 +417,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, break; case PAM_ERROR_MSG: case PAM_TEXT_INFO: + debug3("PAM: Got message of type %d: %s", + PAM_MSG_MEMBER(msg, i, msg_style), + PAM_MSG_MEMBER(msg, i, msg)); if ((r = sshbuf_put_cstring(buffer, PAM_MSG_MEMBER(msg, i, msg))) != 0) fatal("%s: buffer error: %s", From 3e8a45e0eeb5c84f12ac04ea7cc2f831c91c263b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Mon, 16 Oct 2023 21:15:45 +0200 Subject: [PATCH 589/687] auth-pam: Add an enum to define the PAM done status Makes things more readable and easier to extend --- auth-pam.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 1a5604690f33..1aba2dc5bed0 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -132,11 +132,16 @@ typedef pid_t sp_pthread_t; #define pthread_join fake_pthread_join #endif +typedef int SshPamDone; +#define SshPamError -1 +#define SshPamNone 0 +#define SshPamAuthenticated 1 + struct pam_ctxt { sp_pthread_t pam_thread; int pam_psock; int pam_csock; - int pam_done; + SshPamDone pam_done; }; static void sshpam_free_ctx(void *); @@ -907,7 +912,7 @@ sshpam_query(void *ctx, char **name, char **info, **prompts = NULL; *num = 0; **echo_on = 0; - ctxt->pam_done = -1; + ctxt->pam_done = SshPamError; free(msg); sshbuf_free(buffer); return 0; @@ -934,7 +939,7 @@ sshpam_query(void *ctx, char **name, char **info, import_environments(buffer); *num = 0; **echo_on = 0; - ctxt->pam_done = 1; + ctxt->pam_done = SshPamAuthenticated; free(msg); sshbuf_free(buffer); return (0); @@ -947,7 +952,7 @@ sshpam_query(void *ctx, char **name, char **info, *num = 0; **echo_on = 0; free(msg); - ctxt->pam_done = -1; + ctxt->pam_done = SshPamError; sshbuf_free(buffer); return (-1); } @@ -991,10 +996,10 @@ sshpam_respond(void *ctx, u_int num, char **resp) debug2_f("PAM: entering, %u responses", num); switch (ctxt->pam_done) { - case 1: + case SshPamAuthenticated: sshpam_authenticated = 1; return (0); - case 0: + case SshPamNone: break; default: return (-1); From d8b806a2e6cd50c729e5d2bad569955a1df33f63 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 15 Feb 2026 13:31:52 -0500 Subject: [PATCH 590/687] Remove obsolete comment referencing auth-chall.c. It was removed in commit 6cb6dcff along with the rest of the SSH1 server support. --- auth-pam.c | 1 - 1 file changed, 1 deletion(-) diff --git a/auth-pam.c b/auth-pam.c index 1aba2dc5bed0..0b247421b296 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -985,7 +985,6 @@ fake_password(const char *wire_password) return ret; } -/* XXX - see also comment in auth-chall.c:verify_response */ static int sshpam_respond(void *ctx, u_int num, char **resp) { From 07c6413e7bf08b7bfc6fd543eded9da68898e230 Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Sat, 14 Feb 2026 00:18:34 +0000 Subject: [PATCH 591/687] upstream: remove unneeded includes; ok dtucker@ OpenBSD-Commit-ID: bba6e85492276c30c7a9d27dfd3c4c55fa033335 --- addrmatch.c | 5 +---- authfd.c | 6 +----- authfile.c | 8 +------- canohost.c | 3 +-- channels.c | 5 +---- cipher-chachapoly-libcrypto.c | 4 +--- cipher.c | 3 +-- clientloop.c | 8 +------- compat.c | 3 +-- dns.c | 3 +-- hmac.c | 3 +-- kex-names.c | 4 +--- kex.c | 4 +--- kexdh.c | 7 ++----- kexecdh.c | 4 +--- kexgex.c | 2 +- kexgexc.c | 3 +-- krl.c | 5 +---- log.c | 3 +-- msg.c | 5 +---- mux.c | 10 +--------- nchan.c | 4 +--- packet.c | 6 +----- readconf.c | 5 +---- readpass.c | 3 +-- ssh-ecdsa.c | 6 ++---- ssh-ed25519-sk.c | 4 +--- ssh-ed25519.c | 3 +-- ssh-pkcs11.c | 3 +-- ssh-rsa.c | 6 ++---- ssh-sk-client.c | 4 +--- ssh.c | 12 +----------- sshconnect.c | 9 +-------- sshconnect2.c | 5 +---- ttymodes.c | 3 +-- umac.c | 3 +-- 36 files changed, 39 insertions(+), 135 deletions(-) diff --git a/addrmatch.c b/addrmatch.c index 4dd2f285be8c..53a19f71beb5 100644 --- a/addrmatch.c +++ b/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.18 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.19 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -19,11 +19,8 @@ #include "includes.h" #include -#include #include -#include -#include #include #include #include diff --git a/authfd.c b/authfd.c index 9b103b524a0e..9791b9e6bb36 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.137 2026/02/07 02:02:00 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.138 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -43,21 +43,17 @@ #include #include -#include #include #include #include #include -#include "xmalloc.h" #include "ssh.h" #include "sshbuf.h" #include "sshkey.h" #include "authfd.h" -#include "cipher.h" #include "log.h" #include "atomicio.h" -#include "misc.h" #include "ssherr.h" #define MAX_AGENT_IDENTITIES 2048 /* Max keys in agent reply */ diff --git a/authfile.c b/authfile.c index e3ca1005f6f4..5fc2ec470057 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.148 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: authfile.c,v 1.149 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -27,7 +27,6 @@ #include #include -#include #include #include @@ -36,14 +35,9 @@ #include #include #include -#include -#include "cipher.h" -#include "ssh.h" #include "log.h" #include "authfile.h" -#include "misc.h" -#include "atomicio.h" #include "sshkey.h" #include "sshbuf.h" #include "ssherr.h" diff --git a/canohost.c b/canohost.c index 28f086e5a694..2d323d12d4be 100644 --- a/canohost.c +++ b/canohost.c @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.c,v 1.77 2023/03/31 04:42:29 dtucker Exp $ */ +/* $OpenBSD: canohost.c,v 1.78 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -30,7 +30,6 @@ #include #include "xmalloc.h" -#include "packet.h" #include "log.h" #include "canohost.h" #include "misc.h" diff --git a/channels.c b/channels.c index c7e75418f9e1..9775d2c9515d 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.454 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.455 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -46,7 +46,6 @@ #include #include #include -#include #include #include @@ -76,8 +75,6 @@ #include "channels.h" #include "compat.h" #include "canohost.h" -#include "sshkey.h" -#include "authfd.h" #include "pathnames.h" #include "match.h" diff --git a/cipher-chachapoly-libcrypto.c b/cipher-chachapoly-libcrypto.c index e8d20c288097..73214e6a75b1 100644 --- a/cipher-chachapoly-libcrypto.c +++ b/cipher-chachapoly-libcrypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher-chachapoly-libcrypto.c,v 1.2 2023/07/17 05:26:38 djm Exp $ */ +/* $OpenBSD: cipher-chachapoly-libcrypto.c,v 1.3 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2013 Damien Miller * @@ -23,13 +23,11 @@ #if defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) #include -#include /* needed for log.h */ #include #include /* needed for misc.h */ #include -#include "log.h" #include "sshbuf.h" #include "ssherr.h" #include "cipher-chachapoly.h" diff --git a/cipher.c b/cipher.c index 5e096cebfefa..f770e666cf16 100644 --- a/cipher.c +++ b/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.125 2025/09/02 11:08:34 djm Exp $ */ +/* $OpenBSD: cipher.c,v 1.126 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -47,7 +47,6 @@ #include "misc.h" #include "sshbuf.h" #include "ssherr.h" -#include "digest.h" #include "openbsd-compat/openssl-compat.h" diff --git a/clientloop.c b/clientloop.c index 05d82e1599b3..616a7be7a754 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.419 2026/02/07 17:10:34 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.420 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -64,7 +64,6 @@ #include #include #include -#include #include #include @@ -77,8 +76,6 @@ #include #include #include -#include -#include #include #include @@ -91,9 +88,7 @@ #include "channels.h" #include "dispatch.h" #include "sshkey.h" -#include "cipher.h" #include "kex.h" -#include "myproposal.h" #include "log.h" #include "misc.h" #include "readconf.h" @@ -103,7 +98,6 @@ #include "atomicio.h" #include "sshpty.h" #include "match.h" -#include "msg.h" #include "ssherr.h" #include "hostfile.h" diff --git a/compat.c b/compat.c index b59f0bfc0630..31607e3ffbde 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.126 2023/03/06 12:14:48 dtucker Exp $ */ +/* $OpenBSD: compat.c,v 1.127 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -28,7 +28,6 @@ #include #include -#include #include #include "xmalloc.h" diff --git a/dns.c b/dns.c index e8693cee8313..a476234805f0 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.46 2025/08/29 03:50:38 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.47 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -38,7 +38,6 @@ #include "xmalloc.h" #include "sshkey.h" -#include "ssherr.h" #include "dns.h" #include "log.h" #include "digest.h" diff --git a/hmac.c b/hmac.c index 8641edf4a6b3..155e534c645e 100644 --- a/hmac.c +++ b/hmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.c,v 1.15 2025/09/05 09:49:26 dtucker Exp $ */ +/* $OpenBSD: hmac.c,v 1.16 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2014 Markus Friedl. All rights reserved. * @@ -22,7 +22,6 @@ #include #include -#include "sshbuf.h" #include "digest.h" #include "hmac.h" diff --git a/kex-names.c b/kex-names.c index a20ce602ab51..751f06cea204 100644 --- a/kex-names.c +++ b/kex-names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex-names.c,v 1.6 2025/09/02 11:08:34 djm Exp $ */ +/* $OpenBSD: kex-names.c,v 1.7 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -28,7 +28,6 @@ #include #include #include -#include #include #ifdef WITH_OPENSSL @@ -43,7 +42,6 @@ #include "misc.h" #include "ssherr.h" -#include "xmalloc.h" struct kexalg { char *name; diff --git a/kex.c b/kex.c index ee2e1cc0ab99..68fb37042fe8 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.190 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: kex.c,v 1.191 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -33,7 +33,6 @@ #include #include #include -#include #ifdef WITH_OPENSSL #include @@ -54,7 +53,6 @@ #include "match.h" #include "misc.h" #include "dispatch.h" -#include "monitor.h" #include "myproposal.h" #include "ssherr.h" diff --git a/kexdh.c b/kexdh.c index 191bdced09c7..cbcb2d836771 100644 --- a/kexdh.c +++ b/kexdh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdh.c,v 1.35 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: kexdh.c,v 1.36 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * @@ -26,21 +26,18 @@ #include "includes.h" #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" #include #include -#include #include -#include "openbsd-compat/openssl-compat.h" #include #include -#include "sshkey.h" #include "kex.h" #include "sshbuf.h" -#include "digest.h" #include "ssherr.h" #include "dh.h" #include "log.h" diff --git a/kexecdh.c b/kexecdh.c index 500ec5725edd..6a9058cdc140 100644 --- a/kexecdh.c +++ b/kexecdh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdh.c,v 1.11 2025/10/03 00:08:02 djm Exp $ */ +/* $OpenBSD: kexecdh.c,v 1.12 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2010 Damien Miller. All rights reserved. * Copyright (c) 2019 Markus Friedl. All rights reserved. @@ -31,7 +31,6 @@ #include #include -#include #include #include @@ -40,7 +39,6 @@ #include "sshkey.h" #include "kex.h" #include "sshbuf.h" -#include "digest.h" #include "ssherr.h" static int diff --git a/kexgex.c b/kexgex.c index 8040a13202fc..daa5a292daf7 100644 --- a/kexgex.c +++ b/kexgex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgex.c,v 1.32 2019/01/23 00:30:41 djm Exp $ */ +/* $OpenBSD: kexgex.c,v 1.33 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. diff --git a/kexgexc.c b/kexgexc.c index a114be944706..1367960d2505 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.40 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.41 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -40,7 +40,6 @@ #include #include "sshkey.h" -#include "cipher.h" #include "digest.h" #include "kex.h" #include "log.h" diff --git a/krl.c b/krl.c index eb4b7c249996..0b4aeee4573d 100644 --- a/krl.c +++ b/krl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: krl.c,v 1.62 2025/09/15 04:41:20 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.63 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2012 Damien Miller * @@ -22,17 +22,14 @@ #include #include -#include #include #include #include #include -#include #include "sshbuf.h" #include "ssherr.h" #include "sshkey.h" -#include "authfile.h" #include "misc.h" #include "log.h" #include "digest.h" diff --git a/log.c b/log.c index 2dba5b57fec1..2903871aab4e 100644 --- a/log.c +++ b/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.66 2025/11/17 05:24:42 djm Exp $ */ +/* $OpenBSD: log.c,v 1.67 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -46,7 +46,6 @@ #include #include #include -#include #include #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) # include diff --git a/msg.c b/msg.c index a03caeb6ff3e..8173598e5fde 100644 --- a/msg.c +++ b/msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msg.c,v 1.21 2024/05/17 00:30:24 djm Exp $ */ +/* $OpenBSD: msg.c,v 1.22 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -26,16 +26,13 @@ #include "includes.h" #include -#include #include -#include #include #include #include #include "sshbuf.h" -#include "ssherr.h" #include "log.h" #include "atomicio.h" #include "msg.h" diff --git a/mux.c b/mux.c index be3263c50797..56287fd1c212 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.109 2025/12/22 01:17:31 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.110 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -26,7 +26,6 @@ #include #include -#include #include #include #include @@ -36,27 +35,20 @@ #include #include #include -#include -#include -#include "atomicio.h" #include "xmalloc.h" #include "log.h" #include "ssh.h" #include "ssh2.h" -#include "pathnames.h" #include "misc.h" #include "match.h" #include "sshbuf.h" #include "channels.h" -#include "msg.h" #include "packet.h" #include "monitor_fdpass.h" #include "sshpty.h" -#include "sshkey.h" #include "readconf.h" #include "clientloop.h" -#include "ssherr.h" /* from ssh.c */ extern int tty_flag; diff --git a/nchan.c b/nchan.c index 4bf5e8bb1e33..c9d8e79f6bc2 100644 --- a/nchan.c +++ b/nchan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nchan.c,v 1.76 2024/07/25 22:40:08 djm Exp $ */ +/* $OpenBSD: nchan.c,v 1.77 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -27,7 +27,6 @@ #include #include -#include #include #include @@ -35,7 +34,6 @@ #include "ssh2.h" #include "sshbuf.h" -#include "ssherr.h" #include "packet.h" #include "channels.h" #include "compat.h" diff --git a/packet.c b/packet.c index 2551c2a4e8fb..e0ea21a65157 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.332 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: packet.c,v 1.333 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -45,7 +45,6 @@ #include #include -#include #include #include @@ -81,15 +80,12 @@ #include "compat.h" #include "ssh2.h" #include "cipher.h" -#include "sshkey.h" #include "kex.h" #include "digest.h" #include "mac.h" #include "log.h" #include "canohost.h" #include "misc.h" -#include "channels.h" -#include "ssh.h" #include "packet.h" #include "ssherr.h" #include "sshbuf.h" diff --git a/readconf.c b/readconf.c index 064fd33a7d7b..8e0d11f6acde 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.409 2026/02/11 22:57:55 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.410 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -27,7 +27,6 @@ #include #include -#include #include #include #include @@ -46,7 +45,6 @@ #include "xmalloc.h" #include "ssh.h" -#include "ssherr.h" #include "cipher.h" #include "pathnames.h" #include "log.h" @@ -56,7 +54,6 @@ #include "match.h" #include "kex.h" #include "mac.h" -#include "uidswap.h" #include "myproposal.h" #include "digest.h" #include "version.h" diff --git a/readpass.c b/readpass.c index 3c9212c2777b..2502e520f584 100644 --- a/readpass.c +++ b/readpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.c,v 1.72 2025/06/11 13:24:05 dtucker Exp $ */ +/* $OpenBSD: readpass.c,v 1.73 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -43,7 +43,6 @@ #include "pathnames.h" #include "log.h" #include "ssh.h" -#include "uidswap.h" static char * ssh_askpass(char *askpass, const char *msg, const char *env_hint) diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c index b423bfb65685..526ae74546f5 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa.c,v 1.28 2025/07/24 05:44:55 djm Exp $ */ +/* $OpenBSD: ssh-ecdsa.c,v 1.29 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -27,6 +27,7 @@ #include "includes.h" #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) +#include "openbsd-compat/openssl-compat.h" #include @@ -39,12 +40,9 @@ #include "sshbuf.h" #include "ssherr.h" -#include "digest.h" #define SSHKEY_INTERNAL #include "sshkey.h" -#include "openbsd-compat/openssl-compat.h" - int sshkey_ecdsa_fixup_group(EVP_PKEY *k) { diff --git a/ssh-ed25519-sk.c b/ssh-ed25519-sk.c index c6bc5e72b1d2..2c91eb46c676 100644 --- a/ssh-ed25519-sk.c +++ b/ssh-ed25519-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519-sk.c,v 1.15 2022/10/28 00:44:44 djm Exp $ */ +/* $OpenBSD: ssh-ed25519-sk.c,v 1.16 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * @@ -21,7 +21,6 @@ #define SSHKEY_INTERNAL #include -#include #include "crypto_api.h" @@ -32,7 +31,6 @@ #include "sshbuf.h" #include "sshkey.h" #include "ssherr.h" -#include "ssh.h" #include "digest.h" /* Reuse some ED25519 internals */ diff --git a/ssh-ed25519.c b/ssh-ed25519.c index c7a84dccb6e6..2369c3af069b 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519.c,v 1.21 2026/02/11 17:01:34 dtucker Exp $ */ +/* $OpenBSD: ssh-ed25519.c,v 1.22 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2013 Markus Friedl * @@ -30,7 +30,6 @@ #define SSHKEY_INTERNAL #include "sshkey.h" #include "ssherr.h" -#include "ssh.h" static void ssh_ed25519_cleanup(struct sshkey *k) diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c147ef2a702a..b3a7d3f04b88 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.76 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.77 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -27,7 +27,6 @@ #include #include -#include #include #include diff --git a/ssh-rsa.c b/ssh-rsa.c index d6520c21c2b1..ccadb14ca37d 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.c,v 1.83 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: ssh-rsa.c,v 1.84 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl * @@ -18,13 +18,12 @@ #include "includes.h" #ifdef WITH_OPENSSL +#include "openbsd-compat/openssl-compat.h" #include -#include "openbsd-compat/openssl-compat.h" #include #include -#include #include #include @@ -34,7 +33,6 @@ #define SSHKEY_INTERNAL #include "sshkey.h" #include "digest.h" -#include "log.h" static u_int ssh_rsa_size(const struct sshkey *k) diff --git a/ssh-sk-client.c b/ssh-sk-client.c index 06fad22134fb..df3dd0fc70aa 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-client.c,v 1.13 2025/02/18 08:02:48 djm Exp $ */ +/* $OpenBSD: ssh-sk-client.c,v 1.14 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -21,7 +21,6 @@ #include #include -#include #include #include #include @@ -36,7 +35,6 @@ #include "sshbuf.h" #include "sshkey.h" #include "msg.h" -#include "digest.h" #include "pathnames.h" #include "ssh-sk.h" #include "misc.h" diff --git a/ssh.c b/ssh.c index 8c4b79be46b9..68da120a26d1 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.624 2026/02/11 22:57:55 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.625 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -43,12 +43,8 @@ #include "includes.h" #include -#include -#include -#include #include #include -#include #include #include @@ -81,7 +77,6 @@ #include "xmalloc.h" #include "ssh.h" #include "ssh2.h" -#include "canohost.h" #include "compat.h" #include "cipher.h" #include "packet.h" @@ -91,7 +86,6 @@ #include "authfd.h" #include "authfile.h" #include "pathnames.h" -#include "dispatch.h" #include "clientloop.h" #include "log.h" #include "misc.h" @@ -99,13 +93,9 @@ #include "sshconnect.h" #include "kex.h" #include "mac.h" -#include "sshpty.h" #include "match.h" -#include "msg.h" #include "version.h" #include "ssherr.h" -#include "myproposal.h" -#include "utf8.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" diff --git a/sshconnect.c b/sshconnect.c index 16bdb1c1e474..4e0a10a8b045 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.380 2026/02/11 22:57:55 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.381 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -17,15 +17,12 @@ #include #include -#include #include -#include #include #include #include -#include #include #include #include @@ -45,7 +42,6 @@ #include "hostfile.h" #include "ssh.h" #include "compat.h" -#include "sshbuf.h" #include "packet.h" #include "sshkey.h" #include "sshconnect.h" @@ -53,11 +49,8 @@ #include "match.h" #include "misc.h" #include "readconf.h" -#include "atomicio.h" #include "dns.h" #include "monitor_fdpass.h" -#include "ssh2.h" -#include "version.h" #include "authfile.h" #include "ssherr.h" #include "authfd.h" diff --git a/sshconnect2.c b/sshconnect2.c index efef5cd6f320..7c63e2efd40e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.380 2026/02/05 22:05:49 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.381 2026/02/14 00:18:34 jsg Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -35,7 +35,6 @@ #include #include #include -#include #include #include #include @@ -57,7 +56,6 @@ #include "kex.h" #include "sshconnect.h" #include "authfile.h" -#include "dh.h" #include "authfd.h" #include "log.h" #include "misc.h" @@ -67,7 +65,6 @@ #include "canohost.h" #include "msg.h" #include "pathnames.h" -#include "uidswap.h" #include "hostfile.h" #include "ssherr.h" #include "utf8.h" diff --git a/ttymodes.c b/ttymodes.c index 1d20ce8005bf..6102f8d82c1e 100644 --- a/ttymodes.c +++ b/ttymodes.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ttymodes.c,v 1.36 2021/01/27 09:26:54 djm Exp $ */ +/* $OpenBSD: ttymodes.c,v 1.37 2026/02/14 00:18:34 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -56,7 +56,6 @@ #include "log.h" #include "compat.h" #include "sshbuf.h" -#include "ssherr.h" #define TTY_OP_END 0 /* diff --git a/umac.c b/umac.c index 6e31b115b409..89cce9776cf9 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.28 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: umac.c,v 1.29 2026/02/14 00:18:34 jsg Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -77,7 +77,6 @@ #include #include #include -#include #include #include #include From c5cee49a0c5721532716365f32977fc02eeea1d5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Sun, 15 Feb 2026 22:29:30 +0000 Subject: [PATCH 592/687] upstream: Add basic test for keyboard-interactive auth. Not enabled by default since it requires some setup on the host. OpenBSD-Regress-ID: aa8a9608a2ea2e5aaa094c5a5cc453e4797cd902 --- regress/Makefile | 3 +- regress/kbdint.sh | 87 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 regress/kbdint.sh diff --git a/regress/Makefile b/regress/Makefile index bd44b0489901..93826c2816bf 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.141 2025/10/16 00:01:54 djm Exp $ +# $OpenBSD: Makefile,v 1.143 2026/02/15 22:29:30 dtucker Exp $ tests: prep file-tests t-exec unit @@ -108,6 +108,7 @@ LTESTS= connect \ agent-restrict \ hostbased \ password \ + kbdint \ channel-timeout \ connection-timeout \ match-subsystem \ diff --git a/regress/kbdint.sh b/regress/kbdint.sh new file mode 100644 index 000000000000..5629270b0f03 --- /dev/null +++ b/regress/kbdint.sh @@ -0,0 +1,87 @@ +# $OpenBSD: kbdint.sh,v 1.1 2026/02/15 22:29:30 dtucker Exp $ +# Placed in the Public Domain. +# +# This tests keyboard-interactive authentication. It does not run by default, +# and needs to be enabled by putting the password of the user running the tests +# into ${OBJ}/kbdintpw. Since this obviously puts the password at risk it is +# recommended to do this on a throwaway VM by setting a random password +# (and randomizing it again after the test, if you can't immediately dispose +# of the VM). + +tid="kbdint" + +if [ -z "$SUDO" -o ! -f ${OBJ}/kbdintpw ]; then + skip "Password auth requires SUDO and kbdintpw file." +fi + +# Enable keyboard-interactive auth +echo "KbdInteractiveAuthentication yes" >>sshd_proxy + +# Create askpass script to replay a series of password responses. +# Keep a counter of the number of times it has been called and +# reply with the next line of the replypass file. +cat >${OBJ}/replypass.sh <${OBJ}/replypass.N +EOD +chmod 700 ${OBJ}/replypass.sh + +SSH_ASKPASS=${OBJ}/replypass.sh +SSH_ASKPASS_REQUIRE=force +export SSH_ASKPASS SSH_ASKPASS_REQUIRE + +opts="-oKbdInteractiveAuthentication=yes -oPreferredAuthentications=keyboard-interactive" +opts="-oBatchMode=no $opts" + +trace correct password 1st attempt +cat ${OBJ}/kbdintpw >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -ne 0 ]; then + fail "ssh kdbint failed" +fi + +trace bad password +echo badpass >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -eq 0 ]; then + fail "ssh unexpectedly succeeded" +fi + +trace correct password 2nd attempt +(echo badpass; cat ${OBJ}/kbdintpw) >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -ne 0 ]; then + fail "did not succeed on 2nd attempt" +fi + +trace empty password +echo >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -eq 0 ]; then + fail "ssh unexpectedly succeeded with empty password" +fi + +trace huge password +(for i in 0 1 2 3 4 5 6 7 8 9; do printf 0123456789; done; echo) \ + >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +if [ $? -eq 0 ]; then + fail "ssh unexpectedly succeeded with huge password" +fi + +trace spam password +for i in 0 1 2 3 4 5 6 7 8 9; do printf '1\n2\n3\n4\n5\n6\n7\n8\n9\n'; done \ + >${OBJ}/replypass +echo 1 >${OBJ}/replypass.N +${SSH} $opts -F $OBJ/ssh_proxy somehost true +fail foo +if [ $? -eq 0 ]; then + fail "ssh unexpectedly succeeded with password spam" +fi From 7a59f55e621c841aab187c96e0f3271c5c799709 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 16 Feb 2026 00:45:41 +0000 Subject: [PATCH 593/687] upstream: Reorder headers to match KNF and Portable. ID sync only. OpenBSD-Commit-ID: b7f9700d07b532eb3720f7bd722b952e31b1752f --- sshconnect.c | 2 +- sshconnect2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sshconnect.c b/sshconnect.c index 4e0a10a8b045..4384277a6eab 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.381 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.382 2026/02/16 00:45:41 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/sshconnect2.c b/sshconnect2.c index 7c63e2efd40e..a8ad17330f01 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.381 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.382 2026/02/16 00:45:41 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. From a1158bba43e00240c00c530596de2d4e1d405b50 Mon Sep 17 00:00:00 2001 From: Matthew Heller Date: Mon, 14 Oct 2024 09:25:41 -0500 Subject: [PATCH 594/687] fix duplicate PAM msgs, missing loginmsg reset without this change in mm_answer_pam_account all messages added in auth-pam.c sshpam_query(...) case PAM_SUCCESS end up sent here, then are still sitting in the loginmsg buffer and printed a second time in session.c do_login(...) --- monitor.c | 1 + 1 file changed, 1 insertion(+) diff --git a/monitor.c b/monitor.c index 55c4a47baed2..290b7f536e54 100644 --- a/monitor.c +++ b/monitor.c @@ -1131,6 +1131,7 @@ mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m) if ((r = sshbuf_put_u32(m, ret)) != 0 || (r = sshbuf_put_stringb(m, loginmsg)) != 0) fatal_fr(r, "buffer error"); + sshbuf_reset(loginmsg); mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); From b9a6dd4d66ee14577494d550b396d0452bf05e1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= Date: Tue, 17 Oct 2023 04:27:32 +0200 Subject: [PATCH 595/687] auth-pam: Immediately report interactive instructions to clients SSH keyboard-interactive authentication method supports instructions but sshd didn't show them until an user prompt was requested. This is quite inconvenient for various PAM modules that need to notify an user without requiring for their explicit input. So, properly implement RFC4256 making instructions to be shown to users when they are requested from PAM. Closes: https://bugzilla.mindrot.org/show_bug.cgi?id=2876 --- auth-pam.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 0b247421b296..cb9e0bc31990 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -136,6 +136,7 @@ typedef int SshPamDone; #define SshPamError -1 #define SshPamNone 0 #define SshPamAuthenticated 1 +#define SshPamAgain 2 struct pam_ctxt { sp_pthread_t pam_thread; @@ -868,6 +869,8 @@ sshpam_query(void *ctx, char **name, char **info, **prompts = NULL; plen = 0; *echo_on = xmalloc(sizeof(u_int)); + ctxt->pam_done = SshPamNone; + while (ssh_msg_recv(ctxt->pam_psock, buffer) == 0) { if (++nmesg > PAM_MAX_NUM_MSG) fatal_f("too many query messages"); @@ -888,15 +891,13 @@ sshpam_query(void *ctx, char **name, char **info, return (0); case PAM_ERROR_MSG: case PAM_TEXT_INFO: - /* accumulate messages */ - len = plen + mlen + 2; - **prompts = xreallocarray(**prompts, 1, len); - strlcpy(**prompts + plen, msg, len - plen); - plen += mlen; - strlcat(**prompts + plen, "\n", len - plen); - plen++; - free(msg); - break; + *num = 0; + free(*info); + *info = msg; /* Steal the message */ + msg = NULL; + ctxt->pam_done = SshPamAgain; + sshbuf_free(buffer); + return (0); case PAM_ACCT_EXPIRED: case PAM_MAXTRIES: if (type == PAM_ACCT_EXPIRED) @@ -1000,6 +1001,8 @@ sshpam_respond(void *ctx, u_int num, char **resp) return (0); case SshPamNone: break; + case SshPamAgain: + return 1; /* KbdintResultAgain */ default: return (-1); } From df2b28163ac75e023837de445d6492dc57359105 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 15 Feb 2026 14:16:56 -0500 Subject: [PATCH 596/687] Remove "draining" of PAM prompts. With the previous commit, both prompts and info/error error messages are returned to keyboard-interactive immedately and none are accumulated, so there will never be any un-drained prompts. ok djm@ --- auth-pam.c | 47 ++++++++--------------------------------------- 1 file changed, 8 insertions(+), 39 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index cb9e0bc31990..846555640920 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -854,10 +854,9 @@ sshpam_query(void *ctx, char **name, char **info, { struct sshbuf *buffer; struct pam_ctxt *ctxt = ctx; - size_t plen; u_char type; char *msg; - size_t len, mlen, nmesg = 0; + size_t mlen, nmesg = 0; int r; debug3_f("entering"); @@ -865,10 +864,8 @@ sshpam_query(void *ctx, char **name, char **info, fatal_f("sshbuf_new failed"); *name = xstrdup(""); *info = xstrdup(""); - *prompts = xmalloc(sizeof(char *)); - **prompts = NULL; - plen = 0; - *echo_on = xmalloc(sizeof(u_int)); + *prompts = NULL; + *num = 0; ctxt->pam_done = SshPamNone; while (ssh_msg_recv(ctxt->pam_psock, buffer) == 0) { @@ -880,20 +877,17 @@ sshpam_query(void *ctx, char **name, char **info, switch (type) { case PAM_PROMPT_ECHO_ON: case PAM_PROMPT_ECHO_OFF: + *prompts = xcalloc(1, sizeof(char *)); + *echo_on = xcalloc(1, sizeof(u_int)); + (*prompts)[0] = msg; /* transfer ownership */ + (*echo_on)[0] = (type == PAM_PROMPT_ECHO_ON); *num = 1; - len = plen + mlen + 1; - **prompts = xreallocarray(**prompts, 1, len); - strlcpy(**prompts + plen, msg, len - plen); - plen += mlen; - **echo_on = (type == PAM_PROMPT_ECHO_ON); - free(msg); sshbuf_free(buffer); return (0); case PAM_ERROR_MSG: case PAM_TEXT_INFO: - *num = 0; free(*info); - *info = msg; /* Steal the message */ + *info = msg; /* transfer ownership */ msg = NULL; ctxt->pam_done = SshPamAgain; sshbuf_free(buffer); @@ -907,29 +901,8 @@ sshpam_query(void *ctx, char **name, char **info, /* FALLTHROUGH */ case PAM_AUTH_ERR: debug3("PAM: %s", pam_strerror(sshpam_handle, type)); - if (**prompts != NULL && strlen(**prompts) != 0) { - free(*info); - *info = **prompts; - **prompts = NULL; - *num = 0; - **echo_on = 0; - ctxt->pam_done = SshPamError; - free(msg); - sshbuf_free(buffer); - return 0; - } /* FALLTHROUGH */ case PAM_SUCCESS: - if (**prompts != NULL) { - /* drain any accumulated messages */ - debug("PAM: %s", **prompts); - if ((r = sshbuf_put(loginmsg, **prompts, - strlen(**prompts))) != 0) - fatal("%s: buffer error: %s", - __func__, ssh_err(r)); - free(**prompts); - **prompts = NULL; - } if (type == PAM_SUCCESS) { if (!sshpam_authctxt->valid || (sshpam_authctxt->pw->pw_uid == 0 && @@ -938,8 +911,6 @@ sshpam_query(void *ctx, char **name, char **info, "succeeded when it should have " "failed"); import_environments(buffer); - *num = 0; - **echo_on = 0; ctxt->pam_done = SshPamAuthenticated; free(msg); sshbuf_free(buffer); @@ -950,8 +921,6 @@ sshpam_query(void *ctx, char **name, char **info, sshpam_authctxt->user, sshpam_rhost); /* FALLTHROUGH */ default: - *num = 0; - **echo_on = 0; free(msg); ctxt->pam_done = SshPamError; sshbuf_free(buffer); From 723b76c8a358875cd53376c9a169887ba7a4b088 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 16 Feb 2026 18:32:41 -0500 Subject: [PATCH 597/687] Removed duplicate includes; spotted by jsg@. --- auth-pam.c | 1 - ssh-sk-helper.c | 1 - sshpty.c | 1 - 3 files changed, 3 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 846555640920..4278a43a9480 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -95,7 +95,6 @@ #include "servconf.h" #include "ssh2.h" #include "auth-options.h" -#include "misc.h" #ifdef GSSAPI #include "ssh-gss.h" #endif diff --git a/ssh-sk-helper.c b/ssh-sk-helper.c index 806019c46a3d..7a87912bff16 100644 --- a/ssh-sk-helper.c +++ b/ssh-sk-helper.c @@ -373,7 +373,6 @@ main(int argc, char **argv) return (0); } #else /* ENABLE_SK */ -#include int main(int argc, char **argv) diff --git a/sshpty.c b/sshpty.c index e6a66c12dd02..b3e1e2466c1c 100644 --- a/sshpty.c +++ b/sshpty.c @@ -17,7 +17,6 @@ #include #include #include -#include #include #include From 9eb778cfde5bca1d84bbad74d8664256301bb13b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 16 Feb 2026 18:58:04 -0500 Subject: [PATCH 598/687] Restore utf8.h removed earlier as it's needed. ... for msetlocale prototype. --- ssh.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ssh.c b/ssh.c index 68da120a26d1..8648fec09e17 100644 --- a/ssh.c +++ b/ssh.c @@ -96,6 +96,7 @@ #include "match.h" #include "version.h" #include "ssherr.h" +#include "utf8.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" From 0e35095babe04ba1159e8029133e7f71e53d8fdb Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Mon, 16 Feb 2026 23:47:06 +0000 Subject: [PATCH 599/687] upstream: remove duplicate includes; ok dtucker@ OpenBSD-Commit-ID: 6b9191bc1a0f4320c926d5ccd9f36b09f0f3bcaf --- ssh-agent.c | 3 +-- ssh.c | 3 +-- sshlogin.c | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index f86749353e3f..f58d02b5d164 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.318 2026/02/08 17:51:43 dtucker Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.319 2026/02/16 23:47:06 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -43,7 +43,6 @@ #include #include #include -#include #include #ifdef WITH_OPENSSL diff --git a/ssh.c b/ssh.c index 8648fec09e17..989e592134a8 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.625 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: ssh.c,v 1.626 2026/02/16 23:47:06 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -60,7 +60,6 @@ #include #include #include -#include #include #include #include diff --git a/sshlogin.c b/sshlogin.c index 7e0216f1d92d..f3f4639a577d 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshlogin.c,v 1.36 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: sshlogin.c,v 1.37 2026/02/16 23:47:06 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -48,7 +48,6 @@ #include #include -#include #include #include #include From 2b0f4a72bd87bef7cc9f0a1889cfc98545cbb158 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 17 Feb 2026 21:45:07 +0000 Subject: [PATCH 600/687] upstream: make IPQoS first-match-wins in sshd_config as it's intended to be bz3924 OpenBSD-Commit-ID: 42753eb8400ab09713c69ace6fa8bfdde133f942 --- servconf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/servconf.c b/servconf.c index a43995fdd835..14f0cabad604 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.444 2026/02/11 22:57:16 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.445 2026/02/17 21:45:07 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2559,7 +2559,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, " using DSCP values.", filename, linenum, arg); value2 = INT_MAX; } - if (*activep) { + if (*activep && options->ip_qos_interactive == -1) { options->ip_qos_interactive = value; options->ip_qos_bulk = value2; } From c3631567d9f77c2d073764e4b40f249687f4083e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 18 Feb 2026 02:59:27 +0000 Subject: [PATCH 601/687] upstream: when uploading a directory using sftp/sftp (e.g. during a recursive transfer), don't clobber the remote directory permissions unless either we created the directory during the transfer or the -p flag was set. bz3925 ok dtucker@ OpenBSD-Commit-ID: d66f40d01de05c9ec4029fab5413325301039b3a --- sftp-client.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/sftp-client.c b/sftp-client.c index 164ab4072901..ab33bdb8a918 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.182 2026/02/08 03:30:15 dtucker Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.183 2026/02/18 02:59:27 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2239,7 +2239,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, int depth, int preserve_flag, int print_flag, int resume, int fsync_flag, int follow_link_flag, int inplace_flag) { - int ret = 0; + int created = 0, ret = 0; DIR *dirp; struct dirent *dp; char *filename, *new_src = NULL, *new_dst = NULL; @@ -2280,7 +2280,9 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, */ saved_perm = a.perm; a.perm |= (S_IWUSR|S_IXUSR); - if (sftp_mkdir(conn, dst, &a, 0) != 0) { + if (sftp_mkdir(conn, dst, &a, 0) == 0) + created = 1; + else { if (sftp_stat(conn, dst, 0, &dirattrib) != 0) return -1; if (!S_ISDIR(dirattrib.perm)) { @@ -2344,7 +2346,8 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, free(new_dst); free(new_src); - sftp_setstat(conn, dst, &a); + if (created || preserve_flag) + sftp_setstat(conn, dst, &a); (void) closedir(dirp); return ret; From 84206bde8adbef2dfe4f5b97dd23399827015333 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 18 Feb 2026 03:04:12 +0000 Subject: [PATCH 602/687] upstream: same treatment for remote/remote copies (i.e. scp -3): adjust permissions on destination directory only if we created it or -p was requested. bz3925 OpenBSD-Commit-ID: d977006df7b8330e06ceaa319383b347f1aca3ef --- sftp-client.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/sftp-client.c b/sftp-client.c index ab33bdb8a918..7cc20f34d5d9 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.183 2026/02/18 02:59:27 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.184 2026/02/18 03:04:12 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2693,7 +2693,7 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to, int depth, Attrib *dirattrib, int preserve_flag, int print_flag, int follow_link_flag) { - int i, ret = 0; + int i, ret = 0, created = 0; SFTP_DIRENT **dir_entries; char *filename, *new_from_path = NULL, *new_to_path = NULL; mode_t mode = 0777; @@ -2739,7 +2739,9 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to, * the path already existed and is a directory. Ensure we can * write to the directory we create for the duration of the transfer. */ - if (sftp_mkdir(to, to_path, &curdir, 0) != 0) { + if (sftp_mkdir(to, to_path, &curdir, 0) == 0) + created = 1; + else { if (sftp_stat(to, to_path, 0, &newdir) != 0) return -1; if (!S_ISDIR(newdir.perm)) { @@ -2801,7 +2803,8 @@ crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to, free(new_to_path); free(new_from_path); - sftp_setstat(to, to_path, &curdir); + if (created || preserve_flag) + sftp_setstat(to, to_path, &curdir); sftp_free_dirents(dir_entries); From b0463306174941274a1f96eb705618e036832920 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 18 Feb 2026 09:48:55 -0500 Subject: [PATCH 603/687] Add test coverage for all of the --audit= configs. --- .github/configs | 3 ++- .github/workflows/vm.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/configs b/.github/configs index 7e16a8c9af31..ef9262615359 100755 --- a/.github/configs +++ b/.github/configs @@ -134,6 +134,7 @@ case "$config" in CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam" CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux" CONFIGFLAGS="${CONFIGFLAGS} --with-linux-memlock-onfault" + CONFIGFLAGS="${CONFIGFLAGS} --with-audit=debug" CFLAGS="-DSK_DEBUG -DSANDBOX_SECCOMP_FILTER_DEBUG" EXTRA_TESTS="gss-auth" ;; @@ -198,7 +199,7 @@ case "$config" in fi ;; selinux) - CONFIGFLAGS="--with-selinux" + CONFIGFLAGS="--with-selinux --with-audit=linux" ;; sk) CONFIGFLAGS="--with-security-key-builtin --with-security-key-standalone" diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 4bc42ff610ac..2de6abe59b0c 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -356,7 +356,7 @@ jobs: - name: "PAM: configure" shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam --with-audit=bsm - name: "PAM: make clean" shell: solaris {0} run: cd $GITHUB_WORKSPACE && sudo -u builder make clean From e5e18432a27b909aa2194ef0b28a5d49f0e6b3a6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 18 Feb 2026 10:49:35 -0500 Subject: [PATCH 604/687] Whitespace fix. --- .github/configs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/configs b/.github/configs index ef9262615359..7c2afcba672d 100755 --- a/.github/configs +++ b/.github/configs @@ -52,7 +52,7 @@ case "$config" in CONFIGFLAGS="--with-xauth=/usr/bin/xauth --with-security-key-builtin" CONFIGFLAGS="$CONFIGFLAGS --with-kerberos5=/usr --with-libedit --disable-strip" ;; - clang-12-Werror) + clang-12-Werror) CC="clang-12" # clang's implicit-fallthrough requires that the code be annotated with # __attribute__((fallthrough)) and does not understand /* FALLTHROUGH */ From 97e8e66219d036404ae656060f0e0179b61f0614 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 18 Feb 2026 10:51:09 -0500 Subject: [PATCH 605/687] Increase riscv64 test coverage. The machine running the tests has been replaced with a faster one. --- .github/configs | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/configs b/.github/configs index 7c2afcba672d..43f0fd258d3a 100755 --- a/.github/configs +++ b/.github/configs @@ -275,10 +275,6 @@ case "${TARGET_HOST}" in TEST_TARGET="t-exec unit TEST_SHELL=bash" SKIP_LTESTS="rekey sftp" ;; - debian-riscv64) - # This machine is fairly slow, so skip the unit tests. - TEST_TARGET="t-exec" - ;; dfly58*|dfly60*) # scp 3-way connection hangs on these so skip until sorted. SKIP_LTESTS=scp3 From f1a9628cd7e415ce14e157d80c10b61514a22d13 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 18 Feb 2026 10:59:02 -0500 Subject: [PATCH 606/687] Move BSM audit test to selfhosted runner. The vmactions VM on Github does not have the required libraries installed. --- .github/configs | 7 +++++++ .github/workflows/vm.yml | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/configs b/.github/configs index 43f0fd258d3a..3d320e506b49 100755 --- a/.github/configs +++ b/.github/configs @@ -367,6 +367,13 @@ case "$host" in SKIP_LTESTS="agent-getpeereid" ;; esac ;; +*-solaris2.10) + # Only the sol10 VM has BSM libraries installed, so add that to + # the PAM test config. + if [ "${config}" = "pam" ]; then + CONFIGFLAGS="${CONFIGFLAGS} --with-audit=bsm" + fi + ;; esac # Unless specifically configured, search for a suitable version of OpenSSL, diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 2de6abe59b0c..4bc42ff610ac 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -356,7 +356,7 @@ jobs: - name: "PAM: configure" shell: solaris {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam --with-audit=bsm + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam - name: "PAM: make clean" shell: solaris {0} run: cd $GITHUB_WORKSPACE && sudo -u builder make clean From c9fcea8865b255d4b7566b28dce4af348d2bfbd6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 18 Feb 2026 11:22:37 -0500 Subject: [PATCH 607/687] Enable BSM audit test on FreeBSD VMs. --- .github/workflows/vm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 4bc42ff610ac..4e0dd45391f8 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -125,7 +125,7 @@ jobs: - name: "PAM: configure" shell: freebsd {0} - run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam + run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure --with-pam --with-audit=bsm - name: "PAM: make clean" shell: freebsd {0} run: cd $GITHUB_WORKSPACE && sudo -u builder make clean From 5f98660c51e673f521e0216c7ed20205c4af10ed Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 18 Feb 2026 12:39:31 -0500 Subject: [PATCH 608/687] Install libaudit-dev for --with-audit=linux test. --- .github/setup_ci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 52e71c7f252c..e1b3dcf04a84 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -123,7 +123,7 @@ for TARGET in $TARGETS; do PACKAGES="$PACKAGES libfido2-dev libu2f-host-dev libcbor-dev" ;; selinux) - PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev" + PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev libaudit-dev" ;; hardenedmalloc) INSTALL_HARDENED_MALLOC=yes From 2d2368cd04fdff490a4272bef306b38e52386606 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 20 Feb 2026 11:15:50 -0800 Subject: [PATCH 609/687] add instructions for communication expectations and examples --- .../agent-communication.instructions.md | 139 ++++++++ .../agent-communication-merge.instructions.md | 335 ++++++++++++++++++ 2 files changed, 474 insertions(+) create mode 100644 .github/instructions/agent-communication.instructions.md create mode 100644 .github/instructions/merge/agent-communication-merge.instructions.md diff --git a/.github/instructions/agent-communication.instructions.md b/.github/instructions/agent-communication.instructions.md new file mode 100644 index 000000000000..eb5242163023 --- /dev/null +++ b/.github/instructions/agent-communication.instructions.md @@ -0,0 +1,139 @@ +--- +applyTo: "**/*" +--- + +# AI Agent Communication Guidelines + +## Overview +This document establishes how AI agents should communicate with users throughout their interactions. These guidelines apply to **all agent operations** in this workspace. For merge-specific communication templates, see [agent-communication-merge.instructions.md](./merge/agent-communication-merge.instructions.md). + +## Core Principle: Tool Output vs Agent Communication + +### Distinction + +**1. MCP Tool Execution (Write-Host is acceptable):** +- When MCP tools execute PowerShell scripts, those scripts may use `Write-Host` for output +- This is normal and expected behavior for the tool itself +- The agent receives this output and can parse it +- Example: `Test-OpenSSHFunctionality.ps1` uses `Write-Host` to display test progress + +**2. Agent-to-User Communication (Use chat messages ONLY):** +- AI agents **MUST** communicate with users through chat messages, not `Write-Host` +- **DO NOT** invoke `Write-Host` or other console output commands from the agent +- Instead, present information conversationally in your responses +- Parse tool output and summarize it in chat messages + +## Communication Standards + +### ❌ INCORRECT: Agent Using Write-Host +```pwsh +Write-Host "Starting merge process..." +Write-Host "Build succeeded!" -ForegroundColor Green +Write-Host "Found 3 conflicts in auth.c" +``` + +### ✅ CORRECT: Agent Using Chat Messages +``` +Starting the merge process. I'll cherry-pick the commits in this batch and then build. + +The build succeeded! All 14 executables were created successfully. + +Found 3 conflicts in auth.c. Analyzing the conflict types to determine the resolution strategy. +``` + +## Pseudocode Implementation Guidance + +When you see pseudocode functions in instruction files like: +- `update_progress()` +- `generate_test_report()` +- `log()` +- `append_to_progress_log()` + +These represent **conceptual operations**. Implement them by: +1. Generating the information/report internally +2. Communicating the results to the user via chat messages +3. **NOT** by executing `Write-Host` or similar PowerShell output commands + +### Example: Pseudocode to Implementation + +**Pseudocode:** +```pseudocode +FUNCTION update_progress(phase, status, details): + log(f"Phase {phase}: {status}") + IF status == "FAILURE": + generate_failure_report(details) +``` + +**Correct Agent Implementation:** +``` +[Agent analyzes the phase and status] +[Agent sends chat message]: "Phase 1: Conflict Resolution - Completed successfully. Resolved 5 conflicts across 3 files." +``` + +**Incorrect Agent Implementation:** +```pwsh +Write-Host "Phase 1: Conflict Resolution - Completed successfully" +``` + +## Best Practices + +### 1. Be Conversational +- Write naturally, as if speaking to a colleague +- Avoid overly formal or robotic language +- Use active voice + +### 2. Provide Context +- Explain what you're doing and why +- Help users understand the current state +- Highlight important information + +### 3. Use Structured Formatting When Helpful +- Use markdown formatting for clarity +- Use bullet points for lists +- Use code blocks for commands or file paths +- Use file links when referencing specific files + +### 4. Progressive Disclosure +- Start with high-level summaries +- Provide details when relevant +- Don't overwhelm with unnecessary information + +### 5. Clear Status Indicators +Use clear language for status: +- ✅ "succeeded", "completed successfully", "passed" +- ❌ "failed", "encountered errors", "did not pass" +- ⚠️ "warning", "requires attention", "partial success" + +## Examples + +### Good: Progress Update +``` +Analyzing the upstream changes between the last merge commit and V_10_0_P2. Found 127 commits with 8 security fixes and 3 build system changes that will require Visual Studio project updates. +``` + +### Good: Error Report +``` +The build failed with 4 compilation errors: +- auth.c: Missing include for Windows compatibility header +- sshd.c: Undefined reference to fork() - needs Windows equivalent +- config.h.vs: Missing preprocessor definition for HAVE_SETRESUID + +I'll add the Windows compatibility fixes now. +``` + +### Good: Success Report +``` +Testing completed successfully! The SSH service installed, started, and accepted connections. The test command executed correctly with expected output. +``` + +## Merge-Specific Guidelines + +For detailed merge workflow communication templates, including exact formats for tool output summaries and commit batch summaries, see: +- [Merge-Specific Agent Communication Guidelines](./merge/agent-communication-merge.instructions.md) + +## Summary + +- **Tools can use Write-Host** - MCP tools and PowerShell scripts may output to console +- **Agents use chat only** - All agent communication must be via chat messages +- **Parse, don't echo** - Parse tool output and present summaries conversationally +- **Be clear and helpful** - Provide context, use formatting, and communicate status clearly diff --git a/.github/instructions/merge/agent-communication-merge.instructions.md b/.github/instructions/merge/agent-communication-merge.instructions.md new file mode 100644 index 000000000000..049cf62a09e0 --- /dev/null +++ b/.github/instructions/merge/agent-communication-merge.instructions.md @@ -0,0 +1,335 @@ +--- +applyTo: ".github/instructions/merge/**" +--- + +# Merge-Specific Agent Communication Guidelines + +## Overview +This document provides specific communication templates and guidelines for AI agents performing upstream merge operations. These guidelines **supplement** the high-level agent communication principles defined in [agent-communication.instructions.md](../agent-communication.instructions.md). + +**Key Points:** +- The high-level communication guidelines apply to ALL merge interactions +- This document adds merge-specific templates and formats +- Tool output templates are **MUST use** (exact format required) +- Batch summary templates are **SHOULD include** (flexible adaptation allowed) + +## MCP Tool Output Templates + +These templates define the **exact format** agents MUST use when communicating tool results to users. + +### 1. Start-OpenSSHBuild Tool Output + +**MUST use this format when reporting build results.** + +#### Success Scenario: +``` +Build completed successfully. All 14 executables were created: +- ssh.exe, sshd.exe, sshd-auth.exe, sshd-session.exe +- ssh-agent.exe, ssh-add.exe, ssh-keygen.exe, ssh-keyscan.exe +- scp.exe, sftp.exe, sftp-server.exe +- ssh-pkcs11-helper.exe, ssh-shellhost.exe, ssh-sk-helper.exe + +Configuration: Release | Architecture: x64 +``` + +#### Failure Scenario: +``` +Build failed with compilation errors. Analyzing the build log to identify issues. + +[After running Test-OpenSSHBuild] +Found X compilation errors: +- [file.c]: [brief error description] +- [file.c]: [brief error description] + +I'll resolve these errors now. +``` + +### 2. Test-OpenSSHBuild Tool Output + +**MUST use this format when reporting build error analysis.** + +#### When Build Failed: +``` +Build error analysis complete: + +Compilation Errors (X): +- [filename.c] (Line Y): [Error code] - [Brief description] +- [filename.c] (Line Y): [Error code] - [Brief description] + +Warnings (X): +- [filename.c] (Line Y): [Warning description] + +Error Categories: +- Missing preprocessor definitions: X +- Windows compatibility issues: X +- Build system inconsistencies: X +``` + +#### When Build Succeeded: +``` +No need to analyze build errors - the build completed successfully. +``` + +**Note:** Only invoke Test-OpenSSHBuild when Start-OpenSSHBuild reports failure. + +### 3. Test-OpenSSHFunctionality Tool Output + +**MUST use this format when reporting functionality test results.** + +#### Success Scenario: +``` +Functionality testing completed successfully! + +Test Results: +✅ Administrator privileges verified +✅ Test user created: [username] +✅ SSH service installed successfully +✅ SSH service started successfully +✅ Firewall rule configured +✅ SSH connection test passed +✅ Command execution verified: "echo hello world" returned expected output + +All test resources cleaned up. +``` + +#### Failure Scenario: +``` +Functionality testing failed. + +Test Progress: +✅ Administrator privileges verified +✅ Test user created: [username] +❌ SSH service installation failed + +Error: [Error message from tool] + +The test environment has been cleaned up. I'll investigate the service installation issue. +``` + +#### Partial Success Scenario: +``` +Functionality testing completed with warnings. + +Test Results: +✅ Administrator privileges verified +✅ Test user created: [username] +✅ SSH service installed successfully +✅ SSH service started successfully +⚠️ Firewall rule configuration skipped (SkipFirewall=true) +✅ SSH connection test passed +✅ Command execution verified + +Note: Firewall was not configured as requested. Ensure firewall rules exist if testing remote connections. +``` + +## Commit Batch Summary Template + +**SHOULD include these elements** when summarizing a commit batch. Adapt the format and detail level based on context. + +### Template Structure: + +``` +Processing batch [N] ([X] commits from [start_hash] to [end_hash]) + +Key Changes: +- [Category 1]: [Brief description] +- [Category 2]: [Brief description] +- [Category 3]: [Brief description] + +Files Modified: [X] files +Conflicts: [X] conflicts ([resolved/pending]) + +[Additional context if needed] +``` + +### Example - Simple Batch: +``` +Processing batch 1 (8 commits from a1b2c3d to e4f5a6b) + +Key Changes: +- Security fixes: Updated bounds checking in buffer handling +- Bug fixes: Corrected memory leak in session cleanup +- Documentation: Updated protocol specification comments + +Files Modified: 12 files +Conflicts: 2 conflicts (resolved) +``` + +### Example - Complex Batch: +``` +Processing batch 3 (15 commits from 7h8i9j0 to k1l2m3n) + +Key Changes: +- Build system: Added new source files for MLKEM support +- Authentication: Enhanced certificate validation logic +- Process management: Modified daemon initialization (requires Windows adaptation) +- Configuration: Added 3 new preprocessor definitions + +Files Modified: 28 files +Conflicts: 7 conflicts (5 resolved, 2 require manual review) + +Note: The daemon initialization changes use fork() which needs Windows CreateProcess() equivalent. +``` + +### Example - Minimal Batch: +``` +Processing batch 5 (3 commits from x7y8z9 to a0b1c2) + +Key Changes: +- Minor documentation updates +- Code formatting corrections + +Files Modified: 4 files +Conflicts: None +``` + +## Progress Update Templates + +**SHOULD include these elements** when communicating progress at different workflow phases. Adapt wording to context. + +### Pre-Merge Analysis Phase: +``` +Analyzing upstream changes from [last_merge_tag] to [target_version]... + +Found [X] commits to merge: +- [X] security fixes (HIGH PRIORITY) +- [X] bug fixes +- [X] feature additions +- [X] build system changes + +Grouping commits into batches for incremental merging. +``` + +### Conflict Resolution Phase: +``` +Resolving [X] conflicts in [filename]: + +- Conflict 1: [Brief description] → [Resolution strategy] +- Conflict 2: [Brief description] → [Resolution strategy] + +[X] conflicts resolved, [Y] remaining. +``` + +### Build Fixes Phase: +``` +Applying build fixes for iteration [N]: + +- Added Windows compatibility header to [file.c] +- Updated config.h.vs with [X] new definitions +- Added [source_file.c] to [project.vcxproj] + +Rebuilding... +``` + +### Testing Phase: +``` +Running functionality tests to validate the merge... + +[Use Test-OpenSSHFunctionality template from above] +``` + +### Cleanup Phase: +``` +Finalizing the merge: + +✅ Restored paths.targets to clean state +✅ Verified [X] commits applied successfully +✅ All builds passing +✅ Functionality tests passing + +Ready to commit and push. +``` + +## Special Scenarios + +### When Seeking User Approval: +``` +Batch [N] is ready for review: + +Summary: +- [X] commits merged successfully +- Build: ✅ Passed +- Tests: ✅ Passed +- Conflicts: [X] resolved + +Changes include: [brief list] + +May I proceed with the next batch? +``` + +### When Requesting Manual Intervention: +``` +I've encountered a complex conflict that requires manual review: + +File: [filename] +Issue: [Description of the conflict complexity] +Context: [Why automated resolution isn't appropriate] + +Recommendation: [Suggested approach] + +Please advise on how to proceed. +``` + +### When Reporting Critical Issues: +``` +⚠️ CRITICAL: [Issue type detected] + +Details: +- [Specific problem] +- [Impact assessment] +- [Affected components] + +This requires immediate attention before proceeding with the merge. +``` + +## Integration with Pseudocode + +When implementing pseudocode patterns from merge-details.instructions.md, use these communication approaches: + +### update_progress() → Chat Message +```pseudocode +# Pseudocode: +update_progress("Build Fixes", "IN_PROGRESS", "Applied 3 fixes") + +# Agent Implementation (via chat): +"Applying build fixes (iteration 2): Added 3 Windows compatibility changes. Rebuilding now..." +``` + +### generate_test_report() → Structured Chat Message +```pseudocode +# Pseudocode: +report = generate_test_report(test_results) + +# Agent Implementation (via chat): +[Use Test-OpenSSHFunctionality template from above] +``` + +### log() → Contextual Chat Message +```pseudocode +# Pseudocode: +log(f"Skipping {binary} - Unix only") + +# Agent Implementation (via chat): +"Skipping ssh-keysign.exe - Unix-only binary not applicable to Windows build." +``` + +## Best Practices for Merge Communication + +1. **Always include commit hashes** when referencing specific commits (first 7 characters) +2. **Use file links** when referencing specific files: [filename](path/to/filename) +3. **Categorize changes** by type (security, bug fix, feature, build system, etc.) +4. **Highlight Windows-specific considerations** that required special handling +5. **Provide commit counts** to show progress and scope +6. **Be specific about conflict types** and resolution strategies used +7. **Report before and after** major operations (build, test, etc.) +8. **Update after each batch** to maintain transparency +9. **Use consistent terminology** aligned with the instruction files +10. **Mark critical items** with appropriate indicators (⚠️, ✅, ❌) + +## Summary + +- **Tool templates are REQUIRED** - Use exact formats for MCP tool output summaries +- **Batch templates are RECOMMENDED** - Include suggested elements but adapt to context +- **Supplement high-level guidelines** - All general communication principles still apply +- **Maintain transparency** - Keep users informed throughout the merge process +- **Be consistent** - Use standard terminology and formatting patterns From 179d41ef8bfac06cbc56df428e67e8d76846cfca Mon Sep 17 00:00:00 2001 From: User Date: Fri, 20 Feb 2026 11:26:19 -0800 Subject: [PATCH 610/687] update instructions and tools to clarify end commit expectations --- .github/agents/merge-upstream.agent.md | 15 +++++++------ .../merge-process-overview.instructions.md | 8 ++++--- .github/prompt/merge.prompt.md | 3 +++ .github/tools/Get-CommitGroups.ps1 | 21 ++++++++++++++++--- 4 files changed, 35 insertions(+), 12 deletions(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index e5b0e8f2b5dd..3909a0b7138e 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -29,6 +29,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - **Parameters**: - `GitHubTag` (string, optional): GitHub tag to start from (e.g., "V_10_0_P2") - `StartCommit` (string, optional): Commit SHA to start from + - `EndCommit` (string, optional): Commit SHA to end at (default: HEAD - most recent upstream commit) - `FirstChunkOnly` (boolean, optional): Stop after finding first chunk - `GroupByCIPresence` (boolean, optional): Group by CI presence instead of CI success - **Recommended Usage**: Always use `-FirstChunkOnly -GroupByCIPresence` for incremental merging @@ -92,7 +93,8 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for 1. **Run prerequisite verification via MCP tool:** - **MCP Tool Name**: `mcp_openssh-server_Test_MergePrerequisites` - **Parameters**: - - `TargetVersion` (string, required): Upstream version/tag to merge (e.g., "V_10_0_P2") + - `TargetVersion` (string, required): Upstream version/tag to start from (e.g., "V_10_0_P2") + - `EndCommit` (string, optional): Commit SHA to end at (default: HEAD - most recent upstream commit) - `SkipBaselineBuild` (boolean, optional): Skip baseline build check (default: false) This single tool verifies: @@ -126,8 +128,9 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for 1. **Get first commit batch** using Get-CommitGroups MCP tool: - **MCP Tool Name**: `mcp_openssh-server_Get_CommitGroups` - **Parameters**: - - For first batch: `GitHubTag="V_10_0_P2"`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - - For subsequent batches: `StartCommit=""`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - For first batch: `GitHubTag="V_10_0_P2"`, `EndCommit=""`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - For subsequent batches: `StartCommit=""`, `EndCommit=""`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - **Note**: If `EndCommit` is not specified, the tool will merge up to the most recent upstream commit (HEAD) **The tool returns structured data:** ```json @@ -257,14 +260,14 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Objective:** Process remaining commit groups until merge is complete **Steps:** -1. **Return to Phase 2** with `-StartCommit` set to previous batch's end commit +1. **Return to Phase 2** with `-StartCommit` set to previous batch's end commit and `-EndCommit` set to target end commit 2. **Repeat Phases 2-4** for each batch: - - Get next batch with Get-CommitGroups + - Get next batch with Get-CommitGroups (passing both StartCommit and EndCommit) - Cherry-pick commits - Build (mandatory) - Validate (if batch ends with successful CI) - Summarize and get approval -3. **Continue** until all target commits are merged or HEAD is reached +3. **Continue** until the target end commit is reached (or HEAD if no end commit was specified) 4. **Perform final comprehensive validation:** - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults for Release/x64) diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index f50a9eb03ec1..87d273eafea2 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -78,12 +78,14 @@ The process consists of several interconnected phases: **Parameters**: - `GitHubTag` (string, optional): Start from last merged tag (e.g., "V_10_0_P2") - `StartCommit` (string, optional): Start from specific commit SHA + - `EndCommit` (string, optional): End at specific commit SHA (default: HEAD - most recent upstream commit) - `FirstChunkOnly` (boolean): Set to `true` - `GroupByCIPresence` (boolean): Set to `true` **Example for first batch**: - Find the last upstream tag in the fork - - Call tool with `GitHubTag=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - Call tool with `GitHubTag=`, `EndCommit=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - Omit `EndCommit` to merge all commits up to HEAD (most recent upstream commit) - This gets commits ending with any commit that has CI runs (not just successful CI) **Example output:** @@ -103,8 +105,8 @@ The process consists of several interconnected phases: Display batch details for verification, then proceed with cherry-picking. **After completing steps below, get next batch**: - - Call tool with `StartCommit=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - - Continue this process until the upstream's HEAD has been successfully merged + - Call tool with `StartCommit=`, `EndCommit=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` + - Continue this process until the target end commit is reached (or HEAD if no end commit specified) 5. **Execute chunked merge (batch cherry-pick all commits in chunk):** diff --git a/.github/prompt/merge.prompt.md b/.github/prompt/merge.prompt.md index d64421f7ef5c..a75572557e79 100644 --- a/.github/prompt/merge.prompt.md +++ b/.github/prompt/merge.prompt.md @@ -4,6 +4,7 @@ Assist with merging the commits from upstream into this branch starting from the Provide the following when you invoke this prompt: - Start ref (tag or commit) — REQUIRED (e.g., `upstream/V_9_8_P1` or a commit SHA) +- End ref (commit) — OPTIONAL (default: HEAD - most recent upstream commit) - Upstream remote — optional (default: `upstream`) - Windows fork remote — optional (default: `upstream-pwsh`) - Target branch — optional (default: current branch) @@ -24,6 +25,8 @@ Expected outputs per batch: Quick start examples: - "Merge from tag `upstream/V_9_8_P1` into my current branch." +- "Merge from tag `upstream/V_9_8_P1` to commit `a1b2c3d` into my current branch." - "Merge starting at commit `3a1b2c3`, upstream remote `upstream`, target current branch." If the Start ref is not provided, ask for it before proceeding. +If the End ref is not provided, merging will continue to HEAD (most recent upstream commit). diff --git a/.github/tools/Get-CommitGroups.ps1 b/.github/tools/Get-CommitGroups.ps1 index ef83730f31b2..c2e2b18049d8 100644 --- a/.github/tools/Get-CommitGroups.ps1 +++ b/.github/tools/Get-CommitGroups.ps1 @@ -21,9 +21,14 @@ .PARAMETER StartCommit The commit SHA to start from (e.g., "6fb728df50c1afd338cb0223a84ce24579577eff"). - Cannot be used with -GitHubTag. The script will find commits after this commit up to HEAD. + Cannot be used with -GitHubTag. The script will find commits after this commit up to EndCommit (or HEAD if not specified). This is typically used when continuing from a previously merged commit. +.PARAMETER EndCommit + The commit SHA to end at (e.g., "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0"). + If not specified, defaults to HEAD (most recent upstream commit). + This allows merging up to a specific commit rather than always merging to HEAD. + .PARAMETER FirstChunkOnly When specified, the script stops after finding the first chunk with a successful CI commit (or first chunk with any CI when using -GroupByCIPresence). @@ -66,6 +71,12 @@ Finds the first batch of commits after the V_10_0_P2 tag that ends with any commit that has CI runs (regardless of success or failure). +.EXAMPLE + .\Get-CommitGroups.ps1 -StartCommit "6fb728df50c1afd338cb0223a84ce24579577eff" -EndCommit "a1b2c3d4e5f6" -FirstChunkOnly + + Finds the first batch of commits between the specified start and end commits. + Useful for merging a specific range rather than all commits up to HEAD. + .NOTES - Requires internet access to query GitHub API - Set GITHUB_TOKEN environment variable for authenticated API access (5,000 requests/hour) @@ -86,6 +97,9 @@ param( [Parameter(Mandatory=$false)] [string]$StartCommit, + [Parameter(Mandatory=$false)] + [string]$EndCommit, + [Parameter(Mandatory=$false)] [switch]$FirstChunkOnly, @@ -242,11 +256,12 @@ try { $page = 1 $perPage = 250 # Compare API returns max 250 commits per page - Write-Host "Fetching commits from $startCommitSha...HEAD" -ForegroundColor Gray + $endRef = if ($EndCommit) { $EndCommit } else { "HEAD" } + Write-Host "Fetching commits from $startCommitSha...$endRef" -ForegroundColor Gray # The Compare API doesn't support pagination, so we need to use commits API instead # to get commits in the correct range with proper pagination - $compareUrl = "$apiBase/compare/${startCommitSha}...HEAD" + $compareUrl = "$apiBase/compare/${startCommitSha}...$endRef" $comparison = Invoke-RestMethod -Uri $compareUrl -Headers (Get-GitHubHeaders) # The Compare API returns commits - need to verify order From 7e1ea03f1344edfa48b2964fcdf36bb2056caeb5 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 20 Feb 2026 11:33:49 -0800 Subject: [PATCH 611/687] add instructions around addressing compiler warnings --- .github/agents/merge-upstream.agent.md | 10 ++- .github/instructions/build.instructions.md | 57 +++++++++++++++- .../agent-communication-merge.instructions.md | 67 ++++++++++++++++++- .../merge/merge-details.instructions.md | 21 ++++-- .../merge-process-overview.instructions.md | 26 +++++-- 5 files changed, 164 insertions(+), 17 deletions(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index 3909a0b7138e..bb67a39cefbb 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -110,7 +110,14 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - Tool must display "ALL PREREQUISITES MET" - If tool fails, fix reported issues before continuing -3. **Create merge branch:** +3. **Establish baseline warning count:** + - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` + - Parse and document the current warning count and categories + - This baseline will be used to detect new warnings introduced during merge + - Store baseline for comparison after each build + +4. **Create merge branch:** ```pwsh git checkout -b merge-v- # Example: git checkout -b merge-v10.0P2-20260109 @@ -118,6 +125,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for **Success Criteria:** - Prerequisite tool reports all checks passed +- Baseline warning count established and documented - Merge branch created - Ready to begin Phase 2 (cherry-picking first batch) diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index bcf6a3f8bc9f..23724ae0d8f8 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -47,6 +47,55 @@ Use the Test-OpenSSHBuild MCP tool when a build fails: - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` +## Compiler Warning Policy + +### Overview +All new compiler warnings introduced during the merge process must be reported to users and require approval before proceeding. This ensures code quality is maintained and potential issues are not overlooked. + +### Baseline Establishment +1. **Before starting the merge**, establish a baseline warning count: + - Run Test-OpenSSHBuild on the current branch (before any merge commits) + - Document the total warning count and warning categories + - Store this as the baseline for comparison + +2. **After each build during merge**, compare warnings against baseline: + - Run Test-OpenSSHBuild after every successful build (not just failures) + - Compare current warning count to baseline + - Identify any new warnings introduced + +### Warning Categorization +Attempt to categorize warnings to help users make informed decisions: + +**Common Warning Categories:** +- **Deprecated APIs**: Use of functions/APIs marked as deprecated +- **Type Conversions**: Implicit type conversions that may lose data +- **Unused Variables/Functions**: Declared but unused code elements +- **Potential Bugs**: Logic issues that may cause runtime problems +- **Security-Related**: Potential security vulnerabilities (buffer overruns, etc.) +- **Platform-Specific**: Windows-specific compatibility warnings + +**Note:** Categorization helps users make decisions, but **all new warnings require user approval regardless of predicted severity**. + +### User Approval Requirement +**Critical Rule**: No threshold - every new warning requires user input. + +1. **When new warnings are detected:** + - Report warning count delta (baseline vs current) + - List each new warning with: + - File and line number + - Warning code and message + - Attempted category classification + - Request user decision: fix warnings or proceed as-is + +2. **User must explicitly approve:** + - Fixing warnings before continuing + - Proceeding with warnings (acknowledging they will remain) + - Do NOT automatically proceed if new warnings appear + +3. **Update baseline if user approves proceeding:** + - If user approves proceeding with new warnings, update baseline + - This prevents re-reporting the same warnings in subsequent batches + ## Compilation Error Resolution ### Common Error Categories @@ -151,8 +200,12 @@ Use the **Test-OpenSSHBuild** MCP tool to read build logs and parse errors **onl ### Build Tools Invocation Policy - Use `Start-OpenSSHBuild.ps1` to run the build for each chunk/batch. -- Only if `Start-OpenSSHBuild.ps1` reports the build failed, invoke `Test-OpenSSHBuild.ps1` to parse errors and warnings from the build log. -- Skip `Test-OpenSSHBuild.ps1` when the build succeeded to avoid unnecessary log parsing. +- **ALWAYS invoke `Test-OpenSSHBuild.ps1` after every build** (success or failure): + - On build failure: Parse errors and warnings to fix issues + - On build success: Parse warnings to compare against baseline +- Compare warning count against established baseline +- If new warnings detected, report to user and request approval before proceeding +- Do NOT skip `Test-OpenSSHBuild.ps1` even when build succeeds - warning checks are mandatory. #### Alternative: Direct MSBuild (Terminal Only) Only use this when running directly in a terminal (not via MCP): diff --git a/.github/instructions/merge/agent-communication-merge.instructions.md b/.github/instructions/merge/agent-communication-merge.instructions.md index 049cf62a09e0..27c49018c943 100644 --- a/.github/instructions/merge/agent-communication-merge.instructions.md +++ b/.github/instructions/merge/agent-communication-merge.instructions.md @@ -44,6 +44,35 @@ Found X compilation errors: I'll resolve these errors now. ``` +#### Success with New Warnings Scenario: +**MUST use this format when build succeeds but new warnings are detected.** + +``` +Build completed successfully. All 14 executables were created. + +However, new compiler warnings have been introduced: + +Baseline: X warnings → Current: Y warnings (ΔZ new warnings) + +New Warnings Detected: + +**Deprecated APIs (2):** +- [auth.c] (Line 145): C4996 - 'strcpy': This function may be unsafe. Consider using strcpy_s instead. +- [sshd.c] (Line 302): C4996 - 'GetVersion': was declared deprecated + +**Type Conversions (1):** +- [channels.c] (Line 89): C4244 - Conversion from 'size_t' to 'int', possible loss of data + +**Analysis:** +These warnings appear to be introduced by upstream changes. The deprecated API warnings may require Windows-specific alternatives, and the type conversion should be reviewed for potential data loss. + +How would you like to proceed? +1. Fix these warnings before continuing +2. Proceed with warnings (will update baseline) + +Please advise. +``` + ### 2. Test-OpenSSHBuild Tool Output **MUST use this format when reporting build error analysis.** @@ -65,12 +94,44 @@ Error Categories: - Build system inconsistencies: X ``` -#### When Build Succeeded: +#### When Build Succeeded with No New Warnings: ``` -No need to analyze build errors - the build completed successfully. +Build analysis complete: + +Compilation Errors: 0 +Warnings: X (no change from baseline) + +No new warnings introduced. Build is clean. +``` + +#### When Build Succeeded with New Warnings: +``` +Build analysis complete: + +Compilation Errors: 0 + +Warnings Comparison: +- Baseline: X warnings +- Current: Y warnings +- New warnings: Z + +New Warnings by Category: + +**Deprecated APIs (2):** +- [auth.c] (Line 145): C4996 - 'strcpy': This function may be unsafe +- [sshd.c] (Line 302): C4996 - 'GetVersion': was declared deprecated + +**Type Conversions (1):** +- [channels.c] (Line 89): C4244 - Conversion from 'size_t' to 'int' + +**Potential Bugs (0)** +**Security-Related (0)** +**Platform-Specific (0)** + +These new warnings require user approval before proceeding. ``` -**Note:** Only invoke Test-OpenSSHBuild when Start-OpenSSHBuild reports failure. +**Note:** ALWAYS invoke Test-OpenSSHBuild after every build to check for warnings, not just on failure. ### 3. Test-OpenSSHFunctionality Tool Output diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index 3f1df5e4e98b..d69e2cf67b09 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -265,11 +265,20 @@ FUNCTION automated_build_fix(): // Always start with Start-OpenSSHBuild.ps1 build_result = start_openssh_build(Configuration="Release", Architecture="x64") + // ALWAYS invoke Test-OpenSSHBuild.ps1 to check warnings (success or failure) + test_result = test_openssh_build(Configuration="Release", Architecture="x64", LogFile=build_result.log) + IF build_result.success: + // Check for new warnings against baseline + new_warnings = compare_warnings_to_baseline(test_result.warnings, baseline_warnings) + IF new_warnings.count > 0: + categorized_warnings = categorize_warnings(new_warnings) + request_user_approval(categorized_warnings) + // Wait for user decision: fix warnings or proceed RETURN SUCCESS - // Only invoke Test-OpenSSHBuild.ps1 when build failed - errors = test_openssh_build(Configuration="Release", Architecture="x64", LogFile=build_result.log) + // Build failed - parse errors + errors = test_result.errors fixes_applied = [] FOR EACH error IN errors: @@ -303,8 +312,12 @@ FUNCTION determine_fix_strategy(error): ### Build Tools Invocation Policy - Use `Start-OpenSSHBuild.ps1` to run the build for each chunk/batch. -- Only if `Start-OpenSSHBuild.ps1` reports the build failed, invoke `Test-OpenSSHBuild.ps1` to parse errors and warnings from the build log. -- Skip `Test-OpenSSHBuild.ps1` when the build succeeded to avoid unnecessary log parsing. +- **ALWAYS invoke `Test-OpenSSHBuild.ps1` after every build** (success or failure): + - On build failure: Parse errors and warnings to fix issues + - On build success: Parse warnings to compare against baseline +- Compare warning count against established baseline +- If new warnings detected, report to user with categorization and request approval before proceeding +- Do NOT skip `Test-OpenSSHBuild.ps1` even when build succeeds - warning checks are mandatory. ## Testing Automation Framework diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 87d273eafea2..a50405864a80 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -153,18 +153,30 @@ The process consists of several interconnected phases: - **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - If build fails: - - **Use Test-OpenSSHBuild MCP tool to read the build log and parse errors**: + **ALWAYS check warnings after build (success or failure):** + - **Use Test-OpenSSHBuild MCP tool to parse errors and warnings**: - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - **DO NOT** try to read log files directly with `Get-Content` or locate them manually + + If build failed: - Fix issues based on parsed error output - Rebuild and verify - - **CRITICAL: Before committing, restore paths.targets**: - ```pwsh - git checkout .\contrib\win32\openssh\paths.targets - ``` - - Commit any build fixes separately with descriptive messages (only actual code changes) + + If build succeeded: + - Compare warnings against baseline established in Phase 1 + - If new warnings detected: + - Categorize warnings (deprecated APIs, type conversions, potential bugs, etc.) + - Report to user with warning details and categories + - Request user decision: fix warnings or proceed + - Wait for user approval before continuing + - If user approves proceeding, update baseline to include new warnings + + **CRITICAL: Before committing, restore paths.targets**: + ```pwsh + git checkout .\contrib\win32\openssh\paths.targets + ``` + Commit any build fixes separately with descriptive messages (only actual code changes) 10. **Validate if batch ended with successful CI:** Check the end commit's CI status from Get-CommitGroups output. From a07a53b00e9aeadb420336783d219be012d88ba1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 23 Feb 2026 15:22:10 -0500 Subject: [PATCH 612/687] Activate kbdint test on PAM configs. --- .github/run_test.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/run_test.sh b/.github/run_test.sh index 33c90ac291c2..35fb1f58a9dd 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -51,6 +51,11 @@ else ${env} make ${TEST_TARGET} SKIP_LTESTS="${SKIP_LTESTS}" LTESTS="${LTESTS}" fi +# Activate kbdint regression test for PAM +if echo "${SSHD_CONFOPTS}" | grep -i usepam >/dev/null; then + cp regress/password regress/kbdintpw +fi + if [ ! -z "${SSHD_CONFOPTS}" ]; then echo "rerunning t-exec with TEST_SSH_SSHD_CONFOPTS='${SSHD_CONFOPTS}'" if [ -z "${LTESTS}" ]; then From 4ed5f9ecca9ed867c9f1040a3425af35f0703675 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 24 Feb 2026 00:39:59 +0000 Subject: [PATCH 613/687] upstream: Remove leftover debugging. OpenBSD-Regress-ID: e778d76b21696a14db80f31b9e79601f2d7a9abf --- regress/kbdint.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/regress/kbdint.sh b/regress/kbdint.sh index 5629270b0f03..7db876180c52 100644 --- a/regress/kbdint.sh +++ b/regress/kbdint.sh @@ -1,4 +1,4 @@ -# $OpenBSD: kbdint.sh,v 1.1 2026/02/15 22:29:30 dtucker Exp $ +# $OpenBSD: kbdint.sh,v 1.2 2026/02/24 00:39:59 dtucker Exp $ # Placed in the Public Domain. # # This tests keyboard-interactive authentication. It does not run by default, @@ -81,7 +81,6 @@ for i in 0 1 2 3 4 5 6 7 8 9; do printf '1\n2\n3\n4\n5\n6\n7\n8\n9\n'; done \ >${OBJ}/replypass echo 1 >${OBJ}/replypass.N ${SSH} $opts -F $OBJ/ssh_proxy somehost true -fail foo if [ $? -eq 0 ]; then fail "ssh unexpectedly succeeded with password spam" fi From c940e709ae2155a4614bc3709e393d88fdddabde Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 23 Feb 2026 20:54:55 -0500 Subject: [PATCH 614/687] Check regress passwd is set before enabling kbdint. --- .github/run_test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/run_test.sh b/.github/run_test.sh index 35fb1f58a9dd..c67d00700f23 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -52,7 +52,7 @@ else fi # Activate kbdint regression test for PAM -if echo "${SSHD_CONFOPTS}" | grep -i usepam >/dev/null; then +if echo "${SSHD_CONFOPTS}" | grep -i usepam >/dev/null && [ -f regress/password ]; then cp regress/password regress/kbdintpw fi From d7a9cd696a316c71e4c16f4158dc516b94abd863 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 23 Feb 2026 21:34:48 -0500 Subject: [PATCH 615/687] Remove potentially leftover include compat shims. If we don't need a specific shim, ensure it does not exist. Prevents confusion if configurations change or the directory is reused across different platforms. --- configure.ac | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index e537c982aa83..110d390881a6 100644 --- a/configure.ac +++ b/configure.ac @@ -542,7 +542,11 @@ AC_CHECK_HEADERS([ \ sys/time.h \ sys/un.h \ time.h \ - util.h], [], [ + util.h \ + ], [ + # Remove any old shims. + rm -f "$COMPATINCLUDESDIR/$ac_header" + ], [ COMPATINCLUDES="$COMPATINCLUDESDIR" header="$COMPATINCLUDES/$ac_header" dir=`dirname "$header"` @@ -1766,11 +1770,13 @@ dnl create a glob.h shim so we don't have to sprinkle ifdefs everywhere. AC_MSG_CHECKING([if we can use the system glob]) if test "x$use_system_glob" = "xyes" ; then AC_MSG_RESULT([yes]) + # Remove any old shims. + rm -f "$COMPATINCLUDESDIR/glob.h" else AC_MSG_RESULT([no]) - COMPATINCLUDES="openbsd-compat/include" + COMPATINCLUDES="$COMPATINCLUDESDIR" mkdir -p "$COMPATINCLUDES" - echo '# include "openbsd-compat/glob.h"' >$COMPATINCLUDES/glob.h + echo '#include "openbsd-compat/glob.h"' >$COMPATINCLUDES/glob.h fi AC_CHECK_DECL([VIS_ALL], , From 5da0ccec2b5806f104913465b62fea475b2e15bb Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 24 Feb 2026 11:10:16 -0500 Subject: [PATCH 616/687] Remove anchor to specific release notes version. --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index e19b021e4fbc..ec6c320c646f 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See https://www.openssh.com/releasenotes.html#10.1p1 for the release +See https://www.openssh.com/releasenotes.html for the release notes. Please read https://www.openssh.com/report.html for bug reporting From c25254d1516df5e57affc0e391ed6ead8267b637 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 24 Feb 2026 11:16:11 -0500 Subject: [PATCH 617/687] Add self-hosted status to main README now it's public. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e52de692656e..cf06c3a4e97d 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ [![C/C++ CI](../../actions/workflows/c-cpp.yml/badge.svg)](../../actions/workflows/c-cpp.yml) [![VM CI](../../actions/workflows/vm.yml/badge.svg)](../../actions/workflows/vm.yml) +[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml) [![CIFuzz](../../actions/workflows/cifuzz.yml/badge.svg)](../../actions/workflows/cifuzz.yml) [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://issues.oss-fuzz.com/issues?q="Project:+openssh"+is:open) [![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) From acf749756872d7555eca48514e5aca6962116fb2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 24 Feb 2026 11:28:11 -0500 Subject: [PATCH 618/687] Add AWS-LC and BoringSSL as potential libcryptos. --- INSTALL | 9 ++++++--- README.md | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/INSTALL b/INSTALL index 56e351af60e1..96b299477a78 100644 --- a/INSTALL +++ b/INSTALL @@ -19,12 +19,15 @@ A working installation of zlib: Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems): https://zlib.net/ -libcrypto from either of LibreSSL or OpenSSL. Building without libcrypto -is supported but severely restricts the available ciphers and algorithms. +libcrypto from one of LibreSSL, OpenSSL, AWS-LC or BoringSSL. Building +without libcrypto is supported but severely restricts the available +ciphers and algorithms. - LibreSSL (https://www.libressl.org/) 3.1.0 or greater - OpenSSL (https://www.openssl.org) 1.1.1 or greater + - AWS-LC (https://github.com/aws/aws-lc) + - BoringSSL (https://github.com/google/boringssl) -LibreSSL/OpenSSL should be compiled as a position-independent library +libcrypto should be compiled as a position-independent library (i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC" or LibreSSL as "CFLAGS=-fPIC ./configure") otherwise OpenSSH will not be able to link with it. If you must use a non-position-independent diff --git a/README.md b/README.md index cf06c3a4e97d..1cfcd7bb9feb 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ Stable release tarballs are available from a number of [download mirrors](https: Portable OpenSSH is built using autoconf and make. It requires a working C compiler, standard library and headers. -``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) may also be used. OpenSSH may be built without either of these, but the resulting binaries will have only a subset of the cryptographic algorithms normally available. +``libcrypto`` from one of [LibreSSL](https://www.libressl.org/), [OpenSSL](https://www.openssl.org), [AWS-LC](https://github.com/aws/aws-lc) or [BoringSSL](https://github.com/google/boringssl) may also be used. OpenSSH may be built without either of these, but the resulting binaries will have only a subset of the cryptographic algorithms normally available. [zlib](https://www.zlib.net/) is optional; without it transport compression is not supported. From c65f4d2586416274e92720c9e1e745422e182488 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 24 Feb 2026 01:50:51 +0000 Subject: [PATCH 619/687] upstream: Use fmprintf instead of logit for challenge-response name and info to preserve UTF-8 characters where appropriate. Prompted by github PR#452, with & ok djm@. OpenBSD-Commit-ID: e6361242329ec6925571478f60f4739726aad308 --- sshconnect2.c | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/sshconnect2.c b/sshconnect2.c index a8ad17330f01..f266372029c8 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.382 2026/02/16 00:45:41 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.383 2026/02/24 01:50:51 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1074,7 +1074,8 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) char *info = NULL, *lang = NULL, *password = NULL, *retype = NULL; char prompt[256]; const char *host; - int r; + int r, addnl; + size_t len; debug2("input_userauth_passwd_changereq"); @@ -1086,8 +1087,10 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) if ((r = sshpkt_get_cstring(ssh, &info, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) goto out; - if (strlen(info) > 0) - logit("%s", info); + if ((len = strlen(info)) > 0) { + addnl = info[len] != '\n'; + fmprintf(stderr, "%s%s", info, addnl ? "\n" : ""); + } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || @@ -1942,7 +1945,8 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) char *display_prompt = NULL, *response = NULL; u_char echo = 0; u_int num_prompts, i; - int r; + int r, addnl; + size_t len; debug2_f("entering"); @@ -1955,10 +1959,14 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) (r = sshpkt_get_cstring(ssh, &inst, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) goto out; - if (strlen(name) > 0) - logit("%s", name); - if (strlen(inst) > 0) - logit("%s", inst); + if ((len = strlen(name)) > 0) { + addnl = name[len] != '\n'; + fmprintf(stderr, "%s%s", name, addnl ? "\n" : ""); + } + if ((len = strlen(inst)) > 0) { + addnl = inst[len] != '\n'; + fmprintf(stderr, "%s%s", inst, addnl ? "\n" : ""); + } if ((r = sshpkt_get_u32(ssh, &num_prompts)) != 0) goto out; From c26d90e5ad05372b63dbb8727cb6c23a6505a2fb Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 1 Mar 2026 09:41:39 +1100 Subject: [PATCH 620/687] Remove BoringSSL rpath as it's statically linked. --- .github/configs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/configs b/.github/configs index 3d320e506b49..8ee0f98781da 100755 --- a/.github/configs +++ b/.github/configs @@ -177,7 +177,7 @@ case "$config" in ;; boringssl) CONFIGFLAGS="--disable-pkcs11" - LIBCRYPTOFLAGS="--with-ssl-dir=/opt/boringssl --with-rpath=-Wl,-rpath," + LIBCRYPTOFLAGS="--with-ssl-dir=/opt/boringssl" ;; aws-lc) LIBCRYPTOFLAGS="--with-ssl-dir=/opt/aws-lc --with-rpath=-Wl,-rpath," From b50b881b17ab15e34b5e57b159b65f2a02725798 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 1 Mar 2026 09:46:39 +1100 Subject: [PATCH 621/687] Try -lstdc++ for libcrypto before giving up. BoringSSL recently added destructors to libcrypto, which requires linking against libstdc++, so when checking for a working libcrypto if at first the link fails, try again with -lstdc++ before giving up. --- configure.ac | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 110d390881a6..d98650bf332f 100644 --- a/configure.ac +++ b/configure.ac @@ -3003,8 +3003,15 @@ nocrypto_saved_LIBS="$LIBS" if test "x$openssl" = "xyes" ; then LIBS="-lcrypto $LIBS" CHANNELLIBS="-lcrypto $CHANNELLIBS" - AC_TRY_LINK_FUNC([RAND_add], , - [AC_MSG_ERROR([*** working libcrypto not found, check config.log])]) + AC_TRY_LINK_FUNC([RAND_add], , [ + # As of early 2026, BoringSSL libcrypto needs -lstdc++ for + # destructors so try that before giving up. + LIBS="$LIBS -lstdc++" + CHANNELLIBS="$CHANNELLIBS -lstdc++" + AC_TRY_LINK_FUNC([RAND_add], , [ + AC_MSG_ERROR([*** working libcrypto not found, check config.log]) + ]) + ]) AC_CHECK_HEADER([openssl/opensslv.h], , [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])]) From bb781f02d4efd178e329a62a838962bee16e3e9b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 2 Mar 2026 02:40:15 +0000 Subject: [PATCH 622/687] upstream: Move banner exchange to sshd-auth process Previously, exchange of the initial SSH- banners was performed by the privileged sshd-session monitor. This moves it to the unprivileged sshd-auth subprocess, removing ~200 LoC from the monitor's privileged attack surface. The monitor gains a new "setcompat" RPC to allow sshd-auth to inform it of bug compat flags picked up from the client's banner. feedback dtucker@, ok markus@ deraadt@ OpenBSD-Commit-ID: d767eb1183630d754d521d9f0d84a6c72fbe7fc8 --- compat.c | 5 +++-- monitor.c | 28 +++++++++++++++++++++++++++- monitor.h | 3 ++- monitor_wrap.c | 17 ++++++++++++++++- monitor_wrap.h | 3 ++- packet.h | 5 +++-- sshd-auth.c | 10 +++++++++- sshd-session.c | 9 +-------- 8 files changed, 63 insertions(+), 17 deletions(-) diff --git a/compat.c b/compat.c index 31607e3ffbde..4cc7ca61ae43 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.127 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: compat.c,v 1.128 2026/03/02 02:40:15 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -27,6 +27,7 @@ #include +#include #include #include @@ -43,7 +44,7 @@ compat_banner(struct ssh *ssh, const char *version) int i; static struct { char *pat; - int bugs; + uint32_t bugs; } check[] = { { "OpenSSH_2.*," "OpenSSH_3.0*," diff --git a/monitor.c b/monitor.c index 290b7f536e54..7a71a6586306 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.252 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: monitor.c,v 1.253 2026/03/02 02:40:15 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -106,6 +106,7 @@ static struct sshbuf *child_state; /* Functions on the monitor that answer unprivileged requests */ int mm_answer_moduli(struct ssh *, int, struct sshbuf *); +int mm_answer_setcompat(struct ssh *, int, struct sshbuf *); int mm_answer_sign(struct ssh *, int, struct sshbuf *); int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *); int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *); @@ -157,6 +158,7 @@ static u_char *session_id2 = NULL; static pid_t monitor_child_pid; static int auth_attempted = 0; static int invalid_user = 0; +static int compat_set = 0; struct mon_table { enum monitor_reqtype type; @@ -182,6 +184,7 @@ struct mon_table mon_dispatch_proto20[] = { #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif + {MONITOR_REQ_SETCOMPAT, MON_ONCE, mm_answer_setcompat}, {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, @@ -283,6 +286,7 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) /* Permit requests for state, moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_STATE, 1); monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); + monitor_permit(mon_dispatch, MONITOR_REQ_SETCOMPAT, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); /* The first few requests do not require asynchronous access */ @@ -701,6 +705,20 @@ mm_answer_moduli(struct ssh *ssh, int sock, struct sshbuf *m) } #endif +int +mm_answer_setcompat(struct ssh *ssh, int sock, struct sshbuf *m) +{ + int r; + + debug3_f("entering"); + + if ((r = sshbuf_get_u32(m, &ssh->compat)) != 0) + fatal_fr(r, "parse"); + compat_set = 1; + + return (0); +} + int mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -716,6 +734,10 @@ mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) debug3_f("entering"); + /* Make sure the unpriv process sent the compat bits already */ + if (!compat_set) + fatal_f("state error: setcompat never called"); + if ((r = sshkey_froms(m, &pubkey)) != 0 || (r = sshbuf_get_string(m, &p, &datlen)) != 0 || (r = sshbuf_get_cstring(m, &alg, NULL)) != 0 || @@ -843,6 +865,10 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) debug3_f("entering"); + /* Make sure the unpriv process sent the compat bits already */ + if (!compat_set) + fatal_f("state error: setcompat never called"); + if (authctxt->attempt++ != 0) fatal_f("multiple attempts for getpwnam"); diff --git a/monitor.h b/monitor.h index a6211af9986a..fe0b00b2ef8d 100644 --- a/monitor.h +++ b/monitor.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.h,v 1.27 2026/02/09 21:23:35 dtucker Exp $ */ +/* $OpenBSD: monitor.h,v 1.28 2026/03/02 02:40:15 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -39,6 +39,7 @@ enum monitor_reqtype { MONITOR_REQ_AUTHPASSWORD = 12, MONITOR_ANS_AUTHPASSWORD = 13, MONITOR_REQ_BSDAUTHQUERY = 14, MONITOR_ANS_BSDAUTHQUERY = 15, MONITOR_REQ_BSDAUTHRESPOND = 16, MONITOR_ANS_BSDAUTHRESPOND = 17, + MONITOR_REQ_SETCOMPAT = 18, MONITOR_REQ_KEYALLOWED = 22, MONITOR_ANS_KEYALLOWED = 23, MONITOR_REQ_KEYVERIFY = 24, MONITOR_ANS_KEYVERIFY = 25, MONITOR_REQ_KEYEXPORT = 26, diff --git a/monitor_wrap.c b/monitor_wrap.c index 383bae4b0271..81596a4cc66b 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.145 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.146 2026/03/02 02:40:15 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -254,6 +254,21 @@ mm_choose_dh(int min, int nbits, int max) } #endif +void +mm_sshkey_setcompat(struct ssh *ssh) +{ + struct sshbuf *m; + int r; + + debug3_f("entering"); + if ((m = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u32(m, ssh->compat)) != 0) + fatal_fr(r, "assemble"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SETCOMPAT, m); +} + int mm_sshkey_sign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, const char *hostkey_alg, diff --git a/monitor_wrap.h b/monitor_wrap.h index c87295388fd0..c2f7f97d977a 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.53 2025/07/04 07:47:35 djm Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.54 2026/03/02 02:40:15 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -46,6 +46,7 @@ int mm_is_monitor(void); #ifdef WITH_OPENSSL DH *mm_choose_dh(int, int, int); #endif +void mm_sshkey_setcompat(struct ssh *); int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, const char *, const char *, u_int compat); diff --git a/packet.h b/packet.h index 6d6a064bdf41..10d42202cb84 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.105 2026/02/08 17:50:49 dtucker Exp $ */ +/* $OpenBSD: packet.h,v 1.106 2026/03/02 02:40:15 djm Exp $ */ /* * Author: Tatu Ylonen @@ -18,6 +18,7 @@ #include +#include #include #include @@ -74,7 +75,7 @@ struct ssh { int dispatch_skip_packets; /* datafellows */ - int compat; + uint32_t compat; /* Lists for private and public keys */ TAILQ_HEAD(, key_entry) private_keys; diff --git a/sshd-auth.c b/sshd-auth.c index 8f9066122f1c..a871b29a82c9 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.12 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.13 2026/03/02 02:40:15 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -811,6 +811,14 @@ do_ssh2_kex(struct ssh *ssh) free(hkalgs); + if ((r = kex_exchange_identification(ssh, -1, + options.version_addendum)) != 0) + sshpkt_fatal(ssh, r, "banner exchange"); + mm_sshkey_setcompat(ssh); /* tell monitor */ + + if ((ssh->compat & SSH_BUG_NOREKEY)) + debug("client does not support rekeying"); + /* start key exchange */ if ((r = kex_setup(ssh, myproposal)) != 0) fatal_r(r, "kex_setup"); diff --git a/sshd-session.c b/sshd-session.c index 29de97fa619a..79b867617f93 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.20 2026/02/09 21:38:14 dtucker Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.21 2026/03/02 02:40:15 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -1220,13 +1220,6 @@ main(int ac, char **av) fatal("login grace time setitimer failed"); } - if ((r = kex_exchange_identification(ssh, -1, - options.version_addendum)) != 0) - sshpkt_fatal(ssh, r, "banner exchange"); - - if ((ssh->compat & SSH_BUG_NOREKEY)) - debug("client does not support rekeying"); - ssh_packet_set_nonblocking(ssh); /* allocate authentication context */ From 2a387ba37452971747d2f00db7d4c18b4f2c45ed Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 3 Mar 2026 09:57:25 +0000 Subject: [PATCH 623/687] upstream: Replace all remaining instances of u_intXX_t types with the C99 equivalent uintXX_t types. ok djm@ OpenBSD-Commit-ID: d9b81151266adb129574ce268af49f14ac23e65b --- addr.c | 4 +- addr.h | 8 +- audit-bsm.c | 6 +- auth2-chall.c | 6 +- auth2-gss.c | 18 ++--- auth2.c | 10 +-- authfd.c | 4 +- canohost.c | 2 +- channels.c | 30 ++++---- channels.h | 20 ++--- clientloop.c | 16 ++-- clientloop.h | 4 +- digest-libc.c | 6 +- dispatch.c | 8 +- dispatch.h | 8 +- dns.c | 18 ++--- entropy.c | 2 +- kex.c | 14 ++-- kex.h | 8 +- kexgen.c | 10 +-- kexgexc.c | 10 +-- kexgexs.c | 10 +-- krl.c | 34 ++++----- krl.h | 8 +- mac.c | 8 +- mac.h | 6 +- misc.c | 66 ++++++++--------- misc.h | 26 +++---- moduli.c | 50 ++++++------- mux.c | 4 +- packet.c | 52 ++++++------- packet.h | 20 ++--- servconf.h | 4 +- serverloop.c | 10 +-- sftp-client.c | 24 +++--- sftp-client.h | 34 ++++----- sftp-common.h | 16 ++-- sftp-server.c | 166 +++++++++++++++++++++--------------------- ssh-keygen.c | 32 ++++---- ssh-pkcs11.c | 10 +-- ssh-pkcs11.h | 6 +- ssh.c | 4 +- ssh_api.c | 4 +- sshbuf-getput-basic.c | 32 ++++---- sshbuf.h | 60 +++++++-------- sshconnect2.c | 52 ++++++------- sshd-session.c | 4 +- sshkey.h | 6 +- umac.c | 10 +-- 49 files changed, 485 insertions(+), 485 deletions(-) diff --git a/addr.c b/addr.c index e207287c1f5f..20762329caf1 100644 --- a/addr.c +++ b/addr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addr.c,v 1.9 2024/10/18 04:30:09 djm Exp $ */ +/* $OpenBSD: addr.c,v 1.10 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -61,7 +61,7 @@ masklen_valid(int af, u_int masklen) static int addr_xaddr_to_sa(const struct xaddr *xa, struct sockaddr *sa, socklen_t *len, - u_int16_t port) + uint16_t port) { struct sockaddr_in *in4 = (struct sockaddr_in *)sa; struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)sa; diff --git a/addr.h b/addr.h index 29438dfecf25..a90763727e17 100644 --- a/addr.h +++ b/addr.h @@ -27,11 +27,11 @@ struct xaddr { union { struct in_addr v4; struct in6_addr v6; - u_int8_t addr8[16]; - u_int16_t addr16[8]; - u_int32_t addr32[4]; + uint8_t addr8[16]; + uint16_t addr16[8]; + uint32_t addr32[4]; } xa; /* 128-bit address */ - u_int32_t scope_id; /* iface scope id for v6 */ + uint32_t scope_id; /* iface scope id for v6 */ #define v4 xa.v4 #define v6 xa.v6 #define addr8 xa.addr8 diff --git a/audit-bsm.c b/audit-bsm.c index 4bce22c37ed5..b602913f4236 100644 --- a/audit-bsm.c +++ b/audit-bsm.c @@ -90,7 +90,7 @@ extern void aug_save_egid(gid_t); extern void aug_save_pid(pid_t); extern void aug_save_asid(au_asid_t); extern void aug_save_tid(dev_t, unsigned int); -extern void aug_save_tid_ex(dev_t, u_int32_t *, u_int32_t); +extern void aug_save_tid_ex(dev_t, uint32_t *, uint32_t); extern int aug_save_me(void); extern int aug_save_namask(void); extern void aug_save_event(au_event_t); @@ -129,10 +129,10 @@ static AuditInfoTermID ssh_bsm_tid; * getaudit_addr() is only present on IPv6 capable machines. */ #if defined(HAVE_AUG_GET_MACHINE) || !defined(HAVE_GETAUDIT_ADDR) -extern int aug_get_machine(char *, u_int32_t *, u_int32_t *); +extern int aug_get_machine(char *, uint32_t *, uint32_t *); #else static int -aug_get_machine(char *host, u_int32_t *addr, u_int32_t *type) +aug_get_machine(char *host, uint32_t *addr, uint32_t *type) { struct addrinfo *ai; struct sockaddr_in *in4; diff --git a/auth2-chall.c b/auth2-chall.c index f74a214077f5..f3889079b64f 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.59 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.60 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -51,7 +51,7 @@ extern ServerOptions options; static int auth2_challenge_start(struct ssh *); static int send_userauth_info_request(struct ssh *); -static int input_userauth_info_response(int, u_int32_t, struct ssh *); +static int input_userauth_info_response(int, uint32_t, struct ssh *); #ifdef BSD_AUTH extern KbdintDevice mm_bsdauth_device; @@ -291,7 +291,7 @@ send_userauth_info_request(struct ssh *ssh) } static int -input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_info_response(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; KbdintAuthctxt *kbdintctxt; diff --git a/auth2-gss.c b/auth2-gss.c index 9228f775d27f..0535485277a6 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.38 2026/02/08 15:28:01 dtucker Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.39 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -53,10 +53,10 @@ extern ServerOptions options; extern struct authmethod_cfg methodcfg_gssapi; -static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh); -static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); -static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); -static int input_gssapi_errtok(int, u_int32_t, struct ssh *); +static int input_gssapi_token(int type, uint32_t plen, struct ssh *ssh); +static int input_gssapi_mic(int type, uint32_t plen, struct ssh *ssh); +static int input_gssapi_exchange_complete(int type, uint32_t plen, struct ssh *ssh); +static int input_gssapi_errtok(int, uint32_t, struct ssh *); /* * We only support those mechanisms that we know about (ie ones that we know @@ -143,7 +143,7 @@ userauth_gssapi(struct ssh *ssh, const char *method) } static int -input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_token(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; @@ -207,7 +207,7 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) } static int -input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_errtok(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; @@ -251,7 +251,7 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) */ static int -input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_exchange_complete(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; int r, authenticated; @@ -279,7 +279,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) } static int -input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_mic(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; diff --git a/auth2.c b/auth2.c index 2e6808152d9f..3a168274631e 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.172 2026/02/08 00:16:34 dtucker Exp $ */ +/* $OpenBSD: auth2.c,v 1.173 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -88,8 +88,8 @@ Authmethod *authmethods[] = { /* protocol */ -static int input_service_request(int, u_int32_t, struct ssh *); -static int input_userauth_request(int, u_int32_t, struct ssh *); +static int input_service_request(int, uint32_t, struct ssh *); +static int input_userauth_request(int, uint32_t, struct ssh *); /* helper */ static Authmethod *authmethod_byname(const char *); @@ -181,7 +181,7 @@ do_authentication2(struct ssh *ssh) } static int -input_service_request(int type, u_int32_t seq, struct ssh *ssh) +input_service_request(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; char *service = NULL; @@ -266,7 +266,7 @@ ensure_minimum_time_since(double start, double seconds) } static int -input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_request(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; Authmethod *m = NULL; diff --git a/authfd.c b/authfd.c index 9791b9e6bb36..7e8dcdd7a450 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.138 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: authfd.c,v 1.139 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -258,7 +258,7 @@ int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp) { u_char type; - u_int32_t num, i; + uint32_t num, i; struct sshbuf *msg; struct ssh_identitylist *idl = NULL; int r; diff --git a/canohost.c b/canohost.c index 2d323d12d4be..40725620cd3c 100644 --- a/canohost.c +++ b/canohost.c @@ -40,7 +40,7 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) struct sockaddr_in6 *a6 = (struct sockaddr_in6 *)addr; struct sockaddr_in *a4 = (struct sockaddr_in *)addr; struct in_addr inaddr; - u_int16_t port; + uint16_t port; if (addr->ss_family != AF_INET6 || !IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr)) diff --git a/channels.c b/channels.c index 9775d2c9515d..11c2b5c193e2 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.455 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: channels.c,v 1.456 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -3361,7 +3361,7 @@ channel_proxy_downstream(struct ssh *ssh, Channel *downstream) * replaces local (proxy) channel ID with downstream channel ID. */ int -channel_proxy_upstream(Channel *c, int type, u_int32_t seq, struct ssh *ssh) +channel_proxy_upstream(Channel *c, int type, uint32_t seq, struct ssh *ssh) { struct sshbuf *b = NULL; Channel *downstream; @@ -3444,7 +3444,7 @@ channel_proxy_upstream(Channel *c, int type, u_int32_t seq, struct ssh *ssh) static int channel_parse_id(struct ssh *ssh, const char *where, const char *what) { - u_int32_t id; + uint32_t id; int r; if ((r = sshpkt_get_u32(ssh, &id)) != 0) { @@ -3473,7 +3473,7 @@ channel_from_packet_id(struct ssh *ssh, const char *where, const char *what) } int -channel_input_data(int type, u_int32_t seq, struct ssh *ssh) +channel_input_data(int type, uint32_t seq, struct ssh *ssh) { const u_char *data; size_t data_len, win_len; @@ -3541,11 +3541,11 @@ channel_input_data(int type, u_int32_t seq, struct ssh *ssh) } int -channel_input_extended_data(int type, u_int32_t seq, struct ssh *ssh) +channel_input_extended_data(int type, uint32_t seq, struct ssh *ssh) { const u_char *data; size_t data_len; - u_int32_t tcode; + uint32_t tcode; Channel *c = channel_from_packet_id(ssh, __func__, "extended data"); int r; @@ -3594,7 +3594,7 @@ channel_input_extended_data(int type, u_int32_t seq, struct ssh *ssh) } int -channel_input_ieof(int type, u_int32_t seq, struct ssh *ssh) +channel_input_ieof(int type, uint32_t seq, struct ssh *ssh) { Channel *c = channel_from_packet_id(ssh, __func__, "ieof"); int r; @@ -3619,7 +3619,7 @@ channel_input_ieof(int type, u_int32_t seq, struct ssh *ssh) } int -channel_input_oclose(int type, u_int32_t seq, struct ssh *ssh) +channel_input_oclose(int type, uint32_t seq, struct ssh *ssh) { Channel *c = channel_from_packet_id(ssh, __func__, "oclose"); int r; @@ -3635,10 +3635,10 @@ channel_input_oclose(int type, u_int32_t seq, struct ssh *ssh) } int -channel_input_open_confirmation(int type, u_int32_t seq, struct ssh *ssh) +channel_input_open_confirmation(int type, uint32_t seq, struct ssh *ssh) { Channel *c = channel_from_packet_id(ssh, __func__, "open confirmation"); - u_int32_t remote_window, remote_maxpacket; + uint32_t remote_window, remote_maxpacket; int r; if (channel_proxy_upstream(c, type, seq, ssh)) @@ -3690,10 +3690,10 @@ reason2txt(int reason) } int -channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh) +channel_input_open_failure(int type, uint32_t seq, struct ssh *ssh) { Channel *c = channel_from_packet_id(ssh, __func__, "open failure"); - u_int32_t reason; + uint32_t reason; char *msg = NULL; int r; @@ -3727,11 +3727,11 @@ channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh) } int -channel_input_window_adjust(int type, u_int32_t seq, struct ssh *ssh) +channel_input_window_adjust(int type, uint32_t seq, struct ssh *ssh) { int id = channel_parse_id(ssh, __func__, "window adjust"); Channel *c; - u_int32_t adjust; + uint32_t adjust; u_int new_rwin; int r; @@ -3757,7 +3757,7 @@ channel_input_window_adjust(int type, u_int32_t seq, struct ssh *ssh) } int -channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh) +channel_input_status_confirm(int type, uint32_t seq, struct ssh *ssh) { int id = channel_parse_id(ssh, __func__, "status confirm"); Channel *c; diff --git a/channels.h b/channels.h index 7456541f8ce3..ce9224c0e796 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.162 2025/10/07 08:02:32 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.163 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -325,18 +325,18 @@ void channel_clear_timeouts(struct ssh *); /* mux proxy support */ int channel_proxy_downstream(struct ssh *, Channel *mc); -int channel_proxy_upstream(Channel *, int, u_int32_t, struct ssh *); +int channel_proxy_upstream(Channel *, int, uint32_t, struct ssh *); /* protocol handler */ -int channel_input_data(int, u_int32_t, struct ssh *); -int channel_input_extended_data(int, u_int32_t, struct ssh *); -int channel_input_ieof(int, u_int32_t, struct ssh *); -int channel_input_oclose(int, u_int32_t, struct ssh *); -int channel_input_open_confirmation(int, u_int32_t, struct ssh *); -int channel_input_open_failure(int, u_int32_t, struct ssh *); -int channel_input_window_adjust(int, u_int32_t, struct ssh *); -int channel_input_status_confirm(int, u_int32_t, struct ssh *); +int channel_input_data(int, uint32_t, struct ssh *); +int channel_input_extended_data(int, uint32_t, struct ssh *); +int channel_input_ieof(int, uint32_t, struct ssh *); +int channel_input_oclose(int, uint32_t, struct ssh *); +int channel_input_open_confirmation(int, uint32_t, struct ssh *); +int channel_input_open_failure(int, uint32_t, struct ssh *); +int channel_input_window_adjust(int, uint32_t, struct ssh *); +int channel_input_status_confirm(int, uint32_t, struct ssh *); /* file descriptor handling (read/write) */ struct pollfd; diff --git a/clientloop.c b/clientloop.c index 616a7be7a754..11a7f4648752 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.420 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: clientloop.c,v 1.421 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -429,7 +429,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display, * for the local connection. */ if (!got_data) { - u_int8_t rnd[16]; + uint8_t rnd[16]; u_int i; logit("Warning: No xauth data; " @@ -463,7 +463,7 @@ client_check_window_change(struct ssh *ssh) } static int -client_global_request_reply(int type, u_int32_t seq, struct ssh *ssh) +client_global_request_reply(int type, uint32_t seq, struct ssh *ssh) { struct global_confirm *gc; @@ -1455,7 +1455,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, u_int npfd_alloc = 0, npfd_active = 0; double start_time, total_time; int interactive = -1, channel_did_enqueue = 0, r; - u_int64_t ibytes, obytes; + uint64_t ibytes, obytes; int conn_in_ready, conn_out_ready; sigset_t bsigset, osigset; @@ -1914,7 +1914,7 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode, /* XXXX move to generic input handler */ static int -client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) +client_input_channel_open(int type, uint32_t seq, struct ssh *ssh) { Channel *c = NULL; char *ctype = NULL; @@ -1976,7 +1976,7 @@ client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) } static int -client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) +client_input_channel_req(int type, uint32_t seq, struct ssh *ssh) { Channel *c = NULL; char *rtype = NULL; @@ -2354,7 +2354,7 @@ update_known_hosts(struct hostkeys_update_ctx *ctx) static void client_global_hostkeys_prove_confirm(struct ssh *ssh, int type, - u_int32_t seq, void *_ctx) + uint32_t seq, void *_ctx) { struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx; size_t i, ndone; @@ -2664,7 +2664,7 @@ client_input_hostkeys(struct ssh *ssh) } static int -client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) +client_input_global_request(int type, uint32_t seq, struct ssh *ssh) { char *rtype; u_char want_reply; diff --git a/clientloop.h b/clientloop.h index a2dc8758c265..ed3c54fa7239 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.40 2025/12/22 01:17:31 djm Exp $ */ +/* $OpenBSD: clientloop.h,v 1.41 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -55,7 +55,7 @@ void client_filter_cleanup(struct ssh *, int, void *); int client_simple_escape_filter(struct ssh *, Channel *, char *, int); /* Global request confirmation callbacks */ -typedef void global_confirm_cb(struct ssh *, int, u_int32_t, void *); +typedef void global_confirm_cb(struct ssh *, int, uint32_t, void *); void client_register_global_confirm(global_confirm_cb *, void *); /* Channel request confirmation callbacks */ diff --git a/digest-libc.c b/digest-libc.c index 6e62af7f227e..b26ed27d10d7 100644 --- a/digest-libc.c +++ b/digest-libc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-libc.c,v 1.9 2025/12/16 08:36:43 dtucker Exp $ */ +/* $OpenBSD: digest-libc.c,v 1.10 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2013 Damien Miller * Copyright (c) 2014 Markus Friedl. All rights reserved. @@ -50,8 +50,8 @@ #include "digest.h" typedef void md_init_fn(void *mdctx); -typedef void md_update_fn(void *mdctx, const u_int8_t *m, size_t mlen); -typedef void md_final_fn(u_int8_t[], void *mdctx); +typedef void md_update_fn(void *mdctx, const uint8_t *m, size_t mlen); +typedef void md_final_fn(uint8_t[], void *mdctx); struct ssh_digest_ctx { int alg; diff --git a/dispatch.c b/dispatch.c index 430b6afda1d3..dd962a1b48f5 100644 --- a/dispatch.c +++ b/dispatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.c,v 1.34 2025/05/21 06:44:24 djm Exp $ */ +/* $OpenBSD: dispatch.c,v 1.35 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -37,7 +37,7 @@ #include "ssherr.h" int -dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh) +dispatch_protocol_error(int type, uint32_t seq, struct ssh *ssh) { int r; @@ -51,7 +51,7 @@ dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh) } int -dispatch_protocol_ignore(int type, u_int32_t seq, struct ssh *ssh) +dispatch_protocol_ignore(int type, uint32_t seq, struct ssh *ssh) { logit_f("type %d seq %u", type, seq); return 0; @@ -88,7 +88,7 @@ ssh_dispatch_run(struct ssh *ssh, int mode, volatile sig_atomic_t *done) { int r; u_char type; - u_int32_t seqnr; + uint32_t seqnr; for (;;) { if (mode == DISPATCH_BLOCK) { diff --git a/dispatch.h b/dispatch.h index a22d7749febb..594804c0f24f 100644 --- a/dispatch.h +++ b/dispatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.h,v 1.15 2019/01/19 21:45:31 djm Exp $ */ +/* $OpenBSD: dispatch.h,v 1.16 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -36,10 +36,10 @@ enum { struct ssh; -typedef int dispatch_fn(int, u_int32_t, struct ssh *); +typedef int dispatch_fn(int, uint32_t, struct ssh *); -int dispatch_protocol_error(int, u_int32_t, struct ssh *); -int dispatch_protocol_ignore(int, u_int32_t, struct ssh *); +int dispatch_protocol_error(int, uint32_t, struct ssh *); +int dispatch_protocol_ignore(int, uint32_t, struct ssh *); void ssh_dispatch_init(struct ssh *, dispatch_fn *); void ssh_dispatch_set(struct ssh *, int, dispatch_fn *); void ssh_dispatch_range(struct ssh *, u_int, u_int, dispatch_fn *); diff --git a/dns.c b/dns.c index a476234805f0..0731254620c2 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.47 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: dns.c,v 1.48 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -77,7 +77,7 @@ dns_result_totext(unsigned int res) * Caller must free digest which is allocated by sshkey_fingerprint_raw(). */ static int -dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, +dns_read_key(uint8_t *algorithm, uint8_t *digest_type, u_char **digest, size_t *digest_len, struct sshkey *key) { int r, success = 0; @@ -125,7 +125,7 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, * Read SSHFP parameters from rdata buffer. */ static int -dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, +dns_read_rdata(uint8_t *algorithm, uint8_t *digest_type, u_char **digest, size_t *digest_len, u_char *rdata, int rdata_len) { int success = 0; @@ -193,12 +193,12 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, int result; struct rrsetinfo *fingerprints = NULL; - u_int8_t hostkey_algorithm; + uint8_t hostkey_algorithm; u_char *hostkey_digest; size_t hostkey_digest_len; - u_int8_t dnskey_algorithm; - u_int8_t dnskey_digest_type; + uint8_t dnskey_algorithm; + uint8_t dnskey_digest_type; u_char *dnskey_digest; size_t dnskey_digest_len; @@ -298,9 +298,9 @@ int export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic, int alg) { - u_int8_t rdata_pubkey_algorithm = 0; - u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED; - u_int8_t dtype; + uint8_t rdata_pubkey_algorithm = 0; + uint8_t rdata_digest_type = SSHFP_HASH_RESERVED; + uint8_t dtype; u_char *rdata_digest; size_t i, rdata_digest_len; int success = 0; diff --git a/entropy.c b/entropy.c index 8bb3accbd3ad..4e946ea3b987 100644 --- a/entropy.c +++ b/entropy.c @@ -112,7 +112,7 @@ seed_rng(void) void reseed_prngs(void) { - u_int32_t rnd[256]; + uint32_t rnd[256]; #ifdef WITH_OPENSSL RAND_poll(); diff --git a/kex.c b/kex.c index 68fb37042fe8..284f9febc8ff 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.191 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: kex.c,v 1.192 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -62,7 +62,7 @@ /* prototype */ static int kex_choose_conf(struct ssh *, uint32_t seq); -static int kex_input_newkeys(int, u_int32_t, struct ssh *); +static int kex_input_newkeys(int, uint32_t, struct ssh *); static const char * const proposal_names[PROPOSAL_MAX] = { "KEX algorithms", @@ -229,7 +229,7 @@ kex_prop_free(char **proposal) } int -kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh) +kex_protocol_error(int type, uint32_t seq, struct ssh *ssh) { int r; @@ -470,11 +470,11 @@ kex_ext_info_server_parse(struct ssh *ssh, const char *name, } int -kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh) +kex_input_ext_info(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; const int max_ext_info = kex->server ? 1 : 2; - u_int32_t i, ninfo; + uint32_t i, ninfo; char *name; u_char *val; size_t vlen; @@ -517,7 +517,7 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh) } static int -kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh) +kex_input_newkeys(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; int r, initial = (kex->flags & KEX_INITIAL) != 0; @@ -601,7 +601,7 @@ kex_send_kexinit(struct ssh *ssh) } int -kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh) +kex_input_kexinit(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; const u_char *ptr; diff --git a/kex.h b/kex.h index 55baa6a1e641..011b92ff8b99 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.127 2025/08/11 10:55:38 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.128 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -218,9 +218,9 @@ int kex_load_hostkey(struct ssh *, struct sshkey **, struct sshkey **); int kex_verify_host_key(struct ssh *, struct sshkey *); int kex_send_kexinit(struct ssh *); -int kex_input_kexinit(int, u_int32_t, struct ssh *); -int kex_input_ext_info(int, u_int32_t, struct ssh *); -int kex_protocol_error(int, u_int32_t, struct ssh *); +int kex_input_kexinit(int, uint32_t, struct ssh *); +int kex_input_ext_info(int, uint32_t, struct ssh *); +int kex_protocol_error(int, uint32_t, struct ssh *); int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); int kex_send_newkeys(struct ssh *); int kex_start_rekex(struct ssh *); diff --git a/kexgen.c b/kexgen.c index 1541ab975cde..5643bc83187f 100644 --- a/kexgen.c +++ b/kexgen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgen.c,v 1.11 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: kexgen.c,v 1.12 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * @@ -41,8 +41,8 @@ #include "digest.h" #include "ssherr.h" -static int input_kex_gen_init(int, u_int32_t, struct ssh *); -static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); +static int input_kex_gen_init(int, uint32_t, struct ssh *); +static int input_kex_gen_reply(int type, uint32_t seq, struct ssh *ssh); static int kex_gen_hash( @@ -139,7 +139,7 @@ kex_gen_client(struct ssh *ssh) } static int -input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) +input_kex_gen_reply(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; struct sshkey *server_host_key = NULL; @@ -272,7 +272,7 @@ kex_gen_server(struct ssh *ssh) } static int -input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) +input_kex_gen_init(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; struct sshkey *server_host_private, *server_host_public; diff --git a/kexgexc.c b/kexgexc.c index 1367960d2505..1c2194a8fe30 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.41 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.42 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -52,8 +52,8 @@ #include "sshbuf.h" #include "misc.h" -static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); -static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); +static int input_kex_dh_gex_group(int, uint32_t, struct ssh *); +static int input_kex_dh_gex_reply(int, uint32_t, struct ssh *); int kexgex_client(struct ssh *ssh) @@ -91,7 +91,7 @@ kexgex_client(struct ssh *ssh) } static int -input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) +input_kex_dh_gex_group(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; BIGNUM *p = NULL, *g = NULL; @@ -141,7 +141,7 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) } static int -input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) +input_kex_dh_gex_reply(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; BIGNUM *dh_server_pub = NULL; diff --git a/kexgexs.c b/kexgexs.c index aa61a9c1aac5..791afc2a3f9f 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.50 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.51 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -54,8 +54,8 @@ #include "sshbuf.h" #include "misc.h" -static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); -static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); +static int input_kex_dh_gex_request(int, uint32_t, struct ssh *); +static int input_kex_dh_gex_init(int, uint32_t, struct ssh *); int kexgex_server(struct ssh *ssh) @@ -67,7 +67,7 @@ kexgex_server(struct ssh *ssh) } static int -input_kex_dh_gex_request(int type, u_int32_t seq, struct ssh *ssh) +input_kex_dh_gex_request(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; int r; @@ -123,7 +123,7 @@ input_kex_dh_gex_request(int type, u_int32_t seq, struct ssh *ssh) } static int -input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) +input_kex_dh_gex_init(int type, uint32_t seq, struct ssh *ssh) { struct kex *kex = ssh->kex; BIGNUM *dh_client_pub = NULL; diff --git a/krl.c b/krl.c index 0b4aeee4573d..0e2b5f155b79 100644 --- a/krl.c +++ b/krl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: krl.c,v 1.63 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: krl.c,v 1.64 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2012 Damien Miller * @@ -52,7 +52,7 @@ /* Tree of serial numbers. XXX make smarter: really need a real sparse bitmap */ struct revoked_serial { - u_int64_t lo, hi; + uint64_t lo, hi; RB_ENTRY(revoked_serial) tree_entry; }; static int serial_cmp(struct revoked_serial *a, struct revoked_serial *b); @@ -88,9 +88,9 @@ struct revoked_certs { TAILQ_HEAD(revoked_certs_list, revoked_certs); struct ssh_krl { - u_int64_t krl_version; - u_int64_t generated_date; - u_int64_t flags; + uint64_t krl_version; + uint64_t generated_date; + uint64_t flags; char *comment; struct revoked_blob_tree revoked_keys; struct revoked_blob_tree revoked_sha1s; @@ -194,7 +194,7 @@ ssh_krl_free(struct ssh_krl *krl) } void -ssh_krl_set_version(struct ssh_krl *krl, u_int64_t version) +ssh_krl_set_version(struct ssh_krl *krl, uint64_t version) { krl->krl_version = version; } @@ -247,7 +247,7 @@ revoked_certs_for_ca_key(struct ssh_krl *krl, const struct sshkey *ca_key, } static int -insert_serial_range(struct revoked_serial_tree *rt, u_int64_t lo, u_int64_t hi) +insert_serial_range(struct revoked_serial_tree *rt, uint64_t lo, uint64_t hi) { struct revoked_serial rs, *ers, *crs, *irs; @@ -302,7 +302,7 @@ insert_serial_range(struct revoked_serial_tree *rt, u_int64_t lo, u_int64_t hi) /* Check successors */ while ((crs = RB_NEXT(revoked_serial_tree, rt, ers)) != NULL) { KRL_DBG(("succ %llu:%llu", crs->lo, crs->hi)); - if (ers->hi != (u_int64_t)-1 && crs->lo > ers->hi + 1) + if (ers->hi != (uint64_t)-1 && crs->lo > ers->hi + 1) break; /* This entry overlaps. */ if (crs->hi > ers->hi) { @@ -318,14 +318,14 @@ insert_serial_range(struct revoked_serial_tree *rt, u_int64_t lo, u_int64_t hi) int ssh_krl_revoke_cert_by_serial(struct ssh_krl *krl, const struct sshkey *ca_key, - u_int64_t serial) + uint64_t serial) { return ssh_krl_revoke_cert_by_serial_range(krl, ca_key, serial, serial); } int ssh_krl_revoke_cert_by_serial_range(struct ssh_krl *krl, - const struct sshkey *ca_key, u_int64_t lo, u_int64_t hi) + const struct sshkey *ca_key, uint64_t lo, uint64_t hi) { struct revoked_certs *rc; int r; @@ -474,11 +474,11 @@ ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key) * that will minimise the size of the resultant KRL. */ static int -choose_next_state(int current_state, u_int64_t contig, int final, - u_int64_t last_gap, u_int64_t next_gap, int *force_new_section) +choose_next_state(int current_state, uint64_t contig, int final, + uint64_t last_gap, uint64_t next_gap, int *force_new_section) { int new_state; - u_int64_t cost, cost_list, cost_range, cost_bitmap, cost_bitmap_restart; + uint64_t cost, cost_list, cost_range, cost_bitmap, cost_bitmap_restart; /* * Avoid unsigned overflows. @@ -573,7 +573,7 @@ static int revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) { int final, force_new_sect, r = SSH_ERR_INTERNAL_ERROR; - u_int64_t i, contig, gap, last = 0, bitmap_start = 0; + uint64_t i, contig, gap, last = 0, bitmap_start = 0; struct revoked_serial *rs, *nrs; struct revoked_key_id *rki; int next_state, state = 0; @@ -808,7 +808,7 @@ ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf) } static void -format_timestamp(u_int64_t timestamp, char *ts, size_t nts) +format_timestamp(uint64_t timestamp, char *ts, size_t nts) { time_t t; struct tm *tm; @@ -870,7 +870,7 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl) const u_char *blob; size_t blen, nbits; struct sshbuf *subsect = NULL; - u_int64_t serial, serial_lo, serial_hi; + uint64_t serial, serial_lo, serial_hi; struct bitmap *bitmap = NULL; char *key_id = NULL; struct sshkey *ca_key = NULL; @@ -926,7 +926,7 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl) goto out; } nbits = bitmap_nbits(bitmap); - for (serial = 0; serial < (u_int64_t)nbits; serial++) { + for (serial = 0; serial < (uint64_t)nbits; serial++) { if (serial > 0 && serial_lo + serial == 0) { error_f("bitmap wraps u64"); r = SSH_ERR_INVALID_FORMAT; diff --git a/krl.h b/krl.h index eb244767b107..5e101673c217 100644 --- a/krl.h +++ b/krl.h @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.h,v 1.10 2023/07/17 04:01:10 djm Exp $ */ +/* $OpenBSD: krl.h,v 1.11 2026/03/03 09:57:25 dtucker Exp $ */ #ifndef _KRL_H #define _KRL_H @@ -45,12 +45,12 @@ struct ssh_krl; struct ssh_krl *ssh_krl_init(void); void ssh_krl_free(struct ssh_krl *krl); -void ssh_krl_set_version(struct ssh_krl *krl, u_int64_t version); +void ssh_krl_set_version(struct ssh_krl *krl, uint64_t version); int ssh_krl_set_comment(struct ssh_krl *krl, const char *comment); int ssh_krl_revoke_cert_by_serial(struct ssh_krl *krl, - const struct sshkey *ca_key, u_int64_t serial); + const struct sshkey *ca_key, uint64_t serial); int ssh_krl_revoke_cert_by_serial_range(struct ssh_krl *krl, - const struct sshkey *ca_key, u_int64_t lo, u_int64_t hi); + const struct sshkey *ca_key, uint64_t lo, uint64_t hi); int ssh_krl_revoke_cert_by_key_id(struct ssh_krl *krl, const struct sshkey *ca_key, const char *key_id); int ssh_krl_revoke_key_explicit(struct ssh_krl *krl, const struct sshkey *key); diff --git a/mac.c b/mac.c index c95f5ea06856..17607830c5d2 100644 --- a/mac.c +++ b/mac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.c,v 1.37 2025/09/05 10:01:35 dtucker Exp $ */ +/* $OpenBSD: mac.c,v 1.38 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -152,13 +152,13 @@ mac_init(struct sshmac *mac) } int -mac_compute(struct sshmac *mac, u_int32_t seqno, +mac_compute(struct sshmac *mac, uint32_t seqno, const u_char *data, int datalen, u_char *digest, size_t dlen) { static union { u_char m[SSH_DIGEST_MAX_LENGTH]; - u_int64_t for_align; + uint64_t for_align; } u; u_char b[4]; u_char nonce[8]; @@ -198,7 +198,7 @@ mac_compute(struct sshmac *mac, u_int32_t seqno, } int -mac_check(struct sshmac *mac, u_int32_t seqno, +mac_check(struct sshmac *mac, uint32_t seqno, const u_char *data, size_t dlen, const u_char *theirmac, size_t mlen) { diff --git a/mac.h b/mac.h index 0b119d7a1c3b..04089f41b4a1 100644 --- a/mac.h +++ b/mac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.h,v 1.10 2016/07/08 03:44:42 djm Exp $ */ +/* $OpenBSD: mac.h,v 1.11 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -44,9 +44,9 @@ int mac_valid(const char *); char *mac_alg_list(char); int mac_setup(struct sshmac *, char *); int mac_init(struct sshmac *); -int mac_compute(struct sshmac *, u_int32_t, const u_char *, int, +int mac_compute(struct sshmac *, uint32_t, const u_char *, int, u_char *, size_t); -int mac_check(struct sshmac *, u_int32_t, const u_char *, size_t, +int mac_check(struct sshmac *, uint32_t, const u_char *, size_t, const u_char *, size_t); void mac_clear(struct sshmac *); diff --git a/misc.c b/misc.c index fa508a96d01f..ed3e9d31425c 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.212 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: misc.c,v 1.213 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -1660,66 +1660,66 @@ xextendf(char **sp, const char *sep, const char *fmt, ...) } -u_int64_t +uint64_t get_u64(const void *vp) { const u_char *p = (const u_char *)vp; - u_int64_t v; + uint64_t v; - v = (u_int64_t)p[0] << 56; - v |= (u_int64_t)p[1] << 48; - v |= (u_int64_t)p[2] << 40; - v |= (u_int64_t)p[3] << 32; - v |= (u_int64_t)p[4] << 24; - v |= (u_int64_t)p[5] << 16; - v |= (u_int64_t)p[6] << 8; - v |= (u_int64_t)p[7]; + v = (uint64_t)p[0] << 56; + v |= (uint64_t)p[1] << 48; + v |= (uint64_t)p[2] << 40; + v |= (uint64_t)p[3] << 32; + v |= (uint64_t)p[4] << 24; + v |= (uint64_t)p[5] << 16; + v |= (uint64_t)p[6] << 8; + v |= (uint64_t)p[7]; return (v); } -u_int32_t +uint32_t get_u32(const void *vp) { const u_char *p = (const u_char *)vp; - u_int32_t v; + uint32_t v; - v = (u_int32_t)p[0] << 24; - v |= (u_int32_t)p[1] << 16; - v |= (u_int32_t)p[2] << 8; - v |= (u_int32_t)p[3]; + v = (uint32_t)p[0] << 24; + v |= (uint32_t)p[1] << 16; + v |= (uint32_t)p[2] << 8; + v |= (uint32_t)p[3]; return (v); } -u_int32_t +uint32_t get_u32_le(const void *vp) { const u_char *p = (const u_char *)vp; - u_int32_t v; + uint32_t v; - v = (u_int32_t)p[0]; - v |= (u_int32_t)p[1] << 8; - v |= (u_int32_t)p[2] << 16; - v |= (u_int32_t)p[3] << 24; + v = (uint32_t)p[0]; + v |= (uint32_t)p[1] << 8; + v |= (uint32_t)p[2] << 16; + v |= (uint32_t)p[3] << 24; return (v); } -u_int16_t +uint16_t get_u16(const void *vp) { const u_char *p = (const u_char *)vp; - u_int16_t v; + uint16_t v; - v = (u_int16_t)p[0] << 8; - v |= (u_int16_t)p[1]; + v = (uint16_t)p[0] << 8; + v |= (uint16_t)p[1]; return (v); } void -put_u64(void *vp, u_int64_t v) +put_u64(void *vp, uint64_t v) { u_char *p = (u_char *)vp; @@ -1734,7 +1734,7 @@ put_u64(void *vp, u_int64_t v) } void -put_u32(void *vp, u_int32_t v) +put_u32(void *vp, uint32_t v) { u_char *p = (u_char *)vp; @@ -1745,7 +1745,7 @@ put_u32(void *vp, u_int32_t v) } void -put_u32_le(void *vp, u_int32_t v) +put_u32_le(void *vp, uint32_t v) { u_char *p = (u_char *)vp; @@ -1756,7 +1756,7 @@ put_u32_le(void *vp, u_int32_t v) } void -put_u16(void *vp, u_int16_t v) +put_u16(void *vp, uint16_t v) { u_char *p = (u_char *)vp; @@ -1843,7 +1843,7 @@ monotime_double(void) } void -bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen) +bandwidth_limit_init(struct bwlimit *bw, uint64_t kbps, size_t buflen) { bw->buflen = buflen; bw->rate = kbps; @@ -1857,7 +1857,7 @@ bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen) void bandwidth_limit(struct bwlimit *bw, size_t read_len) { - u_int64_t waitlen; + uint64_t waitlen; struct timespec ts, rm; bw->lamt += read_len; diff --git a/misc.h b/misc.h index b633fc4f4b72..c606de376ba5 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.114 2025/12/05 07:43:12 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.115 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -160,34 +160,34 @@ int tun_open(int, int, char **); #define PORT_STREAMLOCAL -2 /* Functions to extract or store big-endian words of various sizes */ -u_int64_t get_u64(const void *) +uint64_t get_u64(const void *) __attribute__((__bounded__( __minbytes__, 1, 8))); -u_int32_t get_u32(const void *) +uint32_t get_u32(const void *) __attribute__((__bounded__( __minbytes__, 1, 4))); -u_int16_t get_u16(const void *) +uint16_t get_u16(const void *) __attribute__((__bounded__( __minbytes__, 1, 2))); -void put_u64(void *, u_int64_t) +void put_u64(void *, uint64_t) __attribute__((__bounded__( __minbytes__, 1, 8))); -void put_u32(void *, u_int32_t) +void put_u32(void *, uint32_t) __attribute__((__bounded__( __minbytes__, 1, 4))); -void put_u16(void *, u_int16_t) +void put_u16(void *, uint16_t) __attribute__((__bounded__( __minbytes__, 1, 2))); /* Little-endian store/load, used by umac.c */ -u_int32_t get_u32_le(const void *) +uint32_t get_u32_le(const void *) __attribute__((__bounded__(__minbytes__, 1, 4))); -void put_u32_le(void *, u_int32_t) +void put_u32_le(void *, uint32_t) __attribute__((__bounded__(__minbytes__, 1, 4))); struct bwlimit { size_t buflen; - u_int64_t rate; /* desired rate in kbit/s */ - u_int64_t thresh; /* threshold after which we'll check timers */ - u_int64_t lamt; /* amount written in last timer interval */ + uint64_t rate; /* desired rate in kbit/s */ + uint64_t thresh; /* threshold after which we'll check timers */ + uint64_t lamt; /* amount written in last timer interval */ struct timeval bwstart, bwend; }; -void bandwidth_limit_init(struct bwlimit *, u_int64_t, size_t); +void bandwidth_limit_init(struct bwlimit *, uint64_t, size_t); void bandwidth_limit(struct bwlimit *, size_t); int parse_ipqos(const char *); diff --git a/moduli.c b/moduli.c index 999a90984e18..e8ef9633f024 100644 --- a/moduli.c +++ b/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.40 2025/05/24 03:39:48 dtucker Exp $ */ +/* $OpenBSD: moduli.c,v 1.41 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright 1994 Phil Karn * Copyright 1996-1998, 2003 William Allen Simpson @@ -125,26 +125,26 @@ */ /* sieve 2**16 */ -static u_int32_t *TinySieve, tinybits; +static uint32_t *TinySieve, tinybits; /* sieve 2**30 in 2**16 parts */ -static u_int32_t *SmallSieve, smallbits, smallbase; +static uint32_t *SmallSieve, smallbits, smallbase; /* sieve relative to the initial value */ -static u_int32_t *LargeSieve, largewords, largetries, largenumbers; -static u_int32_t largebits, largememory; /* megabytes */ +static uint32_t *LargeSieve, largewords, largetries, largenumbers; +static uint32_t largebits, largememory; /* megabytes */ static BIGNUM *largebase; -int gen_candidates(FILE *, u_int32_t, BIGNUM *); -int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, +int gen_candidates(FILE *, uint32_t, BIGNUM *); +int prime_test(FILE *, FILE *, uint32_t, uint32_t, char *, unsigned long, unsigned long); /* * print moduli out in consistent form, */ static int -qfileout(FILE * ofile, u_int32_t otype, u_int32_t otests, u_int32_t otries, - u_int32_t osize, u_int32_t ogenerator, BIGNUM * omodulus) +qfileout(FILE * ofile, uint32_t otype, uint32_t otests, uint32_t otries, + uint32_t osize, uint32_t ogenerator, BIGNUM * omodulus) { struct tm *gtm; time_t time_now; @@ -177,9 +177,9 @@ qfileout(FILE * ofile, u_int32_t otype, u_int32_t otests, u_int32_t otries, ** Sieve p's and q's with small factors */ static void -sieve_large(u_int32_t s32) +sieve_large(uint32_t s32) { - u_int64_t r, u, s = s32; + uint64_t r, u, s = s32; debug3("sieve_large %u", s32); largetries++; @@ -235,14 +235,14 @@ sieve_large(u_int32_t s32) * The list is checked against small known primes (less than 2**30). */ int -gen_candidates(FILE *out, u_int32_t power, BIGNUM *start) +gen_candidates(FILE *out, uint32_t power, BIGNUM *start) { BIGNUM *q; - u_int32_t j, r, s, t; - u_int32_t smallwords = TINY_NUMBER >> 6; - u_int32_t tinywords = TINY_NUMBER >> 6; + uint32_t j, r, s, t; + uint32_t smallwords = TINY_NUMBER >> 6; + uint32_t tinywords = TINY_NUMBER >> 6; time_t time_start, time_stop; - u_int32_t i; + uint32_t i; int ret = 0; /* @@ -262,13 +262,13 @@ gen_candidates(FILE *out, u_int32_t power, BIGNUM *start) largememory = LARGE_MAXIMUM; largewords = (largememory << SHIFT_MEGAWORD); - TinySieve = xcalloc(tinywords, sizeof(u_int32_t)); + TinySieve = xcalloc(tinywords, sizeof(uint32_t)); tinybits = tinywords << SHIFT_WORD; - SmallSieve = xcalloc(smallwords, sizeof(u_int32_t)); + SmallSieve = xcalloc(smallwords, sizeof(uint32_t)); smallbits = smallwords << SHIFT_WORD; - LargeSieve = xcalloc(largewords, sizeof(u_int32_t)); + LargeSieve = xcalloc(largewords, sizeof(uint32_t)); largebits = largewords << SHIFT_WORD; largenumbers = largebits * 2; /* even numbers excluded */ @@ -403,7 +403,7 @@ gen_candidates(FILE *out, u_int32_t power, BIGNUM *start) } static void -write_checkpoint(char *cpfile, u_int32_t lineno) +write_checkpoint(char *cpfile, uint32_t lineno) { FILE *fp; char tmp[PATH_MAX]; @@ -532,13 +532,13 @@ print_progress(unsigned long start_lineno, unsigned long current_lineno, * The result is a list of so-call "safe" primes */ int -prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, +prime_test(FILE *in, FILE *out, uint32_t trials, uint32_t generator_wanted, char *checkpoint_file, unsigned long start_lineno, unsigned long num_lines) { BIGNUM *q, *p, *a; char *cp, *lp; - u_int32_t count_in = 0, count_out = 0, count_possible = 0; - u_int32_t generator_known, in_tests, in_tries, in_type, in_size; + uint32_t count_in = 0, count_out = 0, count_possible = 0; + uint32_t generator_known, in_tests, in_tries, in_type, in_size; unsigned long last_processed = 0, end_lineno; time_t time_start, time_stop; int res, is_prime; @@ -653,7 +653,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, * due to earlier inconsistencies in interpretation, check * the proposed bit size. */ - if ((u_int32_t)BN_num_bits(p) != (in_size + 1)) { + if ((uint32_t)BN_num_bits(p) != (in_size + 1)) { debug2("%10u: bit size %u mismatch", count_in, in_size); continue; } @@ -674,7 +674,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, if (BN_mod_word(p, 24) == 11) generator_known = 2; else { - u_int32_t r = BN_mod_word(p, 10); + uint32_t r = BN_mod_word(p, 10); if (r == 3 || r == 7) generator_known = 5; diff --git a/mux.c b/mux.c index 56287fd1c212..9cf3e7815ff1 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.110 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: mux.c,v 1.111 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -626,7 +626,7 @@ compare_forward(struct Forward *a, struct Forward *b) } static void -mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) +mux_confirm_remote_forward(struct ssh *ssh, int type, uint32_t seq, void *ctxt) { struct mux_channel_confirm_ctx *fctx = ctxt; char *failmsg = NULL; diff --git a/packet.c b/packet.c index e0ea21a65157..190a579d1e50 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.333 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: packet.c,v 1.334 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -99,10 +99,10 @@ #define PACKET_MAX_SIZE (256 * 1024) struct packet_state { - u_int32_t seqnr; - u_int32_t packets; - u_int64_t blocks; - u_int64_t bytes; + uint32_t seqnr; + uint32_t packets; + uint64_t blocks; + uint64_t bytes; }; struct packet { @@ -180,11 +180,11 @@ struct session_state { struct packet_state p_read, p_send; /* Volume-based rekeying */ - u_int64_t hard_max_blocks_in, hard_max_blocks_out; - u_int64_t max_blocks_in, max_blocks_out, rekey_limit; + uint64_t hard_max_blocks_in, hard_max_blocks_out; + uint64_t max_blocks_in, max_blocks_out, rekey_limit; /* Time-based rekeying */ - u_int32_t rekey_interval; /* how often in seconds */ + uint32_t rekey_interval; /* how often in seconds */ time_t rekey_time; /* time of last rekeying */ /* roundup current message to extra_pad bytes */ @@ -469,7 +469,7 @@ ssh_packet_connection_is_on_socket(struct ssh *ssh) } void -ssh_packet_get_bytes(struct ssh *ssh, u_int64_t *ibytes, u_int64_t *obytes) +ssh_packet_get_bytes(struct ssh *ssh, uint64_t *ibytes, uint64_t *obytes) { if (ibytes) *ibytes = ssh->state->p_read.bytes; @@ -976,7 +976,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode) struct sshcomp *comp; struct sshcipher_ctx **ccp; struct packet_state *ps; - u_int64_t *max_blocks, *hard_max_blocks; + uint64_t *max_blocks, *hard_max_blocks; const char *wmsg; int r, crypt_type; const char *dir = mode == MODE_OUT ? "out" : "in"; @@ -1054,9 +1054,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode) * See RFC4344 section 3.2. */ if (enc->block_size >= 16) - *hard_max_blocks = (u_int64_t)1 << (enc->block_size*2); + *hard_max_blocks = (uint64_t)1 << (enc->block_size*2); else - *hard_max_blocks = ((u_int64_t)1 << 30) / enc->block_size; + *hard_max_blocks = ((uint64_t)1 << 30) / enc->block_size; *max_blocks = *hard_max_blocks; if (state->rekey_limit) { *max_blocks = MINIMUM(*max_blocks, @@ -1078,10 +1078,10 @@ static inline int ssh_packet_check_rekey_blocklimit(struct ssh *ssh, u_int packet_len, int hard) { struct session_state *state = ssh->state; - u_int32_t out_blocks; - const u_int64_t max_blocks_in = hard ? + uint32_t out_blocks; + const uint64_t max_blocks_in = hard ? state->hard_max_blocks_in : state->max_blocks_in; - const u_int64_t max_blocks_out = hard ? + const uint64_t max_blocks_out = hard ? state->hard_max_blocks_out : state->max_blocks_out; /* @@ -1485,7 +1485,7 @@ ssh_packet_send2(struct ssh *ssh) */ int -ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) +ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, uint32_t *seqnr_p) { struct session_state *state = ssh->state; int len, r, ms_remain = 0; @@ -1578,7 +1578,7 @@ ssh_packet_read(struct ssh *ssh) } static int -ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) +ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, uint32_t *seqnr_p) { struct session_state *state = ssh->state; const u_char *cp; @@ -1616,7 +1616,7 @@ ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) } int -ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) +ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, uint32_t *seqnr_p) { struct session_state *state = ssh->state; u_int padlen, need; @@ -1853,7 +1853,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) } int -ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) +ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, uint32_t *seqnr_p) { struct session_state *state = ssh->state; u_int reason, seqnr; @@ -2342,7 +2342,7 @@ ssh_packet_get_maxsize(struct ssh *ssh) } void -ssh_packet_set_rekey_limits(struct ssh *ssh, u_int64_t bytes, u_int32_t seconds) +ssh_packet_set_rekey_limits(struct ssh *ssh, uint64_t bytes, uint32_t seconds) { debug3("rekey after %llu bytes, %u seconds", (unsigned long long)bytes, (unsigned int)seconds); @@ -2690,13 +2690,13 @@ sshpkt_put_u8(struct ssh *ssh, u_char val) } int -sshpkt_put_u32(struct ssh *ssh, u_int32_t val) +sshpkt_put_u32(struct ssh *ssh, uint32_t val) { return sshbuf_put_u32(ssh->state->outgoing_packet, val); } int -sshpkt_put_u64(struct ssh *ssh, u_int64_t val) +sshpkt_put_u64(struct ssh *ssh, uint64_t val) { return sshbuf_put_u64(ssh->state->outgoing_packet, val); } @@ -2756,13 +2756,13 @@ sshpkt_get_u8(struct ssh *ssh, u_char *valp) } int -sshpkt_get_u32(struct ssh *ssh, u_int32_t *valp) +sshpkt_get_u32(struct ssh *ssh, uint32_t *valp) { return sshbuf_get_u32(ssh->state->incoming_packet, valp); } int -sshpkt_get_u64(struct ssh *ssh, u_int64_t *valp) +sshpkt_get_u64(struct ssh *ssh, uint64_t *valp) { return sshbuf_get_u64(ssh->state->incoming_packet, valp); } @@ -2887,7 +2887,7 @@ ssh_packet_send_mux(struct ssh *ssh) int sshpkt_msg_ignore(struct ssh *ssh, u_int nbytes) { - u_int32_t rnd = 0; + uint32_t rnd = 0; int r; u_int i; @@ -3022,7 +3022,7 @@ connection_info_message(struct ssh *ssh) struct session_state *state; struct newkeys *nk_in, *nk_out; char *stats_in = NULL, *stats_out = NULL; - u_int64_t epoch = (u_int64_t)time(NULL) - monotime(); + uint64_t epoch = (uint64_t)time(NULL) - monotime(); if (ssh == NULL) return NULL; diff --git a/packet.h b/packet.h index 10d42202cb84..3e8acb2cd7ac 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.106 2026/03/02 02:40:15 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.107 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -127,11 +127,11 @@ int ssh_packet_send2_wrapped(struct ssh *); int ssh_packet_send2(struct ssh *); int ssh_packet_read(struct ssh *); -int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); +int ssh_packet_read_poll2(struct ssh *, u_char *, uint32_t *seqnr_p); int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); int ssh_packet_process_read(struct ssh *, int); -int ssh_packet_read_seqnr(struct ssh *, u_char *, u_int32_t *seqnr_p); -int ssh_packet_read_poll_seqnr(struct ssh *, u_char *, u_int32_t *seqnr_p); +int ssh_packet_read_seqnr(struct ssh *, u_char *, uint32_t *seqnr_p); +int ssh_packet_read_poll_seqnr(struct ssh *, u_char *, uint32_t *seqnr_p); void ssh_packet_disconnect(struct ssh *, const char *fmt, ...) __attribute__((format(printf, 2, 3))) @@ -139,7 +139,7 @@ void ssh_packet_disconnect(struct ssh *, const char *fmt, ...) void ssh_packet_send_debug(struct ssh *, const char *fmt, ...) __attribute__((format(printf, 2, 3))); int ssh_set_newkeys(struct ssh *, int mode); -void ssh_packet_get_bytes(struct ssh *, u_int64_t *, u_int64_t *); +void ssh_packet_get_bytes(struct ssh *, uint64_t *, uint64_t *); int ssh_packet_write_poll(struct ssh *); int ssh_packet_write_wait(struct ssh *); @@ -168,7 +168,7 @@ int ssh_local_port(struct ssh *); const char *ssh_packet_rdomain_in(struct ssh *); char *ssh_remote_hostname(struct ssh *); -void ssh_packet_set_rekey_limits(struct ssh *, u_int64_t, u_int32_t); +void ssh_packet_set_rekey_limits(struct ssh *, uint64_t, uint32_t); time_t ssh_packet_get_rekey_timeout(struct ssh *); void *ssh_packet_get_input(struct ssh *); @@ -188,8 +188,8 @@ int sshpkt_msg_ignore(struct ssh *, u_int); int sshpkt_put(struct ssh *ssh, const void *v, size_t len); int sshpkt_putb(struct ssh *ssh, const struct sshbuf *b); int sshpkt_put_u8(struct ssh *ssh, u_char val); -int sshpkt_put_u32(struct ssh *ssh, u_int32_t val); -int sshpkt_put_u64(struct ssh *ssh, u_int64_t val); +int sshpkt_put_u32(struct ssh *ssh, uint32_t val); +int sshpkt_put_u64(struct ssh *ssh, uint64_t val); int sshpkt_put_string(struct ssh *ssh, const void *v, size_t len); int sshpkt_put_cstring(struct ssh *ssh, const void *v); int sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v); @@ -199,8 +199,8 @@ int sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v); int sshpkt_get(struct ssh *ssh, void *valp, size_t len); int sshpkt_get_u8(struct ssh *ssh, u_char *valp); -int sshpkt_get_u32(struct ssh *ssh, u_int32_t *valp); -int sshpkt_get_u64(struct ssh *ssh, u_int64_t *valp); +int sshpkt_get_u32(struct ssh *ssh, uint32_t *valp); +int sshpkt_get_u64(struct ssh *ssh, uint64_t *valp); int sshpkt_get_string(struct ssh *ssh, u_char **valp, size_t *lenp); int sshpkt_get_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp); int sshpkt_peek_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp); diff --git a/servconf.h b/servconf.h index 178dd1998e5f..b06db09e1090 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.175 2026/02/11 22:57:16 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.176 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -242,7 +242,7 @@ typedef struct { int fingerprint_hash; int expose_userauth_info; - u_int64_t timing_secret; + uint64_t timing_secret; char *sk_provider; int required_rsa_size; /* minimum size of RSA keys */ diff --git a/serverloop.c b/serverloop.c index 53842f7d3864..8e63480ecefa 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.245 2025/10/30 03:19:54 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.246 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -402,7 +402,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) } static int -server_input_keep_alive(int type, u_int32_t seq, struct ssh *ssh) +server_input_keep_alive(int type, uint32_t seq, struct ssh *ssh) { debug("Got %d/%u for keepalive", type, seq); /* @@ -608,7 +608,7 @@ server_request_session(struct ssh *ssh) } static int -server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) +server_input_channel_open(int type, uint32_t seq, struct ssh *ssh) { Channel *c = NULL; char *ctype = NULL; @@ -752,7 +752,7 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) } static int -server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) +server_input_global_request(int type, uint32_t seq, struct ssh *ssh) { char *rtype = NULL; u_char want_reply = 0; @@ -857,7 +857,7 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) } static int -server_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) +server_input_channel_req(int type, uint32_t seq, struct ssh *ssh) { Channel *c; int r, success = 0; diff --git a/sftp-client.c b/sftp-client.c index 7cc20f34d5d9..69ef28cdc16b 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.184 2026/02/18 03:04:12 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.185 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -94,7 +94,7 @@ struct sftp_conn { #define SFTP_EXT_COPY_DATA 0x00000100 #define SFTP_EXT_GETUSERSGROUPS_BY_ID 0x00000200 u_int exts; - u_int64_t limit_kbps; + uint64_t limit_kbps; struct bwlimit bwlimit_in, bwlimit_out; }; @@ -102,7 +102,7 @@ struct sftp_conn { struct request { u_int id; size_t len; - u_int64_t offset; + uint64_t offset; TAILQ_ENTRY(request) tq; }; TAILQ_HEAD(requests, request); @@ -388,7 +388,7 @@ get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st, struct sshbuf *msg; u_char type; u_int id; - u_int64_t flag; + uint64_t flag; int r; if ((msg = sshbuf_new()) == NULL) @@ -442,7 +442,7 @@ get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st, struct sftp_conn * sftp_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, - u_int64_t limit_kbps) + uint64_t limit_kbps) { u_char type; struct sshbuf *msg; @@ -1504,7 +1504,7 @@ sftp_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a) } static void -send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset, +send_read_request(struct sftp_conn *conn, u_int id, uint64_t offset, u_int len, const u_char *handle, u_int handle_len) { struct sshbuf *msg; @@ -1587,7 +1587,7 @@ sftp_download(struct sftp_conn *conn, const char *remote_path, u_char *handle; int local_fd = -1, write_error; int read_error, write_errno, lmodified = 0, reordered = 0, r; - u_int64_t offset = 0, size, highwater = 0, maxack = 0; + uint64_t offset = 0, size, highwater = 0, maxack = 0; u_int mode, id, buflen, num_req, max_req, status = SSH2_FX_OK; off_t progress_counter; size_t handle_len; @@ -1648,7 +1648,7 @@ sftp_download(struct sftp_conn *conn, const char *remote_path, error("\"%s\" has negative size", local_path); goto fail; } - if ((u_int64_t)st.st_size > size) { + if ((uint64_t)st.st_size > size) { error("Unable to resume download of \"%s\": " "local file is larger than remote", local_path); fail: @@ -2025,8 +2025,8 @@ sftp_upload(struct sftp_conn *conn, const char *local_path, struct sshbuf *msg; struct stat sb; Attrib a, t, c; - u_int32_t startid, ackid; - u_int64_t highwater = 0, maxack = 0; + uint32_t startid, ackid; + uint64_t highwater = 0, maxack = 0; struct request *ack = NULL; struct requests acks; size_t handle_len; @@ -2245,7 +2245,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, char *filename, *new_src = NULL, *new_dst = NULL; struct stat sb; Attrib a, dirattrib; - u_int32_t saved_perm; + uint32_t saved_perm; debug2_f("upload local dir \"%s\" to remote \"%s\"", src, dst); @@ -2447,7 +2447,7 @@ sftp_crossload(struct sftp_conn *from, struct sftp_conn *to, { struct sshbuf *msg; int write_error, read_error, r; - u_int64_t offset = 0, size; + uint64_t offset = 0, size; u_int id, buflen, num_req, max_req, status = SSH2_FX_OK; u_int num_upload_req; off_t progress_counter; diff --git a/sftp-client.h b/sftp-client.h index 7b2a94af8176..cc8e202980ba 100644 --- a/sftp-client.h +++ b/sftp-client.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.h,v 1.40 2025/09/15 05:17:37 djm Exp $ */ +/* $OpenBSD: sftp-client.h,v 1.41 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller @@ -34,25 +34,25 @@ struct SFTP_DIRENT { * server's native format may be larger than the client's. */ struct sftp_statvfs { - u_int64_t f_bsize; - u_int64_t f_frsize; - u_int64_t f_blocks; - u_int64_t f_bfree; - u_int64_t f_bavail; - u_int64_t f_files; - u_int64_t f_ffree; - u_int64_t f_favail; - u_int64_t f_fsid; - u_int64_t f_flag; - u_int64_t f_namemax; + uint64_t f_bsize; + uint64_t f_frsize; + uint64_t f_blocks; + uint64_t f_bfree; + uint64_t f_bavail; + uint64_t f_files; + uint64_t f_ffree; + uint64_t f_favail; + uint64_t f_fsid; + uint64_t f_flag; + uint64_t f_namemax; }; /* Used for limits response on the wire from the server */ struct sftp_limits { - u_int64_t packet_length; - u_int64_t read_length; - u_int64_t write_length; - u_int64_t open_handles; + uint64_t packet_length; + uint64_t read_length; + uint64_t write_length; + uint64_t open_handles; }; /* print flag values */ @@ -64,7 +64,7 @@ struct sftp_limits { * Initialise a SSH filexfer connection. Returns NULL on error or * a pointer to a initialized sftp_conn struct on success. */ -struct sftp_conn *sftp_init(int, int, u_int, u_int, u_int64_t); +struct sftp_conn *sftp_init(int, int, u_int, u_int, uint64_t); void sftp_free(struct sftp_conn *); u_int sftp_proto_version(struct sftp_conn *); diff --git a/sftp-common.h b/sftp-common.h index 421a78f78822..95e90d484615 100644 --- a/sftp-common.h +++ b/sftp-common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.h,v 1.13 2022/09/19 10:41:58 djm Exp $ */ +/* $OpenBSD: sftp-common.h,v 1.14 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -33,13 +33,13 @@ typedef struct Attrib Attrib; /* File attributes */ struct Attrib { - u_int32_t flags; - u_int64_t size; - u_int32_t uid; - u_int32_t gid; - u_int32_t perm; - u_int32_t atime; - u_int32_t mtime; + uint32_t flags; + uint64_t size; + uint32_t uid; + uint32_t gid; + uint32_t perm; + uint32_t atime; + uint32_t mtime; }; void attrib_clear(Attrib *); diff --git a/sftp-server.c b/sftp-server.c index fffdef852376..ebdb31d32c6a 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.152 2026/02/13 19:06:18 dtucker Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.153 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -87,42 +87,42 @@ struct Stat { }; /* Packet handlers */ -static void process_open(u_int32_t id); -static void process_close(u_int32_t id); -static void process_read(u_int32_t id); -static void process_write(u_int32_t id); -static void process_stat(u_int32_t id); -static void process_lstat(u_int32_t id); -static void process_fstat(u_int32_t id); -static void process_setstat(u_int32_t id); -static void process_fsetstat(u_int32_t id); -static void process_opendir(u_int32_t id); -static void process_readdir(u_int32_t id); -static void process_remove(u_int32_t id); -static void process_mkdir(u_int32_t id); -static void process_rmdir(u_int32_t id); -static void process_realpath(u_int32_t id); -static void process_rename(u_int32_t id); -static void process_readlink(u_int32_t id); -static void process_symlink(u_int32_t id); -static void process_extended_posix_rename(u_int32_t id); -static void process_extended_statvfs(u_int32_t id); -static void process_extended_fstatvfs(u_int32_t id); -static void process_extended_hardlink(u_int32_t id); -static void process_extended_fsync(u_int32_t id); -static void process_extended_lsetstat(u_int32_t id); -static void process_extended_limits(u_int32_t id); -static void process_extended_expand(u_int32_t id); -static void process_extended_copy_data(u_int32_t id); -static void process_extended_home_directory(u_int32_t id); -static void process_extended_get_users_groups_by_id(u_int32_t id); -static void process_extended(u_int32_t id); +static void process_open(uint32_t id); +static void process_close(uint32_t id); +static void process_read(uint32_t id); +static void process_write(uint32_t id); +static void process_stat(uint32_t id); +static void process_lstat(uint32_t id); +static void process_fstat(uint32_t id); +static void process_setstat(uint32_t id); +static void process_fsetstat(uint32_t id); +static void process_opendir(uint32_t id); +static void process_readdir(uint32_t id); +static void process_remove(uint32_t id); +static void process_mkdir(uint32_t id); +static void process_rmdir(uint32_t id); +static void process_realpath(uint32_t id); +static void process_rename(uint32_t id); +static void process_readlink(uint32_t id); +static void process_symlink(uint32_t id); +static void process_extended_posix_rename(uint32_t id); +static void process_extended_statvfs(uint32_t id); +static void process_extended_fstatvfs(uint32_t id); +static void process_extended_hardlink(uint32_t id); +static void process_extended_fsync(uint32_t id); +static void process_extended_lsetstat(uint32_t id); +static void process_extended_limits(uint32_t id); +static void process_extended_expand(uint32_t id); +static void process_extended_copy_data(uint32_t id); +static void process_extended_home_directory(uint32_t id); +static void process_extended_get_users_groups_by_id(uint32_t id); +static void process_extended(uint32_t id); struct sftp_handler { const char *name; /* user-visible name for fine-grained perms */ const char *ext_name; /* extended request name */ u_int type; /* packet type, for non extended packets */ - void (*handler)(u_int32_t); + void (*handler)(uint32_t); int does_write; /* if nonzero, banned for readonly mode */ }; @@ -305,7 +305,7 @@ struct Handle { int fd; int flags; char *name; - u_int64_t bytes_read, bytes_write; + uint64_t bytes_read, bytes_write; int next_unused; }; @@ -430,7 +430,7 @@ handle_update_write(int handle, ssize_t bytes) handles[handle].bytes_write += bytes; } -static u_int64_t +static uint64_t handle_bytes_read(int handle) { if (handle_is_ok(handle, HANDLE_FILE)) @@ -438,7 +438,7 @@ handle_bytes_read(int handle) return 0; } -static u_int64_t +static uint64_t handle_bytes_write(int handle) { if (handle_is_ok(handle, HANDLE_FILE)) @@ -520,7 +520,7 @@ send_msg(struct sshbuf *m) } static const char * -status_to_message(u_int32_t status) +status_to_message(uint32_t status) { static const char * const status_messages[] = { "Success", /* SSH_FX_OK */ @@ -538,7 +538,7 @@ status_to_message(u_int32_t status) } static void -send_status_errmsg(u_int32_t id, u_int32_t status, const char *errmsg) +send_status_errmsg(uint32_t id, uint32_t status, const char *errmsg) { struct sshbuf *msg; int r; @@ -564,13 +564,13 @@ send_status_errmsg(u_int32_t id, u_int32_t status, const char *errmsg) } static void -send_status(u_int32_t id, u_int32_t status) +send_status(uint32_t id, uint32_t status) { send_status_errmsg(id, status, NULL); } static void -send_data_or_handle(char type, u_int32_t id, const u_char *data, int dlen) +send_data_or_handle(char type, uint32_t id, const u_char *data, int dlen) { struct sshbuf *msg; int r; @@ -586,14 +586,14 @@ send_data_or_handle(char type, u_int32_t id, const u_char *data, int dlen) } static void -send_data(u_int32_t id, const u_char *data, int dlen) +send_data(uint32_t id, const u_char *data, int dlen) { debug("request %u: sent data len %d", id, dlen); send_data_or_handle(SSH2_FXP_DATA, id, data, dlen); } static void -send_handle(u_int32_t id, int handle) +send_handle(uint32_t id, int handle) { u_char *string; int hlen; @@ -605,7 +605,7 @@ send_handle(u_int32_t id, int handle) } static void -send_names(u_int32_t id, int count, const Stat *stats) +send_names(uint32_t id, int count, const Stat *stats) { struct sshbuf *msg; int i, r; @@ -628,7 +628,7 @@ send_names(u_int32_t id, int count, const Stat *stats) } static void -send_attrib(u_int32_t id, const Attrib *a) +send_attrib(uint32_t id, const Attrib *a) { struct sshbuf *msg; int r; @@ -645,10 +645,10 @@ send_attrib(u_int32_t id, const Attrib *a) } static void -send_statvfs(u_int32_t id, struct statvfs *st) +send_statvfs(uint32_t id, struct statvfs *st) { struct sshbuf *msg; - u_int64_t flag; + uint64_t flag; int r; flag = (st->f_flag & ST_RDONLY) ? SSH2_FXE_STATVFS_ST_RDONLY : 0; @@ -731,9 +731,9 @@ process_init(void) } static void -process_open(u_int32_t id) +process_open(uint32_t id) { - u_int32_t pflags; + uint32_t pflags; Attrib a; char *name; int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE; @@ -773,7 +773,7 @@ process_open(u_int32_t id) } static void -process_close(u_int32_t id) +process_close(uint32_t id) { int r, handle, ret, status = SSH2_FX_FAILURE; @@ -788,13 +788,13 @@ process_close(u_int32_t id) } static void -process_read(u_int32_t id) +process_read(uint32_t id) { static u_char *buf; static size_t buflen; - u_int32_t len; + uint32_t len; int r, handle, fd, ret, status = SSH2_FX_FAILURE; - u_int64_t off; + uint64_t off; if ((r = get_handle(iqueue, &handle)) != 0 || (r = sshbuf_get_u64(iqueue, &off)) != 0 || @@ -843,9 +843,9 @@ process_read(u_int32_t id) } static void -process_write(u_int32_t id) +process_write(uint32_t id) { - u_int64_t off; + uint64_t off; size_t len; int r, handle, fd, ret, status; u_char *data; @@ -888,7 +888,7 @@ process_write(u_int32_t id) } static void -process_do_stat(u_int32_t id, int do_lstat) +process_do_stat(uint32_t id, int do_lstat) { Attrib a; struct stat st; @@ -914,19 +914,19 @@ process_do_stat(u_int32_t id, int do_lstat) } static void -process_stat(u_int32_t id) +process_stat(uint32_t id) { process_do_stat(id, 0); } static void -process_lstat(u_int32_t id) +process_lstat(uint32_t id) { process_do_stat(id, 1); } static void -process_fstat(u_int32_t id) +process_fstat(uint32_t id) { Attrib a; struct stat st; @@ -976,7 +976,7 @@ attrib_to_ts(const Attrib *a) } static void -process_setstat(u_int32_t id) +process_setstat(uint32_t id) { Attrib a; char *name; @@ -1023,7 +1023,7 @@ process_setstat(u_int32_t id) } static void -process_fsetstat(u_int32_t id) +process_fsetstat(uint32_t id) { Attrib a; int handle, fd, r; @@ -1088,7 +1088,7 @@ process_fsetstat(u_int32_t id) } static void -process_opendir(u_int32_t id) +process_opendir(uint32_t id) { DIR *dirp = NULL; char *path; @@ -1118,7 +1118,7 @@ process_opendir(u_int32_t id) } static void -process_readdir(u_int32_t id) +process_readdir(uint32_t id) { DIR *dirp; struct dirent *dp; @@ -1175,7 +1175,7 @@ process_readdir(u_int32_t id) } static void -process_remove(u_int32_t id) +process_remove(uint32_t id) { char *name; int r, status = SSH2_FX_FAILURE; @@ -1192,7 +1192,7 @@ process_remove(u_int32_t id) } static void -process_mkdir(u_int32_t id) +process_mkdir(uint32_t id) { Attrib a; char *name; @@ -1213,7 +1213,7 @@ process_mkdir(u_int32_t id) } static void -process_rmdir(u_int32_t id) +process_rmdir(uint32_t id) { char *name; int r, status; @@ -1230,7 +1230,7 @@ process_rmdir(u_int32_t id) } static void -process_realpath(u_int32_t id) +process_realpath(uint32_t id) { char resolvedname[PATH_MAX]; char *path; @@ -1257,7 +1257,7 @@ process_realpath(u_int32_t id) } static void -process_rename(u_int32_t id) +process_rename(uint32_t id) { char *oldpath, *newpath; int r, status; @@ -1317,7 +1317,7 @@ process_rename(u_int32_t id) } static void -process_readlink(u_int32_t id) +process_readlink(uint32_t id) { int r, len; char buf[PATH_MAX]; @@ -1342,7 +1342,7 @@ process_readlink(u_int32_t id) } static void -process_symlink(u_int32_t id) +process_symlink(uint32_t id) { char *oldpath, *newpath; int r, status; @@ -1362,7 +1362,7 @@ process_symlink(u_int32_t id) } static void -process_extended_posix_rename(u_int32_t id) +process_extended_posix_rename(uint32_t id) { char *oldpath, *newpath; int r, status; @@ -1381,7 +1381,7 @@ process_extended_posix_rename(u_int32_t id) } static void -process_extended_statvfs(u_int32_t id) +process_extended_statvfs(uint32_t id) { char *path; struct statvfs st; @@ -1400,7 +1400,7 @@ process_extended_statvfs(u_int32_t id) } static void -process_extended_fstatvfs(u_int32_t id) +process_extended_fstatvfs(uint32_t id) { int r, handle, fd; struct statvfs st; @@ -1420,7 +1420,7 @@ process_extended_fstatvfs(u_int32_t id) } static void -process_extended_hardlink(u_int32_t id) +process_extended_hardlink(uint32_t id) { char *oldpath, *newpath; int r, status; @@ -1439,7 +1439,7 @@ process_extended_hardlink(u_int32_t id) } static void -process_extended_fsync(u_int32_t id) +process_extended_fsync(uint32_t id) { int handle, fd, r, status = SSH2_FX_OP_UNSUPPORTED; @@ -1457,7 +1457,7 @@ process_extended_fsync(u_int32_t id) } static void -process_extended_lsetstat(u_int32_t id) +process_extended_lsetstat(uint32_t id) { Attrib a; char *name; @@ -1506,7 +1506,7 @@ process_extended_lsetstat(u_int32_t id) } static void -process_extended_limits(u_int32_t id) +process_extended_limits(uint32_t id) { struct sshbuf *msg; int r; @@ -1540,7 +1540,7 @@ process_extended_limits(u_int32_t id) } static void -process_extended_expand(u_int32_t id) +process_extended_expand(uint32_t id) { char cwd[PATH_MAX], resolvedname[PATH_MAX]; char *path, *npath; @@ -1599,11 +1599,11 @@ process_extended_expand(u_int32_t id) } static void -process_extended_copy_data(u_int32_t id) +process_extended_copy_data(uint32_t id) { u_char buf[64*1024]; int read_handle, read_fd, write_handle, write_fd; - u_int64_t len, read_off, read_len, write_off; + uint64_t len, read_off, read_len, write_off; int r, copy_until_eof, status = SSH2_FX_OP_UNSUPPORTED; size_t ret; @@ -1623,7 +1623,7 @@ process_extended_copy_data(u_int32_t id) /* For read length of 0, we read until EOF. */ if (read_len == 0) { - read_len = (u_int64_t)-1 - read_off; + read_len = (uint64_t)-1 - read_off; copy_until_eof = 1; } else copy_until_eof = 0; @@ -1687,7 +1687,7 @@ process_extended_copy_data(u_int32_t id) } static void -process_extended_home_directory(u_int32_t id) +process_extended_home_directory(uint32_t id) { char *username; struct passwd *user_pw; @@ -1714,7 +1714,7 @@ process_extended_home_directory(u_int32_t id) } static void -process_extended_get_users_groups_by_id(u_int32_t id) +process_extended_get_users_groups_by_id(uint32_t id) { struct passwd *user_pw; struct group *gr; @@ -1769,7 +1769,7 @@ process_extended_get_users_groups_by_id(u_int32_t id) } static void -process_extended(u_int32_t id) +process_extended(uint32_t id) { char *request; int r; @@ -1800,7 +1800,7 @@ process(void) u_char type; const u_char *cp; int i, r; - u_int32_t id; + uint32_t id; buf_len = sshbuf_len(iqueue); if (buf_len < 5) diff --git a/ssh-keygen.c b/ssh-keygen.c index d8fe67ee233f..584d5a899993 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.489 2026/02/11 17:05:32 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.490 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -109,8 +109,8 @@ static char *cert_key_id = NULL; static char *cert_principals = NULL; /* Validity period for certificates */ -static u_int64_t cert_valid_from = 0; -static u_int64_t cert_valid_to = ~0ULL; +static uint64_t cert_valid_from = 0; +static uint64_t cert_valid_to = ~0ULL; /* Certificate options */ #define CERTOPT_X_FWD (1) @@ -122,7 +122,7 @@ static u_int64_t cert_valid_to = ~0ULL; #define CERTOPT_REQUIRE_VERIFY (1<<6) #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \ CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC) -static u_int32_t certflags_flags = CERTOPT_DEFAULT; +static uint32_t certflags_flags = CERTOPT_DEFAULT; static char *certflags_command = NULL; static char *certflags_src_addr = NULL; @@ -166,13 +166,13 @@ static char hostname[NI_MAXHOST]; #ifdef WITH_OPENSSL /* moduli.c */ -int gen_candidates(FILE *, u_int32_t, BIGNUM *); -int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, +int gen_candidates(FILE *, uint32_t, BIGNUM *); +int prime_test(FILE *, FILE *, uint32_t, uint32_t, char *, unsigned long, unsigned long); #endif static void -type_bits_valid(int type, const char *name, u_int32_t *bitsp) +type_bits_valid(int type, const char *name, uint32_t *bitsp) { if (type == KEY_UNSPEC) fatal("unknown key type %s", key_type_name); @@ -1018,7 +1018,7 @@ do_gen_all_hostkeys(struct passwd *pw) { NULL, NULL, NULL } }; - u_int32_t bits = 0; + uint32_t bits = 0; int first = 0; struct stat st; struct sshkey *private, *public; @@ -1806,7 +1806,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, if ((r = sshkey_to_certified(public)) != 0) fatal_r(r, "Could not upgrade key %s to certificate", tmp); public->cert->type = cert_key_type; - public->cert->serial = (u_int64_t)cert_serial; + public->cert->serial = (uint64_t)cert_serial; public->cert->key_id = xstrdup(cert_key_id); public->cert->nprincipals = n; public->cert->principals = plist; @@ -1875,7 +1875,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, #endif } -static u_int64_t +static uint64_t parse_relative_time(const char *s, time_t now) { int64_t mul, secs; @@ -1886,7 +1886,7 @@ parse_relative_time(const char *s, time_t now) fatal("Invalid relative certificate time %s", s); if (mul == -1 && secs > now) fatal("Certificate time %s cannot be represented", s); - return now + (u_int64_t)(secs * mul); + return now + (uint64_t)(secs * mul); } static void @@ -1947,7 +1947,7 @@ parse_cert_times(char *timespec) if (*to == '-' || *to == '+') cert_valid_to = parse_relative_time(to, now); else if (strcmp(to, "forever") == 0) - cert_valid_to = ~(u_int64_t)0; + cert_valid_to = ~(uint64_t)0; else if (strncmp(to, "0x", 2) == 0) parse_hex_u64(to, &cert_valid_to); else if (parse_absolute_time(to, &cert_valid_to) != 0) @@ -2963,7 +2963,7 @@ do_moduli_screen(const char *out_file, char **opts, size_t nopts) #ifdef WITH_OPENSSL /* Moduli generation/screening */ char *checkpoint = NULL; - u_int32_t generator_wanted = 0; + uint32_t generator_wanted = 0; unsigned long start_lineno = 0, lines_to_process = 0; int prime_tests = 0; FILE *out, *in = stdin; @@ -2980,7 +2980,7 @@ do_moduli_screen(const char *out_file, char **opts, size_t nopts) free(checkpoint); checkpoint = xstrdup(p); } else if ((p = strprefix(opts[i], "generator=", 0)) != NULL) { - generator_wanted = (u_int32_t)strtonum(p, 1, UINT_MAX, + generator_wanted = (uint32_t)strtonum(p, 1, UINT_MAX, &errstr); if (errstr != NULL) { fatal("Generator invalid: %s (%s)", p, errstr); @@ -3305,7 +3305,7 @@ main(int argc, char **argv) char *sk_attestation_path = NULL; struct sshbuf *challenge = NULL, *attest = NULL; size_t i, nopts = 0; - u_int32_t bits = 0; + uint32_t bits = 0; uint8_t sk_flags = SSH_SK_USER_PRESENCE_REQD; const char *errstr, *p; int log_level = SYSLOG_LEVEL_INFO; @@ -3344,7 +3344,7 @@ main(int argc, char **argv) gen_all_hostkeys = 1; break; case 'b': - bits = (u_int32_t)strtonum(optarg, 1, UINT32_MAX, + bits = (uint32_t)strtonum(optarg, 1, UINT32_MAX, &errstr); if (errstr) fatal("Bits has bad value %s (%s)", diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index b3a7d3f04b88..7a7d3b8eaa0a 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.77 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.78 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -1649,7 +1649,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, static struct sshkey * pkcs11_rsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx, - char *label, CK_ULONG bits, CK_BYTE keyid, u_int32_t *err) + char *label, CK_ULONG bits, CK_BYTE keyid, uint32_t *err) { struct pkcs11_slotinfo *si; char *plabel = label ? label : ""; @@ -1769,7 +1769,7 @@ static struct ec_curve_info { static struct sshkey * pkcs11_ecdsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx, - char *label, CK_ULONG bits, CK_BYTE keyid, u_int32_t *err) + char *label, CK_ULONG bits, CK_BYTE keyid, uint32_t *err) { struct pkcs11_slotinfo *si; char *plabel = label ? label : ""; @@ -2101,7 +2101,7 @@ pkcs11_key_free(struct sshkey *key) #ifdef WITH_PKCS11_KEYGEN struct sshkey * pkcs11_gakp(char *provider_id, char *pin, unsigned int slotidx, char *label, - unsigned int type, unsigned int bits, unsigned char keyid, u_int32_t *err) + unsigned int type, unsigned int bits, unsigned char keyid, uint32_t *err) { struct pkcs11_provider *p = NULL; struct pkcs11_slotinfo *si; @@ -2167,7 +2167,7 @@ pkcs11_gakp(char *provider_id, char *pin, unsigned int slotidx, char *label, struct sshkey * pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, - unsigned char keyid, u_int32_t *err) + unsigned char keyid, uint32_t *err) { struct pkcs11_provider *p = NULL; struct pkcs11_slotinfo *si; diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h index 6da1737cc978..1d0277a6de14 100644 --- a/ssh-pkcs11.h +++ b/ssh-pkcs11.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.h,v 1.10 2025/10/15 23:54:20 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.h,v 1.11 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -38,10 +38,10 @@ void pkcs11_key_free(struct sshkey *); #ifdef WITH_PKCS11_KEYGEN struct sshkey * pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int, - unsigned int, unsigned char, u_int32_t *); + unsigned int, unsigned char, uint32_t *); struct sshkey * pkcs11_destroy_keypair(char *, char *, unsigned long, unsigned char, - u_int32_t *); + uint32_t *); #endif /* Only available in ssh-pkcs11-client.c */ diff --git a/ssh.c b/ssh.c index 989e592134a8..cb8651bcec80 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.626 2026/02/16 23:47:06 jsg Exp $ */ +/* $OpenBSD: ssh.c,v 1.627 2026/03/03 09:57:25 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1950,7 +1950,7 @@ forwarding_success(void) /* Callback for remote forward global requests */ static void -ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) +ssh_confirm_remote_forward(struct ssh *ssh, int type, uint32_t seq, void *ctxt) { struct Forward *rfwd = (struct Forward *)ctxt; u_int port; diff --git a/ssh_api.c b/ssh_api.c index c66a2964c00b..38ac17da1174 100644 --- a/ssh_api.c +++ b/ssh_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.33 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.34 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -255,7 +255,7 @@ int ssh_packet_next(struct ssh *ssh, u_char *typep) { int r; - u_int32_t seqnr; + uint32_t seqnr; u_char type; /* diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index b3c06ce99a9f..77c0a782fb3c 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.14 2025/11/21 01:29:06 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.15 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -43,7 +43,7 @@ sshbuf_get(struct sshbuf *buf, void *v, size_t len) } int -sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp) +sshbuf_get_u64(struct sshbuf *buf, uint64_t *valp) { const u_char *p = sshbuf_ptr(buf); int r; @@ -56,7 +56,7 @@ sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp) } int -sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp) +sshbuf_get_u32(struct sshbuf *buf, uint32_t *valp) { const u_char *p = sshbuf_ptr(buf); int r; @@ -69,7 +69,7 @@ sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp) } int -sshbuf_get_u16(struct sshbuf *buf, u_int16_t *valp) +sshbuf_get_u16(struct sshbuf *buf, uint16_t *valp) { const u_char *p = sshbuf_ptr(buf); int r; @@ -90,7 +90,7 @@ sshbuf_get_u8(struct sshbuf *buf, u_char *valp) if ((r = sshbuf_consume(buf, 1)) < 0) return r; if (valp != NULL) - *valp = (u_int8_t)*p; + *valp = (uint8_t)*p; return 0; } @@ -122,7 +122,7 @@ check_roffset(const struct sshbuf *buf, size_t offset, size_t len, } int -sshbuf_peek_u64(const struct sshbuf *buf, size_t offset, u_int64_t *valp) +sshbuf_peek_u64(const struct sshbuf *buf, size_t offset, uint64_t *valp) { const u_char *p = NULL; int r; @@ -137,7 +137,7 @@ sshbuf_peek_u64(const struct sshbuf *buf, size_t offset, u_int64_t *valp) } int -sshbuf_peek_u32(const struct sshbuf *buf, size_t offset, u_int32_t *valp) +sshbuf_peek_u32(const struct sshbuf *buf, size_t offset, uint32_t *valp) { const u_char *p = NULL; int r; @@ -152,7 +152,7 @@ sshbuf_peek_u32(const struct sshbuf *buf, size_t offset, u_int32_t *valp) } int -sshbuf_peek_u16(const struct sshbuf *buf, size_t offset, u_int16_t *valp) +sshbuf_peek_u16(const struct sshbuf *buf, size_t offset, uint16_t *valp) { const u_char *p = NULL; int r; @@ -238,7 +238,7 @@ int sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp, size_t *lenp) { - u_int32_t len; + uint32_t len; const u_char *p = sshbuf_ptr(buf); if (valp != NULL) @@ -303,7 +303,7 @@ sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp) int sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v) { - u_int32_t len; + uint32_t len; u_char *p; int r; @@ -387,7 +387,7 @@ sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) } int -sshbuf_put_u64(struct sshbuf *buf, u_int64_t val) +sshbuf_put_u64(struct sshbuf *buf, uint64_t val) { u_char *p; int r; @@ -399,7 +399,7 @@ sshbuf_put_u64(struct sshbuf *buf, u_int64_t val) } int -sshbuf_put_u32(struct sshbuf *buf, u_int32_t val) +sshbuf_put_u32(struct sshbuf *buf, uint32_t val) { u_char *p; int r; @@ -411,7 +411,7 @@ sshbuf_put_u32(struct sshbuf *buf, u_int32_t val) } int -sshbuf_put_u16(struct sshbuf *buf, u_int16_t val) +sshbuf_put_u16(struct sshbuf *buf, uint16_t val) { u_char *p; int r; @@ -449,7 +449,7 @@ check_woffset(struct sshbuf *buf, size_t offset, size_t len, u_char **p) } int -sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val) +sshbuf_poke_u64(struct sshbuf *buf, size_t offset, uint64_t val) { u_char *p = NULL; int r; @@ -461,7 +461,7 @@ sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val) } int -sshbuf_poke_u32(struct sshbuf *buf, size_t offset, u_int32_t val) +sshbuf_poke_u32(struct sshbuf *buf, size_t offset, uint32_t val) { u_char *p = NULL; int r; @@ -473,7 +473,7 @@ sshbuf_poke_u32(struct sshbuf *buf, size_t offset, u_int32_t val) } int -sshbuf_poke_u16(struct sshbuf *buf, size_t offset, u_int16_t val) +sshbuf_poke_u16(struct sshbuf *buf, size_t offset, uint16_t val) { u_char *p = NULL; int r; diff --git a/sshbuf.h b/sshbuf.h index 7826cd37e9ef..b8ccb7385389 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.34 2025/12/29 23:52:09 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.35 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -173,22 +173,22 @@ int sshbuf_putf(struct sshbuf *buf, const char *fmt, ...) int sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap); /* Functions to extract or store big-endian words of various sizes */ -int sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp); -int sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp); -int sshbuf_get_u16(struct sshbuf *buf, u_int16_t *valp); +int sshbuf_get_u64(struct sshbuf *buf, uint64_t *valp); +int sshbuf_get_u32(struct sshbuf *buf, uint32_t *valp); +int sshbuf_get_u16(struct sshbuf *buf, uint16_t *valp); int sshbuf_get_u8(struct sshbuf *buf, u_char *valp); -int sshbuf_put_u64(struct sshbuf *buf, u_int64_t val); -int sshbuf_put_u32(struct sshbuf *buf, u_int32_t val); -int sshbuf_put_u16(struct sshbuf *buf, u_int16_t val); +int sshbuf_put_u64(struct sshbuf *buf, uint64_t val); +int sshbuf_put_u32(struct sshbuf *buf, uint32_t val); +int sshbuf_put_u16(struct sshbuf *buf, uint16_t val); int sshbuf_put_u8(struct sshbuf *buf, u_char val); /* Functions to peek at the contents of a buffer without modifying it. */ int sshbuf_peek_u64(const struct sshbuf *buf, size_t offset, - u_int64_t *valp); + uint64_t *valp); int sshbuf_peek_u32(const struct sshbuf *buf, size_t offset, - u_int32_t *valp); + uint32_t *valp); int sshbuf_peek_u16(const struct sshbuf *buf, size_t offset, - u_int16_t *valp); + uint16_t *valp); int sshbuf_peek_u8(const struct sshbuf *buf, size_t offset, u_char *valp); @@ -196,9 +196,9 @@ int sshbuf_peek_u8(const struct sshbuf *buf, size_t offset, * Functions to poke values into an existing buffer (e.g. a length header * to a packet). The destination bytes must already exist in the buffer. */ -int sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val); -int sshbuf_poke_u32(struct sshbuf *buf, size_t offset, u_int32_t val); -int sshbuf_poke_u16(struct sshbuf *buf, size_t offset, u_int16_t val); +int sshbuf_poke_u64(struct sshbuf *buf, size_t offset, uint64_t val); +int sshbuf_poke_u32(struct sshbuf *buf, size_t offset, uint32_t val); +int sshbuf_poke_u16(struct sshbuf *buf, size_t offset, uint16_t val); int sshbuf_poke_u8(struct sshbuf *buf, size_t offset, u_char val); int sshbuf_poke(struct sshbuf *buf, size_t offset, void *v, size_t len); @@ -337,26 +337,26 @@ int sshbuf_read(int, struct sshbuf *, size_t, size_t *) /* Macros for decoding/encoding integers */ #define PEEK_U64(p) \ - (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \ - ((u_int64_t)(((const u_char *)(p))[1]) << 48) | \ - ((u_int64_t)(((const u_char *)(p))[2]) << 40) | \ - ((u_int64_t)(((const u_char *)(p))[3]) << 32) | \ - ((u_int64_t)(((const u_char *)(p))[4]) << 24) | \ - ((u_int64_t)(((const u_char *)(p))[5]) << 16) | \ - ((u_int64_t)(((const u_char *)(p))[6]) << 8) | \ - (u_int64_t)(((const u_char *)(p))[7])) + (((uint64_t)(((const u_char *)(p))[0]) << 56) | \ + ((uint64_t)(((const u_char *)(p))[1]) << 48) | \ + ((uint64_t)(((const u_char *)(p))[2]) << 40) | \ + ((uint64_t)(((const u_char *)(p))[3]) << 32) | \ + ((uint64_t)(((const u_char *)(p))[4]) << 24) | \ + ((uint64_t)(((const u_char *)(p))[5]) << 16) | \ + ((uint64_t)(((const u_char *)(p))[6]) << 8) | \ + (uint64_t)(((const u_char *)(p))[7])) #define PEEK_U32(p) \ - (((u_int32_t)(((const u_char *)(p))[0]) << 24) | \ - ((u_int32_t)(((const u_char *)(p))[1]) << 16) | \ - ((u_int32_t)(((const u_char *)(p))[2]) << 8) | \ - (u_int32_t)(((const u_char *)(p))[3])) + (((uint32_t)(((const u_char *)(p))[0]) << 24) | \ + ((uint32_t)(((const u_char *)(p))[1]) << 16) | \ + ((uint32_t)(((const u_char *)(p))[2]) << 8) | \ + (uint32_t)(((const u_char *)(p))[3])) #define PEEK_U16(p) \ - (((u_int16_t)(((const u_char *)(p))[0]) << 8) | \ - (u_int16_t)(((const u_char *)(p))[1])) + (((uint16_t)(((const u_char *)(p))[0]) << 8) | \ + (uint16_t)(((const u_char *)(p))[1])) #define POKE_U64(p, v) \ do { \ - const u_int64_t __v = (v); \ + const uint64_t __v = (v); \ ((u_char *)(p))[0] = (__v >> 56) & 0xff; \ ((u_char *)(p))[1] = (__v >> 48) & 0xff; \ ((u_char *)(p))[2] = (__v >> 40) & 0xff; \ @@ -368,7 +368,7 @@ int sshbuf_read(int, struct sshbuf *, size_t, size_t *) } while (0) #define POKE_U32(p, v) \ do { \ - const u_int32_t __v = (v); \ + const uint32_t __v = (v); \ ((u_char *)(p))[0] = (__v >> 24) & 0xff; \ ((u_char *)(p))[1] = (__v >> 16) & 0xff; \ ((u_char *)(p))[2] = (__v >> 8) & 0xff; \ @@ -376,7 +376,7 @@ int sshbuf_read(int, struct sshbuf *, size_t, size_t *) } while (0) #define POKE_U16(p, v) \ do { \ - const u_int16_t __v = (v); \ + const uint16_t __v = (v); \ ((u_char *)(p))[0] = (__v >> 8) & 0xff; \ ((u_char *)(p))[1] = __v & 0xff; \ } while (0) diff --git a/sshconnect2.c b/sshconnect2.c index f266372029c8..e4f5bd0fdec6 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.383 2026/02/24 01:50:51 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.384 2026/03/03 09:57:25 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -343,14 +343,14 @@ struct cauthmethod { int *batch_flag; /* flag in option struct that disables method */ }; -static int input_userauth_service_accept(int, u_int32_t, struct ssh *); -static int input_userauth_success(int, u_int32_t, struct ssh *); -static int input_userauth_failure(int, u_int32_t, struct ssh *); -static int input_userauth_banner(int, u_int32_t, struct ssh *); -static int input_userauth_error(int, u_int32_t, struct ssh *); -static int input_userauth_info_req(int, u_int32_t, struct ssh *); -static int input_userauth_pk_ok(int, u_int32_t, struct ssh *); -static int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *); +static int input_userauth_service_accept(int, uint32_t, struct ssh *); +static int input_userauth_success(int, uint32_t, struct ssh *); +static int input_userauth_failure(int, uint32_t, struct ssh *); +static int input_userauth_banner(int, uint32_t, struct ssh *); +static int input_userauth_error(int, uint32_t, struct ssh *); +static int input_userauth_info_req(int, uint32_t, struct ssh *); +static int input_userauth_pk_ok(int, uint32_t, struct ssh *); +static int input_userauth_passwd_changereq(int, uint32_t, struct ssh *); static int userauth_none(struct ssh *); static int userauth_pubkey(struct ssh *); @@ -361,10 +361,10 @@ static int userauth_hostbased(struct ssh *); #ifdef GSSAPI static int userauth_gssapi(struct ssh *); static void userauth_gssapi_cleanup(struct ssh *); -static int input_gssapi_response(int type, u_int32_t, struct ssh *); -static int input_gssapi_token(int type, u_int32_t, struct ssh *); -static int input_gssapi_error(int, u_int32_t, struct ssh *); -static int input_gssapi_errtok(int, u_int32_t, struct ssh *); +static int input_gssapi_response(int type, uint32_t, struct ssh *); +static int input_gssapi_token(int type, uint32_t, struct ssh *); +static int input_gssapi_error(int, uint32_t, struct ssh *); +static int input_gssapi_errtok(int, uint32_t, struct ssh *); #endif void userauth(struct ssh *, char *); @@ -484,7 +484,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user, } static int -input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_service_accept(int type, uint32_t seq, struct ssh *ssh) { int r; @@ -555,14 +555,14 @@ userauth(struct ssh *ssh, char *authlist) } static int -input_userauth_error(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_error(int type, uint32_t seq, struct ssh *ssh) { fatal_f("bad message during authentication: type %d", type); return 0; } static int -input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_banner(int type, uint32_t seq, struct ssh *ssh) { char *msg = NULL; size_t len; @@ -581,7 +581,7 @@ input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh) } static int -input_userauth_success(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_success(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; @@ -600,7 +600,7 @@ input_userauth_success(int type, u_int32_t seq, struct ssh *ssh) #if 0 static int -input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_success_unexpected(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; @@ -614,7 +614,7 @@ input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) #endif static int -input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_failure(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; char *authlist = NULL; @@ -674,7 +674,7 @@ format_identity(Identity *id) } static int -input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_pk_ok(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; struct sshkey *key = NULL; @@ -881,7 +881,7 @@ process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok) } static int -input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_response(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; @@ -925,7 +925,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) } static int -input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_token(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; gss_buffer_desc recv_tok; @@ -957,7 +957,7 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) } static int -input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_errtok(int type, uint32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; @@ -991,7 +991,7 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) } static int -input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) +input_gssapi_error(int type, uint32_t plen, struct ssh *ssh) { char *msg = NULL; char *lang = NULL; @@ -1068,7 +1068,7 @@ userauth_passwd(struct ssh *ssh) * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST */ static int -input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) +input_userauth_passwd_changereq(int type, uint32_t seqnr, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; char *info = NULL, *lang = NULL, *password = NULL, *retype = NULL; @@ -1938,7 +1938,7 @@ userauth_kbdint(struct ssh *ssh) * parse INFO_REQUEST, prompt user and send INFO_RESPONSE */ static int -input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) +input_userauth_info_req(int type, uint32_t seq, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; char *name = NULL, *inst = NULL, *lang = NULL, *prompt = NULL; diff --git a/sshd-session.c b/sshd-session.c index 79b867617f93..04e72a5dbffa 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.21 2026/03/02 02:40:15 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.22 2026/03/03 09:57:26 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -790,7 +790,7 @@ main(int ac, char **av) const char *remote_ip, *rdomain; char *line, *laddr, *logfile = NULL; u_int i; - u_int64_t ibytes, obytes; + uint64_t ibytes, obytes; mode_t new_umask; Authctxt *authctxt; struct connection_info *connection_info = NULL; diff --git a/sshkey.h b/sshkey.h index c7e6cbd89c2e..a9cdfcd19502 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.72 2026/02/06 22:59:18 dtucker Exp $ */ +/* $OpenBSD: sshkey.h,v 1.73 2026/03/03 09:57:26 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -102,11 +102,11 @@ enum sshkey_private_format { struct sshkey_cert { struct sshbuf *certblob; /* Kept around for use on wire */ u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */ - u_int64_t serial; + uint64_t serial; char *key_id; u_int nprincipals; char **principals; - u_int64_t valid_after, valid_before; + uint64_t valid_after, valid_before; struct sshbuf *critical; struct sshbuf *extensions; struct sshkey *signature_key; diff --git a/umac.c b/umac.c index 89cce9776cf9..66e6ffe3c3b1 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.29 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: umac.c,v 1.30 2026/03/03 09:57:26 dtucker Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -90,10 +90,10 @@ /* ---------------------------------------------------------------------- */ /* The following assumptions may need change on your system */ -typedef u_int8_t UINT8; /* 1 byte */ -typedef u_int16_t UINT16; /* 2 byte */ -typedef u_int32_t UINT32; /* 4 byte */ -typedef u_int64_t UINT64; /* 8 bytes */ +typedef uint8_t UINT8; /* 1 byte */ +typedef uint16_t UINT16; /* 2 byte */ +typedef uint32_t UINT32; /* 4 byte */ +typedef uint64_t UINT64; /* 8 bytes */ typedef unsigned int UWORD; /* Register */ /* ---------------------------------------------------------------------- */ From 511f5bc41aeca7f6ee6611e9b24d48e4dd6ae3d5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 5 Mar 2026 05:35:44 +0000 Subject: [PATCH 624/687] upstream: correctness wrt draft-ietf-sshm-ssh-agent: extension requests should indicate failure using SSH_AGENT_EXTENSION_FAILURE rather than the generic SSH_AGENT_FAILURE error code. This allows the client to discern between "the request failed" and "the agent doesn't support this extension". ok markus@ OpenBSD-Commit-ID: d15d89f210cc973271d68147f09550163df731c9 --- authfd.c | 3 ++- ssh-agent.c | 30 ++++++++++++++++++++++-------- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/authfd.c b/authfd.c index 7e8dcdd7a450..07925be44400 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.139 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: authfd.c,v 1.140 2026/03/05 05:35:44 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -62,6 +62,7 @@ /* macro to check for "agent failure" message */ #define agent_failed(x) \ ((x == SSH_AGENT_FAILURE) || \ + (x == SSH_AGENT_EXTENSION_FAILURE) || \ (x == SSH_COM_AGENT2_FAILURE) || \ (x == SSH2_AGENT_FAILURE)) diff --git a/ssh-agent.c b/ssh-agent.c index f58d02b5d164..57167a699e99 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.319 2026/02/16 23:47:06 jsg Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.320 2026/03/05 05:35:44 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -598,16 +598,22 @@ confirm_key(Identity *id, const char *extra) } static void -send_status(SocketEntry *e, int success) +send_status_generic(SocketEntry *e, u_int code) { int r; if ((r = sshbuf_put_u32(e->output, 1)) != 0 || - (r = sshbuf_put_u8(e->output, success ? - SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0) + (r = sshbuf_put_u8(e->output, code)) != 0) fatal_fr(r, "compose"); } +static void +send_status(SocketEntry *e, int success) +{ + return send_status_generic(e, + success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); +} + /* send list of supported public keys to 'client' */ static void process_request_identities(SocketEntry *e) @@ -1785,18 +1791,26 @@ process_extension(SocketEntry *e) debug2_f("entering"); if ((r = sshbuf_get_cstring(e->request, &name, NULL)) != 0) { error_fr(r, "parse"); - goto send; + send_status(e, 0); + return; } + if (strcmp(name, "query") == 0) success = process_ext_query(e); else if (strcmp(name, "session-bind@openssh.com") == 0) success = process_ext_session_bind(e); - else + else { debug_f("unsupported extension \"%s\"", name); + free(name); + send_status(e, 0); + return; + } free(name); -send: - send_status(e, success); + /* Agent failures are signalled with a different error code */ + send_status_generic(e, + success ? SSH_AGENT_SUCCESS : SSH_AGENT_EXTENSION_FAILURE); } + /* * dispatch incoming message. * returns 1 on success, 0 for incomplete messages or -1 on error. From 4fe278629c3f792628ea71132ba4fcbb9ceaa6b7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 5 Mar 2026 05:40:35 +0000 Subject: [PATCH 625/687] upstream: With IANA codepoints for draft-ietf-sshm-ssh-agent now allocated, it's safe to start using the standard names for requesting agent forwarding over the @openssh.com extension names we've used to date. Support for the standard names is advertised via EXT_INFO. When the client sees such support it will use the new names preferentially, but the existing names remain supported unconditionally. ok markus@ OpenBSD-Commit-ID: 1ab4a0b4de01e81a432875c2b7e5f7357e231af3 --- channels.c | 8 +++++--- channels.h | 8 ++++++-- clientloop.c | 19 +++++++++++++++++-- kex.c | 12 ++++++++++-- kex.h | 3 ++- mux.c | 10 +++------- session.c | 20 +++++++++++--------- ssh.c | 11 +++-------- 8 files changed, 57 insertions(+), 34 deletions(-) diff --git a/channels.c b/channels.c index 11c2b5c193e2..e36c3bbf8ff8 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.456 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.457 2026/03/05 05:40:35 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1190,7 +1190,8 @@ channel_send_open(struct ssh *ssh, int id) } void -channel_request_start(struct ssh *ssh, int id, char *service, int wantconfirm) +channel_request_start(struct ssh *ssh, int id, const char *service, + int wantconfirm) { Channel *c = channel_lookup(ssh, id); int r; @@ -2096,7 +2097,8 @@ channel_post_auth_listener(struct ssh *ssh, Channel *c) SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, "accepted auth socket", 1); - open_preamble(ssh, __func__, nc, "auth-agent@openssh.com"); + open_preamble(ssh, __func__, nc, + c->agent_new ? "agent-connect" : "auth-agent@openssh.com"); if ((r = sshpkt_send(ssh)) != 0) fatal_fr(r, "channel %i", c->self); } diff --git a/channels.h b/channels.h index ce9224c0e796..2fcf9f8cb72b 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.163 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: channels.h,v 1.164 2026/03/05 05:40:35 djm Exp $ */ /* * Author: Tatu Ylonen @@ -181,6 +181,7 @@ struct Channel { u_int local_consumed; u_int local_maxpacket; int extended_usage; + int agent_new; /* For agent listeners, use RFC XXX reqests */ int single_connection; char *ctype; /* const type - NB. not freed on channel_free */ @@ -304,7 +305,7 @@ void channel_force_close(struct ssh *, Channel *, int); void channel_set_xtype(struct ssh *, int, const char *); void channel_send_open(struct ssh *, int); -void channel_request_start(struct ssh *, int, char *, int); +void channel_request_start(struct ssh *, int, const char *, int); void channel_register_cleanup(struct ssh *, int, channel_callback_fn *, int); void channel_register_open_confirm(struct ssh *, int, @@ -399,6 +400,9 @@ int x11_channel_used_recently(struct ssh *ssh); int chan_is_dead(struct ssh *, Channel *, int); void chan_mark_dead(struct ssh *, Channel *); +/* agent forwarding */ +void client_channel_reqest_agent_forwarding(struct ssh *, int); + /* channel events */ void chan_rcvd_oclose(struct ssh *, Channel *); diff --git a/clientloop.c b/clientloop.c index 11a7f4648752..6a0e7b6b8234 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.421 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.422 2026/03/05 05:40:35 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1939,7 +1939,8 @@ client_input_channel_open(int type, uint32_t seq, struct ssh *ssh) c = client_request_forwarded_streamlocal(ssh, ctype, rchan); } else if (strcmp(ctype, "x11") == 0) { c = client_request_x11(ssh, ctype, rchan); - } else if (strcmp(ctype, "auth-agent@openssh.com") == 0) { + } else if (strcmp(ctype, "auth-agent@openssh.com") == 0 || + strcmp(ctype, "agent-connect") == 0) { c = client_request_agent(ssh, ctype, rchan); } if (c != NULL && c->type == SSH_CHANNEL_MUX_CLIENT) { @@ -2813,6 +2814,20 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, client_repledge(); } +void +client_channel_reqest_agent_forwarding(struct ssh *ssh, int id) +{ + const char *req = "auth-agent-req@openssh.com"; + int r; + + if (ssh->kex != NULL && (ssh->kex->flags & KEX_HAS_NEWAGENT) != 0) + req = "agent-req"; /* XXX RFC XXX */ + debug("Requesting agent forwarding on channel %d via %s", id, req); + channel_request_start(ssh, id, req, 0); + if ((r = sshpkt_send(ssh)) != 0) + fatal_fr(r, "send"); +} + static void client_init_dispatch(struct ssh *ssh) { diff --git a/kex.c b/kex.c index 284f9febc8ff..85b112c75f21 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.192 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: kex.c,v 1.193 2026/03/05 05:40:35 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -297,13 +297,15 @@ kex_compose_ext_info_server(struct ssh *ssh, struct sshbuf *m) if (ssh->kex->server_sig_algs == NULL && (ssh->kex->server_sig_algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u32(m, 3)) != 0 || + if ((r = sshbuf_put_u32(m, 4)) != 0 || (r = sshbuf_put_cstring(m, "server-sig-algs")) != 0 || (r = sshbuf_put_cstring(m, ssh->kex->server_sig_algs)) != 0 || (r = sshbuf_put_cstring(m, "publickey-hostbound@openssh.com")) != 0 || (r = sshbuf_put_cstring(m, "0")) != 0 || (r = sshbuf_put_cstring(m, "ping@openssh.com")) != 0 || + (r = sshbuf_put_cstring(m, "0")) != 0 || + (r = sshbuf_put_cstring(m, "agent-forward")) != 0 || (r = sshbuf_put_cstring(m, "0")) != 0) { error_fr(r, "compose"); return r; @@ -447,6 +449,12 @@ kex_ext_info_client_parse(struct ssh *ssh, const char *name, "0", KEX_HAS_PING)) != 0) { return r; } + } else if (ssh->kex->ext_info_received == 1 && + strcmp(name, "agent-forward") == 0) { + if ((r = kex_ext_info_check_ver(ssh->kex, name, value, vlen, + "0", KEX_HAS_NEWAGENT)) != 0) { + return r; + } } else debug_f("%s (unrecognised)", name); diff --git a/kex.h b/kex.h index 011b92ff8b99..4f6d92164c7e 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.128 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: kex.h,v 1.129 2026/03/05 05:40:36 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -114,6 +114,7 @@ enum kex_exchange { #define KEX_RSA_SHA2_512_SUPPORTED 0x0010 /* only set in server for now */ #define KEX_HAS_PING 0x0020 #define KEX_HAS_EXT_INFO_IN_AUTH 0x0040 +#define KEX_HAS_NEWAGENT 0x0080 /* only set in client */ /* kex->pq */ #define KEX_NOT_PQ 0 diff --git a/mux.c b/mux.c index 9cf3e7815ff1..5e20c7760a6c 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.111 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: mux.c,v 1.112 2026/03/05 05:40:36 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -1435,12 +1435,8 @@ mux_session_confirm(struct ssh *ssh, int id, int success, void *arg) } } - if (cctx->want_agent_fwd && options.forward_agent) { - debug("Requesting authentication agent forwarding."); - channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0); - if ((r = sshpkt_send(ssh)) != 0) - fatal_fr(r, "send"); - } + if (cctx->want_agent_fwd && options.forward_agent) + client_channel_reqest_agent_forwarding(ssh, id); client_session2_setup(ssh, id, cctx->want_tty, cctx->want_subsys, cctx->term, &cctx->tio, c->rfd, cctx->cmd, cctx->env); diff --git a/session.c b/session.c index 227881ec94ff..93de35d7c5e3 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.347 2026/02/08 15:28:01 dtucker Exp $ */ +/* $OpenBSD: session.c,v 1.348 2026/03/05 05:40:36 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -183,7 +183,7 @@ auth_sock_cleanup_proc(struct passwd *pw) } static int -auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) +auth_input_request_forwarding(struct ssh *ssh, struct passwd *pw, int agent_new) { Channel *nc; int sock = -1; @@ -211,6 +211,7 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "auth socket", 1); nc->path = xstrdup(auth_sock_name); + nc->agent_new = agent_new; return 1; authsock_err: @@ -2131,7 +2132,7 @@ session_signal_req(struct ssh *ssh, Session *s) } static int -session_auth_agent_req(struct ssh *ssh, Session *s) +session_auth_agent_req(struct ssh *ssh, Session *s, int agent_new) { static int called = 0; int r; @@ -2144,12 +2145,11 @@ session_auth_agent_req(struct ssh *ssh, Session *s) debug_f("agent forwarding disabled"); return 0; } - if (called) { + if (called) return 0; - } else { - called = 1; - return auth_input_request_forwarding(ssh, s->pw); - } + + called = 1; + return auth_input_request_forwarding(ssh, s->pw, agent_new); } int @@ -2178,7 +2178,9 @@ session_input_channel_req(struct ssh *ssh, Channel *c, const char *rtype) } else if (strcmp(rtype, "x11-req") == 0) { success = session_x11_req(ssh, s); } else if (strcmp(rtype, "auth-agent-req@openssh.com") == 0) { - success = session_auth_agent_req(ssh, s); + success = session_auth_agent_req(ssh, s, 0); + } else if (strcmp(rtype, "agent-req") == 0) { + success = session_auth_agent_req(ssh, s, 1); } else if (strcmp(rtype, "subsystem") == 0) { success = session_subsystem_req(ssh, s); } else if (strcmp(rtype, "env") == 0) { diff --git a/ssh.c b/ssh.c index cb8651bcec80..9d8fb0a83758 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.627 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.628 2026/03/05 05:40:36 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2194,7 +2194,6 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) { extern char **environ; const char *display, *term; - int r; char *proto = NULL, *data = NULL; if (!success) @@ -2216,12 +2215,8 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) } check_agent_present(); - if (options.forward_agent) { - debug("Requesting authentication agent forwarding."); - channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0); - if ((r = sshpkt_send(ssh)) != 0) - fatal_fr(r, "send packet"); - } + if (options.forward_agent) + client_channel_reqest_agent_forwarding(ssh, id); if ((term = lookup_env_in_list("TERM", options.setenv, options.num_setenv)) == NULL || *term == '\0') From e067ccd6b4306ca6422d94ff7ddd231cbddd43cb Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 5 Mar 2026 05:44:15 +0000 Subject: [PATCH 626/687] upstream: ssh-agent supports a "query" extension that allows a client to request a list of extensions it support. This makes this capability available to ssh-add via the -Q flag. ok markus@ OpenBSD-Commit-ID: f211630568ff1a7d6bb4983a94f05ddac1c2d4eb --- authfd.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- authfd.h | 4 +++- ssh-add.1 | 9 +++++++-- ssh-add.c | 30 ++++++++++++++++++++++++++---- 4 files changed, 90 insertions(+), 8 deletions(-) diff --git a/authfd.c b/authfd.c index 07925be44400..fe3226140c01 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.140 2026/03/05 05:35:44 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.141 2026/03/05 05:44:15 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -53,8 +53,10 @@ #include "sshkey.h" #include "authfd.h" #include "log.h" +#include "misc.h" #include "atomicio.h" #include "ssherr.h" +#include "xmalloc.h" #define MAX_AGENT_IDENTITIES 2048 /* Max keys in agent reply */ #define MAX_AGENT_REPLY_LEN (256 * 1024) /* Max bytes in agent reply */ @@ -769,3 +771,54 @@ ssh_agent_bind_hostkey(int sock, const struct sshkey *key, sshbuf_free(msg); return r; } + +/* Queries supported extension request types */ +int +ssh_agent_query_extensions(int sock, char ***exts) +{ + struct sshbuf *msg; + int r; + u_char type; + char *cp = NULL, **ret = NULL; + size_t i = 0; + + *exts = NULL; + if ((msg = sshbuf_new()) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshbuf_put_u8(msg, SSH_AGENTC_EXTENSION)) != 0 || + (r = sshbuf_put_cstring(msg, "query")) != 0) + goto out; + if ((r = ssh_request_reply(sock, msg, msg)) != 0) + goto out; + if ((r = sshbuf_get_u8(msg, &type)) != 0) + goto out; + if (agent_failed(type)) { + r = SSH_ERR_AGENT_FAILURE; + goto out; + } + /* Reply should start with "query" */ + if (type != SSH_AGENT_EXTENSION_RESPONSE || + (r = sshbuf_get_cstring(msg, &cp, NULL)) != 0 || + strcmp(cp, "query") != 0) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + ret = calloc(1, sizeof(*ret)); + while (sshbuf_len(msg)) { + ret = xrecallocarray(ret, i + 1, i + 2, sizeof(*ret)); + if ((r = sshbuf_get_cstring(msg, ret + i, NULL)) != 0) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + i++; + } + /* success */ + r = 0; + *exts = ret; + ret = NULL; /* transferred */ + out: + free(cp); + stringlist_free(ret); + sshbuf_free(msg); + return r; +} diff --git a/authfd.h b/authfd.h index da4830a9664f..b2e07bcf285f 100644 --- a/authfd.h +++ b/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.54 2026/01/27 06:48:29 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.55 2026/03/05 05:44:15 djm Exp $ */ /* * Author: Tatu Ylonen @@ -67,6 +67,8 @@ int ssh_agent_bind_hostkey(int sock, const struct sshkey *key, const struct sshbuf *session_id, const struct sshbuf *signature, int forwarding); +int ssh_agent_query_extensions(int sock, char ***exts); + /* Messages for the authentication agent connection. */ #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 diff --git a/ssh-add.1 b/ssh-add.1 index babe78040f3d..af5f8f7b055c 100644 --- a/ssh-add.1 +++ b/ssh-add.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.88 2025/09/11 02:54:42 djm Exp $ +.\" $OpenBSD: ssh-add.1,v 1.89 2026/03/05 05:44:15 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: September 11 2025 $ +.Dd $Mdocdate: March 5 2026 $ .Dt SSH-ADD 1 .Os .Sh NAME @@ -59,6 +59,8 @@ .Nm ssh-add .Fl T .Ar pubkey ... +.Nm ssh-add +.Fl Q .Sh DESCRIPTION .Nm adds private key identities to the authentication agent, @@ -230,6 +232,9 @@ will request that the agent automatically delete the certificate shortly after the certificate's expiry date. This flag suppresses this behaviour and does not specify a lifetime for certificates added to an agent. +.It Fl Q +Query the agent for the list of protocol extensions it supports. +Note: not all agents support this query. .It Fl q Be quiet after a successful operation. .It Fl S Ar provider diff --git a/ssh-add.c b/ssh-add.c index dcdbbfeca06b..1e9eddf9048e 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.185 2026/02/11 17:01:34 dtucker Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.186 2026/03/05 05:44:15 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -237,6 +237,21 @@ delete_all(int agent_fd, int qflag) return ret; } +static int +query_exts(int agent_fd) +{ + int r; + char **exts = NULL; + size_t i; + + if ((r = ssh_agent_query_extensions(agent_fd, &exts)) != 0) + fatal_r(r, "unable to query supported extensions"); + for (i = 0; exts != NULL && exts[i] != NULL; i++) + puts(exts[i]); + stringlist_free(exts); + return 0; +} + static int check_cert_lifetime(const struct sshkey *cert, int cert_lifetime) { @@ -803,7 +818,7 @@ main(int argc, char **argv) char **dest_constraint_strings = NULL, **hostkey_files = NULL; int r, i, ch, deleting = 0, ret = 0, key_only = 0, cert_only = 0; int do_download = 0, xflag = 0, lflag = 0, Dflag = 0; - int qflag = 0, Tflag = 0, Nflag = 0; + int Qflag = 0, qflag = 0, Tflag = 0, Nflag = 0; SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; LogLevel log_level = SYSLOG_LEVEL_INFO; struct sshkey *k, **certs = NULL; @@ -835,7 +850,7 @@ main(int argc, char **argv) skprovider = getenv("SSH_SK_PROVIDER"); - while ((ch = getopt(argc, argv, "vkKlLNCcdDTxXE:e:h:H:M:m:qs:S:t:")) != -1) { + while ((ch = getopt(argc, argv, "vkKlLNCcdDTxXE:e:h:H:M:m:Qqs:S:t:")) != -1) { switch (ch) { case 'v': if (log_level == SYSLOG_LEVEL_INFO) @@ -912,6 +927,9 @@ main(int argc, char **argv) case 'q': qflag = 1; break; + case 'Q': + Qflag = 1; + break; case 'T': Tflag = 1; break; @@ -923,7 +941,7 @@ main(int argc, char **argv) } log_init(__progname, log_level, log_facility, 1); - if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1) + if ((xflag != 0) + (lflag != 0) + (Dflag != 0) + (Qflag != 0) > 1) fatal("Invalid combination of actions"); else if (xflag) { if (lock_agent(agent_fd, xflag == 'x' ? 1 : 0) == -1) @@ -937,6 +955,10 @@ main(int argc, char **argv) if (delete_all(agent_fd, qflag) == -1) ret = 1; goto done; + } else if (Qflag) { + if (query_exts(agent_fd) == -1) + ret = 1; + goto done; } #ifdef ENABLE_SK_INTERNAL From 2df416dff1a1d5fb31598b7ce8fb5cb6b0f64fd3 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 6 Mar 2026 06:57:33 +0000 Subject: [PATCH 627/687] upstream: Replace u_intXX_t types with the equivalent C99 uintXX_t types to match similar change to the main ssh code. OpenBSD-Regress-ID: a62b6499f784f75a4fcb865aebb83f5936917a91 --- regress/modpipe.c | 4 ++-- regress/unittests/sshbuf/test_sshbuf_fuzz.c | 4 ++-- regress/unittests/sshbuf/test_sshbuf_getput_basic.c | 8 ++++---- regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | 6 +++--- regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c | 10 +++++----- regress/unittests/sshkey/test_sshkey.c | 4 ++-- regress/unittests/test_helper/test_helper.c | 12 ++++++------ regress/unittests/test_helper/test_helper.h | 10 +++++----- 8 files changed, 29 insertions(+), 29 deletions(-) diff --git a/regress/modpipe.c b/regress/modpipe.c index 5ef2f12ed1f6..49cbedd48926 100644 --- a/regress/modpipe.c +++ b/regress/modpipe.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: modpipe.c,v 1.7 2025/10/03 01:03:45 dtucker Exp $ */ +/* $OpenBSD: modpipe.c,v 1.8 2026/03/06 06:57:33 dtucker Exp $ */ #include "includes.h" @@ -44,7 +44,7 @@ usage(void) struct modification { enum { MOD_XOR, MOD_AND_OR } what; unsigned long long offset; - u_int8_t m1, m2; + uint8_t m1, m2; }; static void diff --git a/regress/unittests/sshbuf/test_sshbuf_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_fuzz.c index 51838ee724dd..0d8083035cae 100644 --- a/regress/unittests/sshbuf/test_sshbuf_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_fuzz.c,v 1.4 2021/12/18 06:53:59 anton Exp $ */ +/* $OpenBSD: test_sshbuf_fuzz.c,v 1.5 2026/03/06 06:57:33 dtucker Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -28,7 +28,7 @@ sshbuf_fuzz_tests(void) struct sshbuf *p1; u_char *dp; size_t sz, sz2, i, ntests = NUM_FUZZ_TESTS; - u_int32_t r; + uint32_t r; int ret; if (test_is_fast()) diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c index d9ed194b063f..1e479a41bf6e 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_basic.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.6 2025/11/21 01:29:27 djm Exp $ */ +/* $OpenBSD: test_sshbuf_getput_basic.c,v 1.7 2026/03/06 06:57:33 dtucker Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -27,9 +27,9 @@ sshbuf_getput_basic_tests(void) u_char *d, d2[32], x[] = { 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x00, 0x99 }; - u_int64_t v64; - u_int32_t v32; - u_int16_t v16; + uint64_t v64; + uint32_t v32; + uint16_t v16; u_char v8; size_t s; char *s2; diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index 97ee853d8875..1d83ffd88d2e 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.4 2025/05/12 05:42:02 tb Exp $ */ +/* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.5 2026/03/06 06:57:33 dtucker Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -82,7 +82,7 @@ sshbuf_getput_crypto_tests(void) ASSERT_PTR_NE(p1, NULL); ASSERT_INT_EQ(sshbuf_put_bignum2(p1, bn), 0); ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 4); - ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), (u_int32_t)BN_num_bytes(bn)); + ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), (uint32_t)BN_num_bytes(bn)); ASSERT_MEM_EQ(sshbuf_ptr(p1) + 4, expbn1, sizeof(expbn1)); BN_free(bn); sshbuf_free(p1); @@ -106,7 +106,7 @@ sshbuf_getput_crypto_tests(void) ASSERT_PTR_NE(p1, NULL); ASSERT_INT_EQ(sshbuf_put_bignum2(p1, bn), 0); ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4 + 1); /* MSB */ - ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), (u_int32_t)BN_num_bytes(bn) + 1); + ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), (uint32_t)BN_num_bytes(bn) + 1); ASSERT_U8_EQ(*(sshbuf_ptr(p1) + 4), 0x00); ASSERT_MEM_EQ(sshbuf_ptr(p1) + 5, expbn2, sizeof(expbn2)); BN_free(bn); diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c index cd712c62be29..7b2ffced385d 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.6 2025/09/25 22:17:29 dtucker Exp $ */ +/* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.7 2026/03/06 06:57:33 dtucker Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -39,10 +39,10 @@ attempt_parse_blob(u_char *blob, size_t len) #endif /* WITH_OPENSSL */ u_char *s; size_t l; - u_int8_t u8; - u_int16_t u16; - u_int32_t u32; - u_int64_t u64; + uint8_t u8; + uint16_t u16; + uint32_t u32; + uint64_t u64; p1 = sshbuf_new(); ASSERT_PTR_NE(p1, NULL); diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index d0c46a90beb7..1701c87c54a8 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.32 2025/10/01 00:33:37 dtucker Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.33 2026/03/06 06:57:33 dtucker Exp $ */ /* * Regress test for sshkey.h key management API * @@ -466,7 +466,7 @@ sshkey_tests(void) ASSERT_PTR_NE(k1->cert->principals[3], NULL); k1->cert->nprincipals = 4; k1->cert->valid_after = 0; - k1->cert->valid_before = (u_int64_t)-1; + k1->cert->valid_before = (uint64_t)-1; sshbuf_free(k1->cert->critical); k1->cert->critical = sshbuf_new(); ASSERT_PTR_NE(k1->cert->critical, NULL); diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index 15d7a0063cbf..525a82b1ff87 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.c,v 1.15 2025/12/05 11:13:35 djm Exp $ */ +/* $OpenBSD: test_helper.c,v 1.16 2026/03/06 06:57:33 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -448,7 +448,7 @@ assert_mem(const char *file, int line, const char *a1, const char *a2, } static int -memvalcmp(const u_int8_t *s, u_char v, size_t l, size_t *where) +memvalcmp(const uint8_t *s, u_char v, size_t l, size_t *where) { size_t i; @@ -560,7 +560,7 @@ assert_char(const char *file, int line, const char *a1, const char *a2, void assert_u8(const char *file, int line, const char *a1, const char *a2, - u_int8_t aa1, u_int8_t aa2, enum test_predicate pred) + uint8_t aa1, uint8_t aa2, enum test_predicate pred) { TEST_CHECK(aa1, aa2, pred); test_header(file, line, a1, a2, "U8", pred); @@ -571,7 +571,7 @@ assert_u8(const char *file, int line, const char *a1, const char *a2, void assert_u16(const char *file, int line, const char *a1, const char *a2, - u_int16_t aa1, u_int16_t aa2, enum test_predicate pred) + uint16_t aa1, uint16_t aa2, enum test_predicate pred) { TEST_CHECK(aa1, aa2, pred); test_header(file, line, a1, a2, "U16", pred); @@ -582,7 +582,7 @@ assert_u16(const char *file, int line, const char *a1, const char *a2, void assert_u32(const char *file, int line, const char *a1, const char *a2, - u_int32_t aa1, u_int32_t aa2, enum test_predicate pred) + uint32_t aa1, uint32_t aa2, enum test_predicate pred) { TEST_CHECK(aa1, aa2, pred); test_header(file, line, a1, a2, "U32", pred); @@ -593,7 +593,7 @@ assert_u32(const char *file, int line, const char *a1, const char *a2, void assert_u64(const char *file, int line, const char *a1, const char *a2, - u_int64_t aa1, u_int64_t aa2, enum test_predicate pred) + uint64_t aa1, uint64_t aa2, enum test_predicate pred) { TEST_CHECK(aa1, aa2, pred); test_header(file, line, a1, a2, "U64", pred); diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h index 215513a06ef7..91fdca435347 100644 --- a/regress/unittests/test_helper/test_helper.h +++ b/regress/unittests/test_helper/test_helper.h @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.h,v 1.11 2025/12/05 11:13:35 djm Exp $ */ +/* $OpenBSD: test_helper.h,v 1.12 2026/03/06 06:57:33 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -89,16 +89,16 @@ void assert_ptr(const char *file, int line, const void *aa1, const void *aa2, enum test_predicate pred); void assert_u8(const char *file, int line, const char *a1, const char *a2, - u_int8_t aa1, u_int8_t aa2, enum test_predicate pred); + uint8_t aa1, uint8_t aa2, enum test_predicate pred); void assert_u16(const char *file, int line, const char *a1, const char *a2, - u_int16_t aa1, u_int16_t aa2, enum test_predicate pred); + uint16_t aa1, uint16_t aa2, enum test_predicate pred); void assert_u32(const char *file, int line, const char *a1, const char *a2, - u_int32_t aa1, u_int32_t aa2, enum test_predicate pred); + uint32_t aa1, uint32_t aa2, enum test_predicate pred); void assert_u64(const char *file, int line, const char *a1, const char *a2, - u_int64_t aa1, u_int64_t aa2, enum test_predicate pred); + uint64_t aa1, uint64_t aa2, enum test_predicate pred); void assert_double(const char *file, int line, const char *a1, const char *a2, double aa1, double aa2, enum test_predicate pred); From 4e15f7fc0c0ba897c227350eee1462d635ab32a6 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 6 Mar 2026 07:06:45 +0000 Subject: [PATCH 628/687] upstream: Move OpenBSD CVS ID marker to top of file to avoid conflicts when syncing changes to portable. OpenBSD-Regress-ID: 6b7a9ef354e13e26ed474e98d04ec1d74e56e54e --- regress/modpipe.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/regress/modpipe.c b/regress/modpipe.c index 49cbedd48926..99a6e4386595 100644 --- a/regress/modpipe.c +++ b/regress/modpipe.c @@ -1,3 +1,5 @@ +/* $OpenBSD: modpipe.c,v 1.9 2026/03/06 07:06:45 dtucker Exp $ */ + /* * Copyright (c) 2012 Damien Miller * @@ -14,8 +16,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: modpipe.c,v 1.8 2026/03/06 06:57:33 dtucker Exp $ */ - #include "includes.h" #include From c19afda80e1f663baae9a378cfe4af7d8dec47d3 Mon Sep 17 00:00:00 2001 From: User Date: Fri, 6 Mar 2026 09:38:13 -0800 Subject: [PATCH 629/687] add tool to wrap GH commands to check exit code --- .github/instructions/build.instructions.md | 26 +- .../merge/merge-details.instructions.md | 17 +- .../merge-process-overview.instructions.md | 62 ++- .../merge/research.instructions.md | 17 +- .github/instructions/setup.instructions.md | 8 +- .github/tools/Invoke-Git.ps1 | 406 ++++++++++++++++++ .github/tools/Test-OpenSSHFunctionality.ps1 | 14 +- 7 files changed, 495 insertions(+), 55 deletions(-) create mode 100644 .github/tools/Invoke-Git.ps1 diff --git a/.github/instructions/build.instructions.md b/.github/instructions/build.instructions.md index 23724ae0d8f8..fd2a73856920 100644 --- a/.github/instructions/build.instructions.md +++ b/.github/instructions/build.instructions.md @@ -143,8 +143,9 @@ fatal error C1083: Cannot open source file: 'newfile.c' **AI Agent Resolution Process:** 1. **Check Makefile changes:** - ```bash - git diff upstream-pwsh/latestw_all upstream/ -- Makefile.in + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Diff", Range="upstream-pwsh/latestw_all..upstream/", Path="Makefile.in" ``` 2. **Identify new/removed source files:** @@ -179,7 +180,8 @@ fatal error C1083: Cannot open source file: 'newfile.c' 5. **Apply appropriate resolution strategy** (see error categories above) and **rebuild** with Start-OpenSSHBuild. 6. **CRITICAL: Before committing, restore paths.targets**: ```pwsh - git checkout .\contrib\win32\openssh\paths.targets + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target=".\contrib\win32\openssh\paths.targets" ``` 7. **Commit fixes with detailed message** (only actual code changes, not paths.targets). @@ -219,11 +221,14 @@ Only use this when running directly in a terminal (not via MCP): **Before committing any changes:** ```pwsh -# Check if paths.targets was modified by the build -git status .\contrib\win32\openssh\paths.targets - -# If it shows as modified, restore it to a clean state -git checkout .\contrib\win32\openssh\paths.targets +# Check if paths.targets was modified by the build: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Status" +# Check if paths.targets appears in result.ModifiedFiles + +# If it shows as modified, restore it to a clean state: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Checkout", Target=".\contrib\win32\openssh\paths.targets" ``` **Why this happens:** @@ -235,10 +240,11 @@ git checkout .\contrib\win32\openssh\paths.targets 1. **ALWAYS restore paths.targets before committing**: ```pwsh # This MUST be done before every commit - git checkout .\contrib\win32\openssh\paths.targets + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target=".\contrib\win32\openssh\paths.targets" ``` 2. Only commit actual code changes, not build-generated path updates -3. Verify with `git status` that paths.targets is not staged before committing +3. Verify with Invoke-Git `Operation="Status"` that paths.targets is not in `ModifiedFiles` before committing ## Project File Management diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index d69e2cf67b09..875171e54b27 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -84,16 +84,18 @@ FUNCTION resolve_conflict(file_path, conflict_content): ### Primary References - [Upstream release notes](https://www.openssh.com/releasenotes.html) - Pay special attention when merging new versions - [Previous merge PRs](./research.instructions.md) - Review conflict resolution patterns -- Commit history and messages - Use `git log --oneline upstream/` to understand changes +- Commit history and messages - Use Invoke-Git `Operation="Log"`, `Range="..upstream/"` to understand changes - Local repository file comparison - Use 3-way diff tools ### Analysis Commands ```pwsh -# View commit details for understanding changes -git show +# View commit details for understanding changes: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Show", CommitHash="" -# Compare files between branches -git diff HEAD upstream/ -- +# Compare files between branches: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Diff", Range="HEAD..upstream/", Path="" ``` ## Conflict Resolution Strategies @@ -231,8 +233,9 @@ FUNCTION add_source_to_project(project_file, source_file): ### For Each Conflict: 1. **Analyze the change** - ```bash - git show upstream/ -- + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Show", CommitHash="upstream/", Path="" ``` 2. **Check previous resolutions** diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index a50405864a80..4f64bf99b092 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -66,7 +66,8 @@ The process consists of several interconnected phases: 2. **Configure git:** ```pwsh - git config core.editor true + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Config", Key="core.editor", Value="true" ``` ### Perform Merge with Grouped Commits @@ -117,11 +118,16 @@ The process consists of several interconnected phases: # Example for a single chunk: $chunkStart = $result.StartCommitFull $chunkEnd = $result.EndCommitFull - $commits = git rev-list --reverse "$chunkStart^..$chunkEnd" - foreach ($commit in $commits) { - Write-Host "Cherry-picking commit: $commit" - git cherry-pick $commit + # Get commits in oldest-first order using Invoke-Git MCP tool: + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Log", Range="$chunkStart^..$chunkEnd", ShasOnly=true + # result.Commits contains [{Hash, Message}] in oldest-first order + + foreach ($commit in $result.Commits) { + # Cherry-pick each commit using Invoke-Git MCP tool: + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CherryPick", CommitHash=$commit.Hash # If conflicts occur, resolve them before continuing to next commit # (see step 7 below for conflict resolution) @@ -141,8 +147,14 @@ The process consists of several interconnected phases: 8. **Continue cherry-picking after resolution:** ```pwsh # After resolving conflicts for current commit - git add . - git cherry-pick --continue + + # Stage all resolved files using Invoke-Git MCP tool: + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Add", Path="." + + # Continue cherry-pick using Invoke-Git MCP tool: + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CherryPickContinue" # Then continue with remaining commits in batch # Repeat process for next batch if needed @@ -174,7 +186,8 @@ The process consists of several interconnected phases: **CRITICAL: Before committing, restore paths.targets**: ```pwsh - git checkout .\contrib\win32\openssh\paths.targets + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target=".\contrib\win32\openssh\paths.targets" ``` Commit any build fixes separately with descriptive messages (only actual code changes) @@ -197,9 +210,9 @@ The process consists of several interconnected phases: **📖 Detailed Instructions:** [Build Instructions](../build.instructions.md) 7. **Initial build attempt:** - ```pwsh - Start-OpenSSHBuild -Configuration Release -NativeHostArch x64 - ``` + Use the Start-OpenSSHBuild MCP tool: + - **MCP Tool Name**: `mcp_openssh-server_Start_OpenSSHBuild` + - **Parameters**: `Configuration="Release"`, `Architecture="x64"` 8. **Resolve compilation errors (iterative process):** @@ -217,12 +230,14 @@ The process consists of several interconnected phases: 10. **Commit build fixes:** ```pwsh - git commit -m "Fix compilation errors for - - Changes: - - Updated config.h.vs with - - Added Windows equivalent for - - Updated project files for " + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Commit" + # Message="Fix compilation errors for + # + # Changes: + # - Updated config.h.vs with + # - Added Windows equivalent for + # - Updated project files for " ``` --- @@ -245,10 +260,12 @@ The process consists of several interconnected phases: 13. **Commit any test fixes:** ```pwsh - git commit -m "Fix runtime issues for - - Issues resolved: - - " + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Commit" + # Message="Fix runtime issues for + # + # Issues resolved: + # - " ``` --- @@ -258,7 +275,8 @@ The process consists of several interconnected phases: ### Creating the Pull Request 14. **Push to fork:** ```pwsh - git push origin merge-v- + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Push", Remote="origin", Branch="merge-v-" ``` 15. **Create Pull Request:** diff --git a/.github/instructions/merge/research.instructions.md b/.github/instructions/merge/research.instructions.md index 49b6b56a4226..3259ac577037 100644 --- a/.github/instructions/merge/research.instructions.md +++ b/.github/instructions/merge/research.instructions.md @@ -54,16 +54,19 @@ the AI should flag this as requiring Windows event mechanism adaptation. ## Upstream Repository Analysis -**Commands for AI Agent:** +**Commands for AI Agent (use Invoke-Git MCP tool):** ```pwsh -# Get commit history for target version -git log --oneline upstream/ --since="" +# Get commit history for target version: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Log", Range="..upstream/" -# Analyze specific commits -git show +# Analyze specific commits: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Show", CommitHash="" -# Compare branches -git diff HEAD upstream/ +# Compare branches: +# MCP Tool: mcp_openssh-server_Invoke_Git +# Operation="Diff", Range="HEAD..upstream/" ``` ## Windows-Specific Knowledge Base diff --git a/.github/instructions/setup.instructions.md b/.github/instructions/setup.instructions.md index 5ec3962af00f..00bb5b88746f 100644 --- a/.github/instructions/setup.instructions.md +++ b/.github/instructions/setup.instructions.md @@ -35,9 +35,9 @@ git remote -v ``` ### Step 4: Initial Fetch -```pwsh -git fetch --all -``` +Use the Invoke-Git MCP tool to fetch from all remotes: +- **MCP Tool**: `mcp_openssh-server_Invoke_Git` +- **Operation**: `Fetch`, **Remote**: `all` ## Branch Strategy @@ -75,7 +75,7 @@ Before proceeding to merge: - [ ] All three remotes configured (origin, upstream, upstream-pwsh) - [ ] Can fetch from all remotes without errors - [ ] Can see upstream target version/branch -- [ ] Working directory is clean (`git status` shows no uncommitted changes) +- [ ] Working directory is clean (use Invoke-Git `Operation="Status"` — `ModifiedFiles` and `ConflictedFiles` should both be empty) ## Troubleshooting diff --git a/.github/tools/Invoke-Git.ps1 b/.github/tools/Invoke-Git.ps1 new file mode 100644 index 000000000000..f091e32b016c --- /dev/null +++ b/.github/tools/Invoke-Git.ps1 @@ -0,0 +1,406 @@ +<# +.SYNOPSIS + Executes a git operation and returns a structured result with exit code. + +.DESCRIPTION + MCP-compatible tool that runs git commands via System.Diagnostics.Process for + reliable exit code capture without interfering with the MCP server's stdio + transport. Async stream reads are started before WaitForExit to prevent deadlocks + when git output exceeds the stream buffer size. + + Returns a structured hashtable with Success, ExitCode, Output, Error, and + operation-specific fields so agents can make programmatic decisions without + text parsing. + +.PARAMETER Operation + The git operation to perform. One of: + CherryPick, CherryPickContinue, CherryPickAbort, + Add, Checkout, CreateBranch, + Commit, Push, Fetch, + Config, Reset, Clean, + Status, Log, Diff, Show + +.PARAMETER CommitHash + A commit SHA or any git ref (branch name, tag, etc.). + Used by: CherryPick, Show. + +.PARAMETER Range + A git range expression (e.g. "abc123^..def456" or "HEAD..upstream/V_10_0_P2"). + Used by: Log (and Log with ShasOnly), Diff. + +.PARAMETER Message + Commit message text. + Used by: Commit. + +.PARAMETER Path + File path or directory to operate on. Defaults to '.'. + Used by: Add, Checkout (file restore), Diff, Show. + +.PARAMETER Remote + Remote name. Defaults to 'origin'. + Used by: Fetch, Push. + +.PARAMETER Branch + Branch name to create or push. + Used by: CreateBranch, Push. + +.PARAMETER StartPoint + Git ref (branch, tag, or commit) to base the new branch on. + Used by: CreateBranch. + +.PARAMETER Target + Branch, tag, commit ref, or file path to check out or reset to. + Used by: Checkout, Reset. + +.PARAMETER Key + Git config key (e.g. "core.editor"). + Used by: Config. + +.PARAMETER Value + Git config value to set. + Used by: Config. + +.PARAMETER Mode + Reset mode: 'soft', 'mixed' (default), or 'hard'. + Used by: Reset. + +.PARAMETER ShasOnly + When specified alongside Operation=Log, uses git rev-list --reverse instead of + git log --oneline. Returns commit SHAs in oldest-first order suitable for building + a cherry-pick loop. result.Commits will contain [{Hash: "", Message: ""}]. + +.OUTPUTS + Hashtable with: + Success [bool] Whether the command exited with code 0 + ExitCode [int] Raw process exit code + Output [string] Stdout from git + Error [string] Stderr from git + Message [string] Human-readable summary + Plus operation-specific fields: + CherryPick (on failure): ConflictedFiles [string[]] + Log / ShasOnly: Commits [{Hash, Message}] + Status: ConflictedFiles [string[]], ModifiedFiles [string[]] + Commit (on success): CommitHash [string] + +.EXAMPLE + # Cherry-pick a single commit + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CherryPick", CommitHash="abc1234" + +.EXAMPLE + # Get ordered commit SHAs in a batch range for a cherry-pick loop + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Log", Range="abc123^..def456", ShasOnly=true + +.EXAMPLE + # Stage all changes after conflict resolution (Path defaults to '.') + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Add" + +.EXAMPLE + # Continue cherry-pick after resolving conflicts + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CherryPickContinue" + +.EXAMPLE + # Abort an in-progress cherry-pick + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CherryPickAbort" + +.EXAMPLE + # Restore paths.targets after a build modifies it + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target=".\contrib\win32\openssh\paths.targets" + +.EXAMPLE + # Create and check out a new merge branch + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CreateBranch", Branch="merge-v10.0P2-20260306" + +.EXAMPLE + # Commit staged changes + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Commit", Message="Fix compilation errors for V_10_0_P2" + +.EXAMPLE + # Push a branch to origin + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Push", Remote="origin", Branch="merge-v10.0P2-20260306" + +.EXAMPLE + # Set a git config value + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Config", Key="core.editor", Value="true" + +.EXAMPLE + # Show differences between two refs for a specific file + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Diff", Range="upstream-pwsh/latestw_all..upstream/V_10_0_P2", Path="Makefile.in" + +.EXAMPLE + # Inspect a specific commit + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Show", CommitHash="abc1234" + +.EXAMPLE + # Check working directory status for conflicts and modifications + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Status" + +.EXAMPLE + # Hard-reset to HEAD (recovery) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Reset", Target="HEAD", Mode="hard" + +.EXAMPLE + # Remove untracked files (recovery) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Clean" +#> + +param( + [Parameter(Mandatory)] + [ValidateSet( + 'CherryPick', 'CherryPickContinue', 'CherryPickAbort', + 'Add', 'Checkout', 'CreateBranch', + 'Commit', 'Push', 'Fetch', + 'Config', 'Reset', 'Clean', + 'Status', 'Log', 'Diff', 'Show' + )] + [string]$Operation, + + # CherryPick, Show — accepts any git ref: commit SHA, branch name, tag, etc. + [string]$CommitHash = '', + + # Log (plain or ShasOnly), Diff — git range expression e.g. "abc123^..def456" + [string]$Range = '', + + # Commit — commit message text + [string]$Message = '', + + # Add, Checkout (file restore), Diff, Show — file/directory path + [string]$Path = '.', + + # Fetch, Push — remote name + [string]$Remote = 'origin', + + # CreateBranch, Push — branch name + [string]$Branch = '', + + # CreateBranch — starting ref for the new branch + [string]$StartPoint = '', + + # Checkout, Reset — target ref or file path + [string]$Target = '', + + # Config — key (e.g. "core.editor") + [string]$Key = '', + + # Config — value to set + [string]$Value = '', + + # Reset — reset mode + [ValidateSet('soft', 'mixed', 'hard')] + [string]$Mode = 'mixed', + + # Log — use git rev-list --reverse (SHAs only, oldest first) instead of git log --oneline + [switch]$ShasOnly +) + +Set-StrictMode -Version Latest +$ErrorActionPreference = 'Stop' + +# --------------------------------------------------------------------------- +# Private helper — runs git via System.Diagnostics.Process. +# +# IMPORTANT: We use ProcessStartInfo rather than Start-Process because +# Start-Process with -RedirectStandardOutput/-RedirectStandardError conflicts +# with the MCP server's stdio transport, causing the process to hang. +# +# Async stream reads MUST be started BEFORE WaitForExit to prevent deadlocks: +# if git output exceeds the internal stream buffer, git blocks waiting for the +# buffer to drain while WaitForExit blocks waiting for git to exit. +# --------------------------------------------------------------------------- +function Invoke-GitCommand { + param([string[]]$Arguments) + + $processInfo = [System.Diagnostics.ProcessStartInfo]::new() + $processInfo.FileName = 'git' + $processInfo.Arguments = ($Arguments | ForEach-Object { + if ($_ -match '\s') { "`"$_`"" } else { $_ } + }) -join ' ' + $processInfo.UseShellExecute = $false + $processInfo.CreateNoWindow = $true + $processInfo.RedirectStandardInput = $true # Prevent git inheriting the MCP stdio pipe + $processInfo.RedirectStandardOutput = $true + $processInfo.RedirectStandardError = $true + + $process = [System.Diagnostics.Process]::new() + $process.StartInfo = $processInfo + $process.Start() | Out-Null + $process.StandardInput.Close() # Immediately close stdin so git never blocks on input + + # Begin async reads BEFORE blocking on WaitForExit + $stdoutTask = $process.StandardOutput.ReadToEndAsync() + $stderrTask = $process.StandardError.ReadToEndAsync() + + $completed = $process.WaitForExit(30000) # 30-second timeout + + if (-not $completed) { + $process.Kill() + return @{ + ExitCode = -1 + Success = $false + Output = '' + Error = "git $($Arguments -join ' ') timed out after 30 seconds" + } + } + + return @{ + ExitCode = $process.ExitCode + Success = ($process.ExitCode -eq 0) + Output = $stdoutTask.GetAwaiter().GetResult().TrimEnd() + Error = $stderrTask.GetAwaiter().GetResult().TrimEnd() + } +} + +# --------------------------------------------------------------------------- +# Operation dispatcher +# --------------------------------------------------------------------------- +$result = switch ($Operation) { + + 'CherryPick' { + if (-not $CommitHash) { throw 'CommitHash is required for CherryPick' } + $r = Invoke-GitCommand -Arguments @('cherry-pick', $CommitHash) + if (-not $r.Success) { + # Enrich failure result with list of conflicted files for agent reporting + $statusResult = Invoke-GitCommand -Arguments @('status', '--porcelain') + $r['ConflictedFiles'] = ($statusResult.Output -split "`n") | + Where-Object { $_ -match '^(UU|AA|DD|AU|UA|DU|UD)\s' } | + ForEach-Object { $_.Substring(3).Trim() } + } + $r + } + + 'CherryPickContinue' { + Invoke-GitCommand -Arguments @('cherry-pick', '--continue') + } + + 'CherryPickAbort' { + Invoke-GitCommand -Arguments @('cherry-pick', '--abort') + } + + 'Add' { + Invoke-GitCommand -Arguments @('add', $Path) + } + + 'Checkout' { + if (-not $Target) { throw 'Target is required for Checkout (branch name, tag, or file path)' } + Invoke-GitCommand -Arguments @('checkout', $Target) + } + + 'CreateBranch' { + if (-not $Branch) { throw 'Branch is required for CreateBranch' } + $args = @('checkout', '-b', $Branch) + if ($StartPoint) { $args += $StartPoint } + Invoke-GitCommand -Arguments $args + } + + 'Commit' { + if (-not $Message) { throw 'Message is required for Commit' } + $r = Invoke-GitCommand -Arguments @('commit', '-m', $Message) + if ($r.Success -and $r.Output -match '\[[\w/]+ ([0-9a-f]{7,})\]') { + $r['CommitHash'] = $Matches[1] + } + $r + } + + 'Push' { + $args = @('push', $Remote) + if ($Branch) { $args += $Branch } + Invoke-GitCommand -Arguments $args + } + + 'Fetch' { + $args = if ($Remote -eq 'all') { @('fetch', '--all') } else { @('fetch', $Remote) } + Invoke-GitCommand -Arguments $args + } + + 'Config' { + if (-not $Key) { throw 'Key is required for Config' } + $args = @('config', $Key) + if ($Value) { $args += $Value } + Invoke-GitCommand -Arguments $args + } + + 'Reset' { + if (-not $Target) { throw 'Target is required for Reset' } + Invoke-GitCommand -Arguments @('reset', "--$Mode", $Target) + } + + 'Clean' { + # -f (force) -d (include untracked directories) — standard recovery clean + Invoke-GitCommand -Arguments @('clean', '-fd') + } + + 'Status' { + $r = Invoke-GitCommand -Arguments @('status', '--porcelain') + $lines = if ($r.Output) { $r.Output -split "`n" } else { @() } + $r['ConflictedFiles'] = $lines | + Where-Object { $_ -match '^(UU|AA|DD|AU|UA|DU|UD)\s' } | + ForEach-Object { $_.Substring(3).Trim() } + $r['ModifiedFiles'] = $lines | + Where-Object { $_ -notmatch '^(UU|AA|DD|AU|UA|DU|UD)\s' -and $_ -match '^\S' } | + ForEach-Object { ($_ -replace '^\S+\s+', '').Trim() } + $r + } + + 'Log' { + if (-not $Range) { throw 'Range is required for Log (e.g. "abc123^..def456" or "HEAD..upstream/V_10_0_P2")' } + if ($ShasOnly) { + # Use rev-list --reverse to get SHAs in oldest-first (cherry-pick) order + $r = Invoke-GitCommand -Arguments @('rev-list', '--reverse', $Range) + $r['Commits'] = if ($r.Success -and $r.Output) { + ($r.Output -split "`n") | + Where-Object { $_ -match '^[0-9a-f]{7,}$' } | + ForEach-Object { @{ Hash = $_; Message = '' } } + } else { @() } + } else { + $logArgs = @('log', '--oneline', $Range) + if ($Path -and $Path -ne '.') { $logArgs += '--'; $logArgs += $Path } + $r = Invoke-GitCommand -Arguments $logArgs + $r['Commits'] = if ($r.Success -and $r.Output) { + ($r.Output -split "`n") | + Where-Object { $_ -match '^[0-9a-f]' } | + ForEach-Object { + if ($_ -match '^([0-9a-f]+)\s+(.+)$') { + @{ Hash = $Matches[1]; Message = $Matches[2] } + } + } + } else { @() } + } + $r + } + + 'Diff' { + $args = @('diff') + if ($Range) { $args += $Range } + if ($Path -and $Path -ne '.') { $args += '--'; $args += $Path } + Invoke-GitCommand -Arguments $args + } + + 'Show' { + $args = @('show') + if ($CommitHash) { $args += $CommitHash } + if ($Path -and $Path -ne '.') { $args += '--'; $args += $Path } + Invoke-GitCommand -Arguments $args + } +} + +$result['Message'] = if ($result.Success) { + "git $Operation completed successfully" +} else { + "git $Operation failed with exit code $($result.ExitCode): $($result.Error)" +} + +return $result diff --git a/.github/tools/Test-OpenSSHFunctionality.ps1 b/.github/tools/Test-OpenSSHFunctionality.ps1 index 9e1b0f7c8907..7a1186dc98a2 100644 --- a/.github/tools/Test-OpenSSHFunctionality.ps1 +++ b/.github/tools/Test-OpenSSHFunctionality.ps1 @@ -307,16 +307,20 @@ try { $process.Start() | Out-Null - # Wait for completion (with timeout) - $completed = $process.WaitForExit(15000) # 15 second timeout + # Begin async reads BEFORE blocking on WaitForExit — prevents deadlock when + # SSH output exceeds the internal stream buffer size (same issue as MCP stdio). + $stdoutTask = $process.StandardOutput.ReadToEndAsync() + $stderrTask = $process.StandardError.ReadToEndAsync() + + $completed = $process.WaitForExit(30000) # 30-second timeout if (-not $completed) { $process.Kill() - throw "SSH connection timed out after 15 seconds" + throw "SSH connection timed out after 30 seconds" } - $stdout = $process.StandardOutput.ReadToEnd() - $stderr = $process.StandardError.ReadToEnd() + $stdout = $stdoutTask.GetAwaiter().GetResult() + $stderr = $stderrTask.GetAwaiter().GetResult() $exitCode = $process.ExitCode # Check result From 8a16638903648b486037009322f613575fbb9f4e Mon Sep 17 00:00:00 2001 From: User Date: Fri, 6 Mar 2026 09:59:33 -0800 Subject: [PATCH 630/687] add tool to get context during complex conflicts --- .github/agents/merge-upstream.agent.md | 19 +- .../merge/merge-details.instructions.md | 38 ++ .github/tools/Get-ConflictContext.ps1 | 489 ++++++++++++++++++ 3 files changed, 544 insertions(+), 2 deletions(-) create mode 100644 .github/tools/Get-ConflictContext.ps1 diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index bb67a39cefbb..559261dfac96 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -2,7 +2,7 @@ name: merge-upstream description: Assist with merging upstream OpenSSH commits into the PowerShell fork. tools: - ['vscode', 'execute', 'read', 'agent', 'edit', 'search', 'web', 'openssh-server/*', 'todo'] + ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'agent', 'openssh-server/*', 'todo'] --- # OpenSSH Upstream Merge Agent @@ -53,7 +53,22 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - `NoCleanup` (boolean, optional): Skip cleanup for debugging (default: false) - **If tool unavailable**: ERROR - This tool is required for the merge workflow -4. **Git** - Version control operations +4. **Get-ConflictContext MCP Tool** - Three-way conflict context for high-complexity conflicts + - **MCP Tool Name**: `mcp_openssh-server_Get_ConflictContext` + - **When to use**: ONLY when `assess_conflict_complexity()` returns `HIGH_COMPLEXITY` + - **Parameters**: + - `FilePath` (string, required): Path to the conflicted file relative to the repository root + - `CommitHash` (string, required): The upstream commit SHA being cherry-picked that caused the conflict + - `ContextLines` (integer, optional): Lines of context above/below each hunk match (default: 40) + - `MaxTotalLines` (integer, optional): Maximum total lines across all three versions and all hunks (default: 150 — ~50 per version). Increase if broader context is needed. + - **What it returns**: For each hunk in the upstream diff — excerpts from three versions: + - `UpstreamBefore`: The file as it existed in upstream *before* this commit + - `UpstreamAfter`: The file in upstream *after* this commit + - `OurFork`: The corresponding region in our fork (located by content-anchor matching, not line numbers) + - **Budget**: `max(10, floor(MaxTotalLines / 3 / hunkCount))` lines per version per hunk; a warning is added to `Message` if the 10-line minimum floor is applied + - **If tool unavailable**: Fall back to reading the conflicted file directly and using `Invoke_Git Operation="Show"` and `Operation="Diff"` to gather context manually + +5. **Git** - Version control operations - Cherry-pick: `git cherry-pick start_commit^..end_commit` (inclusive) - Status: `git status` - Remotes: `origin`, `upstream-pwsh`, `upstream` diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index 875171e54b27..aaeab4fc3bb2 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -418,6 +418,44 @@ FUNCTION assess_conflict_complexity(conflicts): RETURN "LOW_COMPLEXITY" ``` +### Using Get-ConflictContext for High-Complexity Conflicts + +When `assess_conflict_complexity()` returns `HIGH_COMPLEXITY`, invoke the `Get-ConflictContext` MCP tool **before** attempting to edit the file. It provides three-way context anchored to the actual changed regions, accounting for the fact that our fork's line numbers differ from upstream. + +```pseudocode +FUNCTION resolve_conflict(file_path, conflict_content, cherry_pick_commit): + complexity = assess_conflict_complexity([{file: file_path, content: conflict_content}]) + + IF complexity == "HIGH_COMPLEXITY": + // Fetch three-way context before editing + // MCP Tool: mcp_openssh-server_Get_ConflictContext + // FilePath=file_path, CommitHash=cherry_pick_commit + // + // If the default MaxTotalLines=150 is insufficient (e.g., many hunks or + // a large function), re-invoke with a higher value such as MaxTotalLines=300. + context = get_conflict_context(file_path, cherry_pick_commit) + + FOR EACH hunk IN context.Hunks: + // Use all three excerpts to understand: + // hunk.UpstreamBefore — what the upstream code looked like before the commit + // hunk.UpstreamAfter — what the upstream commit changed it to + // hunk.OurFork — what our fork has in the corresponding region + // (Note field explains how the region was located) + determine_resolution_strategy(hunk) + + // Check Message for budget warnings and increase MaxTotalLines if needed + IF context.Message contains "minimum floor": + re_invoke_with_larger_budget(file_path, cherry_pick_commit) + + RETURN apply_resolution_strategy(file_path, conflict_content) +``` + +**Key behaviours of the tool:** +- **Binary files**: Returns `IsBinary=true` and no excerpts — resolve manually. +- **Unavailable versions**: A version returns `Lines=null` with a `Note` explaining why (e.g. file newly added by this commit). +- **Fork region location**: Uses sliding-window content matching against the diff's unchanged context lines. Falls back to the function name from the `@@` hunk header if the anchor score is too low. The `Note` field on each `OurFork` excerpt describes which strategy was used. +- **Budget warning**: If `MaxTotalLines` is too small to give each hunk 10 lines per version, a warning appears in `Message` — increase `MaxTotalLines` and re-invoke. + ## Anti-Patterns to Avoid ### ❌ Don't Remove Upstream Code diff --git a/.github/tools/Get-ConflictContext.ps1 b/.github/tools/Get-ConflictContext.ps1 new file mode 100644 index 000000000000..e83d6a4c4fd3 --- /dev/null +++ b/.github/tools/Get-ConflictContext.ps1 @@ -0,0 +1,489 @@ +<# +.SYNOPSIS + Retrieves three-way context for a conflicted file to aid complex conflict resolution. + +.DESCRIPTION + MCP-compatible tool that fetches three versions of a file involved in a cherry-pick + conflict — the upstream file before the commit, the upstream file after the commit, + and our fork's version (via MERGE_HEAD) — and extracts focused, line-numbered excerpts + centered on each changed hunk. + + For each hunk in the upstream diff, the tool locates the corresponding region in our + fork using two-tier content matching: + Tier 1: Sliding-window overlap score against unchanged context lines from the diff. + Tier 2: Fallback to searching for the function name from the @@ hunk header. + + This handles line-number divergence between upstream and our fork by finding the + region by content rather than by position. + + Use this tool ONLY when conflict complexity assessment returns HIGH_COMPLEXITY. + +.PARAMETER FilePath + Path to the conflicted file, relative to the repository root. + +.PARAMETER CommitHash + The upstream commit SHA being cherry-picked that caused the conflict. + +.PARAMETER ContextLines + Number of lines of context above and below each hunk match to include in excerpts. + Default: 40 + +.PARAMETER MaxTotalLines + Maximum total lines returned across all three versions combined (across all hunks). + Budget per version per hunk = max(10, floor(MaxTotalLines / 3 / hunkCount)). + The minimum floor of 10 lines per version per hunk is always enforced. + If the floor overrides the calculated budget, a warning is included in Message. + Default: 150 (approximately 50 lines per version) + +.OUTPUTS + Hashtable with: + Success [bool] Whether the operation completed without errors + Message [string] Human-readable summary (includes warnings about budget) + CommitMessage [string] The commit message of CommitHash + UpstreamDiff [string] Raw unified diff for the file from this commit + HunkCount [int] Number of hunks found in the upstream diff + IsBinary [bool] True if the file is binary (no excerpts returned) + Hunks [array] One entry per hunk: + HunkIndex [int] 1-based hunk number + HunkHeader [string] The @@ header line + FunctionName [string] Function name extracted from @@ header (may be empty) + UpstreamBefore [object] { Lines, StartLine, EndLine, Note } + UpstreamAfter [object] { Lines, StartLine, EndLine, Note } + OurFork [object] { Lines, StartLine, EndLine, Note } + + Each excerpt object: + Lines [string[]] The extracted lines (null if version unavailable) + StartLine [int] 1-based line number of first line in the excerpt + EndLine [int] 1-based line number of last line in the excerpt + Note [string] Explanation if unavailable or how region was located + +.EXAMPLE + # Get conflict context for a high-complexity conflict + # MCP Tool: mcp_openssh-server_Get_ConflictContext + # FilePath="auth.c", CommitHash="abc1234" + +.EXAMPLE + # Get context with increased budget for a file with many hunks + # MCP Tool: mcp_openssh-server_Get_ConflictContext + # FilePath="channels.c", CommitHash="abc1234", MaxTotalLines=300 +#> + +param( + [Parameter(Mandatory)] + [string]$FilePath, + + [Parameter(Mandatory)] + [string]$CommitHash, + + [int]$ContextLines = 40, + + [int]$MaxTotalLines = 150 +) + +Set-StrictMode -Version Latest +$ErrorActionPreference = 'Stop' + +# ── Git process helper (same pattern as Invoke-Git.ps1) ────────────────────── + +function Invoke-GitCommand { + param([string[]]$Arguments) + + $processInfo = [System.Diagnostics.ProcessStartInfo]::new() + $processInfo.FileName = 'git' + $processInfo.Arguments = ($Arguments | ForEach-Object { + if ($_ -match '\s') { "`"$_`"" } else { $_ } + }) -join ' ' + $processInfo.UseShellExecute = $false + $processInfo.CreateNoWindow = $true + $processInfo.RedirectStandardInput = $true + $processInfo.RedirectStandardOutput = $true + $processInfo.RedirectStandardError = $true + + $process = [System.Diagnostics.Process]::new() + $process.StartInfo = $processInfo + $process.Start() | Out-Null + $process.StandardInput.Close() + + $stdoutTask = $process.StandardOutput.ReadToEndAsync() + $stderrTask = $process.StandardError.ReadToEndAsync() + + $completed = $process.WaitForExit(30000) + + if (-not $completed) { + $process.Kill() + return @{ + ExitCode = -1 + Success = $false + Output = '' + Error = "git $($Arguments -join ' ') timed out after 30 seconds" + } + } + + return @{ + ExitCode = $process.ExitCode + Success = ($process.ExitCode -eq 0) + Output = $stdoutTask.GetAwaiter().GetResult() + Error = $stderrTask.GetAwaiter().GetResult().TrimEnd() + } +} + +# ── Helper: fetch a file at a git ref ──────────────────────────────────────── + +function Get-FileAtRef { + param([string]$Ref, [string]$File) + + $r = Invoke-GitCommand -Arguments @('show', "${Ref}:${File}") + if (-not $r.Success) { + return @{ Lines = $null; Note = "File not available at ref '${Ref}': $($r.Error.Trim())" } + } + $lines = $r.Output -split "`n" + # Remove trailing empty element produced by split on a newline-terminated string + if ($lines.Count -gt 0 -and $lines[-1] -eq '') { + $lines = $lines[0..($lines.Count - 2)] + } + return @{ Lines = $lines; Note = $null } +} + +# ── Helper: slice a line-numbered excerpt centred on a 1-based line ────────── + +function Get-Excerpt { + param( + [string[]]$Lines, + [int]$CenterLine, # 1-based + [int]$Budget # max lines to return + ) + + if (-not $Lines) { return $null } + $half = [Math]::Floor($Budget / 2) + $start = [Math]::Max(0, $CenterLine - 1 - $half) + $end = [Math]::Min($Lines.Count - 1, $CenterLine - 1 + $half) + + # Expand toward the opposite edge if we hit a boundary before using the full budget + if (($end - $start + 1) -lt $Budget) { + if ($start -eq 0) { + $end = [Math]::Min($Lines.Count - 1, $Budget - 1) + } else { + $start = [Math]::Max(0, $end - $Budget + 1) + } + } + + return @{ + Lines = $Lines[$start..$end] + StartLine = $start + 1 + EndLine = $end + 1 + Note = $null + } +} + +# ── Helper: sliding-window content-anchor match ─────────────────────────────── +# Returns the 1-based centre line in $FileLines that best overlaps $AnchorLines. + +function Find-AnchorMatch { + param( + [string[]]$FileLines, + [string[]]$AnchorLines, + [int]$ExpectedCenter # 1-based fallback if no match found + ) + + $anchorSet = @{} + foreach ($a in $AnchorLines) { + $t = $a.Trim() + if ($t) { $anchorSet[$t] = $true } + } + + $windowSize = [Math]::Max($AnchorLines.Count, 5) + $bestScore = -1 + $bestCenter = $ExpectedCenter + + for ($i = 0; $i -le ($FileLines.Count - $windowSize); $i++) { + $score = 0 + for ($j = $i; $j -lt ($i + $windowSize) -and $j -lt $FileLines.Count; $j++) { + $trimmed = $FileLines[$j].Trim() + if ($trimmed -and $anchorSet.ContainsKey($trimmed)) { $score++ } + } + if ($score -gt $bestScore) { + $bestScore = $score + $bestCenter = $i + [Math]::Floor($windowSize / 2) + 1 # convert to 1-based + } + } + + return @{ + Center = $bestCenter + Score = $bestScore + MaxPossible = $anchorSet.Count + } +} + +# ── Helper: find the first line in $FileLines containing $FunctionName ─────── + +function Find-FunctionMatch { + param( + [string[]]$FileLines, + [string]$FunctionName + ) + + $pattern = "\b$([regex]::Escape($FunctionName))\b" + for ($i = 0; $i -lt $FileLines.Count; $i++) { + if ($FileLines[$i] -match $pattern) { + return $i + 1 # 1-based + } + } + return -1 +} + +# ── Helper: parse all @@ hunks from unified diff text ──────────────────────── + +function Parse-DiffHunks { + param([string]$DiffText) + + $hunks = @() + $lines = $DiffText -split "`n" + $currentHunk = $null + $contextAccum = @() + $inHunk = $false + + foreach ($line in $lines) { + if ($line -match '^@@ -(\d+)(?:,(\d+))? \+(\d+)(?:,(\d+))? @@(.*)$') { + + # Flush the previous hunk before starting a new one + if ($null -ne $currentHunk) { + $currentHunk['ContextLines'] = $contextAccum + $hunks += $currentHunk + } + + $upstreamStart = [int]$Matches[1] + $upstreamCount = if ($Matches[2]) { [int]$Matches[2] } else { 1 } + $afterStart = [int]$Matches[3] + $afterCount = if ($Matches[4]) { [int]$Matches[4] } else { 1 } + $funcTrailer = $Matches[5].Trim() + + # Extract function name from the optional trailer after @@ + $funcName = '' + if ($funcTrailer -match '(\w[\w_]*)\s*\(') { + $funcName = $Matches[1] + } elseif ($funcTrailer -match '(\w[\w_]+)') { + $funcName = $Matches[1] + } + + $currentHunk = @{ + Header = $line.Trim() + FunctionName = $funcName + UpstreamStart = $upstreamStart + UpstreamCount = $upstreamCount + AfterStart = $afterStart + AfterCount = $afterCount + } + $contextAccum = @() + $inHunk = $true + + } elseif ($inHunk) { + # Collect unchanged context lines (lines starting with a space) + if ($line -match '^ (.*)$') { + $contextAccum += $Matches[1] + } + } + } + + # Flush the last hunk + if ($null -ne $currentHunk) { + $currentHunk['ContextLines'] = $contextAccum + $hunks += $currentHunk + } + + return $hunks +} + +# ── Main ────────────────────────────────────────────────────────────────────── + +$warnings = @() + +# 1. Get the upstream diff for this file at this commit +$diffResult = Invoke-GitCommand -Arguments @('diff', "${CommitHash}^..${CommitHash}", '--', $FilePath) +if (-not $diffResult.Success -and $diffResult.ExitCode -ne 1) { + return @{ + Success = $false + Message = "Failed to get diff for '${FilePath}' at commit ${CommitHash}: $($diffResult.Error)" + CommitMessage = '' + UpstreamDiff = '' + HunkCount = 0 + IsBinary = $false + Hunks = @() + } +} + +$upstreamDiff = $diffResult.Output + +# 2. Binary file — return early with a note, no excerpts +if ($upstreamDiff -match 'Binary files .* differ') { + return @{ + Success = $true + Message = "Binary file — context not available for '${FilePath}'." + CommitMessage = '' + UpstreamDiff = $upstreamDiff + HunkCount = 0 + IsBinary = $true + Hunks = @() + } +} + +# 3. File not touched by this commit +if ([string]::IsNullOrWhiteSpace($upstreamDiff)) { + return @{ + Success = $true + Message = "File '${FilePath}' was not modified by commit ${CommitHash}." + CommitMessage = '' + UpstreamDiff = '' + HunkCount = 0 + IsBinary = $false + Hunks = @() + } +} + +# 4. Get the commit message +$commitMsgResult = Invoke-GitCommand -Arguments @('log', '-1', '--pretty=format:%s%n%n%b', $CommitHash) +$commitMessage = if ($commitMsgResult.Success) { $commitMsgResult.Output.Trim() } else { '' } + +# 5. Fetch the three file versions +# MERGE_HEAD is populated by git during an in-progress cherry-pick conflict +# and points to the commit being cherry-picked (our fork's working state before merge) +$upstreamBefore = Get-FileAtRef -Ref "${CommitHash}^" -File $FilePath +$upstreamAfter = Get-FileAtRef -Ref "${CommitHash}" -File $FilePath +$ourFork = Get-FileAtRef -Ref 'MERGE_HEAD' -File $FilePath + +# 6. Parse hunks from the diff +$hunks = Parse-DiffHunks -DiffText $upstreamDiff +$hunkCount = $hunks.Count + +if ($hunkCount -eq 0) { + return @{ + Success = $true + Message = "No hunks found in diff for '${FilePath}' at commit ${CommitHash}." + CommitMessage = $commitMessage + UpstreamDiff = $upstreamDiff + HunkCount = 0 + IsBinary = $false + Hunks = @() + } +} + +# 7. Compute per-hunk line budget +# MaxTotalLines is split evenly across 3 versions and all hunks. +# Minimum floor of 10 lines per version per hunk is always enforced. +$MIN_LINES_PER_HUNK = 10 +$budgetPerHunk = [Math]::Floor($MaxTotalLines / 3 / $hunkCount) + +if ($budgetPerHunk -lt $MIN_LINES_PER_HUNK) { + $warnings += "MaxTotalLines=${MaxTotalLines} is too small for ${hunkCount} hunk(s) across 3 versions; " + + "minimum floor of ${MIN_LINES_PER_HUNK} lines applied — consider increasing MaxTotalLines." + $budgetPerHunk = $MIN_LINES_PER_HUNK +} + +# Never exceed the caller's ContextLines preference +$budgetPerHunk = [Math]::Min($budgetPerHunk, $ContextLines) + +# 8. Build per-hunk results +$ANCHOR_SCORE_THRESHOLD = 2 +$resultHunks = @() + +for ($h = 0; $h -lt $hunkCount; $h++) { + + $hunk = $hunks[$h] + $anchorLines = $hunk['ContextLines'] + + # ── upstream-before: line numbers are known from the diff header ────────── + $uBefore = @{ Lines = $null; StartLine = $null; EndLine = $null; Note = $upstreamBefore.Note } + if ($upstreamBefore.Lines) { + $center = $hunk['UpstreamStart'] + [Math]::Floor($hunk['UpstreamCount'] / 2) + $excerpt = Get-Excerpt -Lines $upstreamBefore.Lines -CenterLine $center -Budget $budgetPerHunk + if ($excerpt) { $uBefore = $excerpt } + } + + # ── upstream-after: line numbers are known from the diff header ─────────── + $uAfter = @{ Lines = $null; StartLine = $null; EndLine = $null; Note = $upstreamAfter.Note } + if ($upstreamAfter.Lines) { + $center = $hunk['AfterStart'] + [Math]::Floor($hunk['AfterCount'] / 2) + $excerpt = Get-Excerpt -Lines $upstreamAfter.Lines -CenterLine $center -Budget $budgetPerHunk + if ($excerpt) { $uAfter = $excerpt } + } + + # ── our fork: line numbers diverge — locate by content matching ────────── + $forkExcerpt = @{ Lines = $null; StartLine = $null; EndLine = $null; Note = $ourFork.Note } + + if ($ourFork.Lines) { + $forkCenter = $hunk['UpstreamStart'] # fallback: use upstream line number as estimate + $matchNote = $null + + if ($anchorLines.Count -ge 2) { + # Tier 1: sliding-window content match against unchanged context lines + $match = Find-AnchorMatch -FileLines $ourFork.Lines ` + -AnchorLines $anchorLines ` + -ExpectedCenter $forkCenter + + if ($match.Score -ge $ANCHOR_SCORE_THRESHOLD) { + $forkCenter = $match.Center + $matchNote = "Located via content-anchor match (score $($match.Score)/$($match.MaxPossible))." + } elseif ($hunk['FunctionName']) { + # Tier 2: anchor score too low — fall back to function name search + $fnLine = Find-FunctionMatch -FileLines $ourFork.Lines -FunctionName $hunk['FunctionName'] + if ($fnLine -gt 0) { + $forkCenter = $fnLine + $matchNote = "Located via function-name fallback ('$($hunk['FunctionName'])')." + } else { + $matchNote = "Could not locate region — anchor score too low and function " + + "'$($hunk['FunctionName'])' not found. Using upstream line number as estimate." + } + } else { + $matchNote = "Could not locate region — anchor score too low and no function name " + + "available. Using upstream line number as estimate." + } + + } elseif ($hunk['FunctionName']) { + # Too few anchor lines for sliding window — go straight to function-name search + $fnLine = Find-FunctionMatch -FileLines $ourFork.Lines -FunctionName $hunk['FunctionName'] + if ($fnLine -gt 0) { + $forkCenter = $fnLine + $matchNote = "Located via function-name fallback ('$($hunk['FunctionName'])') — " + + "insufficient anchor lines for content match." + } else { + $matchNote = "Insufficient anchor lines and function '$($hunk['FunctionName'])' not found. " + + "Using upstream line number as estimate." + } + } else { + $matchNote = "Insufficient anchor lines and no function name available. " + + "Using upstream line number as estimate." + } + + $excerpt = Get-Excerpt -Lines $ourFork.Lines -CenterLine $forkCenter -Budget $budgetPerHunk + if ($excerpt) { + $excerpt['Note'] = $matchNote + $forkExcerpt = $excerpt + } + } + + $resultHunks += @{ + HunkIndex = $h + 1 + HunkHeader = $hunk['Header'] + FunctionName = $hunk['FunctionName'] + UpstreamBefore = $uBefore + UpstreamAfter = $uAfter + OurFork = $forkExcerpt + } +} + +# 9. Return final result +$message = if ($warnings.Count -gt 0) { + "Context retrieved for ${hunkCount} hunk(s) in '${FilePath}' (commit ${CommitHash}). " + + "Warnings: $($warnings -join ' | ')" +} else { + "Context retrieved for ${hunkCount} hunk(s) in '${FilePath}' (commit ${CommitHash})." +} + +return @{ + Success = $true + Message = $message + CommitMessage = $commitMessage + UpstreamDiff = $upstreamDiff + HunkCount = $hunkCount + IsBinary = $false + Hunks = $resultHunks +} From 73888af650f0ce27cd93797f3e351b2d1b670550 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 10 Mar 2026 14:43:30 +1100 Subject: [PATCH 631/687] stubs for OpenBSD unveil(2) --- configure.ac | 1 + openbsd-compat/bsd-misc.c | 8 ++++++++ openbsd-compat/bsd-misc.h | 4 ++++ 3 files changed, 13 insertions(+) diff --git a/configure.ac b/configure.ac index d98650bf332f..831dd85b836b 100644 --- a/configure.ac +++ b/configure.ac @@ -2214,6 +2214,7 @@ AC_CHECK_FUNCS([ \ truncate \ unlinkat \ unsetenv \ + unveil \ updwtmpx \ utimensat \ user_from_uid \ diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index fe0c2a3006fa..d5cc3755c72b 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -410,6 +410,14 @@ pledge(const char *promises, const char *execpromises) } #endif +#ifndef HAVE_UNVEIL +int +unveil(const char *path, const char *permissions) +{ + return 0; +} +#endif + #ifndef HAVE_MBTOWC /* a mbtowc that only supports ASCII */ int diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 8495f471c285..53e569dc20ed 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -159,6 +159,10 @@ int pselect(int, fd_set *, fd_set *, fd_set *, const struct timespec *, int pledge(const char *promises, const char *execpromises); #endif +#ifndef HAVE_UNVEIL +int unveil(const char *, const char *); +#endif + /* bsd-err.h */ #ifndef HAVE_ERR void err(int, const char *, ...) __attribute__((format(printf, 2, 3))); From b75bf339eae6115c544bdcefa0d67a6dcc971ec5 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Sat, 7 Mar 2026 18:27:52 +0000 Subject: [PATCH 632/687] upstream: Stop doing access() before execve(). It is a TOCTOU, but also it forces use of unveil "rx" instead of "x". This is done by using a pipe() through the fork+execve attempt to expose execve failure and create the same error return as the access() used to do. ok djm dtucker OpenBSD-Commit-ID: f9ee96e20352f35dc6f39127e0cc6b804700200a --- ssh-sk-client.c | 42 +++++++++++++++++++++++++++++++----------- 1 file changed, 31 insertions(+), 11 deletions(-) diff --git a/ssh-sk-client.c b/ssh-sk-client.c index df3dd0fc70aa..c8b0695b0c38 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-client.c,v 1.14 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: ssh-sk-client.c,v 1.15 2026/03/07 18:27:52 deraadt Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -29,6 +29,7 @@ #include #include #include +#include #include "log.h" #include "ssherr.h" @@ -45,9 +46,10 @@ static int start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) { void (*osigchld)(int); - int oerrno, pair[2]; + int oerrno, pair[2], execpipe[2]; + ssize_t n; pid_t pid; - char *helper, *verbosity = NULL; + char execbuf[100], *helper, *verbosity = NULL; *fdp = -1; *pidp = 0; @@ -56,19 +58,20 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) helper = getenv("SSH_SK_HELPER"); if (helper == NULL || strlen(helper) == 0) helper = _PATH_SSH_SK_HELPER; - if (access(helper, X_OK) != 0) { - oerrno = errno; - error_f("helper \"%s\" unusable: %s", helper, strerror(errno)); - errno = oerrno; - return SSH_ERR_SYSTEM_ERROR; - } #ifdef DEBUG_SK verbosity = "-vvv"; #endif + /* Create a O_CLOEXEC pipe to capture the execve() failure */ + if (pipe(execpipe) == -1) { + error("pipe: %s", strerror(errno)); + return SSH_ERR_SYSTEM_ERROR; + } /* Start helper */ if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) { error("socketpair: %s", strerror(errno)); + close(execpipe[0]); + close(execpipe[1]); return SSH_ERR_SYSTEM_ERROR; } osigchld = ssh_signal(SIGCHLD, SIG_DFL); @@ -77,14 +80,20 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) error("fork: %s", strerror(errno)); close(pair[0]); close(pair[1]); + close(execpipe[0]); + close(execpipe[1]); ssh_signal(SIGCHLD, osigchld); errno = oerrno; return SSH_ERR_SYSTEM_ERROR; } if (pid == 0) { + close(execpipe[0]); + fcntl(execpipe[1], F_SETFD, FD_CLOEXEC); if ((dup2(pair[1], STDIN_FILENO) == -1) || (dup2(pair[1], STDOUT_FILENO) == -1)) { - error_f("dup2: %s", strerror(errno)); + snprintf(execbuf, sizeof execbuf, + "dup2: %s", strerror(errno)); + write(execpipe[1], execbuf, strlen(execbuf)+1); _exit(1); } close(pair[0]); @@ -93,11 +102,22 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) debug_f("starting %s %s", helper, verbosity == NULL ? "" : verbosity); execlp(helper, helper, verbosity, (char *)NULL); - error_f("execlp: %s", strerror(errno)); + snprintf(execbuf, sizeof execbuf, + "execlp: %s", strerror(errno)); + write(execpipe[1], execbuf, strlen(execbuf)+1); _exit(1); } close(pair[1]); + close(execpipe[1]); + n = read(execpipe[0], execbuf, sizeof execbuf); + close(execpipe[0]); + if (n > 0) { + execbuf[n] = '\0'; + error("%s", execbuf); + return SSH_ERR_SYSTEM_ERROR; + } + /* success */ debug3_f("started pid=%ld", (long)pid); *fdp = pair[0]; From 46eb7dc5a6f312f99437ebdcf04f0f2c03aa570b Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Sat, 7 Mar 2026 18:35:43 +0000 Subject: [PATCH 633/687] upstream: With it's own daemonization / fd cleaning code, ssh-agent opens /dev/null O_RDWR after a pledge without "wpath". This is allowed in current pledge because "/dev/null" is implicitly allowed to be opened even with the most restrictive pledges or unveils. This is a design decision in pledge made at the very beginning, to satisfy libc requirements. We've finally had enough experience and know how to fix that in the near-future, but need to review and fix all code which opens these implicit paths. The fix is to add "wpath", so that "/dev/null" can be opened O_RDWR. But that is uncomfortable, so we add unveil() allowing "/" with "r", 4 unveil "x" for the potential askpass and helpers to be execve'd, and "/dev/null" with "wr". As a result filesystem access is substantially more restricted than before, and ssh-agent is ready for the future pledge change. ok djm dtucker OpenBSD-Commit-ID: f223b11d2db3c0b14e53c1de59966dd5f372a977 --- ssh-agent.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index 57167a699e99..03ca6f982230 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.320 2026/03/05 05:35:44 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.321 2026/03/07 18:35:43 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2572,7 +2572,25 @@ main(int ac, char **av) sigaddset(&nsigset, SIGTERM); sigaddset(&nsigset, SIGUSR1); - if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1) + if (unveil("/", "r") == -1) + fatal("%s: unveil /: %s", __progname, strerror(errno)); + if (getenv("SSH_SK_HELPER")) + if (unveil(getenv("SSH_SK_HELPER"), "x") == -1) + fatal("%s: unveil %s: %s", __progname, + getenv("SSH_SK_HELPER"), strerror(errno)); + if (unveil(_PATH_SSH_SK_HELPER, "x") == -1) + fatal("%s: unveil %s: %s", __progname, + _PATH_SSH_SK_HELPER, strerror(errno)); + if (getenv("SSH_ASKPASS")) + if (unveil(getenv("SSH_ASKPASS"), "x") == -1) + fatal("%s: unveil %s: %s", __progname, + getenv("SSH_ASKPASS"), strerror(errno)); + if (unveil(_PATH_SSH_ASKPASS_DEFAULT, "x") == -1) + fatal("%s: unveil %s: %s", __progname, + _PATH_SSH_ASKPASS_DEFAULT, strerror(errno)); + if (unveil("/dev/null", "rw") == -1) + fatal("%s: unveil /dev/null: %s", __progname, strerror(errno)); + if (pledge("stdio rpath cpath wpath unix id proc exec", NULL) == -1) fatal("%s: pledge: %s", __progname, strerror(errno)); platform_pledge_agent(); From 2a9e1aadaa20a05430bddc30853fbd3449083a4d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 10 Mar 2026 03:40:26 +0000 Subject: [PATCH 634/687] upstream: unveil ssh-pkcs11-helper too; fixes breakage spotted by anton@ If SK/P11/askpass is overridden by environment, only unveil the requested path and not both the requested one and the default. feedback/ok deraadt@ OpenBSD-Commit-ID: 84356c6a44f35e66fe73fc1524a7c8e908521eb2 --- ssh-agent.c | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index 03ca6f982230..9c762a2e389b 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.321 2026/03/07 18:35:43 deraadt Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.322 2026/03/10 03:40:26 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2574,21 +2574,19 @@ main(int ac, char **av) if (unveil("/", "r") == -1) fatal("%s: unveil /: %s", __progname, strerror(errno)); - if (getenv("SSH_SK_HELPER")) - if (unveil(getenv("SSH_SK_HELPER"), "x") == -1) - fatal("%s: unveil %s: %s", __progname, - getenv("SSH_SK_HELPER"), strerror(errno)); - if (unveil(_PATH_SSH_SK_HELPER, "x") == -1) - fatal("%s: unveil %s: %s", __progname, - _PATH_SSH_SK_HELPER, strerror(errno)); - if (getenv("SSH_ASKPASS")) - if (unveil(getenv("SSH_ASKPASS"), "x") == -1) - fatal("%s: unveil %s: %s", __progname, - getenv("SSH_ASKPASS"), strerror(errno)); - if (unveil(_PATH_SSH_ASKPASS_DEFAULT, "x") == -1) - fatal("%s: unveil %s: %s", __progname, - _PATH_SSH_ASKPASS_DEFAULT, strerror(errno)); - if (unveil("/dev/null", "rw") == -1) + if ((ccp = getenv("SSH_SK_HELPER")) == NULL || *ccp == '\0') + ccp = _PATH_SSH_SK_HELPER; + if (unveil(ccp, "x") == -1) + fatal("%s: unveil %s: %s", __progname, ccp, strerror(errno)); + if ((ccp = getenv("SSH_PKCS11_HELPER")) == NULL || *ccp == '\0') + ccp = _PATH_SSH_PKCS11_HELPER; + if (unveil(ccp, "x") == -1) + fatal("%s: unveil %s: %s", __progname, cp, strerror(errno)); + if ((ccp = getenv("SSH_ASKPASS")) == NULL || *ccp == '\0') + ccp = _PATH_SSH_ASKPASS_DEFAULT; + if (unveil(ccp, "x") == -1) + fatal("%s: unveil %s: %s", __progname, cp, strerror(errno)); + if (unveil("/dev/null", "rw") == -1) fatal("%s: unveil /dev/null: %s", __progname, strerror(errno)); if (pledge("stdio rpath cpath wpath unix id proc exec", NULL) == -1) fatal("%s: pledge: %s", __progname, strerror(errno)); From beba5884dfe8cc30aadef439af5e5d784b5788b1 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Tue, 10 Mar 2026 03:45:01 +0000 Subject: [PATCH 635/687] upstream: When execve() failure is indicated on the pipe, replicate the same error conditions as the previous access() check did ok djm OpenBSD-Commit-ID: 875a77dddf0809a3501de2b913cb3bfd4b64f3f7 --- ssh-sk-client.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-sk-client.c b/ssh-sk-client.c index c8b0695b0c38..c5f837e26108 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-client.c,v 1.15 2026/03/07 18:27:52 deraadt Exp $ */ +/* $OpenBSD: ssh-sk-client.c,v 1.16 2026/03/10 03:45:01 deraadt Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -114,8 +114,8 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) close(execpipe[0]); if (n > 0) { execbuf[n] = '\0'; - error("%s", execbuf); - return SSH_ERR_SYSTEM_ERROR; + error_f("%s", execbuf); + return SSH_ERR_AGENT_FAILURE; } /* success */ From ef98b6014bc3268e904092894ffcb63022172a97 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Tue, 10 Mar 2026 06:35:29 +0000 Subject: [PATCH 636/687] upstream: when unveils error our, use correct variable OpenBSD-Commit-ID: 6b496c10965e70413a9916a8823839c553c6b2c4 --- ssh-agent.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index 9c762a2e389b..5186e89752d9 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.322 2026/03/10 03:40:26 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.323 2026/03/10 06:35:29 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2581,11 +2581,11 @@ main(int ac, char **av) if ((ccp = getenv("SSH_PKCS11_HELPER")) == NULL || *ccp == '\0') ccp = _PATH_SSH_PKCS11_HELPER; if (unveil(ccp, "x") == -1) - fatal("%s: unveil %s: %s", __progname, cp, strerror(errno)); + fatal("%s: unveil %s: %s", __progname, ccp, strerror(errno)); if ((ccp = getenv("SSH_ASKPASS")) == NULL || *ccp == '\0') ccp = _PATH_SSH_ASKPASS_DEFAULT; if (unveil(ccp, "x") == -1) - fatal("%s: unveil %s: %s", __progname, cp, strerror(errno)); + fatal("%s: unveil %s: %s", __progname, ccp, strerror(errno)); if (unveil("/dev/null", "rw") == -1) fatal("%s: unveil /dev/null: %s", __progname, strerror(errno)); if (pledge("stdio rpath cpath wpath unix id proc exec", NULL) == -1) From 70a41262839a2d65ca8ef9e8ea34ad471c52afa1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 10 Mar 2026 07:27:14 +0000 Subject: [PATCH 637/687] upstream: whitespace OpenBSD-Commit-ID: b16d2b4a96406538fa181053926cba44abca7f29 --- ssh-agent.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh-agent.c b/ssh-agent.c index 5186e89752d9..c73abd1d08f8 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.323 2026/03/10 06:35:29 deraadt Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.324 2026/03/10 07:27:14 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2586,7 +2586,7 @@ main(int ac, char **av) ccp = _PATH_SSH_ASKPASS_DEFAULT; if (unveil(ccp, "x") == -1) fatal("%s: unveil %s: %s", __progname, ccp, strerror(errno)); - if (unveil("/dev/null", "rw") == -1) + if (unveil("/dev/null", "rw") == -1) fatal("%s: unveil /dev/null: %s", __progname, strerror(errno)); if (pledge("stdio rpath cpath wpath unix id proc exec", NULL) == -1) fatal("%s: pledge: %s", __progname, strerror(errno)); From 24168275e6d0b29cf2233c3f2c1d4a4614feb582 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Mar 2026 09:04:17 +0000 Subject: [PATCH 638/687] upstream: Fix potential 1-byte array overrun in the case where read() returns exactly 100 bytes. Flagged by Coverity CID 901296, ok djm@ OpenBSD-Commit-ID: 66a96b08166e63dcbeed00297c33f09c4f22c1f7 --- ssh-sk-client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh-sk-client.c b/ssh-sk-client.c index c5f837e26108..3c603c0e0b17 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-client.c,v 1.16 2026/03/10 03:45:01 deraadt Exp $ */ +/* $OpenBSD: ssh-sk-client.c,v 1.17 2026/03/11 09:04:17 dtucker Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -113,7 +113,7 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) n = read(execpipe[0], execbuf, sizeof execbuf); close(execpipe[0]); if (n > 0) { - execbuf[n] = '\0'; + execbuf[n - 1] = '\0'; error_f("%s", execbuf); return SSH_ERR_AGENT_FAILURE; } From 552a5c786b60a9cfe0d2c157dd18f78950529513 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 11 Mar 2026 09:10:59 +0000 Subject: [PATCH 639/687] upstream: Check return values of fcntl(... O_CLOEXEC) calls by reusing the macro in monitor.c. Flagged by Coverity CID 901297 in ssh-sk-client.c, a few other instances added for good measure. begrudging ok deraadt@ OpenBSD-Commit-ID: b9de92e17ac0b04348770e5a25cb15a02b416926 --- misc.h | 8 +++++++- monitor.c | 7 +------ ssh-sk-client.c | 4 ++-- sshd-auth.c | 6 +++--- sshd-session.c | 6 +++--- 5 files changed, 16 insertions(+), 15 deletions(-) diff --git a/misc.h b/misc.h index c606de376ba5..791876c1e166 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.115 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: misc.h,v 1.116 2026/03/11 09:10:59 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -270,4 +270,10 @@ int signal_is_crash(int); /* On OpenBSD time_t is int64_t which is long long. */ /* #define SSH_TIME_T_MAX LLONG_MAX */ +#define FD_CLOSEONEXEC(x) do { \ + if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \ + fatal_f("fcntl(%d, F_SETFD, FD_CLOEXEC): %s", x, \ + strerror(errno)); \ +} while (0) + #endif /* _MISC_H */ diff --git a/monitor.c b/monitor.c index 7a71a6586306..b56646a2df54 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.253 2026/03/02 02:40:15 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.254 2026/03/11 09:10:59 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1919,11 +1919,6 @@ mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) /* XXX */ -#define FD_CLOSEONEXEC(x) do { \ - if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \ - fatal("fcntl(%d, F_SETFD)", x); \ -} while (0) - static void monitor_openfds(struct monitor *mon, int do_logfds) { diff --git a/ssh-sk-client.c b/ssh-sk-client.c index 3c603c0e0b17..52da28d1f442 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-client.c,v 1.17 2026/03/11 09:04:17 dtucker Exp $ */ +/* $OpenBSD: ssh-sk-client.c,v 1.18 2026/03/11 09:10:59 dtucker Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -88,7 +88,7 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) } if (pid == 0) { close(execpipe[0]); - fcntl(execpipe[1], F_SETFD, FD_CLOEXEC); + FD_CLOSEONEXEC(execpipe[1]); if ((dup2(pair[1], STDIN_FILENO) == -1) || (dup2(pair[1], STDOUT_FILENO) == -1)) { snprintf(execbuf, sizeof execbuf, diff --git a/sshd-auth.c b/sshd-auth.c index a871b29a82c9..76350a2a3501 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.13 2026/03/02 02:40:15 djm Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.14 2026/03/11 09:10:59 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -715,8 +715,8 @@ main(int ac, char **av) setproctitle("%s", "[session-auth]"); /* Executed child processes don't need these. */ - fcntl(sock_out, F_SETFD, FD_CLOEXEC); - fcntl(sock_in, F_SETFD, FD_CLOEXEC); + FD_CLOSEONEXEC(sock_out); + FD_CLOSEONEXEC(sock_in); ssh_signal(SIGPIPE, SIG_IGN); ssh_signal(SIGALRM, SIG_DFL); diff --git a/sshd-session.c b/sshd-session.c index 04e72a5dbffa..e9a488d08906 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.22 2026/03/03 09:57:26 dtucker Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.23 2026/03/11 09:10:59 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -1137,8 +1137,8 @@ main(int ac, char **av) setproctitle("%s", "[accepted]"); /* Executed child processes don't need these. */ - fcntl(sock_out, F_SETFD, FD_CLOEXEC); - fcntl(sock_in, F_SETFD, FD_CLOEXEC); + FD_CLOSEONEXEC(sock_out); + FD_CLOSEONEXEC(sock_in); /* We will not restart on SIGHUP since it no longer makes sense. */ ssh_signal(SIGALRM, SIG_DFL); From 5f24965d20ff8e4bd89fff3fd744ca2c6390ecda Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Tue, 17 Mar 2026 16:57:03 -0400 Subject: [PATCH 640/687] add scratch branch instructions --- .github/agents/merge-upstream.agent.md | 206 ++++++++++++++---- .../agent-communication-merge.instructions.md | 29 +++ .../merge/merge-details.instructions.md | 38 +++- .../merge-process-overview.instructions.md | 121 ++++++---- .github/prompt/merge.prompt.md | 2 +- .github/tools/Get-ConflictContext.ps1 | 17 +- .github/tools/Invoke-Git.ps1 | 47 +++- .github/tools/Replay-MergeResolutions.ps1 | 201 +++++++++++++++++ .github/tools/Save-MergeResolution.ps1 | 160 ++++++++++++++ 9 files changed, 716 insertions(+), 105 deletions(-) create mode 100644 .github/tools/Replay-MergeResolutions.ps1 create mode 100644 .github/tools/Save-MergeResolution.ps1 diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index 559261dfac96..5bfcdd7deea4 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -16,7 +16,7 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for ### Core Functions - **Environment verification and setup** - **Commit group analysis** using Get-CommitGroups MCP tool -- **Incremental cherry-picking** with conflict resolution +- **Two-phase merge**: scratch branch (incremental merge + resolution recording) then real branch (single merge + replay) - **Windows-specific build system updates** - **Compilation and testing** - **Documentation and PR preparation** @@ -68,8 +68,30 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - **Budget**: `max(10, floor(MaxTotalLines / 3 / hunkCount))` lines per version per hunk; a warning is added to `Message` if the 10-line minimum floor is applied - **If tool unavailable**: Fall back to reading the conflicted file directly and using `Invoke_Git Operation="Show"` and `Operation="Diff"` to gather context manually -5. **Git** - Version control operations - - Cherry-pick: `git cherry-pick start_commit^..end_commit` (inclusive) +5. **Save-MergeResolution MCP Tool** - Records conflict resolution decisions + - **MCP Tool Name**: `mcp_openssh-server_Save_MergeResolution` + - **When to use**: After resolving each conflicted file during the scratch-branch phase + - **Parameters**: + - `FilePath` (string, required): Resolved file path relative to repo root + - `Strategy` (string, required): One of `accept_upstream`, `ifdef_windows`, `ifndef_windows`, `combine`, `manual` + - `Rationale` (string, required): Why this strategy was chosen + - `BatchNumber` (int, required): Current batch number + - `UpstreamCommits` (string, optional): Comma-separated SHAs of upstream commits touching this file + - `MergeTarget` (string, optional): Final upstream ref (only needed on first call to initialise the log) + - **If tool unavailable**: Agent should manually track resolutions in session memory + +6. **Replay-MergeResolutions MCP Tool** - Replays saved resolutions onto merge conflicts + - **MCP Tool Name**: `mcp_openssh-server_Replay_MergeResolutions` + - **When to use**: During the real-branch phase after `git merge` produces conflicts + - **Parameters**: + - `DryRun` (boolean, optional): Preview without modifying files (default: false) + - **Returns**: `ResolvedFiles[]`, `UnmatchedFiles[]`, `FailedFiles[]` + - **If tool unavailable**: Agent should manually re-resolve using strategies from session memory + +7. **Git** - Version control operations + - Merge: `Invoke-Git Operation="Merge" CommitHash=""` (uses `--no-ff`) + - MergeContinue / MergeAbort for conflict flow + - Cherry-pick operations remain available for other use cases - Status: `git status` - Remotes: `origin`, `upstream-pwsh`, `upstream` @@ -132,20 +154,36 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - This baseline will be used to detect new warnings introduced during merge - Store baseline for comparison after each build -4. **Create merge branch:** +4. **Enable git rerere** (records conflict resolutions for automatic replay): + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Config", Key="rerere.enabled", Value="true" + ``` + +5. **Create merge branch and scratch branch:** ```pwsh - git checkout -b merge-v- - # Example: git checkout -b merge-v10.0P2-20260109 + # Create the real merge branch (will receive the final single merge) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CreateBranch", Branch="merge-v-" + # Example: Branch="merge-v10.0P2-20260109" + + # Create the scratch branch from the same point (for incremental merges) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CreateBranch", Branch="scratch-merge-v-" ``` **Success Criteria:** - Prerequisite tool reports all checks passed - Baseline warning count established and documented -- Merge branch created -- Ready to begin Phase 2 (cherry-picking first batch) +- `rerere.enabled` set to `true` +- Both merge branch and scratch branch created +- Currently on the scratch branch +- Ready to begin Phase 2 (scratch-branch incremental merge) -### Phase 2: Incremental Merge -**Objective:** Cherry-pick commits in a single batch ending with a CI run +### Phase 2: Scratch Branch — Incremental Merge +**Objective:** Merge commits in batches on the scratch branch, recording every conflict resolution for later replay. + +The scratch branch uses `git merge` (not cherry-pick) at each batch boundary. This ensures conflict markers match the final single merge, maximising `git rerere` hit rate. **Steps:** 1. **Get first commit batch** using Get-CommitGroups MCP tool: @@ -169,24 +207,35 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for } ``` -2. **Display batch information for verification:** +2. **Display batch information** for verification. + +3. **Merge the batch endpoint:** ```pwsh - Write-Host "Processing Batch $($result.ChunkNumber)" -ForegroundColor Cyan - Write-Host "Commit Range: $($result.StartCommit)..$($result.EndCommit)" -ForegroundColor Gray - Write-Host "Start: [$($result.StartCommit)] $($result.StartMessage)" -ForegroundColor White - Write-Host "End: [$($result.EndCommit)] $($result.EndMessage)" -ForegroundColor Green - Write-Host "Total commits: $($result.CommitCount)" -ForegroundColor Yellow + # Merge all commits up to the batch endpoint + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Merge", CommitHash=$result.EndCommitFull ``` - -3. **Cherry-pick the batch:** + This brings in all commits from the previous merge point through `EndCommitFull` in a single merge. The `--no-ff` flag ensures a merge commit is always created. + +4. **If conflicts occur, resolve and record each one:** + - For each conflicted file reported in the merge result's `ConflictedFiles`: + a. Resolve the conflict following Windows preservation patterns + b. **Record the resolution** using Save-MergeResolution: + ```pwsh + # MCP Tool: mcp_openssh-server_Save_MergeResolution + # FilePath="", Strategy="", Rationale="", + # BatchNumber=, UpstreamCommits="" + # (On first call, also set MergeTarget="upstream/") + ``` + c. Stage the resolved file: `Invoke-Git Operation="Add" Path=""` + - `git rerere` will also automatically record the resolution. + +5. **Complete the merge:** ```pwsh - git cherry-pick $($result.StartCommitFull)^..$($result.EndCommitFull) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="MergeContinue" ``` -4. **Resolve conflicts** following Windows preservation patterns (if conflicts occur) -5. **Stage and continue:** `git add .` then `git cherry-pick --continue` -6. **Repeat steps 4-5** until all commits in batch are applied - **Conflict Resolution Patterns:** - **Windows-specific code:** Preserve with `#ifdef WINDOWS` - **Removed featureand Validation @@ -279,38 +328,98 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - Summary provided with all required information - User approval received to proceed -### Phase 5: Iteration -**Objective:** Process remaining commit groups until merge is complete +### Phase 5: Scratch Branch Iteration +**Objective:** Process remaining commit batches on the scratch branch until all upstream commits are merged. **Steps:** 1. **Return to Phase 2** with `-StartCommit` set to previous batch's end commit and `-EndCommit` set to target end commit 2. **Repeat Phases 2-4** for each batch: - Get next batch with Get-CommitGroups (passing both StartCommit and EndCommit) - - Cherry-pick commits + - Merge batch endpoint (`Invoke-Git Merge`) + - Resolve conflicts and record with Save-MergeResolution - Build (mandatory) - Validate (if batch ends with successful CI) - Summarize and get approval 3. **Continue** until the target end commit is reached (or HEAD if no end commit was specified) -4. **Perform final comprehensive validation:** +4. **Final scratch-branch validation:** - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults for Release/x64) **Success Criteria:** -- All commit batches processed +- All commit batches processed on scratch branch - Build remains stable after each batch - All successful CI checkpoints validated -- Final validation passes -1. Use Get-CommitGroups MCP tool with `-StartCommit` parameter set to previous batch end commit -2. Repeat Phase 2-4 for next batch -3. Continue until all target commits merged -4. Perform final comprehensive test +- Resolution log (`.git/merge-resolution-log.json`) contains all conflict resolutions +- Ready to proceed to real-branch single merge + +### Phase 6: Real Branch — Single Merge +**Objective:** Produce clean history on the real merge branch with a single merge commit preserving all upstream SHAs. + +**Steps:** +1. **Switch to the real merge branch:** + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target="merge-v-" + ``` + +2. **Perform a single merge** of the final upstream target: + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Merge", CommitHash="" + ``` + This creates one merge commit. `git rerere` will automatically apply resolutions it recorded during the scratch phase. + +3. **Replay remaining resolutions** from the log: + ```pwsh + # MCP Tool: mcp_openssh-server_Replay_MergeResolutions + # (no parameters needed — reads from .git/merge-resolution-log.json) + ``` + The tool reports: + - `ResolvedFiles`: Files auto-resolved from the log + - `UnmatchedFiles`: Conflicted files not in the log (resolve manually) + - `FailedFiles`: Files where replay failed (resolve manually) + +4. **Resolve any remaining unmatched conflicts:** + - Use the resolution log's strategies and rationale as guidance + - These are typically files where the merge produced different conflict regions than the scratch-branch merge + +5. **Complete the merge:** + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="MergeContinue" + ``` + +6. **Apply build fixes** as separate commits after the merge commit: + - Review build fixes from the scratch branch + - Apply the same fixes (config.h.vs updates, .vcxproj changes, etc.) + - Commit with descriptive messages + - **CRITICAL: Restore paths.targets before committing:** + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target=".\contrib\win32\openssh\paths.targets" + ``` + +7. **Build and validate on the real branch:** + - Build: `mcp_openssh-server_Start_OpenSSHBuild` (Release/x64) + - Check warnings: `mcp_openssh-server_Test_OpenSSHBuild` + - Validate: `mcp_openssh-server_Test_OpenSSHFunctionality` + +8. **Clean up scratch branch:** + ```pwsh + # The scratch branch is no longer needed + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target="merge-v-" + # Then delete scratch: git branch -D scratch-merge-v- + ``` **Success Criteria:** -- All commit groups processed -- Build remains stable after each batch -- Tests pass after each batch +- Real branch has exactly one merge commit (plus build fix commits) +- All upstream commits appear in the DAG with original SHAs +- `git log --first-parent` shows a clean merge history +- Build succeeds and functionality tests pass +- Scratch branch deleted -### Phase 6: Documentation and PR +### Phase 7: Documentation and PR **Objective:** Document changes and submit for review **Steps:** @@ -390,18 +499,35 @@ This PR merges upstream OpenSSH commits from through . ## Recovery Procedures -### Abort Cherry-Pick +### Abort Merge +```bash +git merge --abort +git clean -fd +git reset --hard +``` + +### Abort Cherry-Pick (if used outside merge workflow) ```bash git cherry-pick --abort git clean -fd git reset --hard ``` +### Restart Scratch Branch +```bash +# Delete the scratch branch and recreate from the merge branch +git checkout merge-v- +git branch -D scratch-merge-v- +git checkout -b scratch-merge-v- +# Re-enable rerere if needed +git config rerere.enabled true +``` + ### Restart from Checkpoint ```bash git checkout merge-v- -git log --oneline -5 # Verify last successful commit -# Continue from there +git log --oneline -5 # Verify last successful state +# Continue from there (or recreate scratch branch) ``` ### Build Failure Recovery diff --git a/.github/instructions/merge/agent-communication-merge.instructions.md b/.github/instructions/merge/agent-communication-merge.instructions.md index 27c49018c943..80aa273e2ab9 100644 --- a/.github/instructions/merge/agent-communication-merge.instructions.md +++ b/.github/instructions/merge/agent-communication-merge.instructions.md @@ -301,6 +301,35 @@ Finalizing the merge: Ready to commit and push. ``` +### Scratch-to-Real Branch Transition: +``` +Scratch branch phase complete! + +Summary: +- Processed [N] batches on scratch branch +- Resolved [X] total conflicts across [Y] files +- All [N] batches built successfully +- Resolution log saved with [X] entries + +Switching to the real merge branch for the single final merge. +Recorded resolutions will be replayed automatically via git rerere and the resolution log. +``` + +### Real Branch Replay Report: +``` +Single merge completed on real branch. Resolution replay results: + +- Auto-resolved by git rerere: [X] files +- Replayed from resolution log: [Y] files +- Unmatched (manual resolution needed): [Z] files + - [file1]: [brief reason] + - [file2]: [brief reason] +- Failed replays: [W] files + +[If unmatched > 0]: Resolving the remaining [Z] files using strategies from the scratch phase... +[If all resolved]: All conflicts resolved. Applying build fixes as separate commits. +``` + ## Special Scenarios ### When Seeking User Approval: diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index aaeab4fc3bb2..a01f5cd605b4 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -7,16 +7,20 @@ applyTo: "**/*" ## Overview This AI-specific documentation provides comprehensive instructions and algorithmic frameworks that AI agents can use to systematically approach the OpenSSH merge process with minimal human intervention while maintaining high quality and consistency. It combines conflict resolution strategies with automated decision-making processes. -**Key Approach: Chunked Merging** -Instead of merging entire upstream versions at once, this framework implements a chunked approach that: -- Processes commits in small batches ending with commits that have any CI run (successful or not) -- Groups commits by CI presence rather than CI success for more frequent checkpoints -- Builds after each batch (mandatory) +**Key Approach: Two-Phase Merge with Scratch Branch** +Instead of cherry-picking commits (which rewrites history), this framework implements a two-phase approach: + +1. **Scratch branch** — Incremental `git merge` at batch boundaries (grouped by CI presence). Build and test after each batch. Every conflict resolution is recorded via `git rerere` and the Save-MergeResolution MCP tool. +2. **Real branch** — A single `git merge` of the final upstream target. Recorded resolutions replay automatically via `git rerere` and Replay-MergeResolutions. This produces one merge commit with all upstream SHAs intact. + +Benefits: +- Preserves upstream commit history exactly (original SHAs, authors, timestamps) +- Uses incremental merge on scratch branch so conflict markers match the final merge (maximising `rerere` replay) +- Builds after each batch on scratch branch (mandatory) for early error detection - Validates functionality only at successful CI checkpoints - Requires user approval before proceeding to next batch - Allows for incremental progress and easier rollback - Reduces complexity of conflict resolution -- Enables better testing and validation at each step ## Decision Framework for AI Agents @@ -270,7 +274,7 @@ FUNCTION automated_build_fix(): // ALWAYS invoke Test-OpenSSHBuild.ps1 to check warnings (success or failure) test_result = test_openssh_build(Configuration="Release", Architecture="x64", LogFile=build_result.log) - + IF build_result.success: // Check for new warnings against baseline new_warnings = compare_warnings_to_baseline(test_result.warnings, baseline_warnings) @@ -321,6 +325,8 @@ FUNCTION determine_fix_strategy(error): - Compare warning count against established baseline - If new warnings detected, report to user with categorization and request approval before proceeding - Do NOT skip `Test-OpenSSHBuild.ps1` even when build succeeds - warning checks are mandatory. +- On the scratch branch, commit build fixes after each batch merge commit. +- On the real branch, apply the same build fixes as separate commits after the single merge commit. ## Testing Automation Framework @@ -423,17 +429,17 @@ FUNCTION assess_conflict_complexity(conflicts): When `assess_conflict_complexity()` returns `HIGH_COMPLEXITY`, invoke the `Get-ConflictContext` MCP tool **before** attempting to edit the file. It provides three-way context anchored to the actual changed regions, accounting for the fact that our fork's line numbers differ from upstream. ```pseudocode -FUNCTION resolve_conflict(file_path, conflict_content, cherry_pick_commit): +FUNCTION resolve_conflict(file_path, conflict_content, merge_batch_commit): complexity = assess_conflict_complexity([{file: file_path, content: conflict_content}]) IF complexity == "HIGH_COMPLEXITY": // Fetch three-way context before editing // MCP Tool: mcp_openssh-server_Get_ConflictContext - // FilePath=file_path, CommitHash=cherry_pick_commit + // FilePath=file_path, CommitHash=merge_batch_commit // // If the default MaxTotalLines=150 is insufficient (e.g., many hunks or // a large function), re-invoke with a higher value such as MaxTotalLines=300. - context = get_conflict_context(file_path, cherry_pick_commit) + context = get_conflict_context(file_path, merge_batch_commit) FOR EACH hunk IN context.Hunks: // Use all three excerpts to understand: @@ -445,9 +451,17 @@ FUNCTION resolve_conflict(file_path, conflict_content, cherry_pick_commit): // Check Message for budget warnings and increase MaxTotalLines if needed IF context.Message contains "minimum floor": - re_invoke_with_larger_budget(file_path, cherry_pick_commit) + re_invoke_with_larger_budget(file_path, merge_batch_commit) + + resolved = apply_resolution_strategy(file_path, conflict_content) + + // Record the resolution for replay on the real branch + // MCP Tool: mcp_openssh-server_Save_MergeResolution + // FilePath=file_path, Strategy=, Rationale=, + // BatchNumber=, UpstreamCommits= + save_merge_resolution(file_path, strategy, rationale, batch_number) - RETURN apply_resolution_strategy(file_path, conflict_content) + RETURN resolved ``` **Key behaviours of the tool:** diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 4f64bf99b092..43b6eb1606d9 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -16,16 +16,20 @@ Ensure the following tools are installed and configured before proceeding: - Latest Windows 10/11 SDK ## Process Overview -The merge process uses a **chunked approach** to reduce complexity and improve success rates. Instead of merging entire upstream versions at once, commits are processed in small batches ending with commits that have CI runs. Each batch is built and optionally validated before proceeding to the next. +The merge process uses a **two-phase approach** to preserve upstream commit history while keeping conflict resolution manageable: + +1. **Scratch branch** — Incremental `git merge` at batch boundaries. Build and test after each batch. Every conflict resolution is recorded via `git rerere` and a resolution log. +2. **Real branch** — A single `git merge` of the final upstream target. Recorded resolutions are replayed automatically. This produces one merge commit with all upstream SHAs intact. The process consists of several interconnected phases: 1. **[Setup Phase](#setup-phase)** - Repository configuration and preparation 2. **[Research Phase](#research-phase)** - Understanding changes and conflicts -3. **[Merge Phase](#merge-phase)** - Performing chunked commit merging -4. **[Build Phase](#build-phase)** - Resolving compilation issues -5. **[Testing Phase](#testing-phase)** - Validating functionality -6. **[Submission Phase](#submission-phase)** - Creating the Pull Request +3. **[Scratch Branch Phase](#scratch-branch-phase)** - Incremental merging with resolution recording +4. **[Real Branch Phase](#real-branch-phase)** - Single merge with resolution replay +5. **[Build Phase](#build-phase)** - Resolving compilation issues +6. **[Testing Phase](#testing-phase)** - Validating functionality +7. **[Submission Phase](#submission-phase)** - Creating the Pull Request ## Setup Phase @@ -68,9 +72,24 @@ The process consists of several interconnected phases: ```pwsh # MCP Tool: mcp_openssh-server_Invoke_Git # Operation="Config", Key="core.editor", Value="true" + + # Enable rerere for automatic resolution recording + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Config", Key="rerere.enabled", Value="true" + ``` + +3. **Create branches:** + ```pwsh + # Create the real merge branch (receives the final single merge) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CreateBranch", Branch="merge-v-" + + # Create the scratch branch from the same point (for incremental merges) + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="CreateBranch", Branch="scratch-merge-v-" ``` -### Perform Merge with Grouped Commits +### Scratch Branch Phase 4. **Identify merge range and group commits:** Use the Get-CommitGroups MCP tool with `-FirstChunkOnly -GroupByCIPresence` @@ -103,61 +122,47 @@ The process consists of several interconnected phases: } ``` - Display batch details for verification, then proceed with cherry-picking. + Display batch details for verification, then proceed with merging. **After completing steps below, get next batch**: - Call tool with `StartCommit=`, `EndCommit=`, `FirstChunkOnly=true`, `GroupByCIPresence=true` - Continue this process until the target end commit is reached (or HEAD if no end commit specified) -5. **Execute chunked merge (batch cherry-pick all commits in chunk):** +5. **Execute batch merge on scratch branch:** - **Important:** Cherry-pick **all commits in the batch** before building. This is more efficient than building after each individual commit. If the build fails, you can identify the problematic commit(s) through git bisect or by examining the build errors. + Merge the batch's end commit to bring in all commits in the range at once: ```pwsh - # For each chunk (start..end), cherry-pick all commits in the batch - # Example for a single chunk: - $chunkStart = $result.StartCommitFull - $chunkEnd = $result.EndCommitFull - - # Get commits in oldest-first order using Invoke-Git MCP tool: + # Merge all commits up to the batch endpoint # MCP Tool: mcp_openssh-server_Invoke_Git - # Operation="Log", Range="$chunkStart^..$chunkEnd", ShasOnly=true - # result.Commits contains [{Hash, Message}] in oldest-first order - - foreach ($commit in $result.Commits) { - # Cherry-pick each commit using Invoke-Git MCP tool: - # MCP Tool: mcp_openssh-server_Invoke_Git - # Operation="CherryPick", CommitHash=$commit.Hash - - # If conflicts occur, resolve them before continuing to next commit - # (see step 7 below for conflict resolution) - } - - # After all commits in batch are cherry-picked, proceed to build (step 9) + # Operation="Merge", CommitHash=$result.EndCommitFull ``` -7. **Resolve merge conflicts (per commit):** + This uses `--no-ff` to always create a merge commit checkpoint. + +7. **Resolve merge conflicts and record resolutions:** **📖 Detailed Instructions** ([Merge Details](./merge-details.instructions.md)): - - Resolve conflicts for the current commit only - - Use three-way comparison tools + - Resolve conflicts for all conflicted files + - **Record each resolution** using the Save-MergeResolution MCP tool: + ```pwsh + # MCP Tool: mcp_openssh-server_Save_MergeResolution + # FilePath="", Strategy="", Rationale="", + # BatchNumber=, UpstreamCommits="" + ``` + - `git rerere` also automatically records resolutions - Follow established Windows compatibility patterns - Reference previous merge PRs for similar conflicts -8. **Continue cherry-picking after resolution:** +8. **Complete the merge after resolution:** ```pwsh - # After resolving conflicts for current commit - # Stage all resolved files using Invoke-Git MCP tool: # MCP Tool: mcp_openssh-server_Invoke_Git # Operation="Add", Path="." - # Continue cherry-pick using Invoke-Git MCP tool: + # Continue merge using Invoke-Git MCP tool: # MCP Tool: mcp_openssh-server_Invoke_Git - # Operation="CherryPickContinue" - - # Then continue with remaining commits in batch - # Repeat process for next batch if needed + # Operation="MergeContinue" ``` 9. **Build after completing the batch:** @@ -170,11 +175,11 @@ The process consists of several interconnected phases: - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHBuild` - **Parameters**: `Configuration="Release"`, `Architecture="x64"` - **DO NOT** try to read log files directly with `Get-Content` or locate them manually - + If build failed: - Fix issues based on parsed error output - Rebuild and verify - + If build succeeded: - Compare warnings against baseline established in Phase 1 - If new warnings detected: @@ -183,7 +188,7 @@ The process consists of several interconnected phases: - Request user decision: fix warnings or proceed - Wait for user approval before continuing - If user approves proceeding, update baseline to include new warnings - + **CRITICAL: Before committing, restore paths.targets**: ```pwsh # MCP Tool: mcp_openssh-server_Invoke_Git @@ -203,6 +208,38 @@ The process consists of several interconnected phases: - Summarize batch changes, conflicts resolved, build status, validation status - Wait for user approval before proceeding to next batch - Document next steps (starting commit for next batch) + - After all batches complete on the scratch branch, proceed to the Real Branch Phase + +### Real Branch Phase +12. **Switch to the real merge branch:** + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Checkout", Target="merge-v-" + ``` + +13. **Perform a single merge** of the final upstream target: + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Merge", CommitHash="" + ``` + `git rerere` will automatically apply resolutions recorded during the scratch phase. + +14. **Replay remaining resolutions** from the log: + ```pwsh + # MCP Tool: mcp_openssh-server_Replay_MergeResolutions + # (reads from .git/merge-resolution-log.json) + ``` + Resolve any unmatched files manually using the log's strategy and rationale as guidance. + +15. **Complete the merge and apply build fixes:** + ```pwsh + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="MergeContinue" + ``` + Apply build fixes (config.h.vs, .vcxproj changes, etc.) as separate commits after the merge commit. + +16. **Final build and validation** on the real branch. + --- ## Build Phase diff --git a/.github/prompt/merge.prompt.md b/.github/prompt/merge.prompt.md index a75572557e79..0089b1bcbbba 100644 --- a/.github/prompt/merge.prompt.md +++ b/.github/prompt/merge.prompt.md @@ -12,7 +12,7 @@ Provide the following when you invoke this prompt: Operating guidance: - Use and follow merge-upstream.agent.md. Treat it as the primary operating guide. - Rely on the provided for repository overview, setup, build, merge strategy, and testing. Do not re-fetch or re-search them; assume they are already attached in context. -- Perform chunked merges ending at commits with CI runs; build after each batch. Only parse build logs if the build fails. +- Use the two-phase merge workflow: (1) incremental `git merge` on a scratch branch with resolution recording via `git rerere` and Save-MergeResolution, then (2) a single `git merge` on the real branch with resolution replay via `git rerere` and Replay-MergeResolutions. This preserves upstream commit history. - Build using the MCP tools: `mcp_openssh-server_Start_OpenSSHBuild` (Release/x64 by default). If the build fails, analyze with `mcp_openssh-server_Test_OpenSSHBuild`. - Apply Windows compatibility strategies as documented (prefer win32compat layer; guard with `#ifdef WINDOWS` when necessary; update VS projects for build system changes). - Summarize a plan, request approval between batches, and clearly list conflict resolutions and rationale. diff --git a/.github/tools/Get-ConflictContext.ps1 b/.github/tools/Get-ConflictContext.ps1 index e83d6a4c4fd3..46bab7be45b1 100644 --- a/.github/tools/Get-ConflictContext.ps1 +++ b/.github/tools/Get-ConflictContext.ps1 @@ -3,10 +3,10 @@ Retrieves three-way context for a conflicted file to aid complex conflict resolution. .DESCRIPTION - MCP-compatible tool that fetches three versions of a file involved in a cherry-pick - conflict — the upstream file before the commit, the upstream file after the commit, - and our fork's version (via MERGE_HEAD) — and extracts focused, line-numbered excerpts - centered on each changed hunk. + MCP-compatible tool that fetches three versions of a file involved in a merge or + cherry-pick conflict — the upstream file before the commit, the upstream file after + the commit, and our fork's version (via HEAD) — and extracts focused, line-numbered + excerpts centered on each changed hunk. For each hunk in the upstream diff, the tool locates the corresponding region in our fork using two-tier content matching: @@ -22,7 +22,8 @@ Path to the conflicted file, relative to the repository root. .PARAMETER CommitHash - The upstream commit SHA being cherry-picked that caused the conflict. + The upstream commit SHA that caused the conflict. During the scratch-branch merge + workflow, this is typically the batch endpoint commit passed to git merge. .PARAMETER ContextLines Number of lines of context above and below each hunk match to include in excerpts. @@ -344,11 +345,11 @@ $commitMsgResult = Invoke-GitCommand -Arguments @('log', '-1', '--pretty=format: $commitMessage = if ($commitMsgResult.Success) { $commitMsgResult.Output.Trim() } else { '' } # 5. Fetch the three file versions -# MERGE_HEAD is populated by git during an in-progress cherry-pick conflict -# and points to the commit being cherry-picked (our fork's working state before merge) +# HEAD is our fork's version of the file during both merge and cherry-pick conflicts. +# CommitHash^ is the upstream state before the commit; CommitHash is after. $upstreamBefore = Get-FileAtRef -Ref "${CommitHash}^" -File $FilePath $upstreamAfter = Get-FileAtRef -Ref "${CommitHash}" -File $FilePath -$ourFork = Get-FileAtRef -Ref 'MERGE_HEAD' -File $FilePath +$ourFork = Get-FileAtRef -Ref 'HEAD' -File $FilePath # 6. Parse hunks from the diff $hunks = Parse-DiffHunks -DiffText $upstreamDiff diff --git a/.github/tools/Invoke-Git.ps1 b/.github/tools/Invoke-Git.ps1 index f091e32b016c..3a30a1f53ade 100644 --- a/.github/tools/Invoke-Git.ps1 +++ b/.github/tools/Invoke-Git.ps1 @@ -15,6 +15,7 @@ .PARAMETER Operation The git operation to perform. One of: CherryPick, CherryPickContinue, CherryPickAbort, + Merge, MergeContinue, MergeAbort, Add, Checkout, CreateBranch, Commit, Push, Fetch, Config, Reset, Clean, @@ -22,7 +23,7 @@ .PARAMETER CommitHash A commit SHA or any git ref (branch name, tag, etc.). - Used by: CherryPick, Show. + Used by: CherryPick, Merge, Show. .PARAMETER Range A git range expression (e.g. "abc123^..def456" or "HEAD..upstream/V_10_0_P2"). @@ -78,6 +79,7 @@ Message [string] Human-readable summary Plus operation-specific fields: CherryPick (on failure): ConflictedFiles [string[]] + Merge (on failure): ConflictedFiles [string[]] Log / ShasOnly: Commits [{Hash, Message}] Status: ConflictedFiles [string[]], ModifiedFiles [string[]] Commit (on success): CommitHash [string] @@ -152,6 +154,26 @@ # MCP Tool: mcp_openssh-server_Invoke_Git # Operation="Reset", Target="HEAD", Mode="hard" +.EXAMPLE + # Merge an upstream batch endpoint into the current branch + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Merge", CommitHash="6fb728df50c1afd338cb0223a84ce24579577eff" + +.EXAMPLE + # Continue a merge after resolving conflicts + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="MergeContinue" + +.EXAMPLE + # Abort an in-progress merge + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="MergeAbort" + +.EXAMPLE + # Enable rerere for merge resolution recording + # MCP Tool: mcp_openssh-server_Invoke_Git + # Operation="Config", Key="rerere.enabled", Value="true" + .EXAMPLE # Remove untracked files (recovery) # MCP Tool: mcp_openssh-server_Invoke_Git @@ -162,6 +184,7 @@ param( [Parameter(Mandatory)] [ValidateSet( 'CherryPick', 'CherryPickContinue', 'CherryPickAbort', + 'Merge', 'MergeContinue', 'MergeAbort', 'Add', 'Checkout', 'CreateBranch', 'Commit', 'Push', 'Fetch', 'Config', 'Reset', 'Clean', @@ -169,7 +192,7 @@ param( )] [string]$Operation, - # CherryPick, Show — accepts any git ref: commit SHA, branch name, tag, etc. + # CherryPick, Merge, Show — accepts any git ref: commit SHA, branch name, tag, etc. [string]$CommitHash = '', # Log (plain or ShasOnly), Diff — git range expression e.g. "abc123^..def456" @@ -290,6 +313,26 @@ $result = switch ($Operation) { Invoke-GitCommand -Arguments @('cherry-pick', '--abort') } + 'Merge' { + if (-not $CommitHash) { throw 'CommitHash is required for Merge (target ref to merge)' } + $r = Invoke-GitCommand -Arguments @('merge', '--no-ff', $CommitHash) + if (-not $r.Success) { + $statusResult = Invoke-GitCommand -Arguments @('status', '--porcelain') + $r['ConflictedFiles'] = ($statusResult.Output -split "`n") | + Where-Object { $_ -match '^(UU|AA|DD|AU|UA|DU|UD)\s' } | + ForEach-Object { $_.Substring(3).Trim() } + } + $r + } + + 'MergeContinue' { + Invoke-GitCommand -Arguments @('merge', '--continue') + } + + 'MergeAbort' { + Invoke-GitCommand -Arguments @('merge', '--abort') + } + 'Add' { Invoke-GitCommand -Arguments @('add', $Path) } diff --git a/.github/tools/Replay-MergeResolutions.ps1 b/.github/tools/Replay-MergeResolutions.ps1 new file mode 100644 index 000000000000..7006c44de9a9 --- /dev/null +++ b/.github/tools/Replay-MergeResolutions.ps1 @@ -0,0 +1,201 @@ +<# +.SYNOPSIS + Replays saved conflict resolutions from the merge resolution log onto + currently conflicted files. + +.DESCRIPTION + MCP-compatible tool for the real-branch phase of the scratch-branch merge + workflow. Reads .git/merge-resolution-log.json (populated during the scratch + phase by Save-MergeResolution.ps1) and attempts to apply saved resolutions + to files that are currently in a conflicted state (UU/AA/etc. in git status). + + For each conflicted file that has a matching entry in the log, the tool writes + the saved resolved content and stages the file with git add. + + Files not found in the log are reported as unmatched so the agent can resolve + them manually. + +.PARAMETER DryRun + When specified, reports what would be applied without modifying any files. + +.OUTPUTS + Hashtable with: + Success [bool] Whether the operation completed without errors + Message [string] Human-readable summary + ResolvedFiles [string[]] Files successfully resolved from the log + UnmatchedFiles [string[]] Conflicted files with no log entry + FailedFiles [string[]] Files where replay was attempted but failed + LogPath [string] Absolute path to the resolution log + +.EXAMPLE + # Replay all saved resolutions onto current merge conflicts + # MCP Tool: mcp_openssh-server_Replay_MergeResolutions + +.EXAMPLE + # Preview what would be replayed without modifying files + # MCP Tool: mcp_openssh-server_Replay_MergeResolutions + # DryRun=true +#> + +param( + [switch]$DryRun +) + +Set-StrictMode -Version Latest +$ErrorActionPreference = 'Stop' + +# ── Git process helper (same pattern as Invoke-Git.ps1) ────────────────────── + +function Invoke-GitCommand { + param([string[]]$Arguments) + + $processInfo = [System.Diagnostics.ProcessStartInfo]::new() + $processInfo.FileName = 'git' + $processInfo.Arguments = ($Arguments | ForEach-Object { + if ($_ -match '\s') { "`"$_`"" } else { $_ } + }) -join ' ' + $processInfo.UseShellExecute = $false + $processInfo.CreateNoWindow = $true + $processInfo.RedirectStandardInput = $true + $processInfo.RedirectStandardOutput = $true + $processInfo.RedirectStandardError = $true + + $process = [System.Diagnostics.Process]::new() + $process.StartInfo = $processInfo + $process.Start() | Out-Null + $process.StandardInput.Close() + + $stdoutTask = $process.StandardOutput.ReadToEndAsync() + $stderrTask = $process.StandardError.ReadToEndAsync() + + $completed = $process.WaitForExit(30000) + + if (-not $completed) { + $process.Kill() + return @{ + ExitCode = -1 + Success = $false + Output = '' + Error = "git $($Arguments -join ' ') timed out after 30 seconds" + } + } + + return @{ + ExitCode = $process.ExitCode + Success = ($process.ExitCode -eq 0) + Output = $stdoutTask.GetAwaiter().GetResult().TrimEnd() + Error = $stderrTask.GetAwaiter().GetResult().TrimEnd() + } +} + +# ── Locate and read the resolution log ─────────────────────────────────────── + +$gitDir = Join-Path (Get-Location) '.git' +$logPath = Join-Path $gitDir 'merge-resolution-log.json' + +if (-not (Test-Path $logPath)) { + return @{ + Success = $false + Message = 'No resolution log found at .git/merge-resolution-log.json. Run the scratch-branch phase first.' + ResolvedFiles = @() + UnmatchedFiles = @() + FailedFiles = @() + LogPath = $logPath + } +} + +$log = Get-Content -Raw $logPath | ConvertFrom-Json + +if (-not $log.resolutions -or $log.resolutions.Count -eq 0) { + return @{ + Success = $true + Message = 'Resolution log is empty — no saved resolutions to replay.' + ResolvedFiles = @() + UnmatchedFiles = @() + FailedFiles = @() + LogPath = $logPath + } +} + +# ── Build a lookup of saved resolutions keyed by file path ─────────────────── +# If multiple entries exist for the same file (across batches), use the latest one. + +$resolutionMap = @{} +foreach ($entry in $log.resolutions) { + $resolutionMap[$entry.file] = $entry +} + +# ── Get currently conflicted files from git status ─────────────────────────── + +$statusResult = Invoke-GitCommand -Arguments @('status', '--porcelain') +$conflictedFiles = @() +if ($statusResult.Output) { + $conflictedFiles = ($statusResult.Output -split "`n") | + Where-Object { $_ -match '^(UU|AA|DD|AU|UA|DU|UD)\s' } | + ForEach-Object { $_.Substring(3).Trim() } +} + +if ($conflictedFiles.Count -eq 0) { + return @{ + Success = $true + Message = 'No conflicted files found — nothing to replay.' + ResolvedFiles = @() + UnmatchedFiles = @() + FailedFiles = @() + LogPath = $logPath + } +} + +# ── Replay resolutions ────────────────────────────────────────────────────── + +$resolvedFiles = [System.Collections.Generic.List[string]]::new() +$unmatchedFiles = [System.Collections.Generic.List[string]]::new() +$failedFiles = [System.Collections.Generic.List[string]]::new() + +foreach ($file in $conflictedFiles) { + if (-not $resolutionMap.ContainsKey($file)) { + $unmatchedFiles.Add($file) + continue + } + + $entry = $resolutionMap[$file] + + if ($DryRun) { + $resolvedFiles.Add($file) + continue + } + + try { + # Decode the saved resolved content and write it to the file + $contentBytes = [System.Convert]::FromBase64String($entry.resolved_content_base64) + $fullFilePath = Join-Path (Get-Location) $file + [System.IO.File]::WriteAllBytes($fullFilePath, $contentBytes) + + # Stage the resolved file + $addResult = Invoke-GitCommand -Arguments @('add', $file) + if (-not $addResult.Success) { + $failedFiles.Add($file) + continue + } + + $resolvedFiles.Add($file) + } catch { + $failedFiles.Add($file) + } +} + +# ── Return result ──────────────────────────────────────────────────────────── + +$dryRunNote = if ($DryRun) { ' (DRY RUN — no files modified)' } else { '' } +$message = "Replay complete${dryRunNote}: $($resolvedFiles.Count) resolved, " + + "$($unmatchedFiles.Count) unmatched, $($failedFiles.Count) failed " + + "(out of $($conflictedFiles.Count) conflicted files)." + +return @{ + Success = ($failedFiles.Count -eq 0) + Message = $message + ResolvedFiles = $resolvedFiles.ToArray() + UnmatchedFiles = $unmatchedFiles.ToArray() + FailedFiles = $failedFiles.ToArray() + LogPath = $logPath +} diff --git a/.github/tools/Save-MergeResolution.ps1 b/.github/tools/Save-MergeResolution.ps1 new file mode 100644 index 000000000000..049d0e739172 --- /dev/null +++ b/.github/tools/Save-MergeResolution.ps1 @@ -0,0 +1,160 @@ +<# +.SYNOPSIS + Records a conflict resolution entry to the merge resolution log. + +.DESCRIPTION + MCP-compatible tool that saves details about how a conflicted file was resolved + during the scratch-branch phase of the merge workflow. The resolution — including + the resolved file content, strategy, and rationale — is appended to a JSON log + at .git/merge-resolution-log.json. + + This log is consumed by Replay-MergeResolutions.ps1 during the real-branch + single-merge phase to automatically re-apply known resolutions. + +.PARAMETER FilePath + Path to the resolved file, relative to the repository root. + +.PARAMETER Strategy + The resolution strategy used. One of: + accept_upstream — Took the upstream change completely + ifdef_windows — Wrapped with #ifdef WINDOWS / #else / #endif + ifndef_windows — Excluded with #ifndef WINDOWS + combine — Combined upstream and Windows changes + manual — Custom resolution not fitting other categories + +.PARAMETER Rationale + Free-text explanation of why this resolution strategy was chosen. + +.PARAMETER BatchNumber + The batch number (from Get-CommitGroups) that this resolution belongs to. + +.PARAMETER UpstreamCommits + Comma-separated list of upstream commit SHAs that touched this file in this batch. + +.PARAMETER MergeTarget + The final upstream ref being merged (e.g. "upstream/V_10_1_P1"). Only needed on + the first invocation to initialise the log header. Ignored if log already exists. + +.OUTPUTS + Hashtable with: + Success [bool] Whether the entry was saved + Message [string] Human-readable summary + LogPath [string] Absolute path to the resolution log file + +.EXAMPLE + # Record a resolution after resolving auth.c + # MCP Tool: mcp_openssh-server_Save_MergeResolution + # FilePath="auth.c", Strategy="ifdef_windows", Rationale="Wrapped PAM code", + # BatchNumber=1, UpstreamCommits="abc1234,def5678" + +.EXAMPLE + # Record the first resolution (initialises log with MergeTarget) + # MCP Tool: mcp_openssh-server_Save_MergeResolution + # FilePath="channels.c", Strategy="accept_upstream", Rationale="Security fix", + # BatchNumber=1, UpstreamCommits="abc1234", MergeTarget="upstream/V_10_1_P1" +#> + +param( + [Parameter(Mandatory)] + [string]$FilePath, + + [Parameter(Mandatory)] + [ValidateSet('accept_upstream', 'ifdef_windows', 'ifndef_windows', 'combine', 'manual')] + [string]$Strategy, + + [Parameter(Mandatory)] + [string]$Rationale, + + [Parameter(Mandatory)] + [int]$BatchNumber, + + [string]$UpstreamCommits = '', + + [string]$MergeTarget = '' +) + +Set-StrictMode -Version Latest +$ErrorActionPreference = 'Stop' + +# ── Locate the log file inside .git ────────────────────────────────────────── + +$gitDir = Join-Path (Get-Location) '.git' +if (-not (Test-Path $gitDir)) { + return @{ + Success = $false + Message = 'Not inside a git repository — .git directory not found.' + LogPath = '' + } +} + +$logPath = Join-Path $gitDir 'merge-resolution-log.json' + +# ── Read or initialise the log ─────────────────────────────────────────────── + +if (Test-Path $logPath) { + $log = Get-Content -Raw $logPath | ConvertFrom-Json +} else { + $log = [PSCustomObject]@{ + merge_target = if ($MergeTarget) { $MergeTarget } else { 'unknown' } + created_at = (Get-Date -Format 'o') + resolutions = @() + } +} + +# ── Read the resolved file and compute hash ────────────────────────────────── + +$fullFilePath = Join-Path (Get-Location) $FilePath +if (-not (Test-Path $fullFilePath)) { + return @{ + Success = $false + Message = "Resolved file not found: ${FilePath}" + LogPath = $logPath + } +} + +$fileBytes = [System.IO.File]::ReadAllBytes($fullFilePath) +$sha256 = [System.Security.Cryptography.SHA256]::Create() +$hashBytes = $sha256.ComputeHash($fileBytes) +$hashString = ($hashBytes | ForEach-Object { $_.ToString('x2') }) -join '' +$contentB64 = [System.Convert]::ToBase64String($fileBytes) + +# ── Parse upstream commits ─────────────────────────────────────────────────── + +$commitList = if ($UpstreamCommits) { + ($UpstreamCommits -split ',') | ForEach-Object { $_.Trim() } | Where-Object { $_ } +} else { + @() +} + +# ── Build the entry ────────────────────────────────────────────────────────── + +$entry = [PSCustomObject]@{ + file = $FilePath + batch_number = $BatchNumber + upstream_commits = $commitList + strategy = $Strategy + rationale = $Rationale + resolved_content_sha256 = $hashString + resolved_content_base64 = $contentB64 + recorded_at = (Get-Date -Format 'o') +} + +# ── Append and save ────────────────────────────────────────────────────────── + +# ConvertFrom-Json returns a fixed-size array; convert to a list so we can add +$existingResolutions = [System.Collections.Generic.List[object]]::new() +if ($log.resolutions) { + foreach ($r in $log.resolutions) { + $existingResolutions.Add($r) + } +} +$existingResolutions.Add($entry) +$log.resolutions = $existingResolutions.ToArray() + +$log | ConvertTo-Json -Depth 10 | Set-Content -Path $logPath -Encoding utf8 + +return @{ + Success = $true + Message = "Resolution recorded for '${FilePath}' (batch ${BatchNumber}, strategy: ${Strategy}). Log has $($log.resolutions.Count) entries." + LogPath = $logPath +} From 443616ce9070d370c97271347e91fcfd24b5df84 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 19 Mar 2026 02:36:28 +0000 Subject: [PATCH 641/687] upstream: repair ssh-keysign after pledge changes; spotted/tested by naddy@ ok deraadt@ OpenBSD-Commit-ID: fccc6c7994c8f45c4417efe490d23154d9caaa6d --- ssh-keysign.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssh-keysign.c b/ssh-keysign.c index 167141c55b0c..6cfa51102a62 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.79 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.80 2026/03/19 02:36:28 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -185,9 +185,6 @@ main(int argc, char **argv) char *host, *fp, *pkalg; size_t slen, dlen; - if (pledge("stdio rpath getpw dns id", NULL) != 0) - fatal("%s: pledge: %s", __progname, strerror(errno)); - /* Ensure that stdin and stdout are connected */ if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) exit(1); @@ -195,6 +192,9 @@ main(int argc, char **argv) if (fd > 2) close(fd); + if (pledge("stdio rpath getpw dns id", NULL) != 0) + fatal("%s: pledge: %s", __progname, strerror(errno)); + for (i = 0; i < NUM_KEYTYPES; i++) key_fd[i] = -1; From 2ca6eef69d7dbecfd67cede25ea6a9aa1074ba3e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 23 Mar 2026 01:33:46 +0000 Subject: [PATCH 642/687] upstream: clarify that Authorized(Keys|Principals)(File|Command) are only consulted for valid users. clarify that TOKENS are expanded without sanitisation or escaping and that it's the user's reponsibility to ensure their usage is safe. prompted by bz3936; feedback/ok deraadt@ OpenBSD-Commit-ID: cd58abad1137346ba2dee55fa9ebb975f5fa7a06 --- ssh_config.5 | 13 ++++++++++--- sshd_config.5 | 17 ++++++++++++++--- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/ssh_config.5 b/ssh_config.5 index c5bf8338d813..b459b0449709 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.422 2026/02/09 22:12:48 dtucker Exp $ -.Dd $Mdocdate: February 9 2026 $ +.\" $OpenBSD: ssh_config.5,v 1.423 2026/03/23 01:33:46 djm Exp $ +.Dd $Mdocdate: March 23 2026 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -2305,7 +2305,14 @@ such as a wildcard: .Dl from=\&"!host1,!host2,*\&" .Sh TOKENS Arguments to some keywords can make use of tokens, -which are expanded at runtime: +which are expanded at runtime. +Tokens are expanded without quoting or escaping of shell characters. +It is the user's responsibility to ensure they are safe in the +context of their use. +.Pp +The supported tokens in +.Nm +are: .Pp .Bl -tag -width XXXX -offset indent -compact .It %% diff --git a/sshd_config.5 b/sshd_config.5 index 3b9303b8218b..5bcec932dde2 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.395 2026/02/09 22:12:48 dtucker Exp $ -.Dd $Mdocdate: February 9 2026 $ +.\" $OpenBSD: sshd_config.5,v 1.396 2026/03/23 01:33:46 djm Exp $ +.Dd $Mdocdate: March 23 2026 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -260,6 +260,7 @@ files and will not be executed if a matching key is found there. By default, no .Cm AuthorizedKeysCommand is run. +This command is only executed for valid users. .It Cm AuthorizedKeysCommandUser Specifies the user under whose account the .Cm AuthorizedKeysCommand @@ -292,6 +293,7 @@ Alternately this option may be set to to skip checking for user keys in files. The default is .Qq .ssh/authorized_keys .ssh/authorized_keys2 . +These files are only checked for valid users. .It Cm AuthorizedPrincipalsCommand Specifies a program to be used to generate the list of allowed certificate principals as per @@ -318,6 +320,7 @@ must contain a principal that is listed. By default, no .Cm AuthorizedPrincipalsCommand is run. +This command is only executed for valid users. .It Cm AuthorizedPrincipalsCommandUser Specifies the user under whose account the .Cm AuthorizedPrincipalsCommand @@ -359,6 +362,7 @@ The default is i.e. not to use a principals file \(en in this case, the username of the user must appear in a certificate's principals list for it to be accepted. +This file is only checked for valid users. .Pp Note that .Cm AuthorizedPrincipalsFile @@ -2189,7 +2193,14 @@ Time format examples: .El .Sh TOKENS Arguments to some keywords can make use of tokens, -which are expanded at runtime: +which are expanded at runtime. +Tokens are expanded without quoting or escaping of shell characters. +It is the administrator's responsibility to ensure they are safe in the +context of their use. +.Pp +The supported tokens in +.Nm +are: .Pp .Bl -tag -width XXXX -offset indent -compact .It %% From 12da685dfc98b14dddb5977a1fc52d06474f3308 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 19 Mar 2026 17:52:54 +1100 Subject: [PATCH 643/687] Upstream tests don't use the config file. --- .github/workflows/upstream.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml index 8bcb87b38e70..a190a490ecbb 100644 --- a/.github/workflows/upstream.yml +++ b/.github/workflows/upstream.yml @@ -3,7 +3,7 @@ name: OpenBSD on: push: branches: [ master ] - paths: [ '**.c', '**.h', '**.sh', '.github/configs', '.github/workflows/upstream.yml' ] + paths: [ '**.c', '**.h', '**.sh', '.github/workflows/upstream.yml' ] jobs: selfhosted: From 4bb4f1601e0776e71cfca50aae3680eb0771e2d0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 23 Mar 2026 17:50:40 +1100 Subject: [PATCH 644/687] Add a Valgrind test of the PAM config. --- .github/configs | 8 ++++++-- .github/workflows/c-cpp.yml | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/configs b/.github/configs index 8ee0f98781da..9ad2439df493 100755 --- a/.github/configs +++ b/.github/configs @@ -208,10 +208,14 @@ case "$config" in LIBCRYPTOFLAGS="--without-openssl" TEST_TARGET=t-exec ;; - valgrind-[1-4]|valgrind-unit) + valgrind-[1-4]|valgrind-unit|valgrind-pam-1) # rlimit sandbox and FORTIFY_SOURCE confuse Valgrind. CONFIGFLAGS="--without-sandbox --without-hardening" CONFIGFLAGS="$CONFIGFLAGS --with-cppflags=-D_FORTIFY_SOURCE=0" + if [ "${config}" = "valgrind-pam-1" ]; then + CONFIGFLAGS="$CONFIGFLAGS --with-pam" + SSHD_CONFOPTS="UsePam yes" + fi TEST_TARGET="t-exec USE_VALGRIND=1" TEST_SSH_ELAPSED_TIMES=1 export TEST_SSH_ELAPSED_TIMES @@ -222,7 +226,7 @@ case "$config" in tests3="krl forward-control sshsig agent-restrict kextype sftp" tests4="cert-userkey cert-hostkey kextype sftp-perm keygen-comment percent" case "$config" in - valgrind-1) + valgrind-1|valgrind-pam) # All tests except agent-timeout (which is flaky under valgrind), # connection-timeout (which doesn't work since it's so slow) # and hostbased (since valgrind won't let ssh exec keysign). diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index a132ed87f65f..02cd10bfbb6e 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -63,6 +63,7 @@ jobs: - { target: ubuntu-22.04, config: valgrind-2 } - { target: ubuntu-22.04, config: valgrind-3 } - { target: ubuntu-22.04, config: valgrind-4 } + - { target: ubuntu-22.04, config: valgrind-pam-1 } - { target: ubuntu-22.04, config: valgrind-unit } - { target: ubuntu-22.04, config: without-openssl } - { target: ubuntu-latest, config: gcc-14 } From d3efbba14fda78ed7b15fbc34cf34c1cf27d1716 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 19 Mar 2026 17:57:26 +1100 Subject: [PATCH 645/687] Add a VM-based test for OpenBSD-current. --- .github/workflows/vm.yml | 100 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index 4e0dd45391f8..dbfd6c186c33 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -307,6 +307,105 @@ jobs: doas -u builder env SUDO=doas make tests + openbsd-current-upstream: + # This job is special, and tests OpenBSD -current, both the underlying + # plaform (the latest snapshot) and most recent upstream code (or at least + # the most recent code in the github mirror) instead of OpenSSH Portable. + name: "openbsd-current-upstream" + if: github.repository != 'openssh/openssh-portable-selfhosted' + strategy: + fail-fast: false + runs-on: ubuntu-latest + steps: + - name: start OpenBSD VM + uses: vmactions/openbsd-vm@v1 + with: + copyback: false + nat: | + "20022": "22" + usesh: true + prepare: | + useradd -g wobj -m builder + echo "permit nopass keepenv root" >/etc/doas.conf + echo "permit nopass keepenv builder" >>/etc/doas.conf + ls -l /etc/doas.conf + chown root:wheel /etc/doas.conf + chmod 644 /etc/doas.conf + touch /etc/ssh/ssh_known_hosts + pkg_add git + + - name: Fetch sysupgrade version + run: | + ver=$(curl -s https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/BUILDINFO) + echo "SNAPSHOT_VERSION=${ver}" >> $GITHUB_ENV + - name: check for cached sysupgrade + id: cache-sysupgrade + uses: actions/cache@v4 + with: + key: openbsd-sysupgrade ${{ env.SNAPSHOT_VERSION }} + path: /tmp/_sysupgrade/ + - name: push sysupgrade from cache to VM + if: steps.cache-sysupgrade.outputs.cache-hit == 'true' + run: rsync -av /tmp/_sysupgrade/ openbsd:/home/_sysupgrade/ + - name: upgrade to latest snapshot + run: ssh -q openbsd sysupgrade -s -k || true + - name: wait for upgrade + run: | + SECONDS=0; sleep 10; while ! ssh -q -oConnectTimeout=1 openbsd true; do sleep 10; echo waited ${SECONDS}s; done + ssh -q openbsd uname -a + - name: retrieve sysupgrade from VM to cache + if: steps.cache-sysupgrade.outputs.cache-hit != 'true' + run: | + mkdir -p /tmp/_sysupgrade/ + rsync -av openbsd:/home/_sysupgrade/ /tmp/_sysupgrade/ + - name: save sysupgrade to cache + if: steps.cache-sysupgrade.outputs.cache-hit != 'true' + uses: actions/cache/save@v4 + with: + key: openbsd-sysupgrade ${{ env.SNAPSHOT_VERSION }} + path: /tmp/_sysupgrade/ + + - name: checkout upstream source + shell: openbsd {0} + run: | + umask 022 + cd /usr + rm -rf src/* + git clone --no-checkout --depth=1 --filter=tree:0 https://github.com/openbsd/src.git + cd /usr/src + git sparse-checkout set --no-cone Makefile usr.bin/Makefile usr.bin/Makefile.inc usr.bin/ssh usr.bin/nc regress/usr.bin/ssh + git checkout + git log -n1 + chown -R builder /usr/src + chmod -R go-w /usr/src/ /usr/obj/ + - name: make ssh + shell: openbsd {0} + run: | + cd /usr/src/usr.bin/ssh && make -j4 || make + make install + /etc/rc.d/sshd restart + - name: make nc + shell: openbsd {0} + run: cd /usr/src/usr.bin/nc && make && make install + - name: make tests + shell: openbsd {0} + run: | + cd /usr/src/regress/usr.bin/ssh + make obj + doas -u builder env SUDO=doas TEST_SSH_UNSAFE_PERMISSIONS=yes TEST_SSH_FAIL_FATAL=yes TEST_SSH_HOSTBASED_AUTH=setupandrun make + - name: retrieve logs + if: failure() + run: | + rsync -a openbsd:/usr/obj/regress/usr.bin/ssh/ regress-logs/ + for i in regress-logs/failed*.log; do echo ===; echo LOGFILE: $i; echo ===; cat $i; echo; done + - name: save logs + if: failure() + uses: actions/upload-artifact@main + with: + name: openbsd-current-upstream-logs + path: regress-logs/*.log + + solaris: name: "solaris-${{ matrix.target }}" if: github.repository != 'openssh/openssh-portable-selfhosted' @@ -368,3 +467,4 @@ jobs: run: | cd $GITHUB_WORKSPACE sudo -u builder make tests + From c5182e3f06f9f1fd86d62b9dcd0397408dd698da Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 28 Mar 2026 05:06:16 +0000 Subject: [PATCH 646/687] upstream: fix potential hang if /etc/moduli doesn't contain the requested DH group values; from 77c9ca, ok dtucker@, markus@ OpenBSD-Commit-ID: 1bf402cdb8876237c280ac77fbf7fafd2c16c5ae --- monitor.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/monitor.c b/monitor.c index b56646a2df54..b722baef5fae 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.254 2026/03/11 09:10:59 dtucker Exp $ */ +/* $OpenBSD: monitor.c,v 1.255 2026/03/28 05:06:16 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -689,7 +689,6 @@ mm_answer_moduli(struct ssh *ssh, int sock, struct sshbuf *m) if (dh == NULL) { if ((r = sshbuf_put_u8(m, 0)) != 0) fatal_fr(r, "assemble empty"); - return (0); } else { /* Send first bignum */ DH_get0_pqg(dh, &dh_p, NULL, &dh_g); From 21ecb5fd72ee442a8b1eb5011c7f929ba8ce02f9 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 28 Mar 2026 05:07:12 +0000 Subject: [PATCH 647/687] upstream: mention that RevokedKeys is read by the server at each authentication time and should only ever be replaced atomically. OpenBSD-Commit-ID: eeedf5a10331ac4e39fbd2fc41e4a11c38b2ef9b --- sshd_config.5 | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 5bcec932dde2..3f5e29812d3f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.396 2026/03/23 01:33:46 djm Exp $ -.Dd $Mdocdate: March 23 2026 $ +.\" $OpenBSD: sshd_config.5,v 1.397 2026/03/28 05:07:12 djm Exp $ +.Dd $Mdocdate: March 28 2026 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1855,6 +1855,11 @@ be refused for all users. Keys may be specified as a text file, listing one public key per line, or as an OpenSSH Key Revocation List (KRL) as generated by .Xr ssh-keygen 1 . +This file may be consulted for each public key authentication attempt +received by +.Xr sshd 8 +and its contents must be consistent at all times, therefore it should only +be atomically replaced and never modified in place while the server is running. For more information on KRLs, see the KEY REVOCATION LISTS section in .Xr ssh-keygen 1 . .It Cm RDomain From 8331cb9daafd23391de4379e9977ff159bb8242e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 28 Mar 2026 05:10:25 +0000 Subject: [PATCH 648/687] upstream: fix base16 parsing; currently unused. From Renaud Allard OpenBSD-Commit-ID: 3f6e5d4c6a2550d5a7e3c33bcd895b7f8e42196b --- sshbuf-misc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshbuf-misc.c b/sshbuf-misc.c index 7b11e4e1760b..c8ffdec685fb 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.22 2025/09/04 00:32:31 djm Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.23 2026/03/28 05:10:25 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -95,7 +95,7 @@ b16tod(const char v) return v - '0'; if (v >= 'a' && v <= 'f') return 10 + v - 'a'; - if (v >= 'A' && v <= 'A') + if (v >= 'A' && v <= 'F') return 10 + v - 'A'; return -1; } From fd5018fbeb6e91ae4321490c2825ecc632b83748 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 28 Mar 2026 05:16:18 +0000 Subject: [PATCH 649/687] upstream: ensure c->local_window doesn't underflow during updates; similar to checks performed elsewhere. From Renaud Allard OpenBSD-Commit-ID: 4827c10807936e9ab9af2cf1c7379e1f56dbdeac --- channels.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/channels.c b/channels.c index e36c3bbf8ff8..d7c55fc899d4 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.457 2026/03/05 05:40:35 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.458 2026/03/28 05:16:18 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -3507,7 +3507,10 @@ channel_input_data(int type, uint32_t seq, struct ssh *ssh) * updates are sent back. Otherwise the connection might deadlock. */ if (c->ostate != CHAN_OUTPUT_OPEN) { - c->local_window -= win_len; + if (win_len > c->local_window) + c->local_window = 0; + else + c->local_window -= win_len; c->local_consumed += win_len; return 0; } From fd7d4b2b52deaf296b06d78b85c97fdae31912e8 Mon Sep 17 00:00:00 2001 From: Icenowy Zheng Date: Sun, 22 Mar 2026 15:13:31 +0800 Subject: [PATCH 650/687] seccomp sandbox: allow riscv_hwprobe syscall if present The development branch of zlib-ng now contains code for utilizing riscv_hwprobe syscall to retrieve availability information for several RISC-V extensions (and accelerate deflate algorithm with them). As the seccomp sandbox of OpenSSH will raise SIGSYS for filtered out syscalls, this will abruptly terminate the process when the riscv_hwprobe syscall is tried. Put it into the allowlist to prevent process termination. As all syscalls here are guarded by #ifdef's, the same will be done for riscv_hwprobe, and thus on non-RISC-V builds nothing will happen. Signed-off-by: Icenowy Zheng --- sandbox-seccomp-filter.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index b3da8d5877b1..7b2444930d1a 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -405,6 +405,9 @@ static const struct sock_filter preauth_insns[] = { #ifdef __NR_read SC_ALLOW(__NR_read), #endif +#ifdef __NR_riscv_hwprobe + SC_ALLOW(__NR_riscv_hwprobe), +#endif #ifdef __NR_rt_sigprocmask SC_ALLOW(__NR_rt_sigprocmask), #endif From 6eb5a68c42a587df802d3d9a19088671269ffca8 Mon Sep 17 00:00:00 2001 From: Laurent Chardon Date: Sat, 28 Mar 2026 04:22:54 -0400 Subject: [PATCH 651/687] openbsd-compat: reword EAI_NONAME error string Reword the EAI_NONAME message in fake-rfc2553.c to make it clearer and grammatically correct. While there, remove a couple of stray periods from other error strings to keep the messages consistent. No functional change. --- openbsd-compat/fake-rfc2553.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openbsd-compat/fake-rfc2553.c b/openbsd-compat/fake-rfc2553.c index d5a62975aa46..5eaa47992b8d 100644 --- a/openbsd-compat/fake-rfc2553.c +++ b/openbsd-compat/fake-rfc2553.c @@ -94,13 +94,13 @@ gai_strerror(int err) case EAI_NODATA: return ("no address associated with name"); case EAI_MEMORY: - return ("memory allocation failure."); + return ("memory allocation failure"); case EAI_NONAME: - return ("nodename nor servname provided, or not known"); + return ("name or service is not known"); case EAI_FAMILY: return ("ai_family not supported"); default: - return ("unknown/invalid error."); + return ("unknown/invalid error"); } } #endif /* !HAVE_GAI_STRERROR */ From bdaf65ae51d62c6cb676bd341cc34217c1b24920 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 29 Mar 2026 16:24:59 +1100 Subject: [PATCH 652/687] fix state confusion between PAM and privsep code Commits b9a6dd4d6 and df2b28163 introduced a potential desynchronisation between the PAM code and the sshd-session monitor that could result in authentication bypass if the unprivileged sshd-auth process had been compromised. Reported by Ben Edelman of NIST. Only git HEAD is affected, these changes have not yet been included in an OpenSSH release. --- auth-pam.c | 8 ++++++++ auth-pam.h | 1 + monitor.c | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/auth-pam.c b/auth-pam.c index 4278a43a9480..d2b3c348319e 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -1015,6 +1015,14 @@ sshpam_free_ctx(void *ctxtp) */ } +int +sshpam_priv_kbdint_authdone(void *ctxtp) +{ + struct pam_ctxt *ctxt = ctxtp; + + return ctxt->pam_done == SshPamAuthenticated; +} + KbdintDevice sshpam_device = { "pam", sshpam_init_ctx, diff --git a/auth-pam.h b/auth-pam.h index c068bc8969d7..49133670107a 100644 --- a/auth-pam.h +++ b/auth-pam.h @@ -42,5 +42,6 @@ int sshpam_auth_passwd(Authctxt *, const char *); int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); int is_pam_session_open(void); +int sshpam_priv_kbdint_authdone(void *ctxtp); #endif /* USE_PAM */ diff --git a/monitor.c b/monitor.c index b722baef5fae..9d6672bb628e 100644 --- a/monitor.c +++ b/monitor.c @@ -1204,7 +1204,7 @@ mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m) fatal_f("no context"); ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, &num, &prompts, &echo_on); - if (ret == 0 && num == 0) + if (ret == 0 && num == 0 && sshpam_priv_kbdint_authdone(sshpam_ctxt)) sshpam_authok = sshpam_ctxt; if (num > 1 || name == NULL || info == NULL) fatal("sshpam_device.query failed"); From c90f46b6230826cdadacd6c32b62b0f8106a09da Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 29 Mar 2026 16:42:33 +1100 Subject: [PATCH 653/687] use nonnull attribute when available Set this attribute on a few string to avoid compiler warnings from -Wunterminated-string-initialization warnings in recent gcc. --- chacha.c | 4 ++-- configure.ac | 13 +++++++++++++ defines.h | 4 ++++ openbsd-compat/bcrypt_pbkdf.c | 2 +- 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/chacha.c b/chacha.c index 729aa03db07f..9d79b661c159 100644 --- a/chacha.c +++ b/chacha.c @@ -48,8 +48,8 @@ typedef struct chacha_ctx chacha_ctx; a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); -static const char sigma[16] = "expand 32-byte k"; -static const char tau[16] = "expand 16-byte k"; +static const char __attribute__ ((__nonstring__)) sigma[16] = "expand 32-byte k"; +static const char __attribute__ ((__nonstring__)) tau[16] = "expand 16-byte k"; void chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits) diff --git a/configure.ac b/configure.ac index 831dd85b836b..a8e9df66bddc 100644 --- a/configure.ac +++ b/configure.ac @@ -358,6 +358,19 @@ AC_COMPILE_IFELSE( [ AC_MSG_RESULT([no]) ] ) +saved_CFLAGS="$CFLAGS" +CFLAGS="$CFLAGS -Werror" +AC_MSG_CHECKING([if compiler supports __nonstring__ attribute on char arrays]) +AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[#include ]], + [[ char __attribute__ ((__nonstring__)) h[5] = "hello"; return h[0]!='h'; ]])], + [ AC_MSG_RESULT([yes]) + AC_DEFINE(HAVE_ATTRIBUTE__NONSTRING__, [1], + [compiler supports nonstring attribute]) ], + [ AC_MSG_RESULT([no]) ] +) +CFLAGS="$saved_CFLAGS" + if test "x$no_attrib_nonnull" != "x1" ; then AC_DEFINE([HAVE_ATTRIBUTE__NONNULL__], [1], [Have attribute nonnull]) fi diff --git a/defines.h b/defines.h index 1988b730c8a8..1d5bc049863e 100644 --- a/defines.h +++ b/defines.h @@ -604,6 +604,10 @@ struct winsize { # define __nonnull__(x) #endif +#if !defined(HAVE_ATTRIBUTE__NONSTRING__) && !defined(__nonstring__) +# define __nonstring__ +#endif + #ifndef OSSH_ALIGNBYTES #define OSSH_ALIGNBYTES (sizeof(int) - 1) #endif diff --git a/openbsd-compat/bcrypt_pbkdf.c b/openbsd-compat/bcrypt_pbkdf.c index c41c2d68b2e9..33c9ce109a72 100644 --- a/openbsd-compat/bcrypt_pbkdf.c +++ b/openbsd-compat/bcrypt_pbkdf.c @@ -73,7 +73,7 @@ static void bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) { blf_ctx state; - uint8_t ciphertext[BCRYPT_HASHSIZE] = + uint8_t __attribute__ ((__nonstring__)) ciphertext[BCRYPT_HASHSIZE] = "OxychromaticBlowfishSwatDynamite"; uint32_t cdata[BCRYPT_WORDS]; int i; From 54443b8665c9c29ea0e3f5a5176d8f3c3403ad7c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 29 Mar 2026 16:43:59 +1100 Subject: [PATCH 654/687] depend --- .depend | 161 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 80 insertions(+), 81 deletions(-) diff --git a/.depend b/.depend index da3676dcaf1d..88d9a1555776 100644 --- a/.depend +++ b/.depend @@ -9,48 +9,47 @@ audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-com audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h +auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h dispatch.h log.h ssherr.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h -auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h ssherr.h misc.h xmalloc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h +auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h dispatch.h uidswap.h pathnames.h log.h ssherr.h misc.h xmalloc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth.o: dispatch.h authfile.h monitor_wrap.h channels.h -auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h -auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h +auth.o: channels.h +auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h dispatch.h authfile.h monitor_wrap.h +auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h dispatch.h ssherr.h log.h misc.h servconf.h auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h -auth2-hostbased.o: monitor_wrap.h pathnames.h match.h -auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h -auth2-methods.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h xmalloc.h hostfile.h auth.h auth-pam.h audit.h loginrec.h -auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h misc.h servconf.h ssh2.h monitor_wrap.h -auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h -auth2-pubkey.o: auth-pam.h audit.h loginrec.h pathnames.h uidswap.h auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h -auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h +auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h monitor_wrap.h pathnames.h +auth2-hostbased.o: match.h +auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h ssherr.h misc.h servconf.h +auth2-methods.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h xmalloc.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h dispatch.h log.h ssherr.h misc.h servconf.h ssh2.h monitor_wrap.h +auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h +auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h +auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h -auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h -auth2.o: kex.h mac.h crypto_api.h -authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h log.h ssherr.h atomicio.h misc.h -authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h ssherr.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h krl.h +auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h kex.h mac.h crypto_api.h +authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h atomicio.h xmalloc.h +authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h authfile.h sshkey.h sshbuf.h krl.h bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h -canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h canohost.h misc.h +canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h canohost.h misc.h chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h -channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h +channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h pathnames.h match.h cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h cipher-chachapoly-libcrypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h cipher-chachapoly.h chacha.h poly1305.h -cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h +cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h openbsd-compat/openssl-compat.h cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h -clientloop.o: crypto_api.h myproposal.h log.h ssherr.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h hostfile.h -clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h -compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h log.h ssherr.h match.h +clientloop.o: hostfile.h +clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h sshbuf.h compat.h channels.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h +compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h dispatch.h compat.h log.h ssherr.h match.h dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h ssherr.h dispatch.h packet.h openbsd-compat/sys-queue.h -dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h +dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h ssherr.h dispatch.h packet.h +dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h dns.h log.h ssherr.h digest.h ed25519-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h @@ -59,49 +58,48 @@ groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h +hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h ssherr.h misc.h pathnames.h digest.h hmac.h sshbuf.h -kex-names.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kex.h mac.h crypto_api.h log.h ssherr.h match.h digest.h misc.h xmalloc.h -kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h ssh2.h atomicio.h version.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h log.h -kex.o: ssherr.h match.h misc.h monitor.h myproposal.h sshbuf.h digest.h xmalloc.h +kex-names.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kex.h mac.h crypto_api.h log.h ssherr.h match.h digest.h misc.h +kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h ssh2.h atomicio.h version.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h match.h misc.h +kex.o: myproposal.h sshbuf.h digest.h xmalloc.h kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h ssh2.h kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h -kexgen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h ssh2.h sshbuf.h digest.h +kexgen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h log.h ssherr.h packet.h dispatch.h ssh2.h sshbuf.h digest.h kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h kexmlkem768x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h log.h kexsntrup761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h -krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h utf8.h krl.h +krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h sshkey.h misc.h log.h digest.h bitmap.h utf8.h krl.h log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h match.h -loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h ssherr.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h misc.h +loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h ssherr.h atomicio.h packet.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h misc.h logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h misc-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h misc.h pathnames.h ssh.h xmalloc.h misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssherr.h ssh.h sshbuf.h moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h ssherr.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h sk-api.h srclimit.h -monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h +monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h +monitor.o: mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h ssherr.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h sk-api.h srclimit.h monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h monitor_fdpass.h -monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h -monitor_wrap.o: loginrec.h auth-options.h packet.h dispatch.h log.h ssherr.h monitor.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h monitor_wrap.h srclimit.h -msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h -mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssherr.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h -nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h channels.h compat.h log.h -packet.o: channels.h ssh.h packet.h dispatch.h sshbuf.h -packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h digest.h log.h ssherr.h canohost.h misc.h +monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h +monitor_wrap.o: packet.h dispatch.h log.h ssherr.h monitor.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h monitor_wrap.h srclimit.h +msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h log.h ssherr.h atomicio.h msg.h misc.h +mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h ssh.h ssh2.h misc.h match.h sshbuf.h channels.h packet.h dispatch.h monitor_fdpass.h sshpty.h readconf.h clientloop.h +nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h sshbuf.h packet.h dispatch.h channels.h compat.h log.h ssherr.h +packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h digest.h log.h ssherr.h canohost.h misc.h packet.h dispatch.h sshbuf.h platform-listen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h -platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h openbsd-compat/sys-queue.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h utf8.h -readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h crypto_api.h -readconf.o: uidswap.h myproposal.h digest.h version.h -readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssherr.h ssh.h uidswap.h +readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h ssherr.h sshkey.h misc.h readconf.h match.h kex.h mac.h crypto_api.h myproposal.h digest.h +readconf.o: version.h +readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssherr.h ssh.h rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sandbox-darwin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h @@ -109,68 +107,69 @@ sandbox-null.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd- sandbox-rlimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h atomicio.h pathnames.h log.h ssherr.h misc.h progressmeter.h utf8.h sftp.h sftp-common.h sftp-client.h -servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h ssherr.h sshbuf.h misc.h servconf.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h -servconf.o: kex.h mac.h crypto_api.h match.h channels.h groupaccess.h canohost.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h version.h -serverloop.o: cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h -serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h sshbuf.h log.h ssherr.h misc.h servconf.h canohost.h sshpty.h channels.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h -session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h -session.o: rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h monitor_wrap.h sftp.h atomicio.h -sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h +scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h atomicio.h pathnames.h log.h ssherr.h misc.h progressmeter.h utf8.h sftp.h sftp-common.h sftp-client.h +servconf.o: groupaccess.h canohost.h packet.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h version.h +servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshbuf.h misc.h servconf.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h match.h channels.h +serverloop.o: crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h +serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h dispatch.h sshbuf.h log.h ssherr.h misc.h servconf.h canohost.h sshpty.h channels.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h +session.o: hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h monitor_wrap.h sftp.h atomicio.h +session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h +sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h -sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h +sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h sftp-realpath.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sftp.h misc.h xmalloc.h sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h -sftp-usergroup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h log.h ssherr.h xmalloc.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-usergroup.h -sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h pathnames.h misc.h utf8.h sftp.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-usergroup.h +sftp-usergroup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h xmalloc.h sftp-common.h sftp-client.h sftp-usergroup.h +sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h pathnames.h misc.h utf8.h sftp.h sshbuf.h sftp-common.h sftp-client.h sftp-usergroup.h sk-usbhid.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -srclimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h addr.h canohost.h log.h ssherr.h misc.h srclimit.h xmalloc.h servconf.h openbsd-compat/sys-queue.h match.h +srclimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h addr.h canohost.h log.h ssherr.h misc.h srclimit.h xmalloc.h servconf.h match.h ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h log.h ssherr.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h digest.h ssh-sk.h sk-api.h hostfile.h -ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h myproposal.h +ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h digest.h match.h msg.h pathnames.h ssh-pkcs11.h sk-api.h myproposal.h ssh-ecdsa-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h sshbuf.h ssherr.h digest.h sshkey.h ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh-ed25519-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h digest.h -ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh.h +ssh-ed25519-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h digest.h +ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h ssherr.h sshbuf.h sshkey.h ssh-keygen.o: cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h sshbuf.h pathnames.h log.h ssherr.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h atomicio.h krl.h digest.h utf8.h authfd.h sshsig.h ssh-sk.h sk-api.h cipher.h -ssh-keyscan.o: dispatch.h log.h ssherr.h atomicio.h misc.h hostfile.h ssh_api.h ssh2.h dns.h addr.h -ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h +ssh-keyscan.o: atomicio.h misc.h hostfile.h ssh_api.h ssh2.h dns.h addr.h +ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h dispatch.h log.h ssherr.h ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h pathnames.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h atomicio.h ssh-pkcs11.h ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h log.h ssherr.h misc.h sshkey.h authfd.h ssh-pkcs11.h ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshkey.h ssh-pkcs11.h ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h digest.h pathnames.h ssh-sk.h misc.h +ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sshbuf.h sshkey.h msg.h pathnames.h ssh-sk.h misc.h ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssh-sk.h ssh-pkcs11.h ssh-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -ssh.o: channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h ssherr.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h myproposal.h utf8.h -ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h -ssh_api.o: authfile.h dh.h misc.h version.h myproposal.h sshbuf.h openbsd-compat/openssl-compat.h -ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h ssherr.h +ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h ssh2.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h channels.h sshkey.h authfd.h authfile.h +ssh.o: pathnames.h clientloop.h log.h ssherr.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h match.h version.h utf8.h +ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h ssherr.h authfile.h dh.h misc.h version.h +ssh_api.o: myproposal.h sshbuf.h openbsd-compat/openssl-compat.h sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf-io.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h atomicio.h sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h -sshconnect.o: authfile.h authfd.h kex.h mac.h crypto_api.h -sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h sshkey.h sshconnect.h log.h ssherr.h match.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h -sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h -sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h ssherr.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h utf8.h ssh-sk.h sk-api.h -sshd-auth.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h ssh-sandbox.h dh.h -sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h -sshd-session.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h dh.h -sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h -sshd.o: audit.h loginrec.h authfd.h msg.h version.h sk-api.h addr.h srclimit.h atomicio.h monitor_wrap.h -sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h +sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h compat.h packet.h dispatch.h sshkey.h sshconnect.h log.h ssherr.h match.h misc.h readconf.h dns.h monitor_fdpass.h authfile.h authfd.h kex.h mac.h crypto_api.h +sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h sshconnect.h authfile.h authfd.h +sshconnect2.o: log.h ssherr.h misc.h readconf.h match.h canohost.h msg.h pathnames.h hostfile.h utf8.h ssh-sk.h sk-api.h +sshd-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h +sshd-auth.o: sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h ssh-sandbox.h dh.h +sshd-session.o: digest.h sshkey.h kex.h mac.h crypto_api.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h auth-options.h version.h sk-api.h srclimit.h dh.h +sshd-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h +sshd.o: addr.h srclimit.h atomicio.h monitor_wrap.h +sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshpty.h log.h ssherr.h sshbuf.h misc.h servconf.h compat.h digest.h sshkey.h authfile.h pathnames.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h version.h sk-api.h +ssherr-libcrypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h +ssherr-nolibcrypto.o: ssherr.h ssherr.o: ssherr.h sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h match.h ssh-sk.h ssh-pkcs11.h openbsd-compat/openssl-compat.h -sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h openbsd-compat/sys-queue.h +sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h ssherr.h misc.h sshsig.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h authfd.h authfile.h log.h ssherr.h misc.h sshbuf.h sshsig.h sshkey.h match.h digest.h sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h -ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h ssherr.h compat.h sshbuf.h ttymodes.h +ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h dispatch.h log.h ssherr.h compat.h sshbuf.h ttymodes.h uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h uidswap.h xmalloc.h umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h From b62a6cfbed3481dac8bff35fab22cf489bb0b77f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 29 Mar 2026 01:08:13 +0000 Subject: [PATCH 655/687] upstream: switch from int to long long for bandwidth calculations; fixes rate display when rate > 2GB/s; based on patch from Cyril Servant feedback/ok deraadt@ OpenBSD-Commit-ID: 071eb48c4cba598d70ea3854bef7c49ddfabf8d3 --- progressmeter.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/progressmeter.c b/progressmeter.c index 2c169768f60f..22f510a79361 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.c,v 1.56 2025/06/11 13:27:11 dtucker Exp $ */ +/* $OpenBSD: progressmeter.c,v 1.57 2026/03/29 01:08:13 djm Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -67,7 +67,7 @@ static off_t end_pos; /* ending position of transfer */ static off_t cur_pos; /* transfer position as of last refresh */ static volatile off_t *counter; /* progress counter */ static long stalled; /* how long we have been stalled */ -static int bytes_per_second; /* current speed in bytes per second */ +static long long bytes_per_second; /* current speed in bytes per second */ static int win_size; /* terminal window size */ static volatile sig_atomic_t win_resized; /* for window resizing */ static volatile sig_atomic_t alarm_fired; @@ -128,7 +128,7 @@ refresh_progress_meter(int force_update) double elapsed, now; int percent; off_t bytes_left; - int cur_speed; + long long cur_speed; int hours, minutes, seconds; int file_len, cols; From 0a0ef4515361143cad21afa072319823854c1cf6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 30 Mar 2026 07:18:24 +0000 Subject: [PATCH 656/687] upstream: apply the same validity rules to usernames and hostnames set for ProxyJump/-J on the commandline as we do for destination user/host names. Specifically, they are no longer allowed to contain most characters that have special meaning for common shells. Special characters are still allowed in ProxyJump commands that are specified in the config files. This _reduces_ the chance that shell characters from a hostile -J option from ending up in a shell execution context. Don't pass untrusted stuff to the ssh commandline, it's not intended to be a security boundary. We try to make it safe where we can, but we can't make guarantees, because we can't know the parsing rules and special characters for all the shells in the world, nor can we know what the user does with this data in their ssh_config wrt percent expansion, LocalCommand, match exec, etc. While I'm in there, make ProxyJump and ProxyCommand first-match-wins between each other. reported by rabbit; ok dtucker@ OpenBSD-Commit-ID: f05ad8a1eb5f6735f9a935a71a90580226759263 --- readconf.c | 124 +++++++++++++++++++++++++++++++++++++---------------- readconf.h | 6 ++- ssh.c | 50 +++------------------ 3 files changed, 97 insertions(+), 83 deletions(-) diff --git a/readconf.c b/readconf.c index 8e0d11f6acde..10cbd04ba1b9 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.410 2026/02/14 00:18:34 jsg Exp $ */ +/* $OpenBSD: readconf.c,v 1.411 2026/03/30 07:18:24 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1528,9 +1528,6 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, case oProxyCommand: charptr = &options->proxy_command; - /* Ignore ProxyCommand if ProxyJump already specified */ - if (options->jump_host != NULL) - charptr = &options->jump_host; /* Skip below */ parse_command: if (str == NULL) { error("%.200s line %d: Missing argument.", @@ -1551,7 +1548,7 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, } len = strspn(str, WHITESPACE "="); /* XXX use argv? */ - if (parse_jump(str + len, options, *activep) == -1) { + if (parse_jump(str + len, options, cmdline, *activep) == -1) { error("%.200s line %d: Invalid ProxyJump \"%s\"", filename, linenum, str + len); goto out; @@ -3428,65 +3425,116 @@ parse_forward(struct Forward *fwd, const char *fwdspec, int dynamicfwd, int remo } int -parse_jump(const char *s, Options *o, int active) +ssh_valid_hostname(const char *s) { - char *orig, *sdup, *cp; - char *host = NULL, *user = NULL; - int r, ret = -1, port = -1, first; + size_t i; - active &= o->proxy_command == NULL && o->jump_host == NULL; + if (*s == '-') + return 0; + for (i = 0; s[i] != 0; i++) { + if (strchr("'`\"$\\;&<>|(){},", s[i]) != NULL || + isspace((u_char)s[i]) || iscntrl((u_char)s[i])) + return 0; + } + return 1; +} - orig = sdup = xstrdup(s); +int +ssh_valid_ruser(const char *s) +{ + size_t i; + + if (*s == '-') + return 0; + for (i = 0; s[i] != 0; i++) { + if (iscntrl((u_char)s[i])) + return 0; + if (strchr("'`\";&<>|(){}", s[i]) != NULL) + return 0; + /* Disallow '-' after whitespace */ + if (isspace((u_char)s[i]) && s[i + 1] == '-') + return 0; + /* Disallow \ in last position */ + if (s[i] == '\\' && s[i + 1] == '\0') + return 0; + } + return 1; +} + +int +parse_jump(const char *s, Options *o, int strict, int active) +{ + char *orig = NULL, *sdup = NULL, *cp; + char *tmp_user = NULL, *tmp_host = NULL, *host = NULL, *user = NULL; + int r, ret = -1, tmp_port = -1, port = -1, first = 1; + + if (strcasecmp(s, "none") == 0) { + if (active && o->jump_host == NULL) { + o->jump_host = xstrdup("none"); + o->jump_port = 0; + } + return 0; + } - /* Remove comment and trailing whitespace */ + orig = xstrdup(s); if ((cp = strchr(orig, '#')) != NULL) *cp = '\0'; rtrim(orig); - first = active; + active &= o->proxy_command == NULL && o->jump_host == NULL; + sdup = xstrdup(orig); do { - if (strcasecmp(s, "none") == 0) - break; + /* Work backwards through string */ if ((cp = strrchr(sdup, ',')) == NULL) cp = sdup; /* last */ else *cp++ = '\0'; - if (first) { - /* First argument and configuration is active */ - r = parse_ssh_uri(cp, &user, &host, &port); - if (r == -1 || (r == 1 && - parse_user_host_port(cp, &user, &host, &port) != 0)) + r = parse_ssh_uri(cp, &tmp_user, &tmp_host, &tmp_port); + if (r == -1 || (r == 1 && parse_user_host_port(cp, + &tmp_user, &tmp_host, &tmp_port) != 0)) + goto out; /* error already logged */ + if (strict) { + if (!ssh_valid_hostname(tmp_host)) { + error_f("invalid hostname \"%s\"", tmp_host); goto out; - } else { - /* Subsequent argument or inactive configuration */ - r = parse_ssh_uri(cp, NULL, NULL, NULL); - if (r == -1 || (r == 1 && - parse_user_host_port(cp, NULL, NULL, NULL) != 0)) + } + if (tmp_user != NULL && !ssh_valid_ruser(tmp_user)) { + error_f("invalid username \"%s\"", tmp_user); goto out; + } + } + if (first) { + user = tmp_user; + host = tmp_host; + port = tmp_port; + tmp_user = tmp_host = NULL; /* transferred */ } first = 0; /* only check syntax for subsequent hosts */ + free(tmp_user); + free(tmp_host); + tmp_user = tmp_host = NULL; + tmp_port = -1; } while (cp != sdup); + /* success */ if (active) { - if (strcasecmp(s, "none") == 0) { - o->jump_host = xstrdup("none"); - o->jump_port = 0; - } else { - o->jump_user = user; - o->jump_host = host; - o->jump_port = port; - o->proxy_command = xstrdup("none"); - user = host = NULL; - if ((cp = strrchr(s, ',')) != NULL && cp != s) { - o->jump_extra = xstrdup(s); - o->jump_extra[cp - s] = '\0'; - } + o->jump_user = user; + o->jump_host = host; + o->jump_port = port; + o->proxy_command = xstrdup("none"); + user = host = NULL; /* transferred */ + if (orig != NULL && (cp = strrchr(orig, ',')) != NULL) { + o->jump_extra = xstrdup(orig); + o->jump_extra[cp - orig] = '\0'; } } ret = 0; out: free(orig); + free(sdup); + free(tmp_user); + free(tmp_host); free(user); free(host); return ret; diff --git a/readconf.h b/readconf.h index 4626d74a20af..dbcb417250e1 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.162 2026/02/11 22:57:55 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.163 2026/03/30 07:18:24 djm Exp $ */ /* * Author: Tatu Ylonen @@ -247,7 +247,9 @@ int process_config_line(Options *, struct passwd *, const char *, int read_config_file(const char *, struct passwd *, const char *, const char *, const char *, Options *, int, int *); int parse_forward(struct Forward *, const char *, int, int); -int parse_jump(const char *, Options *, int); +int ssh_valid_hostname(const char *); +int ssh_valid_ruser(const char *); +int parse_jump(const char *, Options *, int, int); int parse_ssh_uri(const char *, char **, char **, int *); int default_ssh_port(void); int option_clear_or_none(const char *); diff --git a/ssh.c b/ssh.c index 9d8fb0a83758..6339dc4b25d1 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.628 2026/03/05 05:40:36 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.629 2026/03/30 07:18:24 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -632,43 +632,6 @@ ssh_conn_info_free(struct ssh_conn_info *cinfo) free(cinfo); } -static int -valid_hostname(const char *s) -{ - size_t i; - - if (*s == '-') - return 0; - for (i = 0; s[i] != 0; i++) { - if (strchr("'`\"$\\;&<>|(){},", s[i]) != NULL || - isspace((u_char)s[i]) || iscntrl((u_char)s[i])) - return 0; - } - return 1; -} - -static int -valid_ruser(const char *s) -{ - size_t i; - - if (*s == '-') - return 0; - for (i = 0; s[i] != 0; i++) { - if (iscntrl((u_char)s[i])) - return 0; - if (strchr("'`\";&<>|(){}", s[i]) != NULL) - return 0; - /* Disallow '-' after whitespace */ - if (isspace((u_char)s[i]) && s[i + 1] == '-') - return 0; - /* Disallow \ in last position */ - if (s[i] == '\\' && s[i + 1] == '\0') - return 0; - } - return 1; -} - /* * Main program for the ssh client. */ @@ -920,9 +883,9 @@ main(int ac, char **av) } if (options.proxy_command != NULL) fatal("Cannot specify -J with ProxyCommand"); - if (parse_jump(optarg, &options, 1) == -1) + if (parse_jump(optarg, &options, 1, 1) == -1) + fatal("Invalid -J argument"); - options.proxy_command = xstrdup("none"); break; case 't': if (options.request_tty == REQUEST_TTY_YES) @@ -1172,7 +1135,7 @@ main(int ac, char **av) if (!host) usage(); - if (!valid_hostname(host)) + if (!ssh_valid_hostname(host)) fatal("hostname contains invalid characters"); options.host_arg = xstrdup(host); @@ -1343,7 +1306,8 @@ main(int ac, char **av) sshbin = "ssh"; /* Consistency check */ - if (options.proxy_command != NULL) + if (options.proxy_command != NULL && + strcasecmp(options.proxy_command, "none") != 0) fatal("inconsistent options: ProxyCommand+ProxyJump"); /* Never use FD passing for ProxyJump */ options.proxy_use_fdpass = 0; @@ -1485,7 +1449,7 @@ main(int ac, char **av) * via configuration (i.e. not expanded) are not subject to validation. */ if ((user_on_commandline || user_expanded) && - !valid_ruser(options.user)) + !ssh_valid_ruser(options.user)) fatal("remote username contains invalid characters"); /* Now User is expanded, store it and calculate hash. */ From 5576e260a0f9836ca55c8279e342c63d1a0851d1 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 23 Mar 2026 09:09:36 +0000 Subject: [PATCH 657/687] upstream: Add special handling of TEST_SSH_HOSTBASED_AUTH=setupandrun. This will MODIFY THE CONFIG OF THE SYSTEM IT IS RUNNING ON to enable hostbased authentication to/from itself and run the hostbased tests. It won't undo these changes, so don't do this on a system where this matters. OpenBSD-Regress-ID: ae5a86db1791a2b8f999b07b5c8cc756d40bf645 --- regress/hostbased.sh | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/regress/hostbased.sh b/regress/hostbased.sh index 5de176b18bf7..3798f8b830e7 100644 --- a/regress/hostbased.sh +++ b/regress/hostbased.sh @@ -1,8 +1,8 @@ -# $OpenBSD: hostbased.sh,v 1.5 2025/05/06 06:05:48 djm Exp $ +# $OpenBSD: hostbased.sh,v 1.6 2026/03/23 09:09:36 dtucker Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless -# TEST_SSH_HOSTBASED_AUTH and SUDO are set to "yes". +# TEST_SSH_HOSTBASED_AUTH and SUDO are set. # Since ssh-keysign has key paths hard coded, unlike the other tests it # needs to use the real host keys. It requires: # - ssh-keysign must be installed and setuid. @@ -10,12 +10,31 @@ # - the system's own real FQDN the system-wide shosts.equiv. # - the system's real public key fingerprints must be in global ssh_known_hosts. # +# Setting TEST_SSH_HOSTBASED_AUTH to the special value "setupandrun" will, +# if run with SUDO, perform this setup and run the test. Note that this will +# modify the global config to enable HostbasedAuthentication and leave it +# enabled, so do not do this on a system that matters. +# tid="hostbased" if [ -z "${TEST_SSH_HOSTBASED_AUTH}" ]; then skip "TEST_SSH_HOSTBASED_AUTH not set." elif [ -z "${SUDO}" ]; then skip "SUDO not set" +elif [ "${TEST_SSH_HOSTBASED_AUTH}" = "setupandrun" ]; then + verbose "setting up system for hostbased auth" + knownhosts=`$SSH -G localhost | \ + awk '$1=="globalknownhostsfile" {print $2}'` + sshconf=`dirname $knownhosts` + hostname | $SUDO tee $sshconf/shosts.equiv >/dev/null + if ! grep "^EnableSSHKeysign yes" $sshconf/ssh_config >/dev/null; then + echo "EnableSSHKeysign yes" | \ + $SUDO tee -a $sshconf/ssh_config >/dev/null + fi + for pubkey in $sshconf/ssh_host*key*.pub; do + echo `hostname` `cat $pubkey` | \ + $SUDO tee -a $knownhosts >/dev/null + done fi # Enable all supported hostkey algos (but no others) From 2ecfcc0aae651621535e345a1c23ff6d2a9593c9 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 23 Mar 2026 09:53:52 +0000 Subject: [PATCH 658/687] upstream: Check if host keys exist before adding them, and expand on the warning about modifying the system config. OpenBSD-Regress-ID: 68038da909f9c992375b7665dab0331d6af426b7 --- regress/hostbased.sh | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/regress/hostbased.sh b/regress/hostbased.sh index 3798f8b830e7..4df6002793b3 100644 --- a/regress/hostbased.sh +++ b/regress/hostbased.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostbased.sh,v 1.6 2026/03/23 09:09:36 dtucker Exp $ +# $OpenBSD: hostbased.sh,v 1.7 2026/03/23 09:53:52 dtucker Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless @@ -12,8 +12,8 @@ # # Setting TEST_SSH_HOSTBASED_AUTH to the special value "setupandrun" will, # if run with SUDO, perform this setup and run the test. Note that this will -# modify the global config to enable HostbasedAuthentication and leave it -# enabled, so do not do this on a system that matters. +# MODIFY THE SYSTEM'S GLOBAL CONFIG to enable HostbasedAuthentication and +# leave it enabled, so do not do this on a system that matters. # tid="hostbased" @@ -32,8 +32,10 @@ elif [ "${TEST_SSH_HOSTBASED_AUTH}" = "setupandrun" ]; then $SUDO tee -a $sshconf/ssh_config >/dev/null fi for pubkey in $sshconf/ssh_host*key*.pub; do - echo `hostname` `cat $pubkey` | \ - $SUDO tee -a $knownhosts >/dev/null + line="`hostname` `cat $pubkey`" + if ! grep "$line" "$knownhosts" >/dev/null; then + echo "$line" | $SUDO tee -a $knownhosts >/dev/null + fi done fi From 445db5cb620d73c9af1f1791c523aaf3d2236854 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 24 Mar 2026 10:21:14 +0000 Subject: [PATCH 659/687] upstream: Ensure known_hosts file exists when setting up. OpenBSD-Regress-ID: 92721cad4c219fe62b7b795a73505c22e56f09e0 --- regress/hostbased.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/regress/hostbased.sh b/regress/hostbased.sh index 4df6002793b3..9451c5a3e410 100644 --- a/regress/hostbased.sh +++ b/regress/hostbased.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostbased.sh,v 1.7 2026/03/23 09:53:52 dtucker Exp $ +# $OpenBSD: hostbased.sh,v 1.8 2026/03/24 10:21:14 dtucker Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless @@ -31,6 +31,7 @@ elif [ "${TEST_SSH_HOSTBASED_AUTH}" = "setupandrun" ]; then echo "EnableSSHKeysign yes" | \ $SUDO tee -a $sshconf/ssh_config >/dev/null fi + touch "$knownhosts" for pubkey in $sshconf/ssh_host*key*.pub; do line="`hostname` `cat $pubkey`" if ! grep "$line" "$knownhosts" >/dev/null; then From 55fc7bfd1d3a46f4856fd68f09da60d901fac626 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Tue, 24 Mar 2026 12:31:35 +0000 Subject: [PATCH 660/687] upstream: Use ~/.shosts for Hostbased test. OpenBSD-Regress-ID: ab64fd0a86422df1eadacde56c0a2cff5d93425d --- regress/hostbased.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/regress/hostbased.sh b/regress/hostbased.sh index 9451c5a3e410..69808ceb7c6b 100644 --- a/regress/hostbased.sh +++ b/regress/hostbased.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostbased.sh,v 1.8 2026/03/24 10:21:14 dtucker Exp $ +# $OpenBSD: hostbased.sh,v 1.9 2026/03/24 12:31:35 dtucker Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless @@ -26,12 +26,12 @@ elif [ "${TEST_SSH_HOSTBASED_AUTH}" = "setupandrun" ]; then knownhosts=`$SSH -G localhost | \ awk '$1=="globalknownhostsfile" {print $2}'` sshconf=`dirname $knownhosts` - hostname | $SUDO tee $sshconf/shosts.equiv >/dev/null + hostname >~/.shosts if ! grep "^EnableSSHKeysign yes" $sshconf/ssh_config >/dev/null; then echo "EnableSSHKeysign yes" | \ $SUDO tee -a $sshconf/ssh_config >/dev/null fi - touch "$knownhosts" + $SUDO touch "$knownhosts" for pubkey in $sshconf/ssh_host*key*.pub; do line="`hostname` `cat $pubkey`" if ! grep "$line" "$knownhosts" >/dev/null; then @@ -47,6 +47,7 @@ cat >>$OBJ/sshd_proxy < Date: Mon, 30 Mar 2026 07:19:02 +0000 Subject: [PATCH 661/687] upstream: add a regression test for ProxyJump/-J; ok dtucker OpenBSD-Regress-ID: 400dc1b5fb7f2437d0dfbd2eb9a3583dafb412b3 --- regress/Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/regress/Makefile b/regress/Makefile index 93826c2816bf..ae45bd463fe4 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.143 2026/02/15 22:29:30 dtucker Exp $ +# $OpenBSD: Makefile,v 1.144 2026/03/30 07:19:02 djm Exp $ tests: prep file-tests t-exec unit @@ -118,7 +118,8 @@ LTESTS= connect \ penalty-expire \ connect-bigconf \ ssh-pkcs11 \ - ssh-tty + ssh-tty \ + proxyjump INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers INTEROP_TESTS+= dropbear-ciphers dropbear-kex dropbear-server From 1340d3fa8e4bb122906a82159c4c9b91584d65ce Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 30 Mar 2026 21:58:44 +1100 Subject: [PATCH 662/687] Add proxyjump.sh omitted from previous commit. --- regress/proxyjump.sh | 102 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 regress/proxyjump.sh diff --git a/regress/proxyjump.sh b/regress/proxyjump.sh new file mode 100644 index 000000000000..af472e963214 --- /dev/null +++ b/regress/proxyjump.sh @@ -0,0 +1,102 @@ +# $OpenBSD: proxyjump.sh,v 1.1 2026/03/30 07:19:02 djm Exp $ +# Placed in the Public Domain. + +tid="proxyjump" + +# Parsing tests +verbose "basic parsing" +for jspec in \ + "jump1" \ + "user@jump1" \ + "jump1:2222" \ + "user@jump1:2222" \ + "jump1,jump2" \ + "user1@jump1:2221,user2@jump2:2222" \ + "ssh://user@host:2223" \ + ; do + case "$jspec" in + "jump1") expected="jump1" ;; + "user@jump1") expected="user@jump1" ;; + "jump1:2222") expected="jump1:2222" ;; + "user@jump1:2222") expected="user@jump1:2222" ;; + "jump1,jump2") expected="jump1,jump2" ;; + "user1@jump1:2221,user2@jump2:2222") + expected="user1@jump1:2221,user2@jump2:2222" ;; + "ssh://user@host:2223") expected="user@host:2223" ;; + esac + f=`${SSH} -GF /dev/null -oProxyJump="$jspec" somehost | \ + awk '/^proxyjump /{print $2}'` + if [ "$f" != "$expected" ]; then + fail "ProxyJump $jspec: expected $expected, got $f" + fi + f=`${SSH} -GF /dev/null -J "$jspec" somehost | \ + awk '/^proxyjump /{print $2}'` + if [ "$f" != "$expected" ]; then + fail "ssh -J $jspec: expected $expected, got $f" + fi +done + +verbose "precedence" +f=`${SSH} -GF /dev/null -oProxyJump=none -oProxyJump=jump1 somehost | \ + grep "^proxyjump "` +if [ -n "$f" ]; then + fail "ProxyJump=none first did not win" +fi +f=`${SSH} -GF /dev/null -oProxyJump=jump -oProxyCommand=foo somehost | \ + grep "^proxyjump "` +if [ "$f" != "proxyjump jump" ]; then + fail "ProxyJump first did not win over ProxyCommand" +fi +f=`${SSH} -GF /dev/null -oProxyCommand=foo -oProxyJump=jump somehost | \ + grep "^proxycommand "` +if [ "$f" != "proxycommand foo" ]; then + fail "ProxyCommand first did not win over ProxyJump" +fi + +verbose "command-line -J invalid characters" +cp $OBJ/ssh_config $OBJ/ssh_config.orig +for jspec in \ + "host;with;semicolon" \ + "host'with'quote" \ + "host\`with\`backtick" \ + "host\$with\$dollar" \ + "host(with)brace" \ + "user;with;semicolon@host" \ + "user'with'quote@host" \ + "user\`with\`backtick@host" \ + "user(with)brace@host" ; do + ${SSH} -GF /dev/null -J "$jspec" somehost >/dev/null 2>&1 + if [ $? -ne 255 ]; then + fail "ssh -J \"$jspec\" was not rejected" + fi + ${SSH} -GF /dev/null -oProxyJump="$jspec" somehost >/dev/null 2>&1 + if [ $? -ne 255 ]; then + fail "ssh -oProxyJump=\"$jspec\" was not rejected" + fi +done +# Special characters should be accepted in the config though. +echo "ProxyJump user;with;semicolon@host;with;semicolon" >> $OBJ/ssh_config +f=`${SSH} -GF $OBJ/ssh_config somehost | grep "^proxyjump "` +if [ "$f" != "proxyjump user;with;semicolon@host;with;semicolon" ]; then + fail "ProxyJump did not allow special characters in config: $f" +fi + +verbose "functional test" +# Use different names to avoid the loop detection in ssh.c +grep -iv HostKeyAlias $OBJ/ssh_config.orig > $OBJ/ssh_config +cat << _EOF >> $OBJ/ssh_config +Host jump-host + HostkeyAlias jump-host +Host target-host + HostkeyAlias target-host +_EOF +cp $OBJ/known_hosts $OBJ/known_hosts.orig +sed 's/^[^ ]* /jump-host /' < $OBJ/known_hosts.orig > $OBJ/known_hosts +sed 's/^[^ ]* /target-host /' < $OBJ/known_hosts.orig >> $OBJ/known_hosts +start_sshd + +verbose "functional ProxyJump" +res=`${REAL_SSH} -F $OBJ/ssh_config -J jump-host target-host echo "SUCCESS" 2>/dev/null` +if [ "$res" != "SUCCESS" ]; then + fail "functional test failed: expected SUCCESS, got $res" +fi From 52c01f2a8019002c70cfd93be87ff9adee1d0e73 Mon Sep 17 00:00:00 2001 From: Michael Forney Date: Tue, 31 Mar 2026 12:54:22 +1100 Subject: [PATCH 663/687] add missing include to unit tests for printf This fixes the build with --without-openssl on musl. glibc worked previously because it got stdio.h implicitly through resolv.h. --- regress/unittests/kex/tests.c | 4 ++++ regress/unittests/sshkey/tests.c | 2 ++ 2 files changed, 6 insertions(+) diff --git a/regress/unittests/kex/tests.c b/regress/unittests/kex/tests.c index a3ef19ef410a..d8a38e04a1e5 100644 --- a/regress/unittests/kex/tests.c +++ b/regress/unittests/kex/tests.c @@ -3,6 +3,10 @@ * Placed in the public domain */ +#include "includes.h" + +#include + #include "../test_helper/test_helper.h" void kex_tests(void); diff --git a/regress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c index 5511e7b8900d..426543bd7c37 100644 --- a/regress/unittests/sshkey/tests.c +++ b/regress/unittests/sshkey/tests.c @@ -7,6 +7,8 @@ #include "includes.h" +#include + #include "../test_helper/test_helper.h" void sshkey_tests(void); From fe86c39751d38eb9e9b03ace1e31aa4586ea6660 Mon Sep 17 00:00:00 2001 From: Michael Forney Date: Wed, 1 Apr 2026 12:09:00 +1100 Subject: [PATCH 664/687] avoid k suffix in dd count operand in sftp-resume test Not all dd implementations support this. POSIX only specifies suffixes for block size operands. Instead, just use 1024k to avoid the special case. This also removes an incorrect redirection operator that appeared in the 1m case. --- regress/sftp-resume.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/regress/sftp-resume.sh b/regress/sftp-resume.sh index f4fe8f9281dc..4ab0f1d68ef6 100644 --- a/regress/sftp-resume.sh +++ b/regress/sftp-resume.sh @@ -10,7 +10,7 @@ increase_datafile_size 1200 for cmd in put get; do verbose "$tid: ${cmd}" - for size in 0 1 1k 1m size-1 same; do + for size in 0 1 1k 1024k size-1 same; do trace "$tid: test ${cmd} ${size}" rm -rf ${COPY}.1 ${COPY}.2 cp ${DATA} ${COPY}.1 @@ -24,8 +24,6 @@ for cmd in put get; do ;; same) cp ${DATA} ${COPY}.2 ;; - 1m) dd if=${COPY}.1 of=${COPY}.2 bs=1k count=1k >/dev/null 2<&1 - ;; *) dd if=${COPY}.1 of=${COPY}.2 bs=${size} count=1 >/dev/null 2>&1 ;; esac From 5d72f1865b95ebfd99ea7baa8f6f2a4b721d151e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 2 Apr 2026 18:32:00 +1100 Subject: [PATCH 665/687] properly bail out when PAM changes username OpenSSH doesn't support PAM changing its conception of the username via a module calling pam_set_item(h, PAM_USER, ...). We were supposed to bail out here, but I messed up while "fixing" this last time and dropped a return statement. Reported by Mike Damm --- auth-pam.c | 1 + 1 file changed, 1 insertion(+) diff --git a/auth-pam.c b/auth-pam.c index d2b3c348319e..29607e04134f 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -474,6 +474,7 @@ check_pam_user(Authctxt *authctxt) if (strcmp(sshpam_initial_user, pam_user) != 0) { error_f("PAM user \"%s\" does not match previous \"%s\"", pam_user, sshpam_initial_user); + return PAM_USER_UNKNOWN; } return PAM_SUCCESS; } From 78d549857e0cc480c3cbb0a3571078920e3b79c5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:38:14 +0000 Subject: [PATCH 666/687] upstream: Fix possible sshd crash when sshd_config set MaxStartups to a value <10 using the single-argument form of MaxStartups (e.g. MaxStartups=3). This doesn't affect the three-argument form of the directive (e.g. MaxStartups 3:20:5). Patch from Peter Kaestle via bz3941 OpenBSD-Commit-ID: 1ad093cae69f55ebfdea1ab24318aefd593d63b8 --- servconf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/servconf.c b/servconf.c index 14f0cabad604..668259a2074b 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.445 2026/02/17 21:45:07 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.446 2026/04/02 07:38:14 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2015,12 +2015,12 @@ process_server_config_line_depth(ServerOptions *options, char *line, filename, linenum, keyword); } else if (n == 1) { value3 = value; - value = value2 = -1; + value2 = -1; } else { fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); } - if (value3 <= 0 || (value2 != -1 && value <= 0)) + if (value <= 0 || value3 <= 0) fatal("%s line %d: Invalid %s spec.", filename, linenum, keyword); if (*activep && options->max_startups == -1) { From c805b97b67c774e0bf922ffb29dfbcda9d7b5add Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:39:57 +0000 Subject: [PATCH 667/687] upstream: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..."; reported by Michalis Vasileiadis OpenBSD-Commit-ID: 8dd7b9b96534e9a8726916b96d36bed466d3836a --- mux.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/mux.c b/mux.c index 5e20c7760a6c..0cd169732cd3 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.112 2026/03/05 05:40:36 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.113 2026/04/02 07:39:57 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -1172,6 +1172,16 @@ mux_master_process_proxy(struct ssh *ssh, u_int rid, debug_f("channel %d: proxy request", c->self); + if (options.control_master == SSHCTL_MASTER_ASK || + options.control_master == SSHCTL_MASTER_AUTO_ASK) { + if (!ask_permission("Allow multiplex proxy connection?")) { + debug2_f("proxy refused by user"); + reply_error(reply, MUX_S_PERMISSION_DENIED, rid, + "Permission denied"); + return 0; + } + } + c->mux_rcb = channel_proxy_downstream; if ((r = sshbuf_put_u32(reply, MUX_S_PROXY)) != 0 || (r = sshbuf_put_u32(reply, rid)) != 0) From 487e8ac146f7d6616f65c125d5edb210519b833a Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:42:16 +0000 Subject: [PATCH 668/687] upstream: when downloading files as root in legacy (-O) mode and without the -p (preserve modes) flag set, clear setuid/setgid bits from downloaded files as one might expect. AFAIK this bug dates back to the original Berkeley rcp program. Reported by Christos Papakonstantinou of Cantina and Spearbit. OpenBSD-Commit-ID: 49e902fca8dd933a92a9b547ab31f63e86729fa1 --- scp.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scp.c b/scp.c index e46daef90b22..1faa9a555744 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.272 2026/02/08 19:54:31 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.273 2026/04/02 07:42:16 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -1678,8 +1678,10 @@ sink(int argc, char **argv, const char *src) setimes = targisdir = 0; mask = umask(0); - if (!pflag) + if (!pflag) { + mask |= 07000; (void) umask(mask); + } if (argc != 1) { run_err("ambiguous target"); exit(1); From fd1c7e131f331942d20f42f31e79912d570081fa Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:48:13 +0000 Subject: [PATCH 669/687] upstream: correctly match ECDSA signature algorithms against algorithm allowlists: HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms. Previously, if any ECDSA type (say "ecdsa-sha2-nistp521") was present in one of these lists, then all ECDSA algorithms would be permitted. Reported by Christos Papakonstantinou of Cantina and Spearbit. OpenBSD-Commit-ID: c790e2687c35989ae34a00e709be935c55b16a86 --- auth2-hostbased.c | 9 +++++---- auth2-pubkey.c | 9 +++++---- auth2-pubkeyfile.c | 26 +++++++++++++++----------- sshconnect2.c | 28 ++++++++++++++++++---------- 4 files changed, 43 insertions(+), 29 deletions(-) diff --git a/auth2-hostbased.c b/auth2-hostbased.c index e2ed8b3eb665..8a1acdec3f7c 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.56 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.57 2026/04/02 07:48:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -96,9 +96,10 @@ userauth_hostbased(struct ssh *ssh, const char *method) error_f("cannot decode key: %s", pkalg); goto done; } - if (key->type != pktype) { - error_f("type mismatch for decoded key " - "(received %d, expected %d)", key->type, pktype); + if (key->type != pktype || (sshkey_type_plain(pktype) == KEY_ECDSA && + sshkey_ecdsa_nid_from_name(pkalg) != key->ecdsa_nid)) { + error_f("key type mismatch for decoded key " + "(received %s, expected %s)", sshkey_ssh_name(key), pkalg); goto done; } if (match_pattern_list(pkalg, options.hostbased_accepted_algos, 0) != 1) { diff --git a/auth2-pubkey.c b/auth2-pubkey.c index be378f266c87..e446ef4122b2 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.125 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.126 2026/04/02 07:48:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -148,9 +148,10 @@ userauth_pubkey(struct ssh *ssh, const char *method) error_f("cannot decode key: %s", pkalg); goto done; } - if (key->type != pktype) { - error_f("type mismatch for decoded key " - "(received %d, expected %d)", key->type, pktype); + if (key->type != pktype || (sshkey_type_plain(pktype) == KEY_ECDSA && + sshkey_ecdsa_nid_from_name(pkalg) != key->ecdsa_nid)) { + error_f("key type mismatch for decoded key " + "(received %s, expected %s)", sshkey_ssh_name(key), pkalg); goto done; } if (auth2_key_already_used(authctxt, key)) { diff --git a/auth2-pubkeyfile.c b/auth2-pubkeyfile.c index 896ea19967de..e729cc50a6d4 100644 --- a/auth2-pubkeyfile.c +++ b/auth2-pubkeyfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkeyfile.c,v 1.7 2025/12/22 01:49:03 djm Exp $ */ +/* $OpenBSD: auth2-pubkeyfile.c,v 1.8 2026/04/02 07:48:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -50,6 +50,7 @@ #include "authfile.h" #include "match.h" #include "ssherr.h" +#include "xmalloc.h" int auth_authorise_keyopts(struct passwd *pw, struct sshauthopt *opts, @@ -146,20 +147,23 @@ auth_authorise_keyopts(struct passwd *pw, struct sshauthopt *opts, static int match_principals_option(const char *principal_list, struct sshkey_cert *cert) { - char *result; + char *list, *olist, *entry; u_int i; - /* XXX percent_expand() sequences for authorized_principals? */ - - for (i = 0; i < cert->nprincipals; i++) { - if ((result = match_list(cert->principals[i], - principal_list, NULL)) != NULL) { - debug3("matched principal from key options \"%.100s\"", - result); - free(result); - return 1; + olist = list = xstrdup(principal_list); + for (;;) { + if ((entry = strsep(&list, ",")) == NULL || *entry == '\0') + break; + for (i = 0; i < cert->nprincipals; i++) { + if (strcmp(entry, cert->principals[i]) == 0) { + debug3("matched principal from key i" + "options \"%.100s\"", entry); + free(olist); + return 1; + } } } + free(olist); return 0; } diff --git a/sshconnect2.c b/sshconnect2.c index e4f5bd0fdec6..478a9a52fd38 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.384 2026/03/03 09:57:25 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.385 2026/04/02 07:48:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -85,6 +85,7 @@ extern Options options; static char *xxx_host; static struct sockaddr *xxx_hostaddr; static const struct ssh_conn_info *xxx_conn_info; +static int key_type_allowed(struct sshkey *, const char *); static int verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) @@ -94,6 +95,10 @@ verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) if ((r = sshkey_check_rsa_length(hostkey, options.required_rsa_size)) != 0) fatal_r(r, "Bad server host key"); + if (!key_type_allowed(hostkey, options.hostkeyalgorithms)) { + fatal("Server host key %s not in HostKeyAlgorithms", + sshkey_ssh_name(hostkey)); + } if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, xxx_conn_info) != 0) fatal("Host key verification failed."); @@ -1598,34 +1603,37 @@ load_identity_file(Identity *id) } static int -key_type_allowed_by_config(struct sshkey *key) +key_type_allowed(struct sshkey *key, const char *allowlist) { - if (match_pattern_list(sshkey_ssh_name(key), - options.pubkey_accepted_algos, 0) == 1) + if (match_pattern_list(sshkey_ssh_name(key), allowlist, 0) == 1) return 1; /* RSA keys/certs might be allowed by alternate signature types */ switch (key->type) { case KEY_RSA: - if (match_pattern_list("rsa-sha2-512", - options.pubkey_accepted_algos, 0) == 1) + if (match_pattern_list("rsa-sha2-512", allowlist, 0) == 1) return 1; - if (match_pattern_list("rsa-sha2-256", - options.pubkey_accepted_algos, 0) == 1) + if (match_pattern_list("rsa-sha2-256", allowlist, 0) == 1) return 1; break; case KEY_RSA_CERT: if (match_pattern_list("rsa-sha2-512-cert-v01@openssh.com", - options.pubkey_accepted_algos, 0) == 1) + allowlist, 0) == 1) return 1; if (match_pattern_list("rsa-sha2-256-cert-v01@openssh.com", - options.pubkey_accepted_algos, 0) == 1) + allowlist, 0) == 1) return 1; break; } return 0; } +static int +key_type_allowed_by_config(struct sshkey *key) +{ + return key_type_allowed(key, options.pubkey_accepted_algos); +} + /* obtain a list of keys from the agent */ static int get_agent_identities(struct ssh *ssh, int *agent_fdp, From 76685c9b09a66435cd2ad8373246adf1c53976d3 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:50:55 +0000 Subject: [PATCH 670/687] upstream: move username validity check for usernames specified on MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit the commandline to earlier in main(), specifically before some contexts where a username with shell characters might be expanded by a %u directive in ssh_config. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We continue to recommend against using untrusted input on the SSH commandline. Mitigations like this are not 100% guarantees of safety because we can't control every combination of user shell and configuration where they are used. Reported by Florian Kohnhäuser OpenBSD-Commit-ID: 25ef72223f5ccf1c38d307ae77c23c03f59acc55 --- ssh.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/ssh.c b/ssh.c index 6339dc4b25d1..531f28eb2a56 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.629 2026/03/30 07:18:24 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.630 2026/04/02 07:50:55 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1135,8 +1135,15 @@ main(int ac, char **av) if (!host) usage(); + /* + * Validate commandline-specified values that end up in %tokens + * before they are used in config parsing. + */ + if (options.user != NULL && !ssh_valid_ruser(options.user)) + fatal("remote username contains invalid characters"); if (!ssh_valid_hostname(host)) fatal("hostname contains invalid characters"); + options.host_arg = xstrdup(host); /* Initialize the command to execute on remote host. */ From eb3a5bb2abd4798ff546564eb2210d188efaf0f1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:51:12 +0000 Subject: [PATCH 671/687] upstream: openssh-10.3 OpenBSD-Commit-ID: 05e22de74e090e5a174998fa5799317d70ad19c4 --- version.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/version.h b/version.h index 086cdba98516..fceafae97661 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.107 2025/10/08 00:32:52 djm Exp $ */ +/* $OpenBSD: version.h,v 1.108 2026/04/02 07:51:12 djm Exp $ */ -#define SSH_VERSION "OpenSSH_10.2" +#define SSH_VERSION "OpenSSH_10.3" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE From 5aa09926fbf050d484a79717fadec8360c5c5645 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 2 Apr 2026 07:52:15 +0000 Subject: [PATCH 672/687] upstream: adapt to username validity check change OpenBSD-Regress-ID: d22c66ca60f0d934a75e6ca752c4c11b9f4a5324 --- regress/percent.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/regress/percent.sh b/regress/percent.sh index c607c8d23aa0..e32a77f0a95b 100644 --- a/regress/percent.sh +++ b/regress/percent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: percent.sh,v 1.22 2025/09/04 03:04:44 djm Exp $ +# $OpenBSD: percent.sh,v 1.23 2026/04/02 07:52:15 djm Exp $ # Placed in the Public Domain. tid="percent expansions" @@ -140,7 +140,7 @@ done FOO=bar export FOO for i in controlpath identityagent forwardagent localforward remoteforward \ - user setenv userknownhostsfile; do + setenv userknownhostsfile; do verbose $tid $i dollar trial $i '${FOO}' $FOO done @@ -175,7 +175,7 @@ ${SSH} -F $OBJ/ssh_proxy -G "${FOO}@somehost" && fail "user-at expanded env" # Literal control characters in config is acceptable verbose $tid user control-literal -trial user "$FOO" "$FOO" +#trial user "$FOO" "$FOO" # Control characters expanded from config aren't. ${SSH} -F $OBJ/ssh_proxy -G '-oUser=${FOO}' somehost && \ From f8b9d694fc20349b6c48a4af03a0499dea00f5f9 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 2 Apr 2026 18:55:50 +1100 Subject: [PATCH 673/687] Update versions in RPM spec files --- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index a8fe2ecd0620..735d532d04aa 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%global ver 10.1p1 +%global ver 10.3p1 %global rel 1%{?dist} # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 63ea57064d10..1ca2db16a14d 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 10.1p1 +Version: 10.3p1 URL: https://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz From 4168c905943f7f715182180b9f7c8cda54af2514 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 2 Apr 2026 18:56:48 +1100 Subject: [PATCH 674/687] depend --- .depend | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.depend b/.depend index 88d9a1555776..134a986596a0 100644 --- a/.depend +++ b/.depend @@ -28,7 +28,7 @@ auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-co auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h channels.h session.h sk-api.h auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h kex.h mac.h crypto_api.h sshbuf.h log.h ssherr.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h -auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h +auth2-pubkeyfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h log.h ssherr.h misc.h sshkey.h digest.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfile.h match.h xmalloc.h auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h dispatch.h log.h ssherr.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h monitor_wrap.h digest.h kex.h mac.h crypto_api.h authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h sshbuf.h sshkey.h authfd.h log.h ssherr.h misc.h atomicio.h xmalloc.h authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/bsd-sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h authfile.h sshkey.h sshbuf.h krl.h From 500b2036a0572f587898805078d7df788de50d67 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 2 Apr 2026 19:08:44 +1100 Subject: [PATCH 675/687] update release notes URL --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index ec6c320c646f..e15b3915f238 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See https://www.openssh.com/releasenotes.html for the release +See https://www.openssh.com/releasenotes.html#10.3p1 for the release notes. Please read https://www.openssh.com/report.html for bug reporting From 2d98db98331803cbb820211b2fb0d31a6e71e58e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 2 Apr 2026 19:07:03 +1100 Subject: [PATCH 676/687] autogenerated files for release --- .gitignore | 6 - ChangeLog | 10627 ++++++++++++++++ aclocal.m4 | 15 + config.h.in | 2107 ++++ configure | 28438 ++++++++++++++++++++++++++++++++++++++++++ moduli.0 | 74 + scp.0 | 273 + sftp-server.0 | 98 + sftp.0 | 477 + ssh-add.0 | 219 + ssh-agent.0 | 177 + ssh-keygen.0 | 911 ++ ssh-keyscan.0 | 123 + ssh-keysign.0 | 50 + ssh-pkcs11-helper.0 | 35 + ssh-sk-helper.0 | 34 + ssh.0 | 1033 ++ ssh_config.0 | 1502 +++ sshd.0 | 687 + sshd_config.0 | 1451 +++ 20 files changed, 48331 insertions(+), 6 deletions(-) create mode 100644 ChangeLog create mode 100644 aclocal.m4 create mode 100644 config.h.in create mode 100755 configure create mode 100644 moduli.0 create mode 100644 scp.0 create mode 100644 sftp-server.0 create mode 100644 sftp.0 create mode 100644 ssh-add.0 create mode 100644 ssh-agent.0 create mode 100644 ssh-keygen.0 create mode 100644 ssh-keyscan.0 create mode 100644 ssh-keysign.0 create mode 100644 ssh-pkcs11-helper.0 create mode 100644 ssh-sk-helper.0 create mode 100644 ssh.0 create mode 100644 ssh_config.0 create mode 100644 sshd.0 create mode 100644 sshd_config.0 diff --git a/.gitignore b/.gitignore index 002d102b88e0..907533067c8b 100644 --- a/.gitignore +++ b/.gitignore @@ -37,9 +37,3 @@ sshd-auth !regress/unittests/**/Makefile tags -# Ignored on main branch -config.h.in -configure -aclocal.m4 -ChangeLog -**/*.0 diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 000000000000..65e75a5a529f --- /dev/null +++ b/ChangeLog @@ -0,0 +1,10627 @@ +commit 4168c905943f7f715182180b9f7c8cda54af2514 +Author: Damien Miller +Date: Thu Apr 2 18:56:48 2026 +1100 + + depend + +commit f8b9d694fc20349b6c48a4af03a0499dea00f5f9 +Author: Damien Miller +Date: Thu Apr 2 18:55:50 2026 +1100 + + Update versions in RPM spec files + +commit 5aa09926fbf050d484a79717fadec8360c5c5645 +Author: djm@openbsd.org +Date: Thu Apr 2 07:52:15 2026 +0000 + + upstream: adapt to username validity check change + + OpenBSD-Regress-ID: d22c66ca60f0d934a75e6ca752c4c11b9f4a5324 + +commit eb3a5bb2abd4798ff546564eb2210d188efaf0f1 +Author: djm@openbsd.org +Date: Thu Apr 2 07:51:12 2026 +0000 + + upstream: openssh-10.3 + + OpenBSD-Commit-ID: 05e22de74e090e5a174998fa5799317d70ad19c4 + +commit 76685c9b09a66435cd2ad8373246adf1c53976d3 +Author: djm@openbsd.org +Date: Thu Apr 2 07:50:55 2026 +0000 + + upstream: move username validity check for usernames specified on + + the commandline to earlier in main(), specifically before some contexts where + a username with shell characters might be expanded by a %u directive in + ssh_config. + MIME-Version: 1.0 + Content-Type: text/plain; charset=UTF-8 + Content-Transfer-Encoding: 8bit + + We continue to recommend against using untrusted input on + the SSH commandline. Mitigations like this are not 100% + guarantees of safety because we can't control every + combination of user shell and configuration where they are + used. + + Reported by Florian Kohnhäuser + + OpenBSD-Commit-ID: 25ef72223f5ccf1c38d307ae77c23c03f59acc55 + +commit fd1c7e131f331942d20f42f31e79912d570081fa +Author: djm@openbsd.org +Date: Thu Apr 2 07:48:13 2026 +0000 + + upstream: correctly match ECDSA signature algorithms against + + algorithm allowlists: HostKeyAlgorithms, PubkeyAcceptedAlgorithms and + HostbasedAcceptedAlgorithms. + + Previously, if any ECDSA type (say "ecdsa-sha2-nistp521") was + present in one of these lists, then all ECDSA algorithms would + be permitted. + + Reported by Christos Papakonstantinou of Cantina and Spearbit. + + OpenBSD-Commit-ID: c790e2687c35989ae34a00e709be935c55b16a86 + +commit 487e8ac146f7d6616f65c125d5edb210519b833a +Author: djm@openbsd.org +Date: Thu Apr 2 07:42:16 2026 +0000 + + upstream: when downloading files as root in legacy (-O) mode and + + without the -p (preserve modes) flag set, clear setuid/setgid bits from + downloaded files as one might expect. + + AFAIK this bug dates back to the original Berkeley rcp program. + + Reported by Christos Papakonstantinou of Cantina and Spearbit. + + OpenBSD-Commit-ID: 49e902fca8dd933a92a9b547ab31f63e86729fa1 + +commit c805b97b67c774e0bf922ffb29dfbcda9d7b5add +Author: djm@openbsd.org +Date: Thu Apr 2 07:39:57 2026 +0000 + + upstream: add missing askpass check when using + + ControlMaster=ask/autoask and "ssh -O proxy ..."; reported by Michalis + Vasileiadis + + OpenBSD-Commit-ID: 8dd7b9b96534e9a8726916b96d36bed466d3836a + +commit 78d549857e0cc480c3cbb0a3571078920e3b79c5 +Author: djm@openbsd.org +Date: Thu Apr 2 07:38:14 2026 +0000 + + upstream: Fix possible sshd crash when sshd_config set MaxStartups + + to a value <10 using the single-argument form of MaxStartups (e.g. + MaxStartups=3). This doesn't affect the three-argument form of the directive + (e.g. MaxStartups 3:20:5). + + Patch from Peter Kaestle via bz3941 + + OpenBSD-Commit-ID: 1ad093cae69f55ebfdea1ab24318aefd593d63b8 + +commit 5d72f1865b95ebfd99ea7baa8f6f2a4b721d151e +Author: Damien Miller +Date: Thu Apr 2 18:32:00 2026 +1100 + + properly bail out when PAM changes username + + OpenSSH doesn't support PAM changing its conception of the + username via a module calling pam_set_item(h, PAM_USER, ...). + We were supposed to bail out here, but I messed up while "fixing" + this last time and dropped a return statement. + + Reported by Mike Damm + +commit fe86c39751d38eb9e9b03ace1e31aa4586ea6660 +Author: Michael Forney +Date: Wed Apr 1 12:09:00 2026 +1100 + + avoid k suffix in dd count operand in sftp-resume test + + Not all dd implementations support this. POSIX only specifies + suffixes for block size operands. + + Instead, just use 1024k to avoid the special case. This also removes + an incorrect redirection operator that appeared in the 1m case. + +commit 52c01f2a8019002c70cfd93be87ff9adee1d0e73 +Author: Michael Forney +Date: Tue Mar 31 12:54:22 2026 +1100 + + add missing include to unit tests for printf + + This fixes the build with --without-openssl on musl. glibc worked + previously because it got stdio.h implicitly through resolv.h. + +commit 1340d3fa8e4bb122906a82159c4c9b91584d65ce +Author: Darren Tucker +Date: Mon Mar 30 21:58:44 2026 +1100 + + Add proxyjump.sh omitted from previous commit. + +commit 607bd871ec029e9aa22e632a22547250f3cae223 +Author: djm@openbsd.org +Date: Mon Mar 30 07:19:02 2026 +0000 + + upstream: add a regression test for ProxyJump/-J; ok dtucker + + OpenBSD-Regress-ID: 400dc1b5fb7f2437d0dfbd2eb9a3583dafb412b3 + +commit 55fc7bfd1d3a46f4856fd68f09da60d901fac626 +Author: dtucker@openbsd.org +Date: Tue Mar 24 12:31:35 2026 +0000 + + upstream: Use ~/.shosts for Hostbased test. + + OpenBSD-Regress-ID: ab64fd0a86422df1eadacde56c0a2cff5d93425d + +commit 445db5cb620d73c9af1f1791c523aaf3d2236854 +Author: dtucker@openbsd.org +Date: Tue Mar 24 10:21:14 2026 +0000 + + upstream: Ensure known_hosts file exists when setting up. + + OpenBSD-Regress-ID: 92721cad4c219fe62b7b795a73505c22e56f09e0 + +commit 2ecfcc0aae651621535e345a1c23ff6d2a9593c9 +Author: dtucker@openbsd.org +Date: Mon Mar 23 09:53:52 2026 +0000 + + upstream: Check if host keys exist before adding them, and expand + + on the warning about modifying the system config. + + OpenBSD-Regress-ID: 68038da909f9c992375b7665dab0331d6af426b7 + +commit 5576e260a0f9836ca55c8279e342c63d1a0851d1 +Author: dtucker@openbsd.org +Date: Mon Mar 23 09:09:36 2026 +0000 + + upstream: Add special handling of + + TEST_SSH_HOSTBASED_AUTH=setupandrun. + + This will MODIFY THE CONFIG OF THE SYSTEM IT IS RUNNING ON to enable + hostbased authentication to/from itself and run the hostbased tests. It + won't undo these changes, so don't do this on a system where this matters. + + OpenBSD-Regress-ID: ae5a86db1791a2b8f999b07b5c8cc756d40bf645 + +commit 0a0ef4515361143cad21afa072319823854c1cf6 +Author: djm@openbsd.org +Date: Mon Mar 30 07:18:24 2026 +0000 + + upstream: apply the same validity rules to usernames and hostnames + + set for ProxyJump/-J on the commandline as we do for destination user/host + names. + + Specifically, they are no longer allowed to contain most characters + that have special meaning for common shells. Special characters are + still allowed in ProxyJump commands that are specified in the config + files. + + This _reduces_ the chance that shell characters from a hostile -J + option from ending up in a shell execution context. + + Don't pass untrusted stuff to the ssh commandline, it's not intended + to be a security boundary. We try to make it safe where we can, but + we can't make guarantees, because we can't know the parsing rules + and special characters for all the shells in the world, nor can we + know what the user does with this data in their ssh_config wrt + percent expansion, LocalCommand, match exec, etc. + + While I'm in there, make ProxyJump and ProxyCommand first-match-wins + between each other. + + reported by rabbit; ok dtucker@ + + OpenBSD-Commit-ID: f05ad8a1eb5f6735f9a935a71a90580226759263 + +commit b62a6cfbed3481dac8bff35fab22cf489bb0b77f +Author: djm@openbsd.org +Date: Sun Mar 29 01:08:13 2026 +0000 + + upstream: switch from int to long long for bandwidth calculations; + + fixes rate display when rate > 2GB/s; based on patch from Cyril Servant + feedback/ok deraadt@ + + OpenBSD-Commit-ID: 071eb48c4cba598d70ea3854bef7c49ddfabf8d3 + +commit 54443b8665c9c29ea0e3f5a5176d8f3c3403ad7c +Author: Damien Miller +Date: Sun Mar 29 16:43:59 2026 +1100 + + depend + +commit c90f46b6230826cdadacd6c32b62b0f8106a09da +Author: Damien Miller +Date: Sun Mar 29 16:42:33 2026 +1100 + + use nonnull attribute when available + + Set this attribute on a few string to avoid compiler warnings from + -Wunterminated-string-initialization warnings in recent gcc. + +commit bdaf65ae51d62c6cb676bd341cc34217c1b24920 +Author: Damien Miller +Date: Sun Mar 29 16:24:59 2026 +1100 + + fix state confusion between PAM and privsep code + + Commits b9a6dd4d6 and df2b28163 introduced a potential desynchronisation + between the PAM code and the sshd-session monitor that could result in + authentication bypass if the unprivileged sshd-auth process had been + compromised. + + Reported by Ben Edelman of NIST. Only git HEAD is affected, these + changes have not yet been included in an OpenSSH release. + +commit 6eb5a68c42a587df802d3d9a19088671269ffca8 +Author: Laurent Chardon +Date: Sat Mar 28 04:22:54 2026 -0400 + + openbsd-compat: reword EAI_NONAME error string + + Reword the EAI_NONAME message in fake-rfc2553.c to make it + clearer and grammatically correct. + + While there, remove a couple of stray periods from other error + strings to keep the messages consistent. + + No functional change. + +commit fd7d4b2b52deaf296b06d78b85c97fdae31912e8 +Author: Icenowy Zheng +Date: Sun Mar 22 15:13:31 2026 +0800 + + seccomp sandbox: allow riscv_hwprobe syscall if present + + The development branch of zlib-ng now contains code for utilizing + riscv_hwprobe syscall to retrieve availability information for several + RISC-V extensions (and accelerate deflate algorithm with them). + + As the seccomp sandbox of OpenSSH will raise SIGSYS for filtered out + syscalls, this will abruptly terminate the process when the + riscv_hwprobe syscall is tried. + + Put it into the allowlist to prevent process termination. As all + syscalls here are guarded by #ifdef's, the same will be done for + riscv_hwprobe, and thus on non-RISC-V builds nothing will happen. + + Signed-off-by: Icenowy Zheng + +commit fd5018fbeb6e91ae4321490c2825ecc632b83748 +Author: djm@openbsd.org +Date: Sat Mar 28 05:16:18 2026 +0000 + + upstream: ensure c->local_window doesn't underflow during updates; + + similar to checks performed elsewhere. From Renaud Allard + + OpenBSD-Commit-ID: 4827c10807936e9ab9af2cf1c7379e1f56dbdeac + +commit 8331cb9daafd23391de4379e9977ff159bb8242e +Author: djm@openbsd.org +Date: Sat Mar 28 05:10:25 2026 +0000 + + upstream: fix base16 parsing; currently unused. From Renaud Allard + + OpenBSD-Commit-ID: 3f6e5d4c6a2550d5a7e3c33bcd895b7f8e42196b + +commit 21ecb5fd72ee442a8b1eb5011c7f929ba8ce02f9 +Author: djm@openbsd.org +Date: Sat Mar 28 05:07:12 2026 +0000 + + upstream: mention that RevokedKeys is read by the server at each + + authentication time and should only ever be replaced atomically. + + OpenBSD-Commit-ID: eeedf5a10331ac4e39fbd2fc41e4a11c38b2ef9b + +commit c5182e3f06f9f1fd86d62b9dcd0397408dd698da +Author: djm@openbsd.org +Date: Sat Mar 28 05:06:16 2026 +0000 + + upstream: fix potential hang if /etc/moduli doesn't contain the + + requested DH group values; from 77c9ca, ok dtucker@, markus@ + + OpenBSD-Commit-ID: 1bf402cdb8876237c280ac77fbf7fafd2c16c5ae + +commit d3efbba14fda78ed7b15fbc34cf34c1cf27d1716 +Author: Darren Tucker +Date: Thu Mar 19 17:57:26 2026 +1100 + + Add a VM-based test for OpenBSD-current. + +commit 4bb4f1601e0776e71cfca50aae3680eb0771e2d0 +Author: Darren Tucker +Date: Mon Mar 23 17:50:40 2026 +1100 + + Add a Valgrind test of the PAM config. + +commit 12da685dfc98b14dddb5977a1fc52d06474f3308 +Author: Darren Tucker +Date: Thu Mar 19 17:52:54 2026 +1100 + + Upstream tests don't use the config file. + +commit 2ca6eef69d7dbecfd67cede25ea6a9aa1074ba3e +Author: djm@openbsd.org +Date: Mon Mar 23 01:33:46 2026 +0000 + + upstream: clarify that Authorized(Keys|Principals)(File|Command) + + are only consulted for valid users. + + clarify that TOKENS are expanded without sanitisation or escaping + and that it's the user's reponsibility to ensure their usage is + safe. + + prompted by bz3936; feedback/ok deraadt@ + + OpenBSD-Commit-ID: cd58abad1137346ba2dee55fa9ebb975f5fa7a06 + +commit 443616ce9070d370c97271347e91fcfd24b5df84 +Author: djm@openbsd.org +Date: Thu Mar 19 02:36:28 2026 +0000 + + upstream: repair ssh-keysign after pledge changes; spotted/tested + + by naddy@ ok deraadt@ + + OpenBSD-Commit-ID: fccc6c7994c8f45c4417efe490d23154d9caaa6d + +commit 552a5c786b60a9cfe0d2c157dd18f78950529513 +Author: dtucker@openbsd.org +Date: Wed Mar 11 09:10:59 2026 +0000 + + upstream: Check return values of fcntl(... O_CLOEXEC) + + calls by reusing the macro in monitor.c. Flagged by Coverity CID + 901297 in ssh-sk-client.c, a few other instances added for good measure. + begrudging ok deraadt@ + + OpenBSD-Commit-ID: b9de92e17ac0b04348770e5a25cb15a02b416926 + +commit 24168275e6d0b29cf2233c3f2c1d4a4614feb582 +Author: dtucker@openbsd.org +Date: Wed Mar 11 09:04:17 2026 +0000 + + upstream: Fix potential 1-byte array overrun + + in the case where read() returns exactly 100 bytes. Flagged by Coverity + CID 901296, ok djm@ + + OpenBSD-Commit-ID: 66a96b08166e63dcbeed00297c33f09c4f22c1f7 + +commit 70a41262839a2d65ca8ef9e8ea34ad471c52afa1 +Author: djm@openbsd.org +Date: Tue Mar 10 07:27:14 2026 +0000 + + upstream: whitespace + + OpenBSD-Commit-ID: b16d2b4a96406538fa181053926cba44abca7f29 + +commit ef98b6014bc3268e904092894ffcb63022172a97 +Author: deraadt@openbsd.org +Date: Tue Mar 10 06:35:29 2026 +0000 + + upstream: when unveils error our, use correct variable + + OpenBSD-Commit-ID: 6b496c10965e70413a9916a8823839c553c6b2c4 + +commit beba5884dfe8cc30aadef439af5e5d784b5788b1 +Author: deraadt@openbsd.org +Date: Tue Mar 10 03:45:01 2026 +0000 + + upstream: When execve() failure is indicated on the pipe, replicate + + the same error conditions as the previous access() check did ok djm + + OpenBSD-Commit-ID: 875a77dddf0809a3501de2b913cb3bfd4b64f3f7 + +commit 2a9e1aadaa20a05430bddc30853fbd3449083a4d +Author: djm@openbsd.org +Date: Tue Mar 10 03:40:26 2026 +0000 + + upstream: unveil ssh-pkcs11-helper too; fixes breakage spotted by + + anton@ + + If SK/P11/askpass is overridden by environment, only unveil the requested + path and not both the requested one and the default. + + feedback/ok deraadt@ + + OpenBSD-Commit-ID: 84356c6a44f35e66fe73fc1524a7c8e908521eb2 + +commit 46eb7dc5a6f312f99437ebdcf04f0f2c03aa570b +Author: deraadt@openbsd.org +Date: Sat Mar 7 18:35:43 2026 +0000 + + upstream: With it's own daemonization / fd cleaning code, ssh-agent + + opens /dev/null O_RDWR after a pledge without "wpath". This is allowed in + current pledge because "/dev/null" is implicitly allowed to be opened even + with the most restrictive pledges or unveils. This is a design decision in + pledge made at the very beginning, to satisfy libc requirements. We've + finally had enough experience and know how to fix that in the near-future, + but need to review and fix all code which opens these implicit paths. The fix + is to add "wpath", so that "/dev/null" can be opened O_RDWR. But that is + uncomfortable, so we add unveil() allowing "/" with "r", 4 unveil "x" for the + potential askpass and helpers to be execve'd, and "/dev/null" with "wr". As + a result filesystem access is substantially more restricted than before, and + ssh-agent is ready for the future pledge change. ok djm dtucker + + OpenBSD-Commit-ID: f223b11d2db3c0b14e53c1de59966dd5f372a977 + +commit b75bf339eae6115c544bdcefa0d67a6dcc971ec5 +Author: deraadt@openbsd.org +Date: Sat Mar 7 18:27:52 2026 +0000 + + upstream: Stop doing access() before execve(). It is a TOCTOU, but + + also it forces use of unveil "rx" instead of "x". This is done by using a + pipe() through the fork+execve attempt to expose execve failure and create + the same error return as the access() used to do. ok djm dtucker + + OpenBSD-Commit-ID: f9ee96e20352f35dc6f39127e0cc6b804700200a + +commit 73888af650f0ce27cd93797f3e351b2d1b670550 +Author: Damien Miller +Date: Tue Mar 10 14:43:30 2026 +1100 + + stubs for OpenBSD unveil(2) + +commit 4e15f7fc0c0ba897c227350eee1462d635ab32a6 +Author: dtucker@openbsd.org +Date: Fri Mar 6 07:06:45 2026 +0000 + + upstream: Move OpenBSD CVS ID marker to top of file to avoid conflicts + + when syncing changes to portable. + + OpenBSD-Regress-ID: 6b7a9ef354e13e26ed474e98d04ec1d74e56e54e + +commit 2df416dff1a1d5fb31598b7ce8fb5cb6b0f64fd3 +Author: dtucker@openbsd.org +Date: Fri Mar 6 06:57:33 2026 +0000 + + upstream: Replace u_intXX_t types with the equivalent C99 uintXX_t + + types to match similar change to the main ssh code. + + OpenBSD-Regress-ID: a62b6499f784f75a4fcb865aebb83f5936917a91 + +commit e067ccd6b4306ca6422d94ff7ddd231cbddd43cb +Author: djm@openbsd.org +Date: Thu Mar 5 05:44:15 2026 +0000 + + upstream: ssh-agent supports a "query" extension that allows a + + client to request a list of extensions it support. This makes this capability + available to ssh-add via the -Q flag. + + ok markus@ + + OpenBSD-Commit-ID: f211630568ff1a7d6bb4983a94f05ddac1c2d4eb + +commit 4fe278629c3f792628ea71132ba4fcbb9ceaa6b7 +Author: djm@openbsd.org +Date: Thu Mar 5 05:40:35 2026 +0000 + + upstream: With IANA codepoints for draft-ietf-sshm-ssh-agent now + + allocated, it's safe to start using the standard names for requesting agent + forwarding over the @openssh.com extension names we've used to date. + + Support for the standard names is advertised via EXT_INFO. When the + client sees such support it will use the new names preferentially, + but the existing names remain supported unconditionally. + + ok markus@ + + OpenBSD-Commit-ID: 1ab4a0b4de01e81a432875c2b7e5f7357e231af3 + +commit 511f5bc41aeca7f6ee6611e9b24d48e4dd6ae3d5 +Author: djm@openbsd.org +Date: Thu Mar 5 05:35:44 2026 +0000 + + upstream: correctness wrt draft-ietf-sshm-ssh-agent: + + extension requests should indicate failure using + SSH_AGENT_EXTENSION_FAILURE rather than the generic SSH_AGENT_FAILURE + error code. This allows the client to discern between "the request + failed" and "the agent doesn't support this extension". + + ok markus@ + + OpenBSD-Commit-ID: d15d89f210cc973271d68147f09550163df731c9 + +commit 2a387ba37452971747d2f00db7d4c18b4f2c45ed +Author: dtucker@openbsd.org +Date: Tue Mar 3 09:57:25 2026 +0000 + + upstream: Replace all remaining instances of u_intXX_t types with the + + C99 equivalent uintXX_t types. ok djm@ + + OpenBSD-Commit-ID: d9b81151266adb129574ce268af49f14ac23e65b + +commit bb781f02d4efd178e329a62a838962bee16e3e9b +Author: djm@openbsd.org +Date: Mon Mar 2 02:40:15 2026 +0000 + + upstream: Move banner exchange to sshd-auth process + + Previously, exchange of the initial SSH- banners was performed + by the privileged sshd-session monitor. This moves it to the + unprivileged sshd-auth subprocess, removing ~200 LoC from the + monitor's privileged attack surface. + + The monitor gains a new "setcompat" RPC to allow sshd-auth to + inform it of bug compat flags picked up from the client's banner. + + feedback dtucker@, ok markus@ deraadt@ + + OpenBSD-Commit-ID: d767eb1183630d754d521d9f0d84a6c72fbe7fc8 + +commit b50b881b17ab15e34b5e57b159b65f2a02725798 +Author: Darren Tucker +Date: Sun Mar 1 09:46:39 2026 +1100 + + Try -lstdc++ for libcrypto before giving up. + + BoringSSL recently added destructors to libcrypto, which requires + linking against libstdc++, so when checking for a working libcrypto if + at first the link fails, try again with -lstdc++ before giving up. + +commit c26d90e5ad05372b63dbb8727cb6c23a6505a2fb +Author: Darren Tucker +Date: Sun Mar 1 09:41:39 2026 +1100 + + Remove BoringSSL rpath as it's statically linked. + +commit c65f4d2586416274e92720c9e1e745422e182488 +Author: dtucker@openbsd.org +Date: Tue Feb 24 01:50:51 2026 +0000 + + upstream: Use fmprintf instead of logit for challenge-response name and + + info to preserve UTF-8 characters where appropriate. Prompted by github + PR#452, with & ok djm@. + + OpenBSD-Commit-ID: e6361242329ec6925571478f60f4739726aad308 + +commit acf749756872d7555eca48514e5aca6962116fb2 +Author: Darren Tucker +Date: Tue Feb 24 11:28:11 2026 -0500 + + Add AWS-LC and BoringSSL as potential libcryptos. + +commit c25254d1516df5e57affc0e391ed6ead8267b637 +Author: Darren Tucker +Date: Tue Feb 24 11:16:11 2026 -0500 + + Add self-hosted status to main README now it's public. + +commit 5da0ccec2b5806f104913465b62fea475b2e15bb +Author: Darren Tucker +Date: Tue Feb 24 11:10:16 2026 -0500 + + Remove anchor to specific release notes version. + +commit d7a9cd696a316c71e4c16f4158dc516b94abd863 +Author: Darren Tucker +Date: Mon Feb 23 21:34:48 2026 -0500 + + Remove potentially leftover include compat shims. + + If we don't need a specific shim, ensure it does not exist. Prevents + confusion if configurations change or the directory is reused across + different platforms. + +commit c940e709ae2155a4614bc3709e393d88fdddabde +Author: Darren Tucker +Date: Mon Feb 23 20:54:55 2026 -0500 + + Check regress passwd is set before enabling kbdint. + +commit 4ed5f9ecca9ed867c9f1040a3425af35f0703675 +Author: dtucker@openbsd.org +Date: Tue Feb 24 00:39:59 2026 +0000 + + upstream: Remove leftover debugging. + + OpenBSD-Regress-ID: e778d76b21696a14db80f31b9e79601f2d7a9abf + +commit a07a53b00e9aeadb420336783d219be012d88ba1 +Author: Darren Tucker +Date: Mon Feb 23 15:22:10 2026 -0500 + + Activate kbdint test on PAM configs. + +commit 5f98660c51e673f521e0216c7ed20205c4af10ed +Author: Darren Tucker +Date: Wed Feb 18 12:39:31 2026 -0500 + + Install libaudit-dev for --with-audit=linux test. + +commit c9fcea8865b255d4b7566b28dce4af348d2bfbd6 +Author: Darren Tucker +Date: Wed Feb 18 11:22:37 2026 -0500 + + Enable BSM audit test on FreeBSD VMs. + +commit f1a9628cd7e415ce14e157d80c10b61514a22d13 +Author: Darren Tucker +Date: Wed Feb 18 10:59:02 2026 -0500 + + Move BSM audit test to selfhosted runner. + + The vmactions VM on Github does not have the required libraries + installed. + +commit 97e8e66219d036404ae656060f0e0179b61f0614 +Author: Darren Tucker +Date: Wed Feb 18 10:51:09 2026 -0500 + + Increase riscv64 test coverage. + + The machine running the tests has been replaced with a faster one. + +commit e5e18432a27b909aa2194ef0b28a5d49f0e6b3a6 +Author: Darren Tucker +Date: Wed Feb 18 10:49:35 2026 -0500 + + Whitespace fix. + +commit b0463306174941274a1f96eb705618e036832920 +Author: Darren Tucker +Date: Wed Feb 18 09:48:55 2026 -0500 + + Add test coverage for all of the --audit= configs. + +commit 84206bde8adbef2dfe4f5b97dd23399827015333 +Author: djm@openbsd.org +Date: Wed Feb 18 03:04:12 2026 +0000 + + upstream: same treatment for remote/remote copies (i.e. scp -3): + + adjust permissions on destination directory only if we created it or -p was + requested. bz3925 + + OpenBSD-Commit-ID: d977006df7b8330e06ceaa319383b347f1aca3ef + +commit c3631567d9f77c2d073764e4b40f249687f4083e +Author: djm@openbsd.org +Date: Wed Feb 18 02:59:27 2026 +0000 + + upstream: when uploading a directory using sftp/sftp (e.g. during a + + recursive transfer), don't clobber the remote directory permissions unless + either we created the directory during the transfer or the -p flag was set. + bz3925 ok dtucker@ + + OpenBSD-Commit-ID: d66f40d01de05c9ec4029fab5413325301039b3a + +commit 2b0f4a72bd87bef7cc9f0a1889cfc98545cbb158 +Author: djm@openbsd.org +Date: Tue Feb 17 21:45:07 2026 +0000 + + upstream: make IPQoS first-match-wins in sshd_config as it's + + intended to be bz3924 + + OpenBSD-Commit-ID: 42753eb8400ab09713c69ace6fa8bfdde133f942 + +commit 0e35095babe04ba1159e8029133e7f71e53d8fdb +Author: jsg@openbsd.org +Date: Mon Feb 16 23:47:06 2026 +0000 + + upstream: remove duplicate includes; ok dtucker@ + + OpenBSD-Commit-ID: 6b9191bc1a0f4320c926d5ccd9f36b09f0f3bcaf + +commit 9eb778cfde5bca1d84bbad74d8664256301bb13b +Author: Darren Tucker +Date: Mon Feb 16 18:58:04 2026 -0500 + + Restore utf8.h removed earlier as it's needed. + + ... for msetlocale prototype. + +commit 723b76c8a358875cd53376c9a169887ba7a4b088 +Author: Darren Tucker +Date: Mon Feb 16 18:32:41 2026 -0500 + + Removed duplicate includes; spotted by jsg@. + +commit df2b28163ac75e023837de445d6492dc57359105 +Author: Darren Tucker +Date: Sun Feb 15 14:16:56 2026 -0500 + + Remove "draining" of PAM prompts. + + With the previous commit, both prompts and info/error error messages are + returned to keyboard-interactive immedately and none are accumulated, so + there will never be any un-drained prompts. ok djm@ + +commit b9a6dd4d66ee14577494d550b396d0452bf05e1e +Author: Marco Trevisan (Treviño) +Date: Tue Oct 17 04:27:32 2023 +0200 + + auth-pam: Immediately report interactive instructions to clients + + SSH keyboard-interactive authentication method supports instructions but + sshd didn't show them until an user prompt was requested. + + This is quite inconvenient for various PAM modules that need to notify + an user without requiring for their explicit input. + + So, properly implement RFC4256 making instructions to be shown to users + when they are requested from PAM. + + Closes: https://bugzilla.mindrot.org/show_bug.cgi?id=2876 + +commit a1158bba43e00240c00c530596de2d4e1d405b50 +Author: Matthew Heller +Date: Mon Oct 14 09:25:41 2024 -0500 + + fix duplicate PAM msgs, missing loginmsg reset + + without this change in mm_answer_pam_account all messages added in + auth-pam.c sshpam_query(...) case PAM_SUCCESS end up sent here, then are + still sitting in the loginmsg buffer and printed a second time in + session.c do_login(...) + +commit 7a59f55e621c841aab187c96e0f3271c5c799709 +Author: dtucker@openbsd.org +Date: Mon Feb 16 00:45:41 2026 +0000 + + upstream: Reorder headers to match KNF and Portable. + + ID sync only. + + OpenBSD-Commit-ID: b7f9700d07b532eb3720f7bd722b952e31b1752f + +commit c5cee49a0c5721532716365f32977fc02eeea1d5 +Author: dtucker@openbsd.org +Date: Sun Feb 15 22:29:30 2026 +0000 + + upstream: Add basic test for keyboard-interactive auth. + + Not enabled by default since it requires some setup on the host. + + OpenBSD-Regress-ID: aa8a9608a2ea2e5aaa094c5a5cc453e4797cd902 + +commit 07c6413e7bf08b7bfc6fd543eded9da68898e230 +Author: jsg@openbsd.org +Date: Sat Feb 14 00:18:34 2026 +0000 + + upstream: remove unneeded includes; ok dtucker@ + + OpenBSD-Commit-ID: bba6e85492276c30c7a9d27dfd3c4c55fa033335 + +commit d8b806a2e6cd50c729e5d2bad569955a1df33f63 +Author: Darren Tucker +Date: Sun Feb 15 13:31:52 2026 -0500 + + Remove obsolete comment referencing auth-chall.c. + + It was removed in commit 6cb6dcff along with the rest of the SSH1 server + support. + +commit 3e8a45e0eeb5c84f12ac04ea7cc2f831c91c263b +Author: Marco Trevisan (Treviño) +Date: Mon Oct 16 21:15:45 2023 +0200 + + auth-pam: Add an enum to define the PAM done status + + Makes things more readable and easier to extend + +commit 9b0e50b4132679f0c09c0f1272bf1c45959103ea +Author: Marco Trevisan (Treviño) +Date: Tue Oct 17 04:35:17 2023 +0200 + + auth-pam: Add debugging information when we receive PAM messages + +commit c2447697aaecae11d164f1ba30e06d14b5cabcdd +Author: Darren Tucker +Date: Fri Feb 13 15:34:44 2026 -0500 + + Remove DragonFlyBSD workaround for sys/mount.h. + + ... since we're not not including it at all any more. + +commit 8b3a0552054106feb036c632fc844f878568799f +Author: dtucker@openbsd.org +Date: Fri Feb 13 19:06:18 2026 +0000 + + upstream: Replace with + + The former is a portability hassle, but it turns out the only thing we + need from it is PATH_MAX which we can get directly from limits.h. + + OpenBSD-Commit-ID: ccfbbd678bef3a3930ae89da456645c3ee5f83c0 + +commit db475199639667197b12b3aa5205de71ef102e23 +Author: jsg@openbsd.org +Date: Fri Feb 13 01:04:47 2026 +0000 + + upstream: remove unneeded forward struct declaration ok djm@ + + OpenBSD-Commit-ID: a0c97e919667394bef8dbf31df72af3ba07542e9 + +commit ae51e05dbd840ad674fee754f33c0e2fd141074e +Author: djm@openbsd.org +Date: Wed Feb 11 22:58:23 2026 +0000 + + upstream: very basic testing of multiple files in RevokedKeys and + + RevokedHostkeys + + OpenBSD-Regress-ID: 6cee76bcc4bd6840bc8d39dd0d32d724e1427aa7 + +commit 2f51e29b9a0ffd7acb9dc70d90defa466b5695d4 +Author: djm@openbsd.org +Date: Wed Feb 11 22:57:55 2026 +0000 + + upstream: support multiple files in a ssh_config RevokedHostKeys + + directive bz3918; ok dtucker + + OpenBSD-Commit-ID: 0ad2eacf836f912f347846ab84760799033dd348 + +commit 135a62238a479c7369f2b2d5dafb921ddc1c2b74 +Author: djm@openbsd.org +Date: Wed Feb 11 22:57:16 2026 +0000 + + upstream: support multiple files in a sshd_config RevokedKeys + + directive bz3918; ok dtucker + + OpenBSD-Commit-ID: 9fc58c4e676f8e9ed2e3a0da666242a17b8a55b2 + +commit 3160f2a97e875bfa9454f98899cbccad48c96ff4 +Author: dtucker@openbsd.org +Date: Wed Feb 11 17:05:32 2026 +0000 + + upstream: Add includes used in Portable to reduce diffs. + + OpenBSD-Commit-ID: 186c60cf2da0ddb075d5bc4879e87bbd8779b7e4 + +commit 6a756f3f7b9f87f24e948ec1de0266f5c1587811 +Author: dtucker@openbsd.org +Date: Wed Feb 11 17:03:17 2026 +0000 + + upstream: Remove unused sys/queue.h include. + + OpenBSD-Commit-ID: 564f75672e27f1006f280614934eb304abe69167 + +commit c169300df12b9aa7005ff6e61880a7e007e83bc5 +Author: dtucker@openbsd.org +Date: Wed Feb 11 17:01:34 2026 +0000 + + upstream: Reorder includes and defines to match both KNF and + + Portable. + + OpenBSD-Commit-ID: f3f179c095f8e4787ded5f450e2842881f6b8ab2 + +commit 1a4eb511abaf3522b84fa5697524b81b4865279b +Author: Darren Tucker +Date: Wed Feb 11 17:36:42 2026 -0500 + + Factor out RNG reseeding in to a single function. + + sshd and sshd-session both reseed the RNG after a fork. Move the + existing reseed_prngs() function into entropy.c and use for both. + Clean up entropy.h too. ok djm@ + +commit 81746188e9333b166b4c31f9654d8eb249ddd897 +Author: Darren Tucker +Date: Wed Feb 11 16:47:27 2026 -0500 + + Remove do_pam_chauthtok since it's no longer used. + +commit f1b9e0f7f1f1ed5be2bd1c39bda03fc99a1cf5d8 +Author: dtucker@openbsd.org +Date: Wed Feb 11 16:57:38 2026 +0000 + + upstream: Pass actual size of the buffer to hostname() instead of a + + define that's probably the same. ok millert@ djm@ + + OpenBSD-Commit-ID: 7c97b22439100b4193404ccfa1e5f539c5a8d039 + +commit 4ef24496b7c4c918d4d3a049f83739fbe2e36e9f +Author: dtucker@openbsd.org +Date: Mon Feb 9 22:15:45 2026 +0000 + + upstream: De-underscore __inline__ to match -portable + + (and every other use of it in ssh). ID sync only. + + OpenBSD-Commit-ID: 83c913d5e2345635bc5434167ed67cec5409d494 + +commit c8972792e5ce599e584bbe1aa084cc4056f1afe5 +Author: dtucker@openbsd.org +Date: Mon Feb 9 22:12:48 2026 +0000 + + upstream: Remove references to skey auth which is long gone. + + ID sync only. + + OpenBSD-Commit-ID: 0c2340566c399f7f74fe4c5366394974cd6fd122 + +commit db779679839d2798de7cda196a3fe750a12845e8 +Author: dtucker@openbsd.org +Date: Mon Feb 9 22:11:39 2026 +0000 + + upstream: Remove unused OpenSSL includes, + + that are no longer used, even when building with OPENSSL=yes. + + OpenBSD-Commit-ID: e97e3e551ade9aee994b80a1d5851be6f32288e3 + +commit 8ec21f6274108e93601173ec4e6f7528b90b0003 +Author: dtucker@openbsd.org +Date: Mon Feb 9 22:09:48 2026 +0000 + + upstream: Use https for URLs. + + ID sync only. + + OpenBSD-Commit-ID: 85b2919e95e6d2bfdeddf5e3b0709fb5b6b4c438 + +commit c3eaa953ae78e581d7ba2327beea35206a14bc1e +Author: dtucker@openbsd.org +Date: Mon Feb 9 21:38:14 2026 +0000 + + upstream: Remove unused OpenSSL includes, + + which are no longer used even when building with OPENSSL=yes. + + OpenBSD-Commit-ID: 31adb21bf3f8f5c13cde59229f1b85c20f19a858 + +commit 280cf58afe71bf34141e732d30676367f0150bbe +Author: dtucker@openbsd.org +Date: Mon Feb 9 21:23:35 2026 +0000 + + upstream: Remove now-unused SKEYQUERY enums from monitor_reqtype. + + ID sync only. + + OpenBSD-Commit-ID: dab93b58e69c754887507e5557a81a0b5b84d734 + +commit bb2703365ede3b4e13fdfa1c250ac88408e75f38 +Author: dtucker@openbsd.org +Date: Mon Feb 9 21:21:39 2026 +0000 + + upstream: Remove now-unused openssl includes since sshd.c no longer + + needs them, even when built with OpenSSL. + + OpenBSD-Commit-ID: ceaa0394db1520e92d75c37eea58130d44ba93c9 + +commit 8a5d591c9f42933c49ece95e49c116d684d6cca0 +Author: Darren Tucker +Date: Wed Feb 11 11:38:58 2026 -0500 + + Don't create sys/mount.h shim except on DragonFly. + + Fixes build on Mac OS X. + +commit 957cb0fbe87b6ab76045e8dc99426db6afb54057 +Author: Darren Tucker +Date: Tue Feb 10 08:55:53 2026 +1100 + + Minor resync with upstream + + Reorder definitions add whitespace to eliminate diffs vs upstream. + +commit 4922635d3e66f9107c5b68a0a3fa57ddf0d820ae +Author: Darren Tucker +Date: Tue Feb 10 07:22:30 2026 +1100 + + Factor out COMPATINCLUDES into its own variable. + +commit 3e9c4ed3b0e5d3890fcd2cbc9c3b595f17ea1946 +Author: Darren Tucker +Date: Tue Feb 10 05:34:46 2026 +1100 + + Provide compat shims for sys/{mount.h,statvfs.h). + + In addition to shimming on platforms that don't have them, we also need to + shim sys/mount.h on DragonFlyBSD since it uses its native STAILQ_ENTRYs + which our compat queues.h does not have, which causes sftp-server.o to + not build. This is a little icky, but it limits the blast radius to + just one source file on only DragonFly. ok djm@ + +commit eeb671fa2f0fd7dda4c6b726098fe28016dc185b +Author: Darren Tucker +Date: Tue Feb 10 03:39:45 2026 +1100 + + Shim and . + + This significantly reduces the diff vs upstream making future syncs + less painful. ok djm@ + +commit 47828dbd95c095d0cad327e12bb6859a510833c8 +Author: dtucker@openbsd.org +Date: Sun Feb 8 19:54:31 2026 +0000 + + upstream: Reorder headers according to KNF, + + and pull in a few we don't have from Portable. + + OpenBSD-Commit-ID: d83f6c75da7bfb16bbff40fd2133d6eba4aba272 + +commit c73b8b09bf43be3dfe14bc0da349b352b280a74a +Author: dtucker@openbsd.org +Date: Sun Feb 8 17:51:43 2026 +0000 + + upstream: Include sys/socket.h to match -portable, + + eliminating one diff. + + OpenBSD-Commit-ID: 7670fdf35b0c7aee41cd0d6ded86b4792e261f36 + +commit 9385d72dd36ba6050b5f7728c14e3edc8329fe95 +Author: dtucker@openbsd.org +Date: Sun Feb 8 17:50:49 2026 +0000 + + upstream: Reorder headers as per KNF. + + OpenBSD-Commit-ID: 3e29fabe20422454fd5d77f85c853e1e557f2181 + +commit 62439369181b9b1dabf1ec3c2de6a7fbfcfb45eb +Author: Darren Tucker +Date: Mon Feb 9 06:56:35 2026 +1100 + + Remove openindiana VM test. + + When it works it's by far the slowest (>1h to install packages) and the + package installation is flaky. We can bring it back if their infra ever + improves. + +commit 43d0bf02d84a20a3f7c9992dabf8c109d9c25bed +Author: Darren Tucker +Date: Mon Feb 9 06:42:27 2026 +1100 + + Sync header order with upstream and KNF. + +commit a3742cc38a6aa48a653a1a6300bc825f083955af +Author: Darren Tucker +Date: Mon Feb 9 06:41:07 2026 +1100 + + Sync whitespace with upstream. + +commit b62198a19a53227ca166c62825ac72a7696c42ed +Author: Darren Tucker +Date: Mon Feb 9 05:02:36 2026 +1100 + + Sync header order with upstream. + +commit 98fdb05f0c0d7a89a066225a94eafd7fce10163d +Author: Darren Tucker +Date: Mon Feb 9 04:09:26 2026 +1100 + + Remove generic check for getpagesize. + + We have a more specific check later. + +commit 249476f45dba9a92056bd2935aae7429f0f3b17c +Author: Darren Tucker +Date: Mon Feb 9 03:47:25 2026 +1100 + + Test KERBEROS5=yes builds on OpenBSD. + +commit 6adb65508efc2def558f50a56c5eada09ca500c9 +Author: dtucker@openbsd.org +Date: Sun Feb 8 15:28:01 2026 +0000 + + upstream: Make ssh optionally build with Kerberos 5 against the + + Heimdal port. This updates the Makefiles and repairs some bitrot in headers, + resyncing them against Portable. To do this, "pkg_add heimdal" then "make + KERBEROS5=yes". ok djm@ + + (ID sync only) + + OpenBSD-Commit-ID: 31f95c9ba58aa7ba89264f1d80c79106042b1095 + +commit d6c672a8c16c8962e6b3022e279441fa6630cb86 +Author: dtucker@openbsd.org +Date: Sun Feb 8 03:30:15 2026 +0000 + + upstream: Remove sys/poll.h since we also have poll.h. + + Also removes one line of diff vs portable. + (ID sync only). + + OpenBSD-Commit-ID: 461bd0cd35bfad82bd06892ccb0ff0fac15d1d27 + +commit 8605ed26334b9ae704b8abe51940b61bdfe1e974 +Author: dtucker@openbsd.org +Date: Sun Feb 8 00:16:34 2026 +0000 + + upstream: Move setting of user, service and style earlier since + + -portable needs to use these when setting up PAM. Removes two diffs vs + portable. + + OpenBSD-Commit-ID: 8db130d42a3581b7a1eaed65917673d4474fc4fe + +commit ecaaa4f9e44764e55c152a84af3d7efb63c50ce7 +Author: Darren Tucker +Date: Sun Feb 8 11:30:21 2026 +1100 + + Move USE_SYSTEM_GLOB into a glob.h compat shim. + + This moves the logic for selecting whether or not we can use the system + glob into configure, and if either don't have glob or can't use it, we + create the shim. Removes several diffs vs upstream. + +commit 2a1a257612b7c6bcacd934149146a3da7411c485 +Author: dtucker@openbsd.org +Date: Sat Feb 7 18:04:53 2026 +0000 + + upstream: misc.h is needed for ForwardOptions in servconf.h. + + OpenBSD-Commit-ID: b241d81c499e273fc2d81c82d5b7c7b280827416 + +commit ad632364fb06f3bd1e9177e587d0040cf7958676 +Author: Jonas 'Sortie' Termansen +Date: Sat Nov 2 22:30:07 2024 +0100 + + Remove unused includes. + + netinet/in_systm.h is no longer in upstream and anything that actually + needs it will get it from includes.h. + +commit 9ebce88be9d88605e02551fe7f65ef6a16f72667 +Author: dtucker@openbsd.org +Date: Sat Feb 7 17:10:34 2026 +0000 + + upstream: Also check for EWOULDBLOCK on system error. This is the + + same as EAGAIN on OpenBSD so is a no-op but removes a diff making portable + syncs easier. (ID sync only). + + OpenBSD-Commit-ID: 68a5dcc5e2a506208c40396c6366f67bbf3b1dbe + +commit ccc1faf67df795d5cd757df754703823d0874028 +Author: dtucker@openbsd.org +Date: Sat Feb 7 17:04:22 2026 +0000 + + upstream: Move ssherr.h to where portable needs it. + + (ID sync only) + + OpenBSD-Commit-ID: 0488ce85f24864186678dcac7c9973ca44bd2cd5 + +commit 6decbb90413c67c10ac2fd5b17a9c161196641ea +Author: Darren Tucker +Date: Sun Feb 8 04:30:40 2026 +1100 + + Move paths.h and poll.h includes to resync with upstream. + +commit 4fe79e3deb5457af588ab67ee5db642afedd935f +Author: Darren Tucker +Date: Sun Feb 8 04:28:28 2026 +1100 + + Move poll.h include to resync with upstream. + +commit 9e585f11bb71115fb0376b2b6118892ab600aa4f +Author: Darren Tucker +Date: Sun Feb 8 04:25:42 2026 +1100 + + Resync minor format diffs with upstream. + +commit 3fd88caa36a94d85ae66bff297142606d08decde +Author: Darren Tucker +Date: Sun Feb 8 03:56:15 2026 +1100 + + Resync headers with upstream. + +commit 77e41d0c1c8801c553b43eef5974268425395667 +Author: Darren Tucker +Date: Sun Feb 8 03:52:31 2026 +1100 + + Resync with upstream (unused header and whitespace). + +commit a393759f9693a08a7fba18d4824b74f2dda1fe3d +Author: Artem Savkov +Date: Tue Nov 18 16:26:11 2025 +0100 + + Fix ut_type for btmp records + + According to man utmp ut_type is supposed to be only switched from + LOGIN_PROCESS to USER_PROCESS after succesfull authentication and this + is how sshd behaved before 671c44078. + + Fixes: 671c44078 ("use construct_utmp to construct btmp records") + Signed-off-by: Artem Savkov + +commit 15fe1ceb29760d72398c6ac7df5a403416cba207 +Author: djm@openbsd.org +Date: Sat Feb 7 02:02:00 2026 +0000 + + upstream: bit of webauthn support missed in previous commit + + OpenBSD-Commit-ID: 9768454543ded01b7c61567fc5b3e78664346be2 + +commit 670f7d210ceae59db73b16b67e52d8fd8def3012 +Author: dtucker@openbsd.org +Date: Fri Feb 6 23:39:14 2026 +0000 + + upstream: Adjust Makefiles to include just-added + + ssherr_libcrypto where necessary. + + OpenBSD-Regress-ID: 53d179a2db3ab931f2aa0e5447cf20cb9787a8bb + +commit 9c4949c11d8da1a5422e2174afb1a4f5b3dc8914 +Author: dtucker@openbsd.org +Date: Fri Feb 6 23:31:29 2026 +0000 + + upstream: Fetch the error reason from libcrypto + + if available, append it to the corresponding ssh error message and + optionall print the libcrypto full error stack (at debug1). with & + ok tb@ djm@ millert@ schwarze@ + + Note that the quality of errors obtainable from libcrypto is somewhat + variable, so these may be any of: useful, misleading, incomplete + or missing entirely. As a result we reserve the right to change + what is returned or even stop returning it if it does more harm than + good. + + OpenBSD-Commit-ID: 1ad599ac3eeddbe254fec6b9c1cf658fa70d572e + +commit 5b12d836e7c42c146ac1a69a9600db05282dbbb8 +Author: THE-Spellchecker +Date: Sat Jan 3 22:11:39 2026 -0600 + + Typographical Fixes + +commit 11600929832e04aa6ad20a57af7187c3feb973d4 +Author: dtucker@openbsd.org +Date: Fri Feb 6 22:59:18 2026 +0000 + + upstream: Typo fixes, mostly in comments. + + From THE-Spellchecker via github PR#620. + + OpenBSD-Commit-ID: 64929fafa3caae5a162f23257917ecf33f8a3764 + +commit b83c0bb5109eb245dd4f06e4af4a960f96a0c193 +Author: Darren Tucker +Date: Sat Feb 7 06:58:59 2026 +1100 + + Enable gss-auth tests on Kerberos test configs. + +commit d84dbccee4371ce395d28543f146e7b62d8c0d36 +Author: Pavol Žáčik +Date: Thu Jan 29 11:01:19 2026 +0100 + + Add a GSSAPI authentication test + +commit 86e0f4aa2c72d5e96618f0c7214109f5a46ca70d +Author: Darren Tucker +Date: Thu Jan 1 21:41:10 2026 +1100 + + Split sudo out to its own install line. + +commit dfbb8526b5006cfe368193fb15e16f58cce6e1d1 +Author: Darren Tucker +Date: Wed Dec 31 16:35:29 2025 +1100 + + Remove obsolete comments. + +commit f0b7ecf7f5976c11f8c89ee9b0ca19383b573764 +Author: Darren Tucker +Date: Wed Dec 31 16:26:23 2025 +1100 + + Run tests on older OmniOS version too. + +commit 01bddc0663e5239df9342fcf7b373e5f58ff1b49 +Author: Darren Tucker +Date: Wed Dec 31 16:25:16 2025 +1100 + + Add OpenIndiana VM test target. + +commit 91c4d422cc0af2ae592f5e6c0cc505a5d8d7a6d2 +Author: djm@openbsd.org +Date: Fri Feb 6 01:24:36 2026 +0000 + + upstream: remove vestige of when we supported running without privsep + + OpenBSD-Commit-ID: 5342c24d2330ef5ce357c294056f72b8123122c0 + +commit 6463960c58cd0adcb26bfbddceb9d4efcfbd9dd0 +Author: djm@openbsd.org +Date: Thu Feb 5 22:05:49 2026 +0000 + + upstream: Implement missing pieces of FIDO/webauthn signature support, + + mostly related to certificate handling and enable acceptance of this + signature format by default. bz3748 GHPR624 GHPR625 + + Feedback tb / James Zhang; ok tb + + OpenBSD-Commit-ID: ce3327b508086b24a3f7a6507aa5c49d8e9505e6 + +commit 832a77000abe61f61bddb9e595f45c7131c0269d +Author: djm@openbsd.org +Date: Tue Jan 27 06:48:29 2026 +0000 + + upstream: Implement "query" extension from + + draft-ietf-sshm-ssh-agent + + feedback jsg@, tb@; ok tb@ + + OpenBSD-Commit-ID: adb2b79473ff86ba781ed5ab2735c1437b590f07 + +commit 409dc952ab88b5232e809e34fd55662c6f75ad81 +Author: millert@openbsd.org +Date: Thu Jan 22 15:30:07 2026 +0000 + + upstream: Make it clear that DenyUsers/DenyGroups overrides + + AllowUsers/AllowGroups. Previously we specified the order in which the + directives are processed but it was ambiguous as to what happened if both + matched. OK djm@ + + OpenBSD-Commit-ID: 6ae0ab52ff796b78486b92a45cd7ec9310e20f4e + +commit d7950aca8eacae8b889d92c669e913111af75984 +Author: djm@openbsd.org +Date: Wed Jan 21 23:58:20 2026 +0000 + + upstream: In ssh(1), don't try to match certificates held in an + + agent to private keys. + + This matching is done to support certificates that were + loaded without their private key material, but is unnecessary for + agent-hosted certificate which always have private key material + loaded in the agent. Worse, this matching would mess up the + request sent to the agent in such a way as to break usage of these + keys when the key usage was restricted in the agent. + + Patch from Thibault Cools via bz3752, ok dtucker@ + + OpenBSD-Commit-ID: ebfe37817dad4841c53339930565242ec683d726 + +commit b0d0b71651b5a19d0dbd27b623ebb4fc43145560 +Author: sthen@openbsd.org +Date: Wed Jan 21 15:44:51 2026 +0000 + + upstream: If editline has been switched to vi mode (i.e. via "bind + + -v" in .editrc), setup a keybinding so that command mode can be entered. Diff + originally from Walter Alejandro Iglesias with tweaks. Feedback from Crystal + Kolipe. ok djm + + OpenBSD-Commit-ID: 5786e17ccd83573e2d86418023f9bc768223336a + +commit 1cc936b2fabffeac7fff14ca1070d7d7a317ab7b +Author: dtucker@openbsd.org +Date: Tue Jan 20 22:56:11 2026 +0000 + + upstream: Fill entropy in a single operation instead of hundreds. + + The sntrup761 code we use from SUPERCOP fills entropy arrays 4 bytes at + a time. On some platforms each of these operations has a significant + overhead, so instead fill it in a single operation and as a precaution + zero that array after it's used. + + Analysis and code change is from Mike Frysinger via Github PR#621 with + feedback from djm@ and sed-ification from me. ok djm@ beck@. + + This change was submitted by Mike to SUPERCOP upstream so hopefully + future versions will already have it. + + OpenBSD-Commit-ID: 0e85c82f79b1b396facac59e05b288c08048f15c + +commit a6f8f793d427a831be1b350741faa4f34066d55f +Author: djm@openbsd.org +Date: Sun Jan 4 09:52:58 2026 +0000 + + upstream: rewrite SOCKS4/4A/5 parsing code to use sshbuf functions + + instead of manual pointer fiddling. Should make the code safer and easier to + read. feedback/ok markus@ + + OpenBSD-Commit-ID: 5ebd841fbd78d8395774f002a19c1ddcf91ad047 + +commit ea367b4bbc3fd49f84683763723425adfdce35c0 +Author: djm@openbsd.org +Date: Tue Dec 30 04:28:42 2025 +0000 + + upstream: test the right thing, doofus + + OpenBSD-Commit-ID: 31b2ec6e0b3dbd08c60ba2d969dd687cd80c25fd + +commit 5f2bc9cb8625d1fd582e0e4b562200f9856f1f7d +Author: djm@openbsd.org +Date: Tue Dec 30 04:23:53 2025 +0000 + + upstream: avoid possible NULL deref if + + ssh_packet_check_rekey_blocklimit() called before the encrypted transport is + brought up. + + OpenBSD-Commit-ID: fb998ccbe59865e33a8ab6a6577f254d39bdc72f + +commit b9c318777eb40db66fb92df87666c3642467d0e7 +Author: djm@openbsd.org +Date: Tue Dec 30 00:12:58 2025 +0000 + + upstream: unit tests for sshbuf_consume_upto_child() + + OpenBSD-Regress-ID: 13cbd0370ebca7c61c35346b3e0356517719a447 + +commit dd49a87bf4e4a219978bf20f03e2a72041f57b2f +Author: djm@openbsd.org +Date: Tue Dec 30 00:35:37 2025 +0000 + + upstream: Remove bug compatibility for implementations that don't + + support rekeying. AFAIK this is only an ancient Sun SSH version. + + If such an implementation tries to interoperate with OpenSSH, it + will eventually fail when the transport needs rekeying. + + This is probably long enough to use it to download a modern SSH + implementation that lacks this problem :) + + ok markus@ deraadt@ + + OpenBSD-Commit-ID: 228a502fee808cf8b7caee23169eb6a1ab1c331a + +commit ca313fef2deed90668fe0706da8529310092d1dd +Author: djm@openbsd.org +Date: Tue Dec 30 00:22:58 2025 +0000 + + upstream: Enforce maximum packet/block limit during + + pre-authentication phase + + OpenSSH doesn't support rekeying before authentication completes to + minimise pre-auth attack surface. + + Given LoginGraceTime, MaxAuthTries and strict KEX, it would be + difficult to send enough data or packets before authentication + completes to reach a point where rekeying is required, but we'd + prefer it to be completely impossible. + + So this applies the default volume/packet rekeying limits to the + pre-auth phase. If these limits are exceeded the connection will + simply be closed. + + ok dtucker markus + + OpenBSD-Commit-ID: 70415098db739058006e4ebd1630b6bae8cc8bf6 + +commit 55b6b1697433eca98052f5c45281133ca793a9c8 +Author: djm@openbsd.org +Date: Mon Dec 29 23:52:09 2025 +0000 + + upstream: Add sshbuf_consume_upto_child(), to similify particular + + parsing patterns using parent/child buffer; ok markus@ + + OpenBSD-Commit-ID: c11ed27907751f2a16c1283313e77f88617e4852 + +commit 6eafc52a4185ba6d765047146cd645152baaeb58 +Author: Ludovic Rousseau +Date: Sat Dec 27 10:07:22 2025 +0100 + + Update ssh-agent.1 + + Add a missing "/" in the default allowed providers list. + +commit 09daf2ac5f248dc5d60a6f3a703b479d67da14b4 +Author: djm@openbsd.org +Date: Mon Dec 22 03:36:43 2025 +0000 + + upstream: correctly quote wildcard host certificate principal name, + + lest it expand to an unrelated filename in the working directory + + OpenBSD-Regress-ID: 8a9eb716d3ea7986d26c1a931758b996aa93c58e + +commit dfd710e4e2928201743e32027e2d6cf0e2eafc61 +Author: djm@openbsd.org +Date: Mon Dec 22 03:12:05 2025 +0000 + + upstream: return 0 in void function; spotted by clang -Wextra + + OpenBSD-Commit-ID: fe7461c93dfaef98a007a246af837a8275a1e539 + +commit ecdf9b9f8e89aae65d4a12fe5a25c560eea08393 +Author: djm@openbsd.org +Date: Mon Dec 22 01:50:46 2025 +0000 + + upstream: regression tests for certificates with empty principals + + sections (which are now unconditionally refused) and for certificates with + wildcard principals (which should only be accepted in host certs) + + OpenBSD-Regress-ID: fdca88845a68424060547b4f9f32f90a7cf82e73 + +commit adca2f439827eb829652805f36e288b5b260ce1b +Author: djm@openbsd.org +Date: Mon Dec 22 01:31:07 2025 +0000 + + upstream: don't try to test webauthn signatures. Nothing in OpenSSH + + generates these (yet) + + OpenBSD-Regress-ID: 48d59b7c4768c2a22ce3d8cf3b455e6ada9fc7b0 + +commit 5166b6cbf2b6103117a79f90a68068e89e02bf66 +Author: djm@openbsd.org +Date: Mon Dec 22 01:49:03 2025 +0000 + + upstream: When certificate support was added to OpenSSH, + + certificates were originally specified to represent any principal if the + principals list was empty. + + This was, in retrospect, a mistake as it created a fail-open + situation if a CA could be convinced to accidentally sign a + certificate with no principals. This actually happened in a 3rd- + party CA product (CVE-2024-7594). + + Somewhat fortunately, the main pathway for using certificates in + sshd (TrustedUserCAKeys) never supported empty-principals + certificates, so the blast radius of such mistakes was + substantially reduced. + + This change removes this footcannon and requires all certificates + include principals sections. It also fixes interpretation of + wildcard principals, and properly enables them for host + certificates only. + + This is a behaviour change that will permanently break uses of + certificates with empty principals sections. + + ok markus@ + + OpenBSD-Commit-ID: 0a901f03c567c100724a492cf91e02939904712e + +commit aaac8c61c18124eb5fb8a2cff1e85dea2db6c147 +Author: djm@openbsd.org +Date: Mon Dec 22 01:20:39 2025 +0000 + + upstream: Don't misuse the sftp limits extension's open-handles + + field. This value is supposed to be the number of handles a server will allow + to be opened and not a number of outstanding read/write requests that can be + sent during an upload/download. + + ok markus@ + + OpenBSD-Commit-ID: 14ebb6690acbd488e748ce8ce3302bd7e1e8a5b0 + +commit daf6bdd34b59f640d2af0fd230da69f1cbad33b4 +Author: djm@openbsd.org +Date: Mon Dec 22 01:17:31 2025 +0000 + + upstream: add a "ssh -O channels user@host" multiplexing command to + + get a running mux process to show information about what channels are + currently open; ok dtucker@ markus@ + + OpenBSD-Commit-ID: 80bb3953b306a50839f9a4bc5679faebc32e5bb8 + +commit b652322cdc5e94f059b37a8fb87e44ccb1cdff33 +Author: djm@openbsd.org +Date: Fri Dec 19 01:27:19 2025 +0000 + + upstream: typo in comment + + OpenBSD-Commit-ID: f72306b86953e74f358096db141b4f9c00d33ed7 + +commit 0b98be75dbb2ccb1c3146429c0077416c113b57d +Author: djm@openbsd.org +Date: Fri Dec 19 01:26:39 2025 +0000 + + upstream: correctly check subsystem command is not the empty string + + (was repeatedly checking the subsystem name) spotted by Coverity (CID 898836) + + OpenBSD-Commit-ID: dabea2b499de8280f76f7291dd52086df6831cb0 + +commit 345892ba2e8efea4be03675c866395bee251c117 +Author: djm@openbsd.org +Date: Fri Dec 19 00:57:42 2025 +0000 + + upstream: regression test for bz3906: sshd crashing at connection + + time if the config lacks a subsystem directive but one is defined in a match + block. + + OpenBSD-Regress-ID: 5290553665307ccddaec2499ec1eb196bb2efc84 + +commit 81e5bb8d93f2d8361bd7f4b034044ad8ee4ded0e +Author: djm@openbsd.org +Date: Fri Dec 19 00:48:47 2025 +0000 + + upstream: check that invalid subsystem directives inside Match + + blocks are noticed at startup; bz#3906 + + OpenBSD-Regress-ID: b9171bde4cc24757a826b3da0e9eadc33995a453 + +commit 831e6db69ff8625b6e81c2809aa082abbab6c0b1 +Author: djm@openbsd.org +Date: Fri Dec 19 00:56:34 2025 +0000 + + upstream: don't crash at connection time if the main sshd_config + + lacks any subsystem directive but one is defined in a Match block + + bz#3906; ok dtucker + + OpenBSD-Commit-ID: 2eb9024726d6f10eaa41958faeca9c9ba5ca7d8a + +commit 4e0f2dee54d210dc44f72f73e703c6dc5348a406 +Author: djm@openbsd.org +Date: Fri Dec 19 00:48:04 2025 +0000 + + upstream: detect invalid sshd_config Subsystem directives inside + + Match blocks at startup rather than failing later at runtime; + + noticed via bz#3906; ok dtucker + + OpenBSD-Commit-ID: e6035ff0baa375de6c9f22c883ed530a8649dfed + +commit 4c9de155ce1d35c9e3c05223cc093580f9efff9a +Author: jsg@openbsd.org +Date: Thu Dec 18 23:54:10 2025 +0000 + + upstream: new sentence, new line + + OpenBSD-Commit-ID: 23974d7c98b2ba4fea7f5143676c34e04ffd4128 + +commit 3ab346aa6d9030379df3ec1ed0b0ce608f952c5f +Author: jsg@openbsd.org +Date: Thu Dec 18 23:51:56 2025 +0000 + + upstream: fix markup, .CM -> .Cm + + OpenBSD-Commit-ID: 4db8cb254792df8a4dce11825852e089ae3d053a + +commit f878d7ccc25b02a39e6766f5dd405d5de6fb106c +Author: dtucker@openbsd.org +Date: Tue Dec 16 08:36:43 2025 +0000 + + upstream: Plug leak in ssh_digest_memory on error path. + + Bonehead mistake spotted by otto@, ok djm@ + + OpenBSD-Commit-ID: 4ad67ac402e0b4c013f4f4e386d22b88969a5dd7 + +commit 49480f1934f8cf994afa646d4bcbd22ac08bb6af +Author: dtucker@openbsd.org +Date: Tue Dec 16 08:32:50 2025 +0000 + + upstream: Add 'invaliduser' penalty to PerSourcePenalties, which is + + applied to login attempts for usernames that do not match real accounts. + Defaults to 5s to match 'authfail' but allows administrators to block such + sources for longer if desired. with & ok djm@ + + OpenBSD-Commit-ID: bb62797bcf2adceb96f608ce86d0bb042aff5834 + +commit 94bf1154b4132727114f222a587daeac101f1f5b +Author: djm@openbsd.org +Date: Mon Dec 8 03:55:22 2025 +0000 + + upstream: add a GssDelegateCreds option for the server, controlling + + whether it accepts delgated credentials offered by the client. This option + mirrors GssDelegateCreds in ssh_config. + + From Dmitry Belyavskiy via GHPR614; ok dtucker@ + + OpenBSD-Commit-ID: ac419354edb26cef9ad15692e0bed17a03997786 + +commit 24f32f7755801b16368375b8e27fb1a48d250fc5 +Author: djm@openbsd.org +Date: Mon Dec 8 00:45:00 2025 +0000 + + upstream: errant line + + OpenBSD-Commit-ID: 8542d59f5ba48a67c3ebd5de17f9fa408ec54ca5 + +commit a1e37f0998ed5027f6c8dd30befb379ea2cac95b +Author: djm@openbsd.org +Date: Mon Dec 8 00:44:16 2025 +0000 + + upstream: There is a warning next to the authorized_keys command="" + + flag that forcing a command doesn't automatically disable forwarding. Add one + next to the sshd_config(5) ForceCommand directive too. + + feedback deraadt@ + + OpenBSD-Commit-ID: bfe38b4d3cfbadbb8bafe38bc256f5a17a0ee75c + +commit 70ad2e9a2b3aa6f856200464078c2750bfba0e3d +Author: djm@openbsd.org +Date: Mon Dec 8 00:41:46 2025 +0000 + + upstream: increment correct variable when counting group + + memberships. Reported by Kevin Day via bz3903 + + OpenBSD-Commit-ID: 772b9aafd5165a7c407f08cb95f8b94cc5a4c1c0 + +commit d05b704086d53c02f4ad7de921435f7e7e3ad60a +Author: Darren Tucker +Date: Sun Dec 7 20:10:42 2025 +1100 + + Add OpenBSD 7.8 VM test target. + +commit f086fafa0486012df6ba095664be75ecbf68e8e1 +Author: Darren Tucker +Date: Sun Dec 7 13:43:02 2025 +1100 + + Remove generated compat includes during distclean. + +commit 185459dd87c4f7580a2591fbbbb1d800ec249b78 +Author: Darren Tucker +Date: Sun Dec 7 14:17:20 2025 +1100 + + Define IPTOS_DSCP_VA if not already defined. + +commit f701869185915b9a324dcc23c12d0035251ef93f +Author: phessler@openbsd.org +Date: Fri Dec 5 17:48:47 2025 +0000 + + upstream: allow network programs select DSCP_VA for network ToS + + OK stsp@ + + OpenBSD-Commit-ID: 8019fd6e8c522b4b5f291a2c0e3bf2437cc70dc1 + +commit f62868e03e51785c521c4d20d60662c0bbdd695e +Author: dtucker@openbsd.org +Date: Sun Dec 7 02:59:53 2025 +0000 + + upstream: Avoid "if ! thing || ! otherthing; then" constructs since + + they seem to cause portability problems. + + OpenBSD-Regress-ID: ff001be683de43bf396cd5f9f6a54e0c7a99c3cf + +commit 45aca67d79c194660342a64a9175d814d4e8ba56 +Author: dtucker@openbsd.org +Date: Sun Dec 7 02:49:41 2025 +0000 + + upstream: spaces->tab + + OpenBSD-Regress-ID: c78eb430da0ec2c4b6919ff4d27ef8e565ef52ff + +commit ab164f671609a3a25cd0efcd967aff29144081bb +Author: dtucker@openbsd.org +Date: Sat Dec 6 07:10:24 2025 +0000 + + upstream: Append a newline, otherwise some sed's won't output anything. + + OpenBSD-Regress-ID: 507cb8c36bb7fc338f60a55bf7040f479536b3f7 + +commit c99a30d30a5d2af6fec30b9b0d85aa9b252760c9 +Author: dtucker@openbsd.org +Date: Sat Dec 6 03:23:27 2025 +0000 + + upstream: Don't check compressions stats when ssh does not support + + compression. + + OpenBSD-Regress-ID: 026db51b2654a949e9a10b908443dab83b64c74a + +commit 5f5d1af478d4b9daf61fab1e4298973980d4c348 +Author: djm@openbsd.org +Date: Fri Dec 5 11:13:35 2025 +0000 + + upstream: ASSERT_DOUBLE_* test helpers + + OpenBSD-Regress-ID: cdb5c4e95c0f00efb773ddba4056a49e33702cf9 + +commit 70a01a7e66075047329e3aeccc942678f512ebdd +Author: Darren Tucker +Date: Fri Dec 5 20:02:39 2025 +1100 + + Set SSH_REGRESS_TMP after making tmpdir. + + Put both of these later in the script so the cvsids don't cause + conflicts on every synced patch. + +commit 89a67a04e581423cdc443f2597cb1e2c7d8cc50f +Author: dtucker@openbsd.org +Date: Fri Dec 5 08:09:34 2025 +0000 + + upstream: Shell compatibility fix. + + OpenBSD-Regress-ID: bceaeb267d49c13e4a797c42e93b8f0cdb14dbd7 + +commit f4e79a4ba91cf0fd7397846424d1b261f3648708 +Author: djm@openbsd.org +Date: Fri Dec 5 07:43:24 2025 +0000 + + upstream: unit tests for convtime_double() + + OpenBSD-Regress-ID: d3ba7b894019b4128845d638c78fca37b3b6eecf + +commit c48de35bea389308428cb47b5ee55b1b1fb4567c +Author: djm@openbsd.org +Date: Fri Dec 5 07:49:45 2025 +0000 + + upstream: convert PerSourcePenalties to using floating point time, + + allowing penalties to be less than a second. This is useful if you need to + penalise things you expect to occur at >=1 QPS. + + feedback dtucker / deraadt; ok deraadt@ + + OpenBSD-Commit-ID: 89198be755722131b45a52d22d548e4c602201f0 + +commit f45cd249e45a15c84bf1316ac719039d04a74e84 +Author: djm@openbsd.org +Date: Fri Dec 5 07:43:12 2025 +0000 + + upstream: Add convtime_double() that converts a string interval, + + such as "3w2d4h5m10.5s", into a floating point number of seconds. + + Reimplement the existing convtime() function using convtime_double() + (it just drops the fractional seconds) + + lots of feedback deraadt@ / dtucker@; ok deraadt@ + + OpenBSD-Commit-ID: 053cdd0c72325a20efc6613caa847473fb89e36f + +commit b7dc1d95ee838c86a93df59663dad32e9b555520 +Author: dtucker@openbsd.org +Date: Fri Dec 5 06:55:22 2025 +0000 + + upstream: Add test for ssh -Oconninfo mux command. + + OpenBSD-Regress-ID: e939edc41caad8b6ad00ff294f33b61ed32a1edd + +commit eb97fc2b5e7c85a37fdb3f8a6ee1d665ef086c3f +Author: dtucker@openbsd.org +Date: Fri Dec 5 06:16:27 2025 +0000 + + upstream: Add an ssh -Oconninfo command + + that shows connection information, similar to the ~I escapechar. + This is the first use of the mux extension mechanism, so it should be + both forward and backward compatible: a new client talking to an old + server will not allow the "conninfo" request to be sent, but everything + else should work seamlessly. feedback and ok djm@ + + OpenBSD-Commit-ID: 50f047a85da277360558cabdfed59cb66f754341 + +commit 66622394fd3a51e9a6c99c39a068f8ba709542fa +Author: djm@openbsd.org +Date: Wed Dec 3 06:29:50 2025 +0000 + + upstream: correctly quote filenames in verbose output for local->local + + copies; from Colin Watson via bz3900; ok dtucker@ + + OpenBSD-Commit-ID: 5c09b030e2024651ebc8c1f9af6a8a2d37912150 + +commit 8fce5520a1c9c2cf3fc6c6974dd158f4b3ce9c4e +Author: dtucker@openbsd.org +Date: Sat Nov 29 06:49:56 2025 +0000 + + upstream: Add local hostname and pid to ~I escape connection info, + + only display peer information for TCP connections including source address + and port This provides enough information to uniquely identify a connection + on the host or network. + + OpenBSD-Commit-ID: aa18a4af2de41c298d1195d2566808585f8ce964 + +commit 2e8b5de4a79fb393482465531be1e347b81699f3 +Author: dtucker@openbsd.org +Date: Sat Nov 29 05:00:50 2025 +0000 + + upstream: Add compression stats to ~I connection info escape + + option. + + OpenBSD-Commit-ID: 83424b71fc226ea6b3dc8dda39f993475fdbd775 + +commit 52037ed910a9dcb669b9c9f612ccac711ac586f2 +Author: dtucker@openbsd.org +Date: Thu Nov 27 02:18:48 2025 +0000 + + upstream: Add Escape option ~I that shows information about the current + + SSH connection. ok djm@, "I like/want" sthen@ florian@ + + OpenBSD-Commit-ID: 0483fc0188ec899077e4bc8e1e353f7dfa9f5c1d + +commit 0fb1f3c9955d78fb0959842202b9ecfc36e37486 +Author: djm@openbsd.org +Date: Tue Nov 25 01:14:33 2025 +0000 + + upstream: move mention of default MaxStartups (which uses the + + form. + + GHPR568 from Santiago Vila + + OpenBSD-Commit-ID: 7e68771f3cad61ec67303607afb3b85639288b29 + +commit 2d0d26602f739b4a3ddde6c4dbc8f3ddab38ac0d +Author: djm@openbsd.org +Date: Tue Nov 25 01:08:35 2025 +0000 + + upstream: Support writing ED25519 keys in PKCS8 format. GHPR570 from + + Josh Brobst + + OpenBSD-Commit-ID: 4f36019a38074b2929335fbe9cb8d9801e3177af + +commit c23122c5ea7348b7b6daa2982e53c201a5354007 +Author: djm@openbsd.org +Date: Tue Nov 25 00:57:04 2025 +0000 + + upstream: avoid leak of fingerprint on error path; from Lidong Yan via + + GHPR611 + + OpenBSD-Commit-ID: 253f6f7d729d8636da23ac9925b60b494e85a810 + +commit 6157e1c41071fb0f5621868c38861934284268b1 +Author: djm@openbsd.org +Date: Tue Nov 25 00:52:00 2025 +0000 + + upstream: don't set the PerSourceNetBlockSize IPv6 mask if sscanf + + didn't decode it. From Mingjie Shen via GHPR598 + + OpenBSD-Commit-ID: c722014e735cbd87adb2fa968ce4c47b43cf98b0 + +commit 1fdc3c61194819c16063dc430eeb84b81bf42dcf +Author: djm@openbsd.org +Date: Mon Nov 24 23:56:58 2025 +0000 + + upstream: give ssh-agent more time to start in tests; requested in + + GHPR602 + + OpenBSD-Regress-ID: 7d771db2c1d4a422e83c3f632ba1e96f72a262b8 + +commit 5e7c3f33b2693b668ecfbac84b85f2c0c84410c2 +Author: djm@openbsd.org +Date: Mon Nov 24 23:54:15 2025 +0000 + + upstream: When testing PKCS11, explicitly allow the module path in + + ssh-agent. + + Allows testing of PKCS11 modules outside system directories. + + From Morgan Jones via GHPR602 + + OpenBSD-Regress-ID: 548d6e0362a8d9f7d1cc01444b697a00811ff488 + +commit 69965aefe3355488e0462291be13a233b8405091 +Author: djm@openbsd.org +Date: Mon Nov 24 23:43:10 2025 +0000 + + upstream: When loading FIDO2 resident keys, set the comment to the + + FIDO application string. This matches the behaviour of ssh-keygen -K + + From Arian van Putten via GHPR608 + + OpenBSD-Commit-ID: 3fda54b44ed6a8a6f94cd3e39e69c1e672095712 + +commit 2238c48dc90dc56af1d86b298d2cb25fa0c7ef14 +Author: tb@openbsd.org +Date: Sun Nov 23 07:04:18 2025 +0000 + + upstream: pkcs11_fetch_ecdsa_pubkey: use ASN1_STRING accessors + + In anticipation of davidben and beck making ASN1_STRING opaque in + OpenSSL 4 with the aim of enabling surgery to make the X509 data + structure less bad [1], we need to use dumb accessors to avoid build + breakage. Fortunately only in one spot. + + This is OpenSSL 1.1 API and available in all members of the fork family. + + ok beck djm + + [1]: https://github.com/openssl/openssl/issues/29117 + + OpenBSD-Commit-ID: 0bcaf691d20624ef43f3515c983cd5aa69547d4f + +commit 643222df689c95efff9e9506b76de458f69dd9c7 +Author: Darren Tucker +Date: Fri Nov 21 14:28:20 2025 +1100 + + Update OSSFuzz link to current bug tracker. + +commit 2efdfbb4d78b9bbb73f55af150e8f985d4fe4c0f +Author: Darren Tucker +Date: Fri Nov 21 14:21:07 2025 +1100 + + Add VM CI and CIFuzz status badges. + +commit 71e8779113965d60d91ba2d15cdeeb43ecf230a7 +Author: djm@openbsd.org +Date: Fri Nov 21 01:29:27 2025 +0000 + + upstream: unit tests for sshbuf_get_nulterminated_string() + + OpenBSD-Regress-ID: cb0af1e4d6dcc94e263942bc4dcf5f4466d1f086 + +commit dec6334aaf6f542f34a0aca27dc2f535e9161a67 +Author: djm@openbsd.org +Date: Fri Nov 21 01:29:06 2025 +0000 + + upstream: add a sshbuf_get_nulterminated_string() function to pull a + + \0- terminated string from a sshbuf. Intended to be used to improve parsing + of SOCKS headers for dynamic forwarding. + + ok deraadt; feedback Tim van der Molen + + OpenBSD-Commit-ID: cf93d6db4730f7518d5269c279e16b172b484b36 + +commit a8718c3fc52511e5237f1cbe10c210948c5616ea +Author: dtucker@openbsd.org +Date: Thu Nov 20 05:07:57 2025 +0000 + + upstream: Free opts in FAIL_TEST. It should always be NULL anyway so + + this is a no-op, but it should placate Coverity CID 405064. + + OpenBSD-Regress-ID: 06789754de0741f26432c668fad8b9881c14c153 + +commit d68d528fefeca1e331696296ef5db7c4db246f9a +Author: dtucker@openbsd.org +Date: Thu Nov 20 05:10:56 2025 +0000 + + upstream: Plug leaks while parsing Match blocks. Coverity CID + + 469304, ok djm@ + + OpenBSD-Commit-ID: f9b79b86879a953ad034e6b92a398265b251bea7 + +commit e3f1fbb427df898d70083b42caab72baaa715400 +Author: dtucker@openbsd.org +Date: Thu Nov 20 05:10:11 2025 +0000 + + upstream: Plug leaks while parsing Match blocks. Coverity CID + + 515634, ok miod@ djm@ + + OpenBSD-Commit-ID: c7932eddecd47e5122e945246a40c56ffa42a546 + +commit ccad76e9e1e4f06889ee023893cea98bc165858b +Author: Darren Tucker +Date: Tue Nov 18 20:14:44 2025 +1100 + + Pull in rev 1.17 for spelling fix. + + Prompted by github PR#609 from Edge-Seven. + +commit 58533bbdf7aa0548de8e2abd3cb2de0593fa9fdc +Author: jca@openbsd.org +Date: Mon Nov 17 12:59:29 2025 +0000 + + upstream: Export XDG_RUNTIME_DIR to child ssh sessions + + Currently setusercontext(LOGIN_SETALL) does create the directory in + /tmp/run/user, since LOGIN_SETXDGENV is part of LOGIN_SETALL, but the + env variable wasn't exported. + + ok djm@ + + OpenBSD-Commit-ID: 02b8433f72759b3a07b55cbc5a7cdb84391b0017 + +commit e4cc5ab0efd85f01c0e1ae46825ffc0c7a8f44ce +Author: djm@openbsd.org +Date: Mon Nov 17 05:24:42 2025 +0000 + + upstream: don't strnvis() log messages that are going to be logged + + by sshd-auth via its parent sshd-session process, as the parent will also run + them though strnvis(). + + Prevents double-escaping of non-printing characters in some log + messages. bz3896 ok dtucker@ + + OpenBSD-Commit-ID: d78faad96a98af5269d66ddceee553cf7d396dfe + +commit bad220decb95d3b5cc6e30f843c4fc9d9b0b7a67 +Author: Darren Tucker +Date: Mon Nov 17 21:36:45 2025 +1100 + + Remove obsolete CVSID. + +commit 2fe6e406b496b54351dab923f9be95579d39d071 +Author: dtucker@openbsd.org +Date: Mon Nov 17 09:59:13 2025 +0000 + + upstream: Ensure both sides of the test are non-NULL instead of just + + either. Coverity CID 443285. + + OpenBSD-Regress-ID: aa90e57b1bc8efce9e50734a07a8ffec0680059a + +commit e2b93e16232834c61c9dcff5b20e4c55a26b324d +Author: Darren Tucker +Date: Thu Nov 13 23:30:48 2025 +1100 + + Move libcrypto init check into entropy.c. + + This prevents link errors with the openbsd-compat tests when the linker + tries to bring in all the logging bits. + +commit ec41739bd68d639b0847b366697706e7dab3498d +Author: Icenowy Zheng +Date: Fri Nov 7 14:27:35 2025 +0800 + + seccomp sandbox: allow uname(3) + + The uname(3) syscall is utilized by zlib-ng on RISC-V to decide whether + the kernel handles VILL bit of V extension properly (by checking the + kernel version against 6.5). + + Allow it in the seccomp sandbox. + + Signed-off-by: Icenowy Zheng + +commit 90501bc30ca94fa5443e2b7e2072d5d454587ef8 +Author: Darren Tucker +Date: Thu Nov 13 22:04:19 2025 +1100 + + Remove remaining OpenSSL_add_all_algorithms() calls. + + We already have OPENSSL_init_crypto() in the compat layer (now with a + check of its return code, prompted by tb@). Prompted by github PR#606 + from Dimitri John Ledkov. ok beck@ + +commit d9955e4571ec356ba4f2e99d01f7fa88f6e20a63 +Author: dtucker@openbsd.org +Date: Thu Nov 13 10:35:14 2025 +0000 + + upstream: Remove calls to OpenSSL_add_all_algorithms() + + and ERR_load_crypto_strings(). These are no-ops in LibreSSL, and in + Portable have been mostly replaced by a call to OPENSSL_init_crypto() + in the compat layer. ok tb@ + + OpenBSD-Commit-ID: 4c3e0af10fe276766054eda34428a37a5606d3ea + +commit 6aba7008e6451ae3f9298214b13b8eded5fd9ff0 +Author: djm@openbsd.org +Date: Thu Nov 13 05:13:06 2025 +0000 + + upstream: sync support for systems that lack __builtin_popcount() from + + portable + + unused on OpenBSD (nothing sets MISSING_BUILTIN_POPCOUNT), but it + makes syncing much easier. + + OpenBSD-Commit-ID: 496446300d82615b24f83eca886b8fabdbee445b + +commit 84347d67ad2d5ee0db43f32bca91bacccecdb647 +Author: djm@openbsd.org +Date: Thu Nov 13 04:56:23 2025 +0000 + + upstream: update our ML-KEM implementation to upstream libcrux + + v0.0.4 + + tested/ok tb@ + + OpenBSD-Commit-ID: 525a62549efbf53492adcb2c57e4872cdbaeed62 + +commit c09eeba78ad622b988ab7f8d96e75b7edd434598 +Author: tb@openbsd.org +Date: Fri Nov 7 06:29:45 2025 +0000 + + upstream: sshkey_ec_validate_public: zap trailing blank I missed on + + review + + OpenBSD-Commit-ID: b296bd6056f33fd567ca0d5e9123dac1ec00f037 + +commit 7cb3ea4dcc7d73b2fad6782a119901cfa2b022aa +Author: Darren Tucker +Date: Thu Nov 13 10:23:45 2025 +1100 + + Simplify git command to avoid yaml syntax error. + +commit 08786bbe7eebff316efb0b4ccb882f93f33a16b8 +Author: Darren Tucker +Date: Thu Nov 13 09:53:17 2025 +1100 + + Don't use OpenSSL's ed25519 if built without EC. + + Explicitly check for OPENSSL_NO_EC, since otherwise the test will link + but then fail at runtime. + +commit d12813314452173b1709f7fdbae74add84c0056f +Author: Damien Miller +Date: Fri Nov 7 15:49:55 2025 +1100 + + octal-escape the colon character + + Apparently these are YAML magic when followed by whitespace + +commit 5a104d81a2a916a6b9a42e28a7fa11bb781dfdf4 +Author: Damien Miller +Date: Fri Nov 7 15:44:18 2025 +1100 + + try single quotes instead of escaped quotes + +commit 48d8293956b9801b870a56782e19f29793ca04ba +Author: Damien Miller +Date: Fri Nov 7 15:42:57 2025 +1100 + + escape quotes in yaml + +commit 1f1d63e16b5ce67f6f2f1170ec7221f1e6bff530 +Author: djm@openbsd.org +Date: Fri Nov 7 04:33:52 2025 +0000 + + upstream: Escape SSH_AUTH_SOCK paths that are sent to the shell as + + setenv commands. + + Unbreaks ssh-agent for home directory paths that contain whitespace. + + Based on fix from Beat Bolli via bz3884; feedback/ok dtucker@ + + OpenBSD-Commit-ID: aaf06594e299940df8b4c4b9f0a1d14bef427e02 + +commit 5794f2a186ee8ea7db0002bf7470b817572aaef0 +Author: djm@openbsd.org +Date: Thu Nov 6 17:24:28 2025 +0000 + + upstream: sk-dummy.so needs sshlog() stub after ed25519-openssl.c + + change + + OpenBSD-Regress-ID: 50b7f49021b8085728d0544275e141fb1bf4a2b5 + +commit a1c526f29b47147046f77a0f74097008256396f6 +Author: djm@openbsd.org +Date: Thu Nov 6 01:33:26 2025 +0000 + + upstream: unit test for stringlist_append() and stringlist_free() + + OpenBSD-Regress-ID: a3a4dae538c831b3810f69abc34ad8504dc3c460 + +commit 9d8c686981834bc1dde09f5067ff925d8fc158f5 +Author: djm@openbsd.org +Date: Thu Nov 6 01:33:03 2025 +0000 + + upstream: link against ed25519-openssl.c instead of ed25519.c + + OpenBSD-Regress-ID: f789d46e99d2598929e3c2d00b45c47cc3102501 + +commit e57ef43c3ecb69aa237e2d88b793f18ee8a25817 +Author: anton@openbsd.org +Date: Sat Nov 1 05:39:25 2025 +0000 + + upstream: Cope with recent changes and don't link hash.c. + + OpenBSD-Regress-ID: 577ef2f36ee592528448e8c0f33499e2e3512054 + +commit 9bea081888fa659b964e6bfa41caca2b5def98c2 +Author: djm@openbsd.org +Date: Fri Nov 7 04:11:59 2025 +0000 + + upstream: Remove some unnecessary checks in + + sshkey_ec_validate_public() + MIME-Version: 1.0 + Content-Type: text/plain; charset=UTF-8 + Content-Transfer-Encoding: 8bit + + Checking nQ == infinity is not needed for cofactor 1 curves. + Checking x and y coordinates against order is not needed either. + + patch from Szilárd Pfeiffer, with further refinement by tb@ + ok tb@ + + OpenBSD-Commit-ID: ef985e2be7c64e215d064757d3fc65eb181e8ede + +commit 1399419f0b2d024bde968ffe769a3808611917e4 +Author: djm@openbsd.org +Date: Thu Nov 6 01:31:11 2025 +0000 + + upstream: move stringlist_append() and stringlist_free() to misc.c + + OpenBSD-Commit-ID: 7d047bbff6964b9abbc04e9b3e2e1b4cc1db0aea + +commit f2ff1d9c1687be313dd491fcd136c682ef51bea8 +Author: djm@openbsd.org +Date: Fri Oct 31 01:50:43 2025 +0000 + + upstream: cleanup file descriptors across PKCS#11 client/helper + + execution; ok markus + + OpenBSD-Commit-ID: 993628a5b361e30aa48bbb4c07667a280f3f23ab + +commit 7e5d404cf73b6762715eec69b67cce2c4801f9e9 +Author: Darren Tucker +Date: Sat Nov 1 08:34:15 2025 +1100 + + Support using git for OpenBSD src tree tests. + +commit d87e7f0bed66fc9f76fe4a2f43390fdc9a664132 +Author: Darren Tucker +Date: Sat Nov 1 08:33:07 2025 +1100 + + Add OpenBSD 7.8 test target. + +commit 2425d7faf4154b32b5f836596023cf2432b81eaf +Author: Damien Miller +Date: Fri Oct 31 13:47:49 2025 +1100 + + check PAM user against previous user, not pw_name + + Avoids early fatal() if the user doesn't exist. + + Reported by Viswesh Narayanan; ok dtucker@ + +commit 7e2f89b0fb72141abbce098e2682ba8e090cabfc +Author: Damien Miller +Date: Fri Oct 31 12:19:47 2025 +1100 + + skip pkcs11 tests when built --without-openssl + +commit 590a260f0bedc895688bb38b1cf6f0f72d8013e3 +Author: Damien Miller +Date: Fri Oct 31 12:19:34 2025 +1100 + + add sshlog() replacement to sk-dummy.so + +commit 57e347bae04cf214795fdeae3579991f0cc2e090 +Author: Damien Miller +Date: Fri Oct 31 11:16:29 2025 +1100 + + rename openbsd-compat sha2.h -> bsd-sha2.h + + avoids confusion with system header when included from files under + openbsd-compat/ + +commit a5f638585152863dc64ee9436a08e1d84735d740 +Author: Damien Miller +Date: Fri Oct 31 11:07:17 2025 +1100 + + fix linking for sk-dummy.so, used in tests + +commit c2a178959b03472c1b1677fea4bb263ed9fee2bd +Author: djm@openbsd.org +Date: Thu Oct 30 23:55:09 2025 +0000 + + upstream: don't link hash.c + + OpenBSD-Regress-ID: a145f09c1efb1fcd3924544463f1f94f5d4805c0 + +commit 249224a0d43fdd2a536d7476c2bb15f4006dbbdd +Author: miod@openbsd.org +Date: Thu Oct 23 19:06:10 2025 +0000 + + upstream: Prepare for gcc 3 leaving the building, COMPILER_VERSION + + can no longer get set to "gcc3". + + OpenBSD-Regress-ID: 02351ea947975b80be60b9a8c6e4dbb57789e890 + +commit 9dcd640d44b8270c75783ef662c340187250d6e4 +Author: dtucker@openbsd.org +Date: Thu Oct 23 06:15:26 2025 +0000 + + upstream: Check tmux version and skip if too old. ok djm@ + + OpenBSD-Regress-ID: fb62024eb753c61b4d78402ec8378af839fad26c + +commit 94a78254a1c953c2a55eb54f65a5d99873b54bdf +Author: djm@openbsd.org +Date: Thu Oct 30 23:19:33 2025 +0000 + + upstream: move crypto_hash_sha512() to be inline in crypto_api.h, saves + + about 0.5kb per binary and makes life easier for portable; with/ok dtucker@ + + OpenBSD-Commit-ID: 672d7390f78bb6581c12661d7f5adc8a9c6be564 + +commit 266647c5f2075d397bd5ed5316450183eda73388 +Author: djm@openbsd.org +Date: Thu Oct 30 20:49:10 2025 +0000 + + upstream: support ed25519 signatures via libcrypto. Mostly by Jeremy + + Allison Feedback tb@, ok tb@ markus@ + + OpenBSD-Commit-ID: e8edf8adffd5975d05769dde897df882d7933526 + +commit 4f3e65bda22b65dc5fff82df1e97af07456fed42 +Author: djm@openbsd.org +Date: Thu Oct 30 03:19:54 2025 +0000 + + upstream: Activate UnusedConnectionTimeout only after last channel + + has closed. Previously UnusedConnectionTimeout could fire early after a + ChannelTimeout. + + This was not a problem for the OpenSSH client because it terminates + once all channels have closed but could cause problems for other + clients (e.g. API clients) that do things differently. + + bz3827; ok dtucker + + OpenBSD-Commit-ID: ff2e4607cbd4e600de3c8a5ece3b0e4bb641ed8f + +commit e7f5928ef1c8e8c725bdca9cdd6b80e77fe774ac +Author: miod@openbsd.org +Date: Thu Oct 23 19:06:10 2025 +0000 + + upstream: Prepare for gcc 3 leaving the building, COMPILER_VERSION + + can no longer get set to "gcc3". + + OpenBSD-Commit-ID: 98eefed432ff8253b307002e20d28da14b93e7e3 + +commit 0ffb76c6590800958777cd0f7b1aaae19c74fa3f +Author: djm@openbsd.org +Date: Wed Oct 22 06:22:58 2025 +0000 + + upstream: more explicit synchronisation around killing tmux sessions + + between runs. + + OpenBSD-Regress-ID: 1735f5cb13ad281e869ab998c7d49b692ee3ed47 + +commit ffd086b69886e8cfeb74f9b2bcb18764bf7d9a52 +Author: djm@openbsd.org +Date: Wed Oct 22 05:22:31 2025 +0000 + + upstream: remove debugging junk + + OpenBSD-Regress-ID: 3247e0ac98ae4cfe4eede871ef424d166e29e828 + +commit 52712d5f11172ca98ffb0b2ac93007f74cb67134 +Author: djm@openbsd.org +Date: Tue Oct 21 23:30:01 2025 +0000 + + upstream: just skip the test if $PATH or $HOME has whitespace in it + + OpenBSD-Regress-ID: ccf75a29d1a300a35f63be0e4f11ad5276756275 + +commit a8eac05a85e31b11513a6a8dc5d662b14cbc2f4b +Author: djm@openbsd.org +Date: Tue Oct 21 22:13:27 2025 +0000 + + upstream: quote paths; avoids test failure when run from a path with a + + space in it + + OpenBSD-Regress-ID: e4b7bffc289f10d47c50c02dd70b0323078a83b4 + +commit 425e5b6bd765efbfc7691f43bfc08c86dc8a615e +Author: djm@openbsd.org +Date: Tue Oct 21 08:35:22 2025 +0000 + + upstream: fix test for executability of tmux + + OpenBSD-Regress-ID: a18119876ecfd95edb78225b086ac668eb0977ab + +commit d1d8144ea682adae5c3bb2994322fa524584ce8b +Author: djm@openbsd.org +Date: Tue Oct 21 08:34:52 2025 +0000 + + upstream: add some more synchronisation to avoid a race between + + command entry and ^C that showed up on the portable regress tests. + + OpenBSD-Regress-ID: 5527e74aed1b008aa7e5223ca5a84aedecd973d4 + +commit 8704c141bf6ded67ab466f5e987c49329ebbd968 +Author: dtucker@openbsd.org +Date: Tue Oct 21 07:18:27 2025 +0000 + + upstream: Always create logfiles. Should prevent "can't operate on + + symlink" warnings during test runs. + + OpenBSD-Regress-ID: 65cf5ce3c8b87b5609f1f3ea142b4f381128dc33 + +commit dc9af8fb0436013afb544248e0afc2fd02a1a8fa +Author: Mike Frysinger +Date: Sun Oct 19 09:33:23 2025 -0400 + + bsd-openpty: include stdio.h for snprintf + +commit afe83537e0c0c159c7c3b6ef859424f6da18169c +Author: Damien Miller +Date: Tue Oct 21 09:14:35 2025 +1100 + + include tmux in CI package list + +commit a750ec60782d21db69383344dda478342d40ffa1 +Author: Darren Tucker +Date: Mon Oct 20 18:31:08 2025 +1100 + + Detect tmux at configure time and pass to tests. + + ok djm@ + +commit 75faa8a167b5cd4453937387b15216aa3cbc52ce +Author: Darren Tucker +Date: Mon Oct 20 18:29:24 2025 +1100 + + Update LibreSSL versions and add 4.2.0. + +commit 74369b2b7c366887211ef5c092b0aaa60f31ef11 +Author: djm@openbsd.org +Date: Mon Oct 20 00:45:10 2025 +0000 + + upstream: regression test for "interactive" ssh with a PTY attached, + + using tmux + + would have likely caught the ControlPersist regression in 10.1. + + feedback nicm@ + + OpenBSD-Regress-ID: d4d709c08657769cb5691893cc98f34b6f537e76 + +commit a204650386124df8035b8c8613dccbe9b3158cdf +Author: Darren Tucker +Date: Fri Oct 17 16:26:22 2025 +1100 + + Retire macos-13 runners, add Intel-specific ones. + +commit a6503f1e22aa34ac08d5b4d2b6730954ffd30116 +Author: Darren Tucker +Date: Fri Oct 17 16:23:43 2025 +1100 + + If we have nfds_t, check if it's int or long. + + Should fix build on very old Mac OS X, eg 10.3. Spotted and patch tested + by Sevan Janiyan. + +commit ce49aceba9f4b5f34a1041145782914aa35ca880 +Author: Damien Miller +Date: Thu Oct 16 11:15:16 2025 +1100 + + link ssh against ssh-pkcs11.o + + Should fix PIN entry for direct use of PKCS11Provider in ssh(1) + bz3879 + +commit 946574b97ceae126e0f0af2db43abb454937defe +Author: djm@openbsd.org +Date: Thu Oct 16 00:01:54 2025 +0000 + + upstream: regress test for PKCS#11 directly in ssh (not via ssh-agent) + + would have caught bz3879 + + OpenBSD-Regress-ID: ceafb1e9a6c07185cc0cb0589f3170489a516123 + +commit e3fdb82fb02723dbe139f9d4be274d7fddfb7983 +Author: djm@openbsd.org +Date: Thu Oct 16 00:00:36 2025 +0000 + + upstream: missed a case in previous + + OpenBSD-Commit-ID: 271c5602b5e719ee3def19dbd9a33328b4fa7edc + +commit d926a84d17fb28bc94219e68575cb4847af02e9a +Author: djm@openbsd.org +Date: Wed Oct 15 23:55:01 2025 +0000 + + upstream: don't try to pledge() the client if a PKCS11Provider is + + in use + + OpenBSD-Commit-ID: 445b2bf4b1e36e515f4d888f35244fd2dcfbb566 + +commit 9c8572a357c071923569a62bd9cfb68b1f788e09 +Author: djm@openbsd.org +Date: Wed Oct 15 23:54:20 2025 +0000 + + upstream: mention this is for both ssh-pkcs11.c and + + ssh-pkcs11-client.c + + OpenBSD-Commit-ID: 26eff4b9a328fa056e98b997cb57254639e48fda + +commit a4e404a64b117a15453075ee26eb061d416e58cd +Author: Arnout Engelen +Date: Sat Jun 21 09:47:28 2025 +0200 + + mdoc2man: process `Dl` macros + + `Dl` marks a single line as 'literal'. Since we don't output single + lines differently in literal vs regular mode (we only insert line + breaks for multi-line blocks in literal mode), we can just skip it. + +commit 45e2d8861bb724cfced1bf0693a6418a0cba6ab2 +Author: Arnout Engelen +Date: Fri Jun 20 21:36:44 2025 +0200 + + mdoc2man: support `Ns` inside `Ic` + + When encountering an `Ns` mdoc macro ('no space') inside an `Ic` block + ('command'), such as for 'lines=number' in ssh-keygen.1, `mdoc2man` + just output the macro instead of processing it. + + This adds processing for `Ns` when seen inside an `Ic` block. + +commit 2b1761dea36c120417d8b73db8310dc09a781e6f +Author: Mike Frysinger +Date: Mon Oct 13 11:29:36 2025 -0400 + + gitignore: ignore all *~ files + + This is a common backup style. + +commit 3ccdd9841f48e7d660f8b60c996965e9dde0a3a9 +Author: Mike Frysinger +Date: Mon Oct 13 12:49:24 2025 -0400 + + bsd-misc: include sys/ioctl.h + + This file uses ioctl() to implement some fallback functions, but + doesn't include sys/ioctl.h for it. + +commit 3adc47e161901001816045c032fa61e94b0c9426 +Author: Damien Miller +Date: Tue Oct 14 14:52:50 2025 +1100 + + don't leak PAM handle on repeat invocations + + Reported by Casper Dik via bz3882; ok dtucker@ + +commit a6ee0eb8cd951d0a00b2f06687c77f8f573b5985 +Author: Darren Tucker +Date: Mon Oct 13 19:02:45 2025 +1100 + + Switch OpenBSD VMs to use doas instead of sudo. + + OpenBSD 7.3 packages have been removed from the mirrors so we can't + install sudo for it any more, so switch to the native doas utility. + +commit da2f945f62e5a462381103803ee72e924bd1f137 +Author: Damien Miller +Date: Mon Oct 13 14:33:04 2025 +1100 + + check whether diff accepts -N + +commit cd8c96f283dbad90991edc09ade962bcfd96adc9 +Author: djm@openbsd.org +Date: Mon Oct 13 00:56:15 2025 +0000 + + upstream: test remote/remote recursive transfers where the source + + path ends in ".." + + OpenBSD-Regress-ID: 2f42078cfcee986d08b5d135968b8de6186c0003 + +commit be0777ae3ef6d9deacb0e3c494674c84feac34bd +Author: djm@openbsd.org +Date: Mon Oct 13 00:55:45 2025 +0000 + + upstream: test recursive transfers, including cases where the + + source path ends in ".." + + OpenBSD-Regress-ID: a38e3dbc86f6b7a95605784dcc601f17ede9c3f0 + +commit 36a98fccaacbbf07eaf67855a8057cba724c5e91 +Author: djm@openbsd.org +Date: Mon Oct 13 00:55:09 2025 +0000 + + upstream: test implicit destination path selection when source path + + ends with ".." + + OpenBSD-Regress-ID: 42a88e7cdceee8a83879f5730199084ee4a95902 + +commit 4f14ca8633a2c8c0a1a19165663421f0ab32f6ab +Author: djm@openbsd.org +Date: Mon Oct 13 00:54:29 2025 +0000 + + upstream: similar to scp, fix implicit destination path selection + + when source path ends with ".."; ok deraadt@ + + OpenBSD-Commit-ID: 9b8d2a662d96b241293a88b3ea21f2419bfc4812 + +commit 6432b9f6a216d0f5fb43df500e9bc30bebb3f58b +Author: djm@openbsd.org +Date: Mon Oct 13 00:53:51 2025 +0000 + + upstream: when using the SFTP protocol for transfers, fix implicit + + destination path selection when source path ends with ".."; ok deraadt@ + bz3871 + + OpenBSD-Commit-ID: d75b3b006386c5302ed4f67c4add18464ab36a0b + +commit 30c20c901d8f665fb28edd006f6f8c1e46413051 +Author: dtucker@openbsd.org +Date: Sat Oct 11 23:39:14 2025 +0000 + + upstream: Import regenerate moduli. + + OpenBSD-Commit-ID: 8512e01cf917dca6455be561d66db8eeb49f3f0b + +commit b6fd0e6d085ef519982c968b57fbaa9e509e1a3a +Author: Damien Miller +Date: Fri Oct 10 15:23:59 2025 +1100 + + depend + +commit d6212b0b89241e96d2fea9619b2d66ea668bceaa +Author: djm@openbsd.org +Date: Fri Oct 10 00:31:53 2025 +0000 + + upstream: clean up more thoroughly between tests + + OpenBSD-Regress-ID: c8394eae7547374a8fc43d03d865539e2917ea50 + +commit 9525aa3ecc6b27643fb83d8be4d61e831e357134 +Author: djm@openbsd.org +Date: Thu Oct 9 23:58:27 2025 +0000 + + upstream: simplify + + OpenBSD-Regress-ID: 8e91a2a5c1eb50128de3be72118b544d73a86673 + +commit e7b4b3f153713c15e3888aa50df039b2445492dd +Author: djm@openbsd.org +Date: Thu Oct 9 23:26:47 2025 +0000 + + upstream: don't abuse SSHKEY_FLAG_EXT to signal that a key is in + + the agent, as that triggers special handling on sshkey_free() + + OpenBSD-Commit-ID: 2ae2247babd2db167a30cf7a4f7eae4f26c000a8 + +commit 59a336cfd1283f512f067e01bc91bda5af253f80 +Author: djm@openbsd.org +Date: Thu Oct 9 23:25:23 2025 +0000 + + upstream: downgrade a useless error() -> debug() + + OpenBSD-Commit-ID: 5b0c9bcddb324f8bed2c8e8ffe9c92d263adc2d9 + +commit 649c9994e7d1995a03d8621f1412cfee90a430af +Author: djm@openbsd.org +Date: Thu Oct 9 03:23:33 2025 +0000 + + upstream: silence "mm_log_handler: write: Broken pipe" logspam + + OpenBSD-Commit-ID: bcf7c6ea509e755bd5a7cd567ff7cad725111a14 + +commit fb0bf236b0237aa83a0c5b666af7bdc0423ac457 +Author: Darren Tucker +Date: Thu Oct 9 17:57:17 2025 +1100 + + Add tracking for 10.2 branch. + +commit 081b8dbbe90d81a43b5e0f1995fe59a0e319aa15 +Author: Damien Miller +Date: Thu Oct 9 13:12:15 2025 +1100 + + complete PKCS#11 stubs and move to ssh-pkcs11.c + + Should unbreak --disable-pkcs11 builds + +commit ac4457787900c99ada9cc3768249291b002fa16e +Author: Damien Miller +Date: Thu Oct 9 13:10:27 2025 +1100 + + some fixes to p11_setup + + 1. Use the ssh-keygen under test and not the one in $PATH + 2. Include a test PKCS#11 operation to ensure that the P11 stack is + working correctly. + + Previously, it was possible for p11_setup to return success on + configurations with PKCS#11 support disabled. + +commit 3470f465c6f5c7c371e73927ebb403dd7ba05893 +Author: Damien Miller +Date: Thu Oct 9 10:07:40 2025 +1100 + + link ssh-keygen directly against ssh-pkcs11.c + + Matches what OpenBSD does and fixes ssh-keygen regression in + certifying keys using a CA key hosted via ssh-agent (bz3877) + +commit 0f3b8fd68a29766697d7a709bae8b0a61da6cff2 +Author: djm@openbsd.org +Date: Wed Oct 8 21:48:40 2025 +0000 + + upstream: When tab-completing a filename, ensure that the completed + + string does not end up mid-way through a multibyte character, as this will + cause a fatal() later on. + + based on GHPR#587 from @TaoistBrickscarrier; feedback tb@ kevlo@ + ok dtucker@ + + OpenBSD-Commit-ID: efb977164b4e20d61204a66201a7592ba8291362 + +commit 0118c30acaff308deb089fc25fe98ef59a149ca5 +Author: djm@openbsd.org +Date: Wed Oct 8 21:02:16 2025 +0000 + + upstream: fix crash at exit (visible via ssh-keygen -D) when + + multiple keys loaded. ok markus deraadt dtucker + + OpenBSD-Commit-ID: baa9763ec69d162108dafd962792ec5610ff45c9 + +commit 64ea9e95256203f30f98a6896f4721fd223106aa +Author: djm@openbsd.org +Date: Wed Oct 8 00:32:52 2025 +0000 + + upstream: openssh-10.2 + + The only change since 10.1 is the channels.c fix + + OpenBSD-Commit-ID: 5eebeb0db14c694efd4ee96b5f16112e3e5d5ba9 + +commit bcf7c05a473f92a35f4f3b561fd7a1e339e0a30f +Author: Darren Tucker +Date: Wed Oct 8 11:26:52 2025 +1100 + + Fix header name and move return outside of ifdef. + + Fixes from Mike Frysinger via Github PR#597. + +commit b937061fe4922caced7b91442b3233c0bd763492 +Author: Darren Tucker +Date: Tue Oct 7 21:10:33 2025 +1100 + + Check HAVE_MMAP too now that configure sets it. + +commit 8d57083c062f03098c9f767ec8d6278dc549a2f6 +Author: Darren Tucker +Date: Tue Oct 7 21:07:05 2025 +1100 + + Use calloc for sshkeys if mmap is not supported. + + Based on Github PR#597 from Mike Frysinger, any bugs added by me. + +commit c97b931bffa481c72ff4bfddd9d59a2110899289 +Author: Darren Tucker +Date: Tue Oct 7 20:25:07 2025 +1100 + + Add fcntl.h to includes. + + From FreeBSD via bz#3874: "This was previously included due to nested + includes in Heimdal's headers. Without this, the build fails with an + error due to redefining AT_FDCWD." + +commit 8aa13832315e52c4404c993a59c6139b44ac6114 +Author: Daan De Meyer +Date: Mon Mar 20 20:22:14 2023 +0100 + + Only set PAM_RHOST if the remote host is not "UNKNOWN" + + When using sshd's -i option with stdio that is not a AF_INET/AF_INET6 + socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then + set as the value of PAM_RHOST, causing pam to try to do a reverse DNS + query of "UNKNOWN", which times out multiple times, causing a + substantial slowdown when logging in. + + To fix this, let's only set PAM_RHOST if the hostname is not "UNKNOWN". + +commit 0bd6649ea80ead0cd6404dbc25b64937421b556e +Author: Darren Tucker +Date: Tue Oct 7 20:10:56 2025 +1100 + + Don't copy native host keys for hostbased test. + + Some github runners (notably macos-14) seem to have host keys where + public and private do not match, so generate our own keys for testing + purposes. + +commit 33b63718d40ccc555b8c7a24331a3790b2efc6c5 +Author: Darren Tucker +Date: Tue Oct 7 20:10:07 2025 +1100 + + Add 10.1 branch to ci-status page. + +commit 52411f15353257e9ec883fc044b7a56b6fca242d +Author: Darren Tucker +Date: Tue Oct 7 20:04:40 2025 +1100 + + Add clock_gettime compat shim. + + This fixes the build on macOS prior to 10.12 Sierra, since it does not + have it. Found and tested by Sevan Janiyan. + +commit beae06f56e0d0a66ca535896149d5fb0b2e8a1b4 +Author: djm@openbsd.org +Date: Tue Oct 7 08:02:32 2025 +0000 + + upstream: don't reuse c->isatty for signalling that the remote channel + + has a tty attached as this causes side effects, e.g. in channel_handle_rfd(). + bz3872 + + ok markus@ + + OpenBSD-Commit-ID: 4cd8a9f641498ca6089442e59bad0fd3dcbe85f8 + +commit 476bab6259d5a6ea0402ec79bc47ed61e2c15e86 +Author: Damien Miller +Date: Mon Oct 6 12:52:25 2025 +1100 + + depend + +commit af956575eba6bf6b6d6bc817e1aa6ed73a365984 +Author: Damien Miller +Date: Mon Oct 6 12:51:13 2025 +1100 + + update versions + +commit 2fd0945913a30fbbe7c02503347961df03f28e66 +Author: Damien Miller +Date: Mon Oct 6 12:48:16 2025 +1100 + + sync ssh-copy-id to upstream version 527be673f4d + +commit 981bb32bc6062fa5d6f11de7ffb732967463bf57 +Author: djm@openbsd.org +Date: Mon Oct 6 01:45:22 2025 +0000 + + upstream: openssh-10.1 + + OpenBSD-Commit-ID: 2a232c2d2fc05a23519f69bc29e6d8c076b97d97 + +commit b9a640a1a0dccfb56be684cc7ade402f57cf7ebd +Author: dtucker@openbsd.org +Date: Fri Oct 3 01:03:45 2025 +0000 + + upstream: If write() returned short, the subsequent write would restart + + from the beginning of the buffer not the end of what was written. Fix, since + we want modpipe to corrupt data for testing purposes deliberately not + accidentally. ok djm@ + + OpenBSD-Regress-ID: 50ca74d287445c58944f070bb92dc13b1d054b43 + +commit a0e5446ac85aca5a3ef9844eeedf787300fdb8b3 +Author: naddy@openbsd.org +Date: Sat Oct 4 21:41:35 2025 +0000 + + upstream: typos: a ssh* -> an ssh* + + ok dtucker@ + + OpenBSD-Commit-ID: a70fd2e1b23089260e8f5a7921b0debc06b011cb + +commit ade92f53c3bd4ad7dcd95334a194add57ec9ff71 +Author: djm@openbsd.org +Date: Fri Oct 3 00:09:26 2025 +0000 + + upstream: stray newline + + OpenBSD-Commit-ID: b47ed4fa93b781c7ec8ae2936526a290f4e17e1f + +commit a9cbe10da2be5be76755af0cea029db0f9c1f263 +Author: djm@openbsd.org +Date: Fri Oct 3 00:08:02 2025 +0000 + + upstream: include openssl/bn.h explicitly in files where we use BN_* + + makes things simpler for portable; from Mike Frysinger + + OpenBSD-Commit-ID: 717e93403fd1108e175afd7451b5a4ab46a598fe + +commit 3957cc2914cdc88932c972413853f8b68c1ffba5 +Author: dtucker@openbsd.org +Date: Thu Oct 2 08:38:43 2025 +0000 + + upstream: Relax array check slightly. Prevents compiler warnings + + in -portable when there are no kbdint devices present. ok djm@ + + OpenBSD-Commit-ID: c1c050cecd642d6073c792201908fd225191df93 + +commit 6a239b057be2897d7a597daaf5394f2e7312dc65 +Author: djm@openbsd.org +Date: Thu Oct 2 04:23:11 2025 +0000 + + upstream: backout r1.243 (fix for fatal during tab-completion with + + some multibyte sequences) as it breaks the common case for tab completion. + + Will deal with it properly after release. + + OpenBSD-Commit-ID: 196d00f5ff19579214de45357f16a1fb2d624be1 + +commit b9f6a84ea383d811216de38219472214963c10b2 +Author: Darren Tucker +Date: Thu Oct 2 10:48:04 2025 +1000 + + Pass COMPATINCLUDES down to openbsd-compat too. + + Fixes build on Solaris, AIX and probably others. + +commit 047e0221eaf9815775e8ea78c6d6add5ab0f68c7 +Author: Darren Tucker +Date: Wed Oct 1 14:34:02 2025 +1000 + + Pass new "compat includes" path via AC_SUBST. + + This fixes the build when the directory path containing a space. + Found by Sevan Janiyan, tested by Job Snijders. This doesn't fix + "make tests", however that is a different, pre-existing problem + that needs to be addressed separately. + +commit 5c50ddbe4deac83995edc1d014e9ba0d5efa18a6 +Author: Darren Tucker +Date: Wed Oct 1 13:37:35 2025 +1000 + + Remove compat "include" dir during distclean. + +commit aceabd62ce5833716dd2e99d4be4fcb603d263cc +Author: dtucker@openbsd.org +Date: Wed Oct 1 00:33:37 2025 +0000 + + upstream: Set keys to NULL after freeing in tests where the + + variables will be used again. Should prevent Coverity "potential use after + free" warnings. + + OpenBSD-Regress-ID: 24d141657d25977e41dfb0c58e9b74ab093972bf + +commit eb30a0d1493a97b5c14728846576dc6af5d442da +Author: dtucker@openbsd.org +Date: Wed Oct 1 00:30:19 2025 +0000 + + upstream: Get rid of utf8 droppings in commment since it confuses + + older shells. From Sevan Janiyan via openssh-unix-dev. + + OpenBSD-Regress-ID: 67c11a5cff6ef23538c77e9b29d538e175e6cfe3 + +commit d478e250230e917eeb5032238df0b9af357404ee +Author: Darren Tucker +Date: Wed Oct 1 12:17:54 2025 +1000 + + Update OpenSSL & LibreSSL versions we test against. + +commit 2c504a74ed81d13c8198a89ed1040d0fc5f73129 +Author: djm@openbsd.org +Date: Tue Sep 30 00:10:42 2025 +0000 + + upstream: during sftp uploads, avoid a condition where a failed write + + could be ignored if a subsequent write succeeded. + + This is unlikely but technically possible because sftp servers are + allowed to reorder requests. + + Reported by Graziano Stefani, ok tb@ + + OpenBSD-Commit-ID: 03904bce2c7f787223d01d7e1179fde15753eca3 + +commit 1f7556753869654ba5e2bf61e384c5da2db5ca6a +Author: djm@openbsd.org +Date: Tue Sep 30 00:06:06 2025 +0000 + + upstream: avoid a fatal() when sftp tab-completes filenames that + + share common utf-8 characters that don't encode to a complete codepoint + + from menthu.zhou via GHPR#587; ok dtucker@ + + OpenBSD-Commit-ID: e07e4d8a8cac032ab536570b8214e6ef6839b585 + +commit 42b14ff1e06fd683c7d15a6b2816c16108873a5a +Author: djm@openbsd.org +Date: Tue Sep 30 00:03:09 2025 +0000 + + upstream: fix memory leak in mux_client_request_stdio_fwd GHPR#575 + + by Boris Tonofa; ok dtucker + + OpenBSD-Commit-ID: 410cdd05242304bd0196b9172ce5fcaf89d2d8ce + +commit e5055ef26abcffd3f99669e411ea6b35ca166111 +Author: Allison Karlitskaya +Date: Wed Sep 3 20:07:55 2025 +0200 + + Don't log audit messages with UNKNOWN hostname + + The `host` parameter to audit_log_acct_message() is documented as + follows: + + host - The hostname if known. If not available pass a NULL. + + but we pass the string "UNKNOWN" in case we don't know the hostname. + Make sure we pass NULL instead. + + This avoids having the audit system attempt to perform a DNS lookup on + the hostname "UNKNOWN", which tends to result in long delays when + attempting to login. + +commit d343df4019b4369ce7f87e9bf6bbc80b81cd263d +Author: zhangjun +Date: Fri Aug 22 16:49:07 2025 +0800 + + ensure struct passwd fields are non-NULL in pwcopy + + Android libc can return NULL pw_gecos, for example. + +commit 893a579e4b37e6bd89d206dc8e7ac2a906ccf114 +Author: dtucker@openbsd.org +Date: Mon Sep 29 21:37:52 2025 +0000 + + upstream: Add explicit check for array overflow. + + The array is bounded by a NULL sentinel which already prevents this, + however since we check the bit vector for overflow Coverity assumes that + check is for the devices array and flags it as a potential overflow. + Adding this additional check on the array placates CID 896018. ok djm@ + deraadt@ + + OpenBSD-Commit-ID: e92fff41341b38e4206a70655cc9acaaa032ebee + +commit 90f49a185ac1a786d9f7e9a710b369afb3692a65 +Author: dtucker@openbsd.org +Date: Mon Sep 29 21:30:15 2025 +0000 + + upstream: Move ifdef to start of file. Removes diff vs portable. + + OpenBSD-Commit-ID: 55058ac3d477e4c696575039f5b275522b99ffea + +commit 2f71b44d48dc8da7fb743d6ffe609aea5a645edb +Author: dtucker@openbsd.org +Date: Mon Sep 29 21:29:22 2025 +0000 + + upstream: Include misc.h. Removes diff vs portable. + + OpenBSD-Commit-ID: 8aa48451fe5c37f04a339450c4ed9cfb8f4c288f + +commit dfb991bdd826517bbce1cf62ce07bcb3e48a2f27 +Author: dtucker@openbsd.org +Date: Mon Sep 29 21:28:33 2025 +0000 + + upstream: Sort headers as per KNF. Removes diff vs portable. + + OpenBSD-Commit-ID: 55f5b9eaeb826a25cfb506a78136094275a71bcb + +commit c82f4dd6b723a8365b4c538d7c99fe8e46985ed0 +Author: dtucker@openbsd.org +Date: Mon Sep 29 07:40:55 2025 +0000 + + upstream: Null out keys after freeing in tests in the case where we + + potentially reuse the variable. Fixes Coverity CID 405057. + + OpenBSD-Regress-ID: c52e86502b33bfa6e448448a74a0217dd519dd58 + +commit fda31e1e5179b4e70c27094ebb303ee47c11a5a7 +Author: djm@openbsd.org +Date: Mon Sep 29 03:17:54 2025 +0000 + + upstream: avoid spurious error message when loading certificates + + only bz3869 + + OpenBSD-Commit-ID: e7848fec50d15cc142fed946aa8f79abef3c5be7 + +commit bcd88ded2fff97652d4236405a3354ca66f90f7e +Author: djm@openbsd.org +Date: Mon Sep 29 02:32:15 2025 +0000 + + upstream: kbd-interactive device names should be matched against + + the full device name, not a prefix. Doesn't matter in practice as there is + only one kbd-int device supported (PAM xor BSD auth), and an attacker would + still need to successfully authenticate against an incorrectly-selected + device. + + reported by ashamedbit, NobleMathews; ok deraadt@ + + OpenBSD-Commit-ID: cf75d4f99405fbb41354c4ae724a3b39a3b58f82 + +commit b1c4bf5c2f1c2b30698dbaadc5d823862213f1fc +Author: jsg@openbsd.org +Date: Thu Sep 25 12:52:21 2025 +0000 + + upstream: avoid use-after-free in update_krl_from_file() found with + + clang scan-build, ok dtucker@ + + OpenBSD-Commit-ID: 8ec86eca573740c94d5bc7e252959174555f4eb8 + +commit b06a150bc903a0cf898406384d5a34059d0f2d8f +Author: Darren Tucker +Date: Sat Sep 27 20:20:34 2025 +1000 + + Stop testing OpenBSD ubsan until fixed upstream. + +commit 97b32fa2af25c16aec4de85c5cbb63fd038b4dfa +Author: dtucker@openbsd.org +Date: Fri Sep 26 04:40:45 2025 +0000 + + upstream: Use $OBJ for temp file in maxstartups idempotence test. + + Fixes test in -portable when run out-of-tree. + + OpenBSD-Regress-ID: 8578be08238af4abe2dc91af1c199f7f71f1a7a2 + +commit b4ceca952b85752958d849508294afdc56dfcb9f +Author: Darren Tucker +Date: Fri Sep 26 22:28:13 2025 +1000 + + Shorten workflow names to fit in a single line. + +commit 9824ec515ed6256c1a98d66049471053f965b75e +Author: Darren Tucker +Date: Fri Sep 26 22:26:33 2025 +1000 + + Update link to oss-fuzz bug tracker. + + Remove 9.8 branch. + +commit 37d996bd0537837f15fc540d5aebb1ef2faf2268 +Author: dtucker@openbsd.org +Date: Thu Sep 25 22:17:29 2025 +0000 + + upstream: Check return codes of sshbuf functions. + + Fixes Coverity CIDs 405059 and 405061. + + OpenBSD-Regress-ID: defa55d32892172251bbd5efd15731ce55888247 + +commit 6c3c9f03c3c2cc4e40decbb49b8486abfb9e57df +Author: Darren Tucker +Date: Fri Sep 26 08:23:21 2025 +1000 + + Replace hand-rolled modulo with arc4random_uniform. + + Fixes potential modulo-by-zero UB flagged by Coverity CID 405068 + +commit e914e61eb88e22e5b725c399698256c54589ca32 +Author: Darren Tucker +Date: Thu Sep 25 17:50:07 2025 +1000 + + Remove status bits from OpenSSL >=3 version check. + + OpenSSL traditionally did not guarantee ABI compatibility across release + (and development) versions. Because of this, OpenSSH checked the lower 4 + "status" bits returned by OpenSSL_version_num(), which were originally + set to 0 for development versions and 0xf for release versions and, if + they did not match, would report the discrepancy and exit. + + OpenSSL (unintentionally) changed these bits in the 3.0.0 and subsequent + 3.x releases, setting them to zero in the release versions (which happened + to also match the documentation), then changed them back in the 3.5.3 + release. If OpenSSL was upgraded to (or from) this version without + recompiling OpenSSH, it would cause OpenSSH flag it as potentially + incompatible and refuse to use it. Ultimately OpenSSL rolled this + back, but the check now has no value so is being removed for OpenSSL + versions >=3. + + bz#3865 and https://github.com/openssl/openssl/issues/28575, ok djm@ + +commit 35f3e2a41c2afe7a68a8a4efb3eb385e7f8d247d +Author: Darren Tucker +Date: Thu Sep 25 18:06:55 2025 +1000 + + Update pledge() interface to match current OpenBSD. + + ok djm@ + +commit 7ce3823547578a3b083085744c1fea39237197a2 +Author: Darren Tucker +Date: Tue Sep 23 22:12:19 2025 +1000 + + Merge all putty tests into a single test. + + The lets us reuse the built OpenSSH binaries and replaces 12*4min of + tests with a single 14min one. + +commit 1362f6c0f4ca3306a201a6572bb9ec0d47d8edb3 +Author: Darren Tucker +Date: Thu Sep 25 18:20:53 2025 +1000 + + Add #ifdefs in pwfree to match those in pwcopy. + + Fixes build on many platforms. + +commit 8235dc3d82c0ac347a3600df0907c6573720fbaa +Author: djm@openbsd.org +Date: Thu Sep 25 07:05:11 2025 +0000 + + upstream: fix some one-off leaks in ssh.c; ok dtucker@ + + OpenBSD-Commit-ID: bf3c27ffe4b3cccb6553b554ec4c04929065a2bc + +commit 846987d1233f24bbe87ebed347e328f45525388a +Author: djm@openbsd.org +Date: Thu Sep 25 07:04:38 2025 +0000 + + upstream: fix some one-off leaks in ssh-keygen; ok dtucker@ + + OpenBSD-Commit-ID: 32f51289c93246474659aa49067926fcab9e02e8 + +commit a1a7df8b3694fdd7b55ad6bb8fa7b3d5d7f5b89a +Author: djm@openbsd.org +Date: Thu Sep 25 07:00:43 2025 +0000 + + upstream: fix some leaks in ssh-add; feedback/ok dtucker@ + + OpenBSD-Commit-ID: 441302917de31a128c1d6d63acccc67042fcf349 + +commit a8a2702bcd9e81a086e6d2c278f1b62f9d8bf3a1 +Author: djm@openbsd.org +Date: Thu Sep 25 06:57:54 2025 +0000 + + upstream: fix some leaks; feedback/ok dtucker@ + + OpenBSD-Commit-ID: 05bdbc2e494b87a4a79e509020bd8249c86a4ff0 + +commit a071af0682d686de85cf471f5e04deaee4d90adb +Author: djm@openbsd.org +Date: Thu Sep 25 06:45:50 2025 +0000 + + upstream: wait for the unprivileged sshd-auth process to exit + + before closing the fd it uses to report log messages + + This avoids a race where the child process notices the + fd was closed before exiting and spams the logs. + + ok dtucker@ + + OpenBSD-Commit-ID: 7cddaa41be3b955e6bed570900db7ab8817b1e76 + +commit 4fddebe7f524b3403c876c3b399d5ce7ce3390a6 +Author: djm@openbsd.org +Date: Thu Sep 25 06:33:19 2025 +0000 + + upstream: add some functions to free various structs, including + + channels data and packet state; ok dtucker@ tb@ + + OpenBSD-Commit-ID: a8b3705309d632cdae370d4147a03e703087b0d1 + +commit d0c1e73d408a24b2db18c0aa1a0108bea0f24210 +Author: djm@openbsd.org +Date: Thu Sep 25 06:31:42 2025 +0000 + + upstream: fix leaks of config objects in + + mm_decode_activate_server_options ok dtucker@ tb@ + + OpenBSD-Commit-ID: 211f4d7d02e847bd1bcb460f6beb11658809a742 + +commit b62aa85dcbc8f03bf91d26d14fbf8fd5e172d882 +Author: djm@openbsd.org +Date: Thu Sep 25 06:25:38 2025 +0000 + + upstream: clarify intent and avoid (harmess, defined behaviour) + + unsigned underflow. ok tb@ + + OpenBSD-Commit-ID: b73bf5f1f381c3e4561a6cc706fb1cd77c939cd8 + +commit 6f28a935cc7d073e6647643e81d98b5831df204f +Author: jsg@openbsd.org +Date: Thu Sep 25 06:23:19 2025 +0000 + + upstream: consistently use NULL for null pointer constants found + + with sparse, ok djm@ + + OpenBSD-Commit-ID: 1067504b63732d809d0d57ad4bc626818d112772 + +commit 0af7e5b690e2cfe8824f04f154b0e543509dbefd +Author: jsg@openbsd.org +Date: Thu Sep 25 02:15:39 2025 +0000 + + upstream: remove unneeded externs ok djm@ + + OpenBSD-Commit-ID: fe553193e910a122505142a4e1db7358cc1ae653 + +commit ae62a16118bb96a8e449ef25f5e55ef86a52cefb +Author: jsg@openbsd.org +Date: Thu Sep 25 02:12:16 2025 +0000 + + upstream: remove prototype for removed ssh_packet_set_tos() ok + + djm@ + + OpenBSD-Commit-ID: 396f82995074ef4d7b9ce44168266ef4640d9985 + +commit d8588478850463f8945aa18d0358b2b227f8b57a +Author: jsg@openbsd.org +Date: Wed Sep 24 00:51:28 2025 +0000 + + upstream: spelling; ok dtucker@ + + OpenBSD-Commit-ID: 93870117b0153859dd8baa80b97e44d4558c786b + +commit eff358890a7cab1e7c2fec62e5b9914d2c1c8703 +Author: Darren Tucker +Date: Tue Sep 23 16:51:34 2025 +1000 + + Merge VM tests into a single workflow file. + + Should make it easier to manage, although it may cause a few extra runs. + +commit d00015d21190517a1f505eb8120f716b1c2e4055 +Author: Darren Tucker +Date: Tue Sep 23 16:38:45 2025 +1000 + + Test openssl-3.6 branch not beta1. + +commit 31fce4fc5aaf79b9a4bccf09467e86c56b482bde +Author: Darren Tucker +Date: Tue Sep 23 15:51:14 2025 +1000 + + Test openssl-3.6.0-beta1. + +commit b94e7251a17a497669e825cb70ac79c96bdc3472 +Author: Darren Tucker +Date: Tue Sep 23 11:32:57 2025 +1000 + + Specify rpath when building OpenSSL. + +commit 83853aa5e35f3da0690bccd2983764d4e749a670 +Author: Darren Tucker +Date: Mon Sep 22 15:26:17 2025 +1000 + + Factor out OpenSSL install and test more versions. + + Move OpenSSL installation into its own script with a "-a" option to + install the "next" version to test for ABI compatibility. + +commit 2c1d38f7ffc8b8ec244bfe17ec8a85b3d737dcab +Author: Darren Tucker +Date: Mon Sep 22 16:55:49 2025 +1000 + + Exclude generated openbsd-compat/include directory. + +commit 67b3ed101a18348b564507f55e3ed4b7e0d23ff9 +Author: Darren Tucker +Date: Sat Sep 20 15:07:36 2025 +1000 + + Add OpenSSL 3.x ABI cross-compatibility test. + +commit c682c9f45a10ee0dc37fd716cfccd42271f92ddc +Author: Darren Tucker +Date: Sat Sep 20 15:05:19 2025 +1000 + + Add tests for OpenSSL 3.4 and 3.5 versions. + +commit 1659d0ac095608b809fd3173d2c48b7b39d40b02 +Author: Darren Tucker +Date: Sat Sep 20 15:53:04 2025 +1000 + + Build OpenSSL with -j4 to speed it up. + +commit ca9ac1109e2c875ea33da6818c1841aa2181e962 +Author: Darren Tucker +Date: Sat Sep 20 15:16:30 2025 +1000 + + Rerun tests if run_tests.sh changes. + +commit bc328144f149af07139a0f2c1329018cd85b86b7 +Author: djm@openbsd.org +Date: Fri Sep 19 01:32:45 2025 +0000 + + upstream: log at level INFO when PerSourcePenalties actually blocks + + access to a source address range. Previously this was logged at level + VERBOSE, which hid enforcement actions under default config settings. + + ok dtucker, markus + + OpenBSD-Commit-ID: ea2b0d7c2253ff5205719d74b526cf2870df894d + +commit 80993390bed15bbd1c348f3352e55d0db01ca0fd +Author: Darren Tucker +Date: Wed Sep 17 17:41:41 2025 +1000 + + Whitespace. + +commit fc704057ce6b75637645a4b9c917565b3563e21b +Author: Darren Tucker +Date: Wed Sep 17 17:33:25 2025 +1000 + + Move Gihub VMs to their own status line. + +commit 2202e5f9008003044cac01ed70d83deec42ad4e0 +Author: Darren Tucker +Date: Tue Sep 16 23:00:14 2025 +1000 + + Use relative URLs for status + +commit 7c32e09ea3e5c7e1fa0b7e2d4ddc83f8beadafed +Author: Darren Tucker +Date: Mon Sep 15 17:21:15 2025 +1000 + + Add VM test targets via vmaction on Github. + +commit a4aa090a3d40dddb07d5ebebc501f6457541a501 +Author: djm@openbsd.org +Date: Mon Sep 15 03:00:22 2025 +0000 + + upstream: memory leaks in unit tests + + OpenBSD-Regress-ID: af11ac7b8034b99ca324af4dae1ef5cd7700b273 + +commit 6f5942454ad6756355f3b4983ab882cf15e44440 +Author: djm@openbsd.org +Date: Mon Sep 15 05:17:37 2025 +0000 + + upstream: fix leaks of struct sftp_conn in scp; ok dtucker@ + + OpenBSD-Commit-ID: 76bea50b5b87b750c3771bf80feb6067d994a9d2 + +commit 52f38c76fcb38dfe619d8caa3bb4bb782c785026 +Author: djm@openbsd.org +Date: Mon Sep 15 04:52:41 2025 +0000 + + upstream: leak of principals file lines; ok dtucker@ + + OpenBSD-Commit-ID: 918bf1b70e5a969059300f3c23d45911690d9015 + +commit b9464cee0fd084d89d91696a17b3621b4cf512bf +Author: djm@openbsd.org +Date: Mon Sep 15 04:52:12 2025 +0000 + + upstream: leak of authentication options at exit; ok dtucker@ + + OpenBSD-Commit-ID: ba559799c2ff9b10afc3abefb1797c0843a6ff24 + +commit 0bb37080c86674de7cdfb56c80add3cd316c68a8 +Author: djm@openbsd.org +Date: Mon Sep 15 04:51:35 2025 +0000 + + upstream: memleak of keys not used for authentication; ok + + dtucker@ + + OpenBSD-Commit-ID: ddfda79d243150fbd382d8f2cd75a90a072b3669 + +commit ee99f6e93e0ee90eedbd27ffb9b7f9fef7b98010 +Author: djm@openbsd.org +Date: Mon Sep 15 04:50:42 2025 +0000 + + upstream: memleak of certificate path; ok dtucker@ + + OpenBSD-Commit-ID: 90dc5390f2756ba339e2e6df54d4b8651d64c1e7 + +commit 42fc6b6f9fbf58293b070f4de377c7695c275a8a +Author: djm@openbsd.org +Date: Mon Sep 15 04:49:41 2025 +0000 + + upstream: memleak of hostkey when downgrading host cert->key; ok + + dtucker + + OpenBSD-Commit-ID: f6f1f38a8ec144fb615434f6877066cf4610b826 + +commit bc60bd55cbc1f8139c840668733b51475cbefd93 +Author: djm@openbsd.org +Date: Mon Sep 15 04:49:00 2025 +0000 + + upstream: memleak of editline history; ok dtucker@ + + OpenBSD-Commit-ID: a244c54eb074cf7fbe28f7ac4f03ace270f7a999 + +commit ee77ab9b2ca2d70daf8d4352f5daffa8036ece64 +Author: djm@openbsd.org +Date: Mon Sep 15 04:48:29 2025 +0000 + + upstream: memleak of rfwd callback context; ok dtucker@ + + OpenBSD-Commit-ID: 70b2aafeaace90703dd16a44a2a0b723d9155f33 + +commit 0088b3f0ab2c615ae95b9f374963abaa0ab837ec +Author: djm@openbsd.org +Date: Mon Sep 15 04:47:49 2025 +0000 + + upstream: memleaks of request packet and hostkeys blob; ok + + dtucker@ + + OpenBSD-Commit-ID: 313b13a8e36b4ca8e064ee56792e67e0670a386a + +commit d68451a25808c4eee74b898873cd4761f73651ed +Author: djm@openbsd.org +Date: Mon Sep 15 04:41:20 2025 +0000 + + upstream: memleak of KRL revoked certs struct; ok dtucker + + OpenBSD-Commit-ID: f319868e0b2de49c41c735e75b87c403f009f5f9 + +commit 67940cc2f329427d3acb64d4893faf4527e58d5c +Author: djm@openbsd.org +Date: Mon Sep 15 04:40:34 2025 +0000 + + upstream: memleak of kex->server_sig_algs; ok dtucker@ + + OpenBSD-Commit-ID: 41a3f64edd2c9b8addb2e445514ae25c24819e2c + +commit fae8e41741d23298c94a1ea3ef8704a1cc186cb5 +Author: djm@openbsd.org +Date: Mon Sep 15 04:39:58 2025 +0000 + + upstream: fix memleak of channel forwarding permissions; ok + + dtucker@ + + OpenBSD-Commit-ID: 069745547109bc8fcc09fab5b19c53599cae99fd + +commit 03872018c14ed943bc01a4e88be59195a742f106 +Author: djm@openbsd.org +Date: Mon Sep 15 04:39:15 2025 +0000 + + upstream: when merging auth options into the active set, don't + + leak the old struct sshauthopt; ok dtucker@ + + OpenBSD-Commit-ID: c6bfd7bc2932e37f811b3c53272c3b919d33e75b + +commit efed5da4ced88170cf474246eff771dd16c7092f +Author: djm@openbsd.org +Date: Mon Sep 15 04:38:00 2025 +0000 + + upstream: fix memleak when applying certificate options; ok + + dtucker + + OpenBSD-Commit-ID: 36c219dcc05f4df82a0f9c500bdf5dbfea925289 + +commit edc601707b583a2c900e49621e048c26574edd3a +Author: djm@openbsd.org +Date: Thu Sep 11 07:23:32 2025 +0000 + + upstream: disable ssh-add autoexpiry of certificates when testing + + expired certificates + + OpenBSD-Regress-ID: 64aadd23d37fd0b3a06498151f2cf83be7ac342c + +commit c60153e4878f3a6700af69adbdd1863003e78abf +Author: djm@openbsd.org +Date: Thu Sep 11 07:22:37 2025 +0000 + + upstream: correct getopt() string + + OpenBSD-Commit-ID: 05ef9581a3dab32ec93aa5b9c3349ed1e7da9ec8 + +commit 7a4738af45201c115a9e20f830f30ed38ce6be76 +Author: djm@openbsd.org +Date: Thu Sep 11 03:29:58 2025 +0000 + + upstream: need time.h for time(3) + + OpenBSD-Commit-ID: 530964039cccab679432b6c5b28d2b0aa9760b00 + +commit 0c719c6aabc061f02a907fc96c390d0449b49f26 +Author: djm@openbsd.org +Date: Thu Sep 11 02:54:42 2025 +0000 + + upstream: When adding certificates to an agent, set the expiry to + + the certificate expiry time plus a short (5 min) grace period. + + This will cause the agent to automtically remove certificates shortly + after they expire. + + A new ssh-add -N option disables this behaviour. + + Feedback/ok deraadt@ + + OpenBSD-Commit-ID: 92fed1bba1025069ad45deebb534be7530e181df + +commit e9dcccc3541b0ae1c43581ed26215d5cc82e4be0 +Author: jsg@openbsd.org +Date: Mon Sep 8 00:31:54 2025 +0000 + + upstream: remove unused 0-sized files; ok deraadt@ + + OpenBSD-Commit-ID: 7e8178786157e863f6ff63c5d55200d7b6b04f9e + +commit d16b1b484a024ee6b35094e7d9d55bf96b96253b +Author: dtucker@openbsd.org +Date: Fri Sep 5 10:34:35 2025 +0000 + + upstream: Tabs->spaces. Removes diff vs portable. + + OpenBSD-Commit-ID: 06598021a9f08188dab29ac956b2baa002a0ff85 + +commit 3d8ae7f235b96da604b08c44ae83420e367eeab4 +Author: Tim Rice +Date: Mon Sep 8 12:53:10 2025 -0700 + + modified: regress/rekey.sh + Fix for when building out of tree. + +commit 54abadd3f286efea0dbbdbfea8011d5e1e30c074 +Author: Darren Tucker +Date: Sun Sep 7 13:35:22 2025 +1000 + + Accept OpenSSL 4.0.0-dev versions. + + They seem to work, at least for now. + +commit 67a8bf4e4057597170bfa923fe2ce5bf90c43974 +Author: Maxim Khon +Date: Mon Aug 18 12:05:42 2025 +0000 + + Use SSH_TUN_COMPAT_AF on FreeBSD. + + Otherwise tun forwarding from other OSes fails as soon as the first IPv6 + message is sent by the other side (which is usually a Router Solicitation + ICMPv6 message which is sent as soon as the interface is up): all other + OS'es use SSH_TUN_COMPAT_AF or SSH_TUN_PREPEND_AF which effectively uses + OpenBSD AF_INET/AF_INET6 values. + +commit 3ca274e44cb2c2351376fc14e4c3e92ba4a8f87b +Author: Darren Tucker +Date: Fri Sep 5 21:32:30 2025 +1000 + + Check for nlist function. + + Check for nlist function presence before attenmpting to use it instead + of relying on the presence of the nlist.h header. Mac OS X, in particular + has the header, but only has the function in the 32bit libraries. + +commit ee32a36c62424f13907023595bfa8b23a528ced1 +Author: dtucker@openbsd.org +Date: Fri Sep 5 10:23:55 2025 +0000 + + upstream: Order includes as per KNF and add time.h. Removes diff + + vs portable. + + OpenBSD-Commit-ID: 38043f0bfa17c48ef6d1a744c2834b4405bc9311 + +commit 0ac179c9540e2b05b4c1194db69ce01306c253d3 +Author: dtucker@openbsd.org +Date: Fri Sep 5 10:17:21 2025 +0000 + + upstream: Order headers as per KNF. Removes diff vs portable. + + OpenBSD-Commit-ID: 4df519fd9fa13ce9653adf7a3d1076e20591d886 + +commit e80322284f3ee70b6b760a9f83179470d675e5ba +Author: dtucker@openbsd.org +Date: Fri Sep 5 10:01:35 2025 +0000 + + upstream: Order headers as per KNF. + + OpenBSD-Commit-ID: 7156b69b0364c68e181e0f6fa17c0f05c72e8670 + +commit bb8ac0515e68cab63db2d026eb60127185a3d2b8 +Author: Darren Tucker +Date: Fri Sep 5 20:39:16 2025 +1000 + + Resync header order with upstream. + +commit 024b694249482698b0c73d24da0eaec696fca8c8 +Author: Darren Tucker +Date: Fri Sep 5 20:37:04 2025 +1000 + + Resync header order with upstream. + +commit aed6a958bc108faab64bc2855d6ed93894cfc6ff +Author: Darren Tucker +Date: Fri Sep 5 20:30:20 2025 +1000 + + Sync includes with upstream. + +commit 22cfd2dd32f34f0cea218dd651f3aa9544b6e3b5 +Author: Darren Tucker +Date: Fri Sep 5 20:26:14 2025 +1000 + + Move ssh-pkcs11.h include to match upstream. + +commit b34c16bc4cac2962cc6a7517efbc4fed2c8a2d9a +Author: Darren Tucker +Date: Fri Sep 5 20:20:27 2025 +1000 + + Reorder includes to match upstream. + +commit 441a8fa9a0178704bce497bff92ca43fcf04bf7a +Author: dtucker@openbsd.org +Date: Fri Sep 5 09:58:08 2025 +0000 + + upstream: Order headers as per KNF. Removes diff vs portable. + + OpenBSD-Commit-ID: db72be57429418f6a4319bbe34c98fc103e11ce0 + +commit 19d6a7afb256c4afc571dbf56a013ef91cd9596f +Author: dtucker@openbsd.org +Date: Fri Sep 5 09:49:26 2025 +0000 + + upstream: Order headers as per KNF. Also removes diff vs + + -portable. + + OpenBSD-Commit-ID: 2061307dc938712e524bc9da48a52f545e43670e + +commit 932e9f200bd48b7568eb21ec456c67ec92d517e2 +Author: dtucker@openbsd.org +Date: Fri Sep 5 09:31:31 2025 +0000 + + upstream: Remove unused rmd160.h header. ripemd160 support was + + removed in 2017. + + OpenBSD-Commit-ID: 937fca21498b921adf6e04bac120f4a2e7975b3c + +commit f93de828b9b0f29bff51d38ea92d0759595ec30b +Author: Darren Tucker +Date: Fri Sep 5 20:07:16 2025 +1000 + + Create replacement nlist.h if needed. + + Remove #ifdef HAVE_NLIST_H wrapper. ok djm@ + +commit 6aac2beaa53467e83f6a137376b6dcf423ab6f6c +Author: Darren Tucker +Date: Fri Sep 5 19:55:20 2025 +1000 + + Create replacement endian.h if needed. + + Remove #ifdef HAVE_ENDIAN_H wrapper. ok djm@ + +commit a60721c894f0a2ce973876d0f55617e187e6fab1 +Author: Darren Tucker +Date: Fri Sep 5 19:52:48 2025 +1000 + + Add /* WITH_OPENSSL */ comments. + + Removes diffs vs upstream. + +commit c729a833298d9d55ffb22771cf1400dfdc640164 +Author: Darren Tucker +Date: Fri Sep 5 19:22:37 2025 +1000 + + Move sys/time.h include to match upstream. + +commit caa973dd06a7be43c29353b256c9a473f5ad9882 +Author: Darren Tucker +Date: Fri Sep 5 19:13:52 2025 +1000 + + Create replacement netgroup.h if needed. + + Remove #ifdef HAVE_NETGROUP_H wrapper. ok djm@ + +commit 7d30526b7df14d960a5de63d6af823ffdab86518 +Author: Darren Tucker +Date: Fri Sep 5 18:24:59 2025 +1000 + + Remove stray #endif left from previous. + +commit 4911f2600fdbb1959311bb1886bfe51f7dd4a74e +Author: Darren Tucker +Date: Fri Sep 5 18:08:51 2025 +1000 + + Create replacement libgen.h if needed. + + Remove #ifdef HAVE_LIBGEN_H wrapper. ok djm@ + +commit 65dcdb56f5daee519ec824ae17e64412d2492f90 +Author: Darren Tucker +Date: Fri Sep 5 18:05:15 2025 +1000 + + Create replacement sys/un.h if needed. + + Remove #ifdef HAVE_SYS_UN_H wrapper. ok djm@ + +commit 60334af5a908ac3b263d2ec696f9977e20b739cb +Author: Darren Tucker +Date: Fri Sep 5 18:03:55 2025 +1000 + + Reformat replacement header check one per line. + +commit cd9ba068e36b0f37374d2eba2d19dacc7ea9a167 +Author: Darren Tucker +Date: Fri Sep 5 17:55:33 2025 +1000 + + Create replacement time.h if needed. + + Remove #ifdef HAVE_TIME_H wrapper. ok djm@ + +commit ea586edbcbec7089f768ed682a79a399eaa1e5b1 +Author: Darren Tucker +Date: Fri Sep 5 17:50:18 2025 +1000 + + Create replacement sys/stat.h if needed. + + Remove #ifdef HAVE_SYS_STAT_H wrapper. ok djm@ + +commit 59b80707c6cf45230597a800e7d2ce6b00ce35b5 +Author: Darren Tucker +Date: Fri Sep 5 17:44:07 2025 +1000 + + Create replacement sys/time.h if needed. + + Remove #ifdef HAVE_SYS_TIME_H wrapper. ok djm@ + +commit 82fed5110fe09e9af258a8f5a2f92ffb397fff5b +Author: Darren Tucker +Date: Fri Sep 5 17:31:15 2025 +1000 + + Create replacement ifaddrs.h if needed. + + Remove #ifdef HAVE_IFADDRS_H wrapper. ok djm@ + +commit 53887d8ebc583b51e996cb2bdeb11e054d36343b +Author: Darren Tucker +Date: Fri Sep 5 17:27:43 2025 +1000 + + Create replacement util.h if needed. + + Remove #ifdef HAVE_UTIL_H wrapper. ok djm@ + +commit 5f09983d1e724097bd577097fb0f2c00c2436f21 +Author: Darren Tucker +Date: Fri Sep 5 17:24:50 2025 +1000 + + Create replacement paths.h if needed. + + Remove #ifdef HAVE_PATHS_H wrapper. ok djm@ + +commit d45b17dc5a0598dda2b11dc89598203408d2d59c +Author: Darren Tucker +Date: Fri Sep 5 17:17:52 2025 +1000 + + Create replacement poll.h if needed. + + Remove #ifdef HAVE_POLL_H wrapper. ok djm@ + +commit 9b2c5a2db0650e394597839ef00d797f57568937 +Author: Darren Tucker +Date: Fri Sep 5 17:06:14 2025 +1000 + + Fill in missing system header files. + + Create replacement header files inside openbsd-compat for common headers + that are missing on a given platform. Usually these are just empty, + but in some cases they'll include the equivalent file. This avoids + having to wrap those includes in '#ifdef HAVE_FOO_H' and reduces the + diff vs OpenBSD. + + If we create any such headers, add the path to includes. + + Initially just stdint.h, more to follow. + + ok djm@ + +commit f64701ca25795548a61614d0b13391d6dfa7f38c +Author: djm@openbsd.org +Date: Thu Sep 4 03:04:44 2025 +0000 + + upstream: repair test after changes to percent expansion of usernames + + on the commandline. + + Test more cases that should/shouldn't expand and lightly test + username validity checks. + + OpenBSD-Regress-ID: ad4c12c70bdf1f959abfebd1637ecff1b49a484c + +commit 45698669d49949868b1f3d13dfda1b7cb70060ad +Author: djm@openbsd.org +Date: Thu Sep 4 00:37:10 2025 +0000 + + upstream: unit tests for sshbuf_equals and sshbuf_dtourlb64; ok + + deraadt@ + + OpenBSD-Regress-ID: bab54e2d4caa813036a63ee67e92c93e6712a5b9 + +commit 4be445116f1b56f14254b98d8b132bb25777e160 +Author: djm@openbsd.org +Date: Thu Sep 4 00:34:17 2025 +0000 + + upstream: unit tests for a bunch of misc.c functions; ok deraadt@ + + OpenBSD-Regress-ID: 886cf142605405e777ee77a96b48694dc2e9235d + +commit e3699ff47df336f57da2e78188d0057f8368af56 +Author: djm@openbsd.org +Date: Thu Sep 4 00:32:31 2025 +0000 + + upstream: fix sshbuf_dtourlb64() to not choke on empty buffers; + + previously it incorrectly returned an error in this situation; ok deraadt + + OpenBSD-Commit-ID: e62773d6e8cb95a19aab54f0af0edbcd47b345c0 + +commit 8e85ad33cfcc71e03594e53f2e19d8ce2e27dcc6 +Author: djm@openbsd.org +Date: Thu Sep 4 00:31:49 2025 +0000 + + upstream: fix rtrim() function to not attempt to delete whitespace + + inside a string, just at the end. ok deraadt@ + + OpenBSD-Commit-ID: d44deaa43580cd88de978dd5509b14e905b67b84 + +commit 43b3bff47bb029f2299bacb6a36057981b39fdb0 +Author: djm@openbsd.org +Date: Thu Sep 4 00:30:06 2025 +0000 + + upstream: don't allow \0 characters in url-encoded strings. + + Suggested by David Leadbeater, ok deraadt@ + + OpenBSD-Commit-ID: c92196cef0f970ceabc1e8007a80b01e9b7cd49c + +commit 35d5917652106aede47621bb3f64044604164043 +Author: djm@openbsd.org +Date: Thu Sep 4 00:29:09 2025 +0000 + + upstream: Improve rules for %-expansion of username. + + Usernames passed on the commandline will no longer be subject to + % expansion. Some tools invoke ssh with connection information + (i.e. usernames and host names) supplied from untrusted sources. + These may contain % expansion sequences which could yield + unexpected results. + + Since openssh-9.6, all usernames have been subject to validity + checking. This change tightens the validity checks by refusing + usernames that include control characters (again, these can cause + surprises when supplied adversarially). + + This change also relaxes the validity checks in one small way: + usernames supplied via the configuration file as literals (i.e. + include no % expansion characters) are not subject to these + validity checks. This allows usernames that contain arbitrary + characters to be used, but only via configuration files. This + is done on the basis that ssh's configuration is trusted. + + Pointed out by David Leadbeater, ok deraadt@ + + OpenBSD-Commit-ID: e2f0c871fbe664aba30607321575e7c7fc798362 + +commit f38a552dc71f20df2544338099e3fe2563f1a9ca +Author: Damien Miller +Date: Wed Sep 3 09:42:39 2025 +1000 + + missing header + +commit cc4eb3d6943cb57e08ab3abbcf92644deb429e46 +Author: djm@openbsd.org +Date: Tue Sep 2 11:08:34 2025 +0000 + + upstream: simplify algorithm list functions using xextendf(); ok + + dtucker@ + + OpenBSD-Commit-ID: ffc5f8d0c25b95705a8a66c8b634f98d23bd92dc + +commit 8866d24cdd1d6e73bb3220b753f94e255c49ff96 +Author: djm@openbsd.org +Date: Tue Sep 2 11:04:58 2025 +0000 + + upstream: unit test for xextendf() + + OpenBSD-Regress-ID: ddb3b4db1a52dda23696b967470882fe2b9c3af7 + +commit 2f369d3fd0ff3715c2b32dff5cb35c0330272445 +Author: djm@openbsd.org +Date: Tue Sep 2 09:41:23 2025 +0000 + + upstream: fix comment on sshbuf_froms() - it *returns* an error + + code, the allocated buffer is passed via argument + + OpenBSD-Commit-ID: b2b0a76df71328f39c3e2ad941a4d87085d8335d + +commit 6fd93060bb2ec35a7f0bf96d1a74104bab49e017 +Author: djm@openbsd.org +Date: Tue Sep 2 09:40:19 2025 +0000 + + upstream: GssStrictAcceptor was missing from sshd -T output; fix + + OpenBSD-Commit-ID: 6014049ccfedc48a208e37d5488ade6bdc2d1c44 + +commit d94a9a8c54e9036961c1100c6f445c50ab9b6b40 +Author: Damien Miller +Date: Tue Sep 2 19:38:39 2025 +1000 + + portable-specific comment grammer/spelling fixes + +commit a0b095fa03d3c08d723a803ce25540fddd955c53 +Author: djm@openbsd.org +Date: Tue Sep 2 09:34:48 2025 +0000 + + upstream: grammar and typos in comments + + OpenBSD-Commit-ID: de954daffcd0147ce142d55e8a374810cd19d7ed + +commit 23a2bb750547a9a5251cbc44c5ceb1d05303befe +Author: Damien Miller +Date: Tue Sep 2 19:30:07 2025 +1000 + + replace remaining manual logging of __func__ + + Use the appropriate log macro that prepends the function name + (e.g. logit_f/debug2_f/etc). + +commit a9b0b69f15e63bc4e8c8b38e24ee85ea076a7e11 +Author: djm@openbsd.org +Date: Tue Sep 2 09:26:21 2025 +0000 + + upstream: replace remaining cases where we manually included __func__ + + in a debug or error log with the respective *_f log variant + + OpenBSD-Commit-ID: 46a280d78bcc0bc98f28e65a30b613366600328f + +commit 19f7cb39eecb4b8f768f37e8294dc3a9142e022b +Author: djm@openbsd.org +Date: Mon Sep 1 23:55:29 2025 +0000 + + upstream: test MaxStatups idempotency; ok dtucker@ + + OpenBSD-Regress-ID: b5d713c2709000fa5e41d82c0cf8627e13cb43f9 + +commit c357c4a1e626feba9a968b5f0cb832b989b2d433 +Author: djm@openbsd.org +Date: Thu Aug 21 05:55:30 2025 +0000 + + upstream: benchmark more diffie-hellman-group* KEXs + + use current KEX names, i.e. remove the "@openssh.com" where the KEX + has been standardised + + OpenBSD-Regress-ID: a67e9da4efd9a971d39cb2481093f836046f9b7f + +commit 9313233a735733821dfd170b70782fb7da492962 +Author: djm@openbsd.org +Date: Tue Sep 2 01:03:43 2025 +0000 + + upstream: fix previous + + OpenBSD-Commit-ID: 09d95dfb5e064a1d0e74afba8d77474cc1d110a4 + +commit 683d0abe596b069a896f1688f86256f1beeb0cdc +Author: djm@openbsd.org +Date: Mon Sep 1 23:53:16 2025 +0000 + + upstream: Make MaxStartups and PerSourceNetBlockSize first-match-wins + + as advertised. bz3859 reported by jan.v.hofmann; ok dtucker + + OpenBSD-Commit-ID: 08f7786f1b3b4a05a106cdbd2dc5f1f2d8299447 + +commit a9a3f025d76f06a6601e6e8d52b468ec467865d9 +Author: djm@openbsd.org +Date: Fri Aug 29 03:50:38 2025 +0000 + + upstream: remove experimental support for XMSS keys; + + ok deraadt markus + + OpenBSD-Commit-ID: 38eaf4df6189acad9e46eddf7cf32d7f6d07df35 + +commit 908e9d55139bed19ed87d6fec749974eb42702c6 +Author: caspar@openbsd.org +Date: Mon Aug 18 18:39:33 2025 +0000 + + upstream: ssh_config.5: say "post-quantum" instead of "post quantum + + safe", and rephrase the sentence to make it easier to read. + + Input djm@, input and OK deraadt@, OK dtucker@ + + OpenBSD-Commit-ID: c3ee4d1cafdcfc20cc0d2f086021efce4b19c075 + +commit ceca966bde4ab38b2434876416da12fe16747459 +Author: job@openbsd.org +Date: Mon Aug 18 09:16:36 2025 +0000 + + upstream: Delete unused accessor function + + OK dtucker@ + + OpenBSD-Commit-ID: 93b59ac088fb254e1189729ece5bb9656d6e810b + +commit 3ef1a87d0a29eac94f32371af628e81eb2e2d817 +Author: Damien Miller +Date: Mon Aug 18 17:00:26 2025 +1000 + + Fix pledge(2) special casing + + Unbreaks non-OpenBSD platforms + +commit 5e9ca80fe65e407428dc46ed45804724d08b91b7 +Author: Damien Miller +Date: Mon Aug 18 16:47:23 2025 +1000 + + Match version instead of groups in connect-bigconf + + The connect-bigconf makes a giant config file to test config passing + between the sshd subprocesses. Previously it used a bunch of "Match + group" lines to construct a large file. However checking group + membership can be expensive (e.g. if a large groups database is + present or if group lookup is remote via NSS). This could be slow + enough to exceed LoginGraceTime. + + This switches it to "Match version" which is just a string compare + and does just as well for making a giant nonsense config file. + +commit 6c84609e5f9ddd49e250d5cf190b2820dbeca178 +Author: Damien Miller +Date: Mon Aug 18 16:47:00 2025 +1000 + + depend + +commit 9184fa363687fcb5dac056b093fb3b8e9d327242 +Author: Damien Miller +Date: Mon Aug 18 16:45:15 2025 +1000 + + check for setsockopt IP_TOS in OpenBSD pledge + + OpenBSD has recently relaxed the pledge(2) sandbox to allow some + setsockopt options to be changed without the "inet" promise. + + This adds compatibility for OpenBSD that predates this relaxation. + +commit ae44cd74f3a4ac711152f50b2712803ccf785593 +Author: djm@openbsd.org +Date: Mon Aug 18 04:50:35 2025 +0000 + + upstream: cast + + OpenBSD-Commit-ID: d69bd2328513c2dcd99f4f346b77e2bd90cf1964 + +commit c2c8bae39380392449ac3297061cbfc486126ad5 +Author: djm@openbsd.org +Date: Mon Aug 18 04:38:21 2025 +0000 + + upstream: missing set_log_handler() call in ssh-auth.c, exposed after + + last commit + + OpenBSD-Commit-ID: 09f5c3cf33c18b8ad321edbf96c30ae3deada2b0 + +commit 056022261e6cf7eb65bbacac72afe5f4d5945f2c +Author: Damien Miller +Date: Mon Aug 18 14:22:32 2025 +1000 + + depend + +commit b7ee13fbbb4ebafcf71f29685f053ecb97d1bcef +Author: Damien Miller +Date: Mon Aug 18 14:22:18 2025 +1000 + + wrap SIGINFO in ifdef + +commit 289239046b2c4b0076c14394ae9703a879e78706 +Author: djm@openbsd.org +Date: Mon Aug 18 03:43:01 2025 +0000 + + upstream: Make ssh(1) and sshd(8) set IP QoS (aka IP_TOS, IPV6_TCLASS) + + continually at runtime based on what sessions/channels are open. + + Previously, ssh(1) and sshd(8) would pick a QoS value when they + were started and use it for the whole connection. This could + produce suboptimal choices for the QoS value, e.g. for multiplexed + sessions that started interactive but picked up a sftp client, + or sessions that moved large amounts of data via port forwarding. + + Now the QoS value will change to the non-interactive IPQoS whenever + a "non-interactive" channel is open; basically any channel that lacks + a tty other than agent forwarding. + + This is important now that the default interactive IPQoS is EF + (Expedited Forwarding), as many networks are configured to allow + only relatively small amounts of traffic of this class and they will + aggressively deprioritise the entire connection if this is exceeded. + + NB. because ssh(1) and sshd(8) now change IP_TOS/IPV6_TCLASS + continually via setsockopt(), this commit requires a recent pledge(2) + change that landed recently in the OpenBSD kernel. Please ensure + you have updated to a kernel from within the last two weeks before + updating OpenSSH. + + with job@ deraadt@ + + OpenBSD-Commit-ID: 325fc41717eecdf5e4b534bfa8d66817425b840f + +commit dc5147028ff19213a32281dad07bba02e58da3fa +Author: djm@openbsd.org +Date: Mon Aug 18 03:29:11 2025 +0000 + + upstream: SIGINFO handler for sshd(8) to dump active + + channels/sessions ok deraadt@ + + OpenBSD-Commit-ID: 9955cb6d157c6d7aa23a819e8ef61b1edabc8b7d + +commit f807a598c96be683d97810481e954ec9db6b0027 +Author: djm@openbsd.org +Date: Mon Aug 18 03:28:36 2025 +0000 + + upstream: SIGINFO handler for ssh(1) to dump active + + channels/sessions ok deraadt@ + + OpenBSD-Commit-ID: 12f88a5044bca40ef5f41ff61b1755d0e25df901 + +commit 9b61679d73a8a001c25ab308db8a3162456010cf +Author: djm@openbsd.org +Date: Mon Aug 18 03:28:02 2025 +0000 + + upstream: add channel_report_open() to report (to logs) open + + channels; ok deraadt@ (as part of bigger diff) + + OpenBSD-Commit-ID: 7f691e25366c5621d7ed6f7f9018d868f7511c0d + +commit 80b5ffd22abd4093201939e31d1ea6dc8cc7913a +Author: djm@openbsd.org +Date: Mon Aug 18 01:59:53 2025 +0000 + + upstream: make -E a no-op in sshd-auth. Redirecting logging to a + + file doesn't work in this program as logging already goes via the parent + sshd-session process. ok dtucker@ + + OpenBSD-Commit-ID: 73325b9e69364117c18305f896c620a3abcf4f87 + +commit 3a039108bd25ff10047d7fa64750ed7df10c717c +Author: Damien Miller +Date: Mon Aug 18 13:46:37 2025 +1000 + + allow some socket syscalls in seccomp sandbox + + Allow getsockname(2), getpeername(2) and getsockopt(2). + + Also allow setsockopt(2) but only IP_TOS and IPV6_TCLASS. + + Note that systems that use the older socketcall(2) mux syscall will + not have IP_TOS and IPV6_TCLASS allowlisted. On these platforms, + these calls will be soft-blocked (i.e. will fail rather than + terminate the whole process with a sandbox violation). + + Needed for upcoming IPQoS change; ok dtucker@ + +commit a00f5b02e171bc6d6fb130050afb7a08f5ece1d8 +Author: Damien Miller +Date: Mon Aug 18 13:44:53 2025 +1000 + + handle futex_time64 properly in seccomp sandbox + + Previously we only allowed __NR_futex, but some 32-bit systems + apparently support __NR_futex_time64. We had support for this + in the sandbox, but because of a macro error only __NR_futex was + allowlisted. + + ok dtucker@ + +commit 32deb00b38b4ee2b3302f261ea1e68c04e020a08 +Author: dtucker@openbsd.org +Date: Thu Aug 14 10:03:44 2025 +0000 + + upstream: Cast serial no for %lld to prevent compiler warnings on some + + platforms. + + OpenBSD-Commit-ID: afadd741622f16c6733d461c0d6053ed52868a57 + +commit 883886c959ecab152650e231335857eb3193c662 +Author: dtucker@openbsd.org +Date: Thu Aug 14 09:44:39 2025 +0000 + + upstream: Cast serial no for %lld to prevent compiler warnings on some + + platforms. + + OpenBSD-Commit-ID: 46c6063284d318f7e4dc922479a3e394c94b0588 + +commit fde5a4d2cd01bea700439fa6d5bbad88e65c99bd +Author: dtucker@openbsd.org +Date: Thu Aug 14 09:26:53 2025 +0000 + + upstream: Cast serial no for %lld to prevent compiler warnings on some + + platforms. + + OpenBSD-Commit-ID: 15644234b58abc9c6da2994f0422a5aa344a9e89 + +commit ab5074dfb614e3801fecbd376d8ed4cea613c629 +Author: sthen@openbsd.org +Date: Tue Aug 12 11:09:48 2025 +0000 + + upstream: fix typo, ok markus dtucker + + OpenBSD-Commit-ID: 8f223da7633752162c64a659c6cf55202703d870 + +commit 8b6c1f402feb9eb6438003a312d7ffe8d5669896 +Author: deraadt@openbsd.org +Date: Mon Aug 11 14:37:43 2025 +0000 + + upstream: Handle localtime_r() failure by return "UNKNOWN-TIME" + + which is only used in user-visible contexts. freebsd 288773 shows their + localtime_r() has failed at least once for unknown reason. discussed with djm + + OpenBSD-Commit-ID: 68f4c92d46b2578d4594b0ed940958d597fd61ac + +commit 0e1b8aa27f7c86d412c9e54ad9e2cae30d9ddab4 +Author: djm@openbsd.org +Date: Mon Aug 11 10:55:38 2025 +0000 + + upstream: ssh(1): add a warning when the connection negotiates a + + non-post quantum safe key agreement algorithm. + + Controlled via a new WarnWeakCrypto ssh_config option, defaulting + to on. This option might grow additional weak crypto warnings in + the future. + + More details at https://openssh.com/pq.html + + mostly by deraadt@ feedback dtucker@ ok deraadt@ + + OpenBSD-Commit-ID: 974ff243a1eccceac6a1a9d8fab3bcc89d74a2a4 + +commit 2ebc6384258b58ace0ad2adb2593744f62749235 +Author: djm@openbsd.org +Date: Wed Aug 6 23:44:09 2025 +0000 + + upstream: all state related to the ssh connection should live in + + struct ssh or struct packet_state; one static int escaped this rule, so move + it to struct packet_state now. + + ok millert tb + + OpenBSD-Commit-ID: bd6737168bf61a836ffbdc99ee4803468db90a53 + +commit 60b909fb110f77c1ffd15cceb5d09b8e3f79b27e +Author: dtucker@openbsd.org +Date: Wed Aug 6 11:22:53 2025 +0000 + + upstream: Improve sentence. ok djm@ + + OpenBSD-Commit-ID: 9c481ddd6bad110af7e530ba90db41f6d5fe2273 + +commit 9ffa98111dbe53bf86d07da8e01ded8c5c25456b +Author: djm@openbsd.org +Date: Wed Aug 6 04:53:04 2025 +0000 + + upstream: when refusing a certificate for user authentication, log + + enough information to identify the certificate in addition to the reason why + it was being denied. Makes debugging certificate authz problems a bit easier. + + ok dlg@ + + OpenBSD-Commit-ID: 4c4621b2e70412754b3fe7540af8f4bf02b722b1 + +commit 2a31009c36eb2da412c2784fe131fcb6ba800978 +Author: job@openbsd.org +Date: Tue Aug 5 09:08:16 2025 +0000 + + upstream: Use the operating system default DSCP marking for + + non-interactive traffic + + It seems the CS1 traffic class mark is considered ambiguous and therefore + somewhat unhelpful (see RFC 8622 for more considerations). But, the new + 'LE' scavenger class (also proposed in RFC 8622) offers high probability + of excessive delays & high packet loss, which would be inappropriate + for use with, for example, X11 forwardings. In fact, it is not known to + SSH what's appropriate because SSH is not aware of the content of what + passing through session forwardings. Therefore, no marking is appropriate. + Non-interactive traffic simply is best effort. + + OK djm@ deraadt@ + + OpenBSD-Commit-ID: db1da1a432ecd53fc28feb84287aedb6bec80b01 + +commit 6ebd472c391a73574abe02771712d407c48e130d +Author: djm@openbsd.org +Date: Tue Aug 5 04:00:15 2025 +0000 + + upstream: a bunch of the protocol extensions we support now have RFCs + + and I-Ds that are more complete and detailed than what we have in the + PROTOCOL.* files. Refer to these when possible instead of documenting them + here. + + OpenBSD-Commit-ID: 4fa5b0fcf5d5f24093d33d9e82c7ca4850d50d70 + +commit ec3465f59c651405e395092f3ad606f8992328d8 +Author: job@openbsd.org +Date: Thu Jul 31 11:23:39 2025 +0000 + + upstream: Deprecate support for IPv4 type-of-service (TOS) IPQoS + + keywords + + Type of Service (ToS) was deprecated in the late nineties and replaced + with the Differentiated Services architecture. Diffserv has significant + advantages for operators because this mechanism offers more granularity. + + OpenSSH switched its default IPQoS from ToS to DSCP values in 2018. + + IPQoS configurations with 'lowdelay', 'reliability', or 'throughput' will be + ignored and instead the system default QoS settings apply. Additionally, a + debug message is logged about the deprecation with a suggestion to use DSCP. + + with/OK deraadt@ sthen@ djm@ + + OpenBSD-Commit-ID: 40c8c0c5cb20151a348728703536af2ec1c754ba + +commit 65909fa114e7dd7511800db2b7bacb8774afe887 +Author: job@openbsd.org +Date: Thu Jul 31 09:38:41 2025 +0000 + + upstream: Set default IPQoS for interactive sessions to Expedited + + Forwarding (EF) + + Marking interactive session data with DSCP value EF (RFC3246, RFC3247) + helps inform the network on relative priority compared to other traffic. + This is especially useful for differentiated treatment over wireless media. + + Following the reconciled IETF Diffserv to IEEE 802.11 mappings (RFC 8325), + traffic marked with DSCP value EF maps to User Priority 6 in QoS Control, + in turn mapping to the high priority WMM AC_VO access category. + + OK djm@ + + OpenBSD-Commit-ID: aadda7b9da794d70d7c6b381a861a0610afce1b3 + +commit d1c6c67a50fc957010fa027c6ab970424e9b9142 +Author: Darren Tucker +Date: Sat Aug 2 14:49:00 2025 +1000 + + Disable security key tests for bigendian interop + +commit e85248df3f1073343da87a6b00512e6a1e4a863d +Author: Darren Tucker +Date: Sat Aug 2 12:51:42 2025 +1000 + + Comment out atime restore test. + + This works on filesystems mounted 'noatime', but on others the stat() + resets atime causing the test to fail. + +commit b1c4cedbee107dc611ce091f27ea9f1de28ee378 +Author: Darren Tucker +Date: Fri Aug 1 19:29:00 2025 +1000 + + Replace fbsd64ppc VM with physical host. + + Run 64bit bigendian interop test on NetBSD arm64be instead. + +commit 284abbed9a8d815b1ec5e96aff885d77e26537e7 +Author: dtucker@openbsd.org +Date: Wed Jul 30 10:17:13 2025 +0000 + + upstream: Plug leak in case where sigp is passed as NULL. Coverity CID + + 483725, ok djm@ + + OpenBSD-Commit-ID: 47cf7b399c84e102b670b9f97ab6926c9a7256b5 + +commit dc630e6d81be8aa495254839731e4f3521cf9e31 +Author: djm@openbsd.org +Date: Wed Jul 30 04:27:42 2025 +0000 + + upstream: unbreak WITH_OPENSSL=no builds, also allowing ed25519 + + keys to be used via PKCS#11 when OpenSSH is built without libcrypto. + + OpenBSD-Commit-ID: ecf26fdf7591bf2c98bac5136fbc36e0b59c3fc2 + +commit a5bec2cdfc4f38ddb6211809851aae29ba99a35a +Author: djm@openbsd.org +Date: Wed Jul 30 04:19:17 2025 +0000 + + upstream: fix variable name in disabled code + + OpenBSD-Commit-ID: 5612e979575d5da933c8b720d296423fd84392f5 + +commit 5e4bfe6c16924b1c21a733f3e218cfcba98e301e +Author: Damien Miller +Date: Sat Jul 26 19:19:46 2025 +1000 + + more ec/ed25519 fixing + +commit 2603098959eff55cbe188c3dfcbe5302808a80fc +Author: Damien Miller +Date: Sat Jul 26 14:27:53 2025 +1000 + + repair build for libcrypto without ed25519 support + +commit a729163c56ecc002c0cb04db56e7d86ceec2e8b0 +Author: djm@openbsd.org +Date: Sat Jul 26 01:53:31 2025 +0000 + + upstream: regression tests for Ed25519 keys in PKCS#11 tokens + + OpenBSD-Regress-ID: 50067c0716abfea3a526b4a0c8f1fe15e7665c0f + +commit 361ff0ca308ac02449e71689fc5ea72114db43db +Author: djm@openbsd.org +Date: Sat Jul 26 01:51:44 2025 +0000 + + upstream: Support ed25519 keys hosted on PKCS#11 tokens. + + Tested on Yubikeys and against SoftHSM2. + + feedback/ok tb@ + + OpenBSD-Commit-ID: 90ddb6529f2e12e98e8bba21d8592e60579ce2e4 + +commit 2b530cc3005a71c5ba6b712978872fc9c147439c +Author: djm@openbsd.org +Date: Fri Jul 25 13:06:07 2025 +0000 + + upstream: update our PKCS#11 API header to v3.0; + + feedback/ok tb@ + + OpenBSD-Commit-ID: e67fa6a26e515c2b1fb7b0d1519d138aafb3e017 + +commit 550d2a4a66c50f7641563a63b900761d99efb24a +Author: Damien Miller +Date: Fri Jul 25 23:04:33 2025 +1000 + + another attempt at fixing !EC builds + +commit ed1e370d84e9dc39bc31c19cca12222d991fdc6f +Author: dtucker@openbsd.org +Date: Fri Jul 25 11:50:45 2025 +0000 + + upstream: Don't snprintf a NULL since not all platforms support it. + + OpenBSD-Commit-ID: 6e0c268e40047e96fab6bc56dc340580b537183b + +commit eedab8db12d57c4f4583f6b60e48a4ce25b47b9c +Author: Damien Miller +Date: Fri Jul 25 16:21:43 2025 +1000 + + unbreak !EC builds + +commit 203f5ac6cfa0e257db7509d4bb830e8a4bba6211 +Author: djm@openbsd.org +Date: Thu Jul 24 06:04:47 2025 +0000 + + upstream: test code now needs to link ssh-pkcs11-client.c any time + + sshkey.c is included + + OpenBSD-Regress-ID: 9d07188eae9a96801c3150b3433bb220626d4443 + +commit 33b4f05c8ddab24aa6c47afb313b8cbd0d4b77f4 +Author: Damien Miller +Date: Fri Jul 25 12:47:17 2025 +1000 + + update clang-16 -> clang-19 + +commit 03e9e993ef1ef5accc6457152278cab5988f9b3d +Author: Damien Miller +Date: Fri Jul 25 12:46:59 2025 +1000 + + include ssh-pkcs11-client.o as common dep + +commit 2f5269938a8e4769f484c9d45419a86529078ede +Author: Damien Miller +Date: Fri Jul 25 12:46:10 2025 +1000 + + remove vestigial stub + +commit bf33a73c40522ce60961d4fff316a7187fb06ca0 +Author: djm@openbsd.org +Date: Thu Jul 24 23:27:04 2025 +0000 + + upstream: this should include stdlib.h explicitly + + OpenBSD-Commit-ID: 1c0cc5c3838344b33ae4ab7aa62c01530357bf29 + +commit 9f8ccc3b81b53324cc489f3fe00f03c329c0acb2 +Author: djm@openbsd.org +Date: Thu Jul 24 06:59:51 2025 +0000 + + upstream: less stale reference to PKCS#1 1.5 hash OIDs; feedback + + from tb@ + + OpenBSD-Commit-ID: 9fda77978491a130a7b77d87d40c79277b796721 + +commit 1641ab8744f500f55f12155d03f1a3116aaea374 +Author: djm@openbsd.org +Date: Thu Jul 24 06:12:08 2025 +0000 + + upstream: factor out encoding of a raw ed25519 signature into its + + ssh form into a separate function + + OpenBSD-Commit-ID: 3711c6d6b52dde0bd1f17884da5cddb8716f1b64 + +commit a8c0e5c871c0c7ee5ae93e353b1499a53c09c71d +Author: djm@openbsd.org +Date: Thu Jul 24 05:44:55 2025 +0000 + + upstream: Help OpenSSH's PKCS#11 support kick its meth habit. + + The PKCS#11 code in OpenSSH used the libcrypto public key method API + (e.g. the delightfully named RSA_meth_free()) to delegate signing + operations to external keys. This had one advantage - that it was + basically transparent to callers, but also had a big disadvantage - + that we'd manually have to track the method implementations, their + state and their relationships to the underlying PKCS#11 objects. + + This rips this out and replaces it with explicit delegation to + PKCS#11 code for externally hosted keys via the ssh-pkcs11-helper + subprocess. This is very similar to how we handle FIDO keys in + OpenSSH (i.e. via ssh-sk-helper). All we need to track now is a + much simpler mapping of public key -> helper subprocess. + + Kicking our libcrypto meth dependency also makes it much easier + to support Ed25519 keys in PKCS#11, which will happen in a subsequent + commit. + + feedback / ok tb@ + + OpenBSD-Commit-ID: a5a1eaf57971cf15e0cdc5a513e313541c8a35f0 + +commit 259c66aebe4e1f9d60e548f728ff74083bcccddf +Author: Darren Tucker +Date: Thu Jul 24 22:02:49 2025 +1000 + + Remove DEBUG_ACTIONS variable. + + If needed it can be set in github if needed. + +commit 40fb2dc4ece76c8f0c624d90a17bc1bbf47f3729 +Author: djm@openbsd.org +Date: Wed Jul 23 05:07:19 2025 +0000 + + upstream: add a ssh_config RefuseConnection option that, when + + encountered while processing an active section in a configuration file, + terminates ssh(1) with an error message that contains the argument to the + option. + + This may be useful for expressing reminders or warnings in config + files, for example: + + Match host foo + RefuseConnection "foo is deprecated, use splork instead" + + ok djg + + OpenBSD-Commit-ID: 5b0072fcd08ad3932ab21e27bbaa66b008d44237 + +commit defc806574d2256036d69a291caf0f3484844de6 +Author: miod@openbsd.org +Date: Sat Jul 12 05:28:33 2025 +0000 + + upstream: Add missing inter-library dependencies to LDADD and + + DPADD. ok tb@ deraadt@ + + OpenBSD-Commit-ID: a05e13a7e2c0b65bb4b47184fef731243431c6ff + +commit e6805e2a6b33e001e1a7257b85ab779fd592a578 +Author: Jan Tojnar +Date: Thu May 18 16:30:35 2023 +0200 + + Add gnome-ssh-askpass4 for GNOME 40+ + + GTK 3 has been in maintenance mode for a while now, and it is on the road + to being abandoned. As a result, the dialogue looks out of place on modern + systems. + + We could port it to GTK 4 but without the program being registered as an + application (i.e. having a .desktop file), GNOME Shell would ask for + permission to grab input every time. + + Let’s instead use the GNOME Shell’s native prompt through the unstable + Gcr API. + +commit f9dc519259804702cab0fa0ca8b193a360e3ec38 +Author: Damien Miller +Date: Fri Jul 11 17:20:27 2025 -0700 + + let ga_init() fail gracefully if getgrouplist does + + Apparently getgrouplist() can fail on OSX for when passed a non-existent + group name. Other platforms seem to return a group list consisting of + the numeric gid passed to the function. + + This makes ga_init() handle this failure case gracefully, where it will + return success but with an empty group list array. + + bz3848; ok dtucker@ + +commit f01a899b92ab8c5e6ff71214658bd09636c47e87 +Author: djm@openbsd.org +Date: Fri Jul 11 23:26:59 2025 +0000 + + upstream: add a "Match Group NoSuchGroup" to exercise groupaccess.c + + OpenBSD-Regress-ID: 7ff58e6f0eb21eb9064dd0cfa78c3b6f34b5f713 + +commit 1052fa62b35e0bb25b0c1efb9fdd7870e4a68ab6 +Author: Damien Miller +Date: Fri Jul 11 15:36:49 2025 -0700 + + more diagnostics when getgrouplist fails + +commit eddd1d2daa64a6ab1a915ca88436fa41aede44d4 +Author: djm@openbsd.org +Date: Fri Jul 4 09:51:01 2025 +0000 + + upstream: Fix mistracking of MaxStartups process exits in some + + situations. At worst, this can cause all MaxStartups slots to fill and sshd + to refuse new connections. + + Diagnosis by xnor; ok dtucker@ + + OpenBSD-Commit-ID: 10273033055552557196730f898ed6308b36a78d + +commit c971f3d93efe4c00d73b276cdbab66e7c66c9b5c +Author: Darren Tucker +Date: Sat Jul 5 20:50:50 2025 +1000 + + Add include for gssapi definitions. + + Patch from dbelyavs at redhat.com via bz#3846. + +commit 007b69f21cf9e64125b241d4411a5e47f5028aa8 +Author: djm@openbsd.org +Date: Fri Jul 4 07:52:17 2025 +0000 + + upstream: add a regress test for configurations > 256KB + + mostly by Dmitry Belyavskiy + + OpenBSD-Regress-ID: fcedb249e4cf2447e078a839877f99730ee79024 + +commit 0cf38d74463bcf80510e7fd1b3d9328e7d91eb00 +Author: djm@openbsd.org +Date: Fri Jul 4 07:47:35 2025 +0000 + + upstream: the messaging layer between sshd-session and sshd-auth had a + + maximum message size of 256KB. Some people apparently have configurations + larger than this and would hit this limit. + + Worse, there was no good logging that could help diagnose what was + going wrong. + + So this bumps the maximum message size to 4MB and implements an early + check (usable via the sshd -t test mode) that will report it to the + user where it is hopefully more visible. + + bz3808, reported by Dmitry Belyavskiy, ok dtucker@ + + OpenBSD-Commit-ID: 69c303fb68cbd1a4735936835d67a71e7b57f63b + +commit fd10cea0f16e928ae2b52fbeadccd475d0438eb4 +Author: djm@openbsd.org +Date: Fri Jul 4 00:17:55 2025 +0000 + + upstream: mux: fix incorrect return value check in local forward + + cancellation + + channel_cancel_lport_listener() returns 1 on success and 0 on failure. + The previous code incorrectly checked for `== -1`, a value the function + never returns, so failure was not detected and the "port not found" + error message was never shown when cancelling dynamic or local port + forwards. + + From: Boris Tonofa + + OpenBSD-Commit-ID: 3e9d2252a4d0bd318d4f25e2b518afb44acea170 + +commit 29cf521486bf97ab9de5b9b356f812107e0671bc +Author: Damien Miller +Date: Wed Jul 2 13:47:38 2025 +1000 + + wrap some autoconf macros in AC_CACHE_CHECK + + This allows skipping/overriding the OSSH_CHECK_CFLAG_COMPILE and + OSSH_CHECK_CFLAG_LINK macros used to discover supported compiler + or linker flags. E.g. + + $ ./configure ossh_cv_cflag__fzero_call_used_regs_used=no + [...] + checking if cc supports compile flag -ftrapv and linking succeeds... yes + checking if cc supports compile flag -fzero-call-used-regs=used and linking succeeds... (cached) no + checking if cc supports compile flag -ftrivial-auto-var-init=zero... yes + + Patch from Colin Watson, ok dtucker@ + +commit b28e91aff80fd24341de8cb3c34dc454d6b75228 +Author: dtucker@openbsd.org +Date: Sun Jun 29 08:20:21 2025 +0000 + + upstream: Add shebang path to askpass script. Required for exec on + + some platforms (musl, probably others). + + OpenBSD-Regress-ID: 35cdeed12ae701afcb812f800c04d817325cd22a + +commit 83d3ffc0fc0f5e4473ab43f0d42a1cf9497ce0b5 +Author: dtucker@openbsd.org +Date: Sun Jun 29 05:35:00 2025 +0000 + + upstream: Check dropbear server version for required features. + + Dropbear added the '-D' flag in version 2025.87. We need that for the + dropbear-server test, so skip on older versions. + + OpenBSD-Regress-ID: 9db0b84edd54d3c00ab17db1dc6d62af4644c550 + +commit 0b17d564cfae82f2a52e9b4d588657da47ea4e43 +Author: Darren Tucker +Date: Sun Jun 29 14:34:48 2025 +1000 + + Encrypt temporary password we're setting. + + Now that we want to actually use the random password for tests, we need + to correctly encrypt it, instead of just setting it to a random string + that's not the "locked" value. + +commit 700205bd861c25cc7564010cf63d984d8db5098a +Author: Darren Tucker +Date: Sun Jun 29 11:27:17 2025 +1000 + + Fix env again. + +commit 223a1beac7b7be9252f69055781c9c15f4d8a607 +Author: Darren Tucker +Date: Sun Jun 29 11:24:42 2025 +1000 + + Move env again. + +commit d32614b448528ac08a65caac323a34b4f559a204 +Author: Darren Tucker +Date: Sun Jun 29 11:22:00 2025 +1000 + + Move env to where it (hopefully) belongs. + +commit 8a9384de483b8fb69a800e0347273686a5715fc3 +Author: Darren Tucker +Date: Sun Jun 29 11:14:18 2025 +1000 + + Enable password tests on Github ephemeral VMs. + +commit bcfe7340d9b622ecd978c87dbf885c8b5a503ca2 +Author: dtucker@openbsd.org +Date: Sat Jun 28 13:34:08 2025 +0000 + + upstream: Add simple regression test for dropbear as a server. + + OpenBSD-Regress-ID: 7abe1f6607d0cd49839918aade8f135d2462d389 + +commit 838d5ec4b12fb519ed9db76e5beccf11b7ee212f +Author: dtucker@openbsd.org +Date: Tue Jun 24 12:28:23 2025 +0000 + + upstream: Add simple test for password auth. Requires some setup + + so does not run by default. + + OpenBSD-Regress-ID: d5ded47a266b031fc91f99882f07161ab6d1bb70 + +commit 57fb460165ae3b2d591f2468d7fe13cc1abda26d +Author: djm@openbsd.org +Date: Tue Jun 17 01:24:32 2025 +0000 + + upstream: add RCS ID + + OpenBSD-Regress-ID: 6e30094e3bf0a1c65efb75c67a87093304a3e619 + +commit 688fa02728f2efbf18388bc1a8e94e7ba7ee4f11 +Author: djm@openbsd.org +Date: Tue Jun 24 09:22:03 2025 +0000 + + upstream: make "Match !final" not trigger a 2nd pass ssh_config + + parsing pass (unless hostname canonicalisation or a separate "Match final" + does). bz3843 + + ok dtucker@ + + OpenBSD-Commit-ID: ce82b6034828888f0f3f1c812e08f5e87400d802 + +commit 5ba8391d697740a838fd8811434f707f0e079baa +Author: djm@openbsd.org +Date: Thu Jun 19 05:49:05 2025 +0000 + + upstream: better debug diagnostics when loading keys. Will now list + + key fingerprint and algorithm (not just algorithm number) as well as making + it explicit which keys didn't load. + + OpenBSD-Commit-ID: ee3e77a0271ab502e653922c6d161b1e091f8fee + +commit b360f3a675e24b0dbb2ec30d985e3b6756996c0d +Author: djm@openbsd.org +Date: Tue Jun 17 01:20:17 2025 +0000 + + upstream: whitespace + + OpenBSD-Commit-ID: 6e96814bcf70d0edbb0749ec61cc4fd8707f286d + +commit ad38ec5f1b6768944d64ed7709da8706538b5509 +Author: djm@openbsd.org +Date: Tue Jun 17 01:19:27 2025 +0000 + + upstream: fix leak on error path; Coverity CID 481976 + + OpenBSD-Commit-ID: 963dba2c804e2fd8efea2256092899874d0dbc7b + +commit 5f761cdb2331a12318bde24db5ca84ee144a51d1 +Author: Darren Tucker +Date: Tue Jun 17 21:46:37 2025 +1000 + + Update obsd tests to use current images. + +commit 1e8347e3543a415067ccc556aefea97656ecafb7 +Author: Damien Miller +Date: Tue Jun 17 09:48:47 2025 +1000 + + add sshd-auth to RPM spec files + +commit dd800444943bd64913507f6005586136d49f63db +Author: dtucker@openbsd.org +Date: Mon Jun 16 09:09:42 2025 +0000 + + upstream: Limit each moduli size to a max of 100 entries. + + OpenBSD-Commit-ID: 747219d54565030ff7c45298b9f5e971801f6cb2 + +commit 05f7bf46d1e2c101e9cbdd3df2ccee484bed969f +Author: dtucker@openbsd.org +Date: Mon Jun 16 09:07:08 2025 +0000 + + upstream: Now that ssh-keygen defaults to the maximum memory for + + moduli generation we no longer need to run it twice to get enough. Use mkdir + -p instead of a conditional, which allows "make -jN" to work without error. + + OpenBSD-Commit-ID: c2eb57285424f819f9520fa33e0d6d3c4a361a5e + +commit df3f903d616763a105570610a616dacf0f83438e +Author: dtucker@openbsd.org +Date: Mon Jun 16 09:02:19 2025 +0000 + + upstream: Fix overflow check in sshbuf_dup_string. It's already + + constrained by SSHBUF_SIZE_MAX, but still worth fixing the check. Patch from + afonot via github PR#573, with & ok djm@ + + OpenBSD-Commit-ID: 438888498e66472fc6a48133196d6538d27bff18 + +commit 80916d0d3794e2f92dd6998d7c45daba484e4f18 +Author: dtucker@openbsd.org +Date: Mon Jun 16 08:53:04 2025 +0000 + + upstream: Plug mem leak. Patch from afonot via github PR#574, ok djm@ + + OpenBSD-Commit-ID: 65619f14ef206028ce39bc31f704b832a0609688 + +commit bd1bd7e8296aa51a4b3958cef2fbb17894ba94e9 +Author: dtucker@openbsd.org +Date: Mon Jun 16 08:49:27 2025 +0000 + + upstream: Save return value from sshbuf_len instead of calling it + + multiple times. Fixes Coverity CID 470521. + + OpenBSD-Regress-ID: 356b8b43c8a232deaf445c1ff7526577b177a8e9 + +commit 2827b6ac304ded8f99e8fbc12e7299133fadb2c2 +Author: dtucker@openbsd.org +Date: Fri Jun 13 07:35:14 2025 +0000 + + upstream: Plug leak. Coverity CID 405058. + + OpenBSD-Regress-ID: 7fb2fce68d2cb063cdb94d5d66f84fa3a2902792 + +commit 9cdc72b829e9f0e24dedc533cbe87291d8a88c9e +Author: dtucker@openbsd.org +Date: Fri Jun 13 07:23:07 2025 +0000 + + upstream: Remove dead code flagged by Coverity CID 307783. ok djm@ + + OpenBSD-Regress-ID: e579f5ec2fd2eb2fe2bad654d16f2ba655a3e035 + +commit 930a45ee759728c8ba711c45a2a985b8191bd297 +Author: dtucker@openbsd.org +Date: Thu Jun 12 10:09:39 2025 +0000 + + upstream: Set user, host and path to NULL immediately before calling + + parse_user_host_path in tests. This ensures that we don't accidentally use + the previous value if the function under test doesn't set them Also fixes + Coverity CIDs 405056 405065 405066. + + OpenBSD-Regress-ID: 43678ff59001712f32214fe303b1c21c163c2960 + +commit 2314d87f9b8b430532111fd6e5e8df0cf9068c9c +Author: dtucker@openbsd.org +Date: Thu Jun 12 09:26:57 2025 +0000 + + upstream: Plug mem leak on error path here too. + + Coverity CID 307781. + + OpenBSD-Regress-ID: 18e053d9b661fbb4227d3db03172077c1216bb2e + +commit 567ef4e7ddc5c1e7a461560963a1dc759669821d +Author: dtucker@openbsd.org +Date: Thu Jun 12 09:19:43 2025 +0000 + + upstream: Plug mem leak on error path. + + Coverity CID 307776. + + OpenBSD-Regress-ID: c44246690973e1b8643e51079a2faa7ace26490c + +commit 5d415897ac04e237f1fa73b9dcb9ba8fb3ac812b +Author: dtucker@openbsd.org +Date: Wed Jun 11 13:27:11 2025 +0000 + + upstream: Remove dead code ternary. We always report at least + + KB/s, so B/s is never used. Coverity CID 291809, ok djm@ + + OpenBSD-Commit-ID: a67c5bcc9e19c8965bfeace0e337b13660efa058 + +commit 4b3d27032ba88dd089b721f3bbe3e4a8d23b4ae1 +Author: dtucker@openbsd.org +Date: Wed Jun 11 13:24:05 2025 +0000 + + upstream: Improve termination condition of while loop to compare + + size_t's. Assuming read() does what it's supposed to this shouldn't matter, + but should be more robust. Flagged by Coverity CID 470514, ok djm@ + + OpenBSD-Commit-ID: d7b5ad60feb797b3464964b9ea67fd78fb9d6cc6 + +commit 5530e5f83b3cd3425ea3dbab02da15140befdd91 +Author: Darren Tucker +Date: Tue Jun 10 18:40:56 2025 +1000 + + Replace Windows 2019 runners with 2025 ones. + + The windows-2019 runners are being decomissioned. + +commit a22ff3c6f11edd00c19981f9cb85d3b25d305a56 +Author: Darren Tucker +Date: Wed Jun 4 18:33:52 2025 +1000 + + Disable _FORTIFY_SOURCE during snprintf test. + + Prevents mistakenly detecting snprintf as broken on FreeBSD 15 with + _FORTIFY_SOURCE enabled. bz#3809, patch from jlduran at gmail.com + +commit 203bb886797677aa5d61b57be83cfdc1b634bc9c +Author: dtucker@openbsd.org +Date: Mon Jun 2 14:09:34 2025 +0000 + + upstream: Fix x11_channel_used_recently() to return true when channel + + has been used within the last second, instead of more than a second ago. + Should fix ~5s delay on X client startup when ObscureKeystrokeTiming is + enabled. bz#3820, ok (& sigh) djm@ + + OpenBSD-Commit-ID: b741011e81fb3e3d42711d9bd3ed8a959924dee4 + +commit dc6c134b48ba4bcfadedcea17b4eddac329601d9 +Author: dtucker@openbsd.org +Date: Thu May 29 13:27:27 2025 +0000 + + upstream: When there's more than one x11 channel in use, return + + lastused of most recently used x11 channel instead of the last one found. ok + djm@ + + OpenBSD-Commit-ID: 94a72bf988d40a5bae2e38608f4e117f712569fe + +commit 73ef0563a59f90324f8426c017f38e20341b555f +Author: djm@openbsd.org +Date: Sat May 24 11:41:51 2025 +0000 + + upstream: replace xmalloc+memset(0) with xcalloc(); from AZero13 via + + GHPR417 + + OpenBSD-Commit-ID: 921079436a4900325d22bd3b6a90c8d0d54f62f8 + +commit 3a61f5ed66231881bee432c7e7c6add066c086af +Author: djm@openbsd.org +Date: Sat May 24 09:46:16 2025 +0000 + + upstream: fix punctuation around host key fingerprints to make them + + easier to copy and paste. + + Patch from Till Maas via GHPR556; ok dtucker@ + + OpenBSD-Commit-ID: c0100182a30b6925c8cdb2225b18140264594b7b + +commit b12d4ab1e16f57c6c348b483b1dbdd4530aaaddd +Author: dtucker@openbsd.org +Date: Sat May 24 08:13:29 2025 +0000 + + upstream: Replace strncmp + byte count with strprefix in Penalty + + config parsing. ok kn@, djm@ + + OpenBSD-Commit-ID: 34a41bb1b9ba37fb6c7eb29a7ea909547bf02a5a + +commit a356d978e30dd9870c0b3a7d8edca535b0cd2809 +Author: dtucker@openbsd.org +Date: Sat May 24 08:09:32 2025 +0000 + + upstream: Make the display number check relative to + + X11DisplayOffset. + + This will allows people to use X11DisplayOffset to configure much higher + port ranges if they really want, while not changing the default behaviour. + Patch from Roman Gubarev via github PR#559, ok djm@ + + OpenBSD-Commit-ID: e0926af5dc0c11e364452b624c3ad0cda88550b5 + +commit e18983d03ab969e2f12485d5c0ee61e6d745a649 +Author: Darren Tucker +Date: Sat May 24 17:20:57 2025 +1000 + + Remove progressmeter.o from libssh.a. + + It's now explicitly included by the binaries that need it (scp & sftp). + bz#3810, patch from jlduran at gmail.com + +commit f8967045ad9d588bc11426642070bf8549065e62 +Author: dtucker@openbsd.org +Date: Sat May 24 06:50:28 2025 +0000 + + upstream: Null out keys between test runs. + + BENCH_START and BENCH_FINISH are actually a while() loop in disguise, + so if sshkey_generate does not reset the key pointer on failure the test + may incorrectly pass. It also confuses Coverity (CID 551234). + + OpenBSD-Regress-ID: bf4d32079fc6df6dce1f26c2025f4ed492f13936 + +commit a26091ecdb2a3d72b77baf3c253e676a3c835a24 +Author: djm@openbsd.org +Date: Sat May 24 04:41:12 2025 +0000 + + upstream: add some verbosity + + OpenBSD-Regress-ID: 11c86cda4435b5f9ab6172c4742b95899666c977 + +commit 484563ec70e30472ab4484d49bca9a83771d785c +Author: djm@openbsd.org +Date: Sat May 24 04:41:03 2025 +0000 + + upstream: use start_ssh_agent() to ensure we get logging + + add some verbosity + + OpenBSD-Regress-ID: a89bf64696b9fb1b91be318e6b8940c9ab21c616 + +commit e3c58113ebb3397b252ff26e0e94f726b7db7a8a +Author: djm@openbsd.org +Date: Sat May 24 04:40:37 2025 +0000 + + upstream: add a start_ssh_agent() function that sets up an agent + + with logging + + OpenBSD-Regress-ID: 7f9f30f9c64acbd4b418a5e1a19140cc988071a8 + +commit 3de011ef7a761751afe28ac7ef97fe330d784595 +Author: dtucker@openbsd.org +Date: Sat May 24 06:43:37 2025 +0000 + + upstream: Plug leak of startup_pollfd in debug and child paths. + + Coverity CID 405024, ok djm@ + + OpenBSD-Commit-ID: db46047229253e9c4470c8bbf5f82706ac021377 + +commit d0245389bc55f16082cadd0a39dda5af1c415dfa +Author: Darren Tucker +Date: Sat May 24 17:11:38 2025 +1000 + + ssh-keygen changes were fixup'ed into single commit. + +commit 140bae1df2b7246bb43439d039bf994159973585 +Author: Marco Trevisan (Treviño) +Date: Mon Sep 30 13:14:11 2024 +0200 + + auth-pam: Check the user didn't change during PAM transaction + + PAM modules can change the user during their execution, in such case ssh + would still use the user that has been provided giving potentially + access to another user with the credentials of another one. + + So prevent this to happen, by ensuring that the final PAM user is + matching the one that initiated the transaction. + +commit 216824172724a50a4a75439fb2b4b8edccf5b733 +Author: dtucker@openbsd.org +Date: Sat May 24 03:37:40 2025 +0000 + + upstream: Remove ssh-keygen's moduli screen -Omemory option. + + This vaguely made sense 20 years ago, but these days you'd be hard + pressed to *find* a machine small enough to not support the maximum + (127MB), and no one is screening moduli on such machines anyway, + so just use the max. This also fixes Coverity CID 470522 by deleting + code in question. "kill it with fire" djm@. + + OpenBSD-Commit-ID: 39036aa406a99f0a91923aa3a96afff1205558e6 + +commit f5cd14e81fa29b4924959cb2e1f9c206aae2d502 +Author: dtucker@openbsd.org +Date: Sat May 24 02:33:33 2025 +0000 + + upstream: Fix compile error on 32bit platforms. + + Spotted by & ok tb@ + + OpenBSD-Commit-ID: cbcf518247886f3c7518fc54cb3bd911ffc69db7 + +commit eccc15014fe146e8590568e6737a3097bfac3415 +Author: dtucker@openbsd.org +Date: Sat May 24 02:01:28 2025 +0000 + + upstream: Use pointer from strprefix in error message, + + missed in previous. + + OpenBSD-Commit-ID: d2cdec6cf0fcd4b0ee25e4e3fad8bc8cf0ee657d + +commit 91903511d0597c3bea218167f9ca5a176fa0dc20 +Author: dtucker@openbsd.org +Date: Fri May 23 12:52:45 2025 +0000 + + upstream: Replace strncmp and strncasecmp with hand-counting bytes + + with strprefix. nits lucas@, ok lucas@ djm@ + + OpenBSD-Commit-ID: f0888807f151ea2bdaf6fed36303ae81f259d1d4 + +commit 0c64d69e4e24a3ab06f7922ef389e7399c4dfb88 +Author: dtucker@openbsd.org +Date: Fri May 23 11:54:50 2025 +0000 + + upstream: Include stdint.h for UINT32_MAX. + + OpenBSD-Commit-ID: edc29ed67e8bd03bac729d9b4849066d1d3a8cb9 + +commit 3e11478f585408888defa56fa47e8dc6567378d0 +Author: dtucker@openbsd.org +Date: Fri May 23 11:25:35 2025 +0000 + + upstream: Ensure args to nh_update() fit within uint32, which it + + should always anyway. Placates Coverity CID 470520. While there, fix the + upstream URL. ok djm@ + + OpenBSD-Commit-ID: 2478e89fde089a49fa02f9faf6287d35959c9f92 + +commit f097d7bd07da4634c1a723d1dc4fcf56e7d0e147 +Author: dtucker@openbsd.org +Date: Fri May 23 09:26:25 2025 +0000 + + upstream: Don't leak the args list. Coverity CIDs 481569 & 481570, + + ok job@ tb@. + + OpenBSD-Commit-ID: becabcd00513d13d1435b68b7ccffa7151b72393 + +commit a4ea7f6042f25b41061a83445016a1ea4f470f7b +Author: dtucker@openbsd.org +Date: Fri May 23 08:40:13 2025 +0000 + + upstream: Explictly set LC_ALL=C on each sort invocation. + + Remove it from sshd_config (where it could be overridden by shell startup + scripts, eg on macos-15) causing random test failures. with & ok djm@ + + OpenBSD-Regress-ID: ad0a6678964784096e9a9e6d15ead36beed92f18 + +commit 7674c03caed80cb3565d14690c92068a14051967 +Author: Darren Tucker +Date: Fri May 23 16:39:18 2025 +1000 + + Allow setting LTESTS in repo variables. + +commit d8b5bd36078e5b6d78da4633f0cc9b90ffda8b50 +Author: Darren Tucker +Date: Fri May 23 16:26:20 2025 +1000 + + Rename debugging variable RUN_ONLY_TEST. + + to RUN_ONLY_TARGET_CONFIG to make it more obvious what it matches. + +commit a79a2c1190bd3124da21d9e1582dd94877c7f972 +Author: Darren Tucker +Date: Fri May 23 16:11:48 2025 +1000 + + chown regress logs before uploading. + +commit 24889a33071086b6f1f62568b0c2bd0a4955ac49 +Author: dtucker@openbsd.org +Date: Fri May 23 01:14:35 2025 +0000 + + upstream: Import regenerated moduli. + + OpenBSD-Commit-ID: 07e29dc891e29b31e03e2e5493658b4a9ac19431 + +commit 4b8bee62d72ffb3c419c9ead6c9fb1a586283868 +Author: deraadt@openbsd.org +Date: Fri May 23 00:40:45 2025 +0000 + + upstream: use "const char * const" for malloc_options here also + + OpenBSD-Commit-ID: 869715b9c7e1dd5b85efd07814e7e53f0286eea2 + +commit 6629eee21ca9d0a597a04dcac744a1ad882f912e +Author: dtucker@openbsd.org +Date: Thu May 22 12:14:19 2025 +0000 + + upstream: Adjust debug message to prevent (unsigned) integer overflow. + + Fixes Coverity CID 481110, ok djm@ + + OpenBSD-Commit-ID: 26178bf3b812707fb498ea85d076cadd1f2eb686 + +commit 7acb70e05e9977ceca7b33df84ceaea337b1efef +Author: bluhm@openbsd.org +Date: Thu May 22 04:34:18 2025 +0000 + + upstream: Fix OpenBSD RCS ID typos. from Andrius V + + OpenBSD-Regress-ID: 5c03a2ef5323969fc4978f2eec4f1a25c48c572a + +commit 2b2a7a2a0d70023b439080bb2770ff36522dbea8 +Author: Darren Tucker +Date: Thu May 22 22:09:48 2025 +1000 + + Remove debug change accidentally commited. + + Fixes Coverity CID 481160. + +commit 450a8a1df1577ddbe68fe8da1fb8514d3781ef32 +Author: Darren Tucker +Date: Thu May 22 21:16:37 2025 +1000 + + Collect all of regress dir on failure. + + This may allow us to sort through its entrails and determine the cause + of some types of failures. + +commit de25e739781c4c09d20abd410f50f0a6f192dc72 +Author: Damien Miller +Date: Thu May 22 18:42:44 2025 +1000 + + minimal shims for fstatat(2)/unlinkat(2) in agent + + Add some very minimal and task-specific replacements for + fstatat(2) and unlinkat(2) in the ssh-agent socket cleanup + loop, for platforms that lack these functions. ok dtucker@ + +commit 6d192645a613aa814d51050b0458f37265b90d6c +Author: dtucker@openbsd.org +Date: Thu May 22 04:22:03 2025 +0000 + + upstream: Output the current name for PermitRootLogin's + + "prohibit-password" in sshd -T instead of its deprecated alias + "without-password". bz#3788, patch from cjwatson at debian.org. + + OpenBSD-Commit-ID: 2d5df18d5ad33a9b6c7547ec78a8e6ea13813df9 + +commit 1ccf42378df202472e7254f37f7dabb2f5723955 +Author: dtucker@openbsd.org +Date: Thu May 22 03:53:46 2025 +0000 + + upstream: Copy arg to be passed to dirname(). + + POSIX allows dirname() to modify its args and return a pointer into it, + so this prevents an overlapping strlcpy. bz#3819, patch from cjwatson + at debian.org + + OpenBSD-Commit-ID: c32e496e6a1618aba31c8b7a9d4e1376c5ea6aa1 + +commit b5877b7b3e597f47578ade9dbe7e4332f112dfc4 +Author: dtucker@openbsd.org +Date: Thu May 22 03:41:10 2025 +0000 + + upstream: Add $OpenBSD$ marker for easier syncing. + + OpenBSD-Commit-ID: 27ff3e1e2e6610d9981ebe43ae9b783236800035 + +commit 58d094c7cb974d7bd3ba6eb1059b186a2ac3dd55 +Author: djm@openbsd.org +Date: Wed May 21 12:12:20 2025 +0000 + + upstream: Correct FILES section to mention new default path to + + agent sockets. Spotted by / ok jmc@ + + OpenBSD-Commit-ID: 91d736d78d71a4276c9cbb075b1462bbc3df55a6 + +commit d1d5c8b9b8de8283618c18d0dafdec6a209911cc +Author: Darren Tucker +Date: Thu May 22 12:25:35 2025 +1000 + + Fix nc install some more. + +commit 49a2412ad23162e44be9e0b2cb12f6daf6b666d7 +Author: Darren Tucker +Date: Thu May 22 12:21:11 2025 +1000 + + Fix cvs up of nc. + +commit df22801b3f0ae245f825cf9c9dbb4543e41a7c5c +Author: Darren Tucker +Date: Thu May 22 11:34:04 2025 +1000 + + Install nc during upstream test. + + This ensures that the installed nc matches the expectations of the + regress tests. + +commit e391c5289c2b687ff886cf780dc8fcb426e4d5d2 +Author: Darren Tucker +Date: Thu May 22 10:52:31 2025 +1000 + + Remove 9.7 branch from CI status page. + + It's been obsolete long enough that github no longer reports its + status. + +commit b71773c20d566fa5dcaf9edf3139bdcb3f2c4bc2 +Author: Damien Miller +Date: Wed May 21 19:14:47 2025 +1000 + + pull a small netcat SOCKS4A fix from upstream + +commit 0adb2db25eff3fe1c90c55654387ae1e4e18a396 +Author: djm@openbsd.org +Date: Wed May 21 08:41:52 2025 +0000 + + upstream: test SOCKS4A; ok tb + + OpenBSD-Regress-ID: d880b75280295cd581a86e39bb0996d347f122d2 + +commit 5699f4e9553c6a228fd9dc578d99e3aa6451c014 +Author: djm@openbsd.org +Date: Wed May 21 08:36:39 2025 +0000 + + upstream: remove log tarballing "it seemed like a good idea at the + + time" - dtucker@ + + ensure that log files have correct perms when running under sudo/doas + + ok dtucker@ + + OpenBSD-Regress-ID: 20588c14b05de9519f85d638b374b66ae0678c89 + +commit 0c14e6b69a20f20d602e0e72559ca3f4dbc797fb +Author: djm@openbsd.org +Date: Wed May 21 06:44:24 2025 +0000 + + upstream: use logit_f("...") instead of logit("func: ...") + + OpenBSD-Commit-ID: c8d49eb39a9abff3cbcaeaf7df9d48468a5a0695 + +commit 1743589d038476f28dc4dfb1f69317649ae22ac5 +Author: djm@openbsd.org +Date: Wed May 21 06:43:48 2025 +0000 + + upstream: function to make a sshbuf from a hex string; useful in + + tests + + also constify some arguments + + OpenBSD-Commit-ID: 00f9c25b256be0efd73f2d8268ff041bc45ffb2c + +commit 83729cf503289104d7e64a69be14579523988cb6 +Author: Damien Miller +Date: Wed May 21 18:47:46 2025 +1000 + + merge netcat SOCKS4A support from OpenBSD + + Not a full sync of this file as we have diverged substantially + from upstream (it has libtls support, etc.) + +commit 750f1867476bda36879f69e25e8f52cb45c58807 +Author: Darren Tucker +Date: Tue May 20 22:17:02 2025 +1000 + + Include OpenSSL compat shim where needed. + +commit 6fb728df50c1afd338cb0223a84ce24579577eff +Author: Darren Tucker +Date: Tue May 20 19:28:55 2025 +1000 + + Run all tests on Cygwin again. + + ... now that we've fixed ci-setup on Cygwin. + +commit 648a3a008cf1cfa54631d2f0457b5313c455f484 +Author: Darren Tucker +Date: Tue May 20 18:48:23 2025 +1000 + + Use USERNAME rather than LOGNAME on Cygwin. + + LOGNAME is specified by POSIX, but Windows (or at least, github's + Windows images) don't set it. + +commit 0214e53124c09528b6ee29b9a551442b5611a454 +Author: Darren Tucker +Date: Tue May 20 18:28:52 2025 +1000 + + Add debug output when setting up CI environment. + +commit 9d9a2c0369419f3b4952e597db7b8696f54e7f3a +Author: Darren Tucker +Date: Tue May 20 19:16:38 2025 +1000 + + Include openssl compat shims in test. + + Fixes tests on platforms using older LibreSSL releases prior to 3.4. + +commit 1a9b1cfa4e8b807c7f82fdba8f730c2abdbba071 +Author: Darren Tucker +Date: Tue May 20 18:14:06 2025 +1000 + + Add compat shims for EC_POINT affine_coordinates + + LibreSSL <3.4 does not have EC_POINT_[gs]et_affine_coordinates + but does have the now-deprecated _GFp variantes. We still support + LibreSSL back as far as 3.2.x so add a compat shim. + +commit cff2175200b412a9207a4fe5c1bdcc54e8a73d07 +Author: tb@openbsd.org +Date: Mon May 12 05:42:02 2025 +0000 + + upstream: Use EC_POINT_[sg]et_affine_coordinates() + + It is available in all supported OpenSSL flavors/versions and the _GFp + variants will be removed from LibreSSL. + + ok hshoexer jsing + + OpenBSD-Regress-ID: 66cf1561e7b6c49002978f2d6720956f33a882f0 + +commit 2d35e24739b515394017b74465a0996c384cf28f +Author: tb@openbsd.org +Date: Mon May 12 05:41:20 2025 +0000 + + upstream: Use EC_POINT_[sg]et_affine_coordinates() + + It is available in all supported OpenSSL flavors/versions and the _GFp + variants will be removed from LibreSSL. + + ok hshoexer jsing + + OpenBSD-Commit-ID: ecedca0e1ffa80e0c9ef7c787bc6a972882c596b + +commit 17003b9f1cd7b7bf1f52493cc4a1ab95727c3ed7 +Author: djm@openbsd.org +Date: Fri May 9 02:42:03 2025 +0000 + + upstream: make the progress-meter code safe against being called + + when not initialised; spotted by tb@ feedback/ok tb@ deraadt@ + + OpenBSD-Commit-ID: a9fda1ee08a24c62e0981ff6d15ca93b63467038 + +commit 2d023e7a95d673e93ccc1978bf8931f7335b2b53 +Author: tedu@openbsd.org +Date: Thu May 8 17:32:53 2025 +0000 + + upstream: convert a last quad_t to int64_t. ok deraadt djm + + OpenBSD-Commit-ID: 1c9e01ba1a9ccf442a9cdf10f222077f66885f1f + +commit fc8c56ade809f66f7df4b5153a4d92593631c12a +Author: Darren Tucker +Date: Tue May 20 15:01:29 2025 +1000 + + Set runner pasword to random string. + + The most recent version of the Github ubuntu-latest image sets the + password field to "!" which sshd considers to be a locked account, + breaking most of the tests. + +commit c404686c17daeda7e95ca6fc14c8a4a570cf975d +Author: Darren Tucker +Date: Sun May 11 22:54:13 2025 +1000 + + Debug log for why an account is considered locked. + +commit ee1d31781cf0d292a50b4df4cb8cb6ffcbfbe9af +Author: Darren Tucker +Date: Sun May 11 16:35:31 2025 +1000 + + Move debug log output into separate workflow step. + + Should reduce the need to scroll back to find out which test actually + failed. + +commit ddfb78a15f57a33427d462b9c401de5c8e6799da +Author: Darren Tucker +Date: Sat May 10 21:48:06 2025 +1000 + + Skip sftp-perm on Cygwin too. + +commit 8846caccb86b3f5a4f1c10bfffcc9cf1adc17925 +Author: Darren Tucker +Date: Sat May 10 10:23:30 2025 +1000 + + Remove CYGWIN binmode as it's now obsolete. + +commit cf795d55437e6c1ffe85e90e0fae00e885e50036 +Author: Darren Tucker +Date: Sat May 10 09:25:18 2025 +1000 + + Also skip sftp-cmds test on Cygwin. + + Fails at the hardlink step. + +commit d1b28639c1cb382943bd92c68992ea74af9b5773 +Author: Darren Tucker +Date: Sat May 10 08:52:11 2025 +1000 + + Tell Cygwin to use native symlinks. + +commit 56782dad7d7f96b4943951227515bd7904ac3cf7 +Author: Darren Tucker +Date: Sat May 10 08:26:37 2025 +1000 + + Skip keygen-knownhost test on Cygwin. + + It fails but at this time it's not clear why. + +commit d5cbac2364b03e55b733a2422a07e78e16d2a118 +Author: Darren Tucker +Date: Sat May 10 07:59:44 2025 +1000 + + Pass Cygwin setup location to CI setup. + + (instead of hard coding it, wrongly). + +commit 82f1f52c5582f005761e4e200c279ddd9c6781e4 +Author: Darren Tucker +Date: Sat May 10 06:37:24 2025 +1000 + + Add RUN_ONLY_TEST to limit which tests are run. + + For testing, you can set the repo variable RUN_ONLY_TEST in your repo + (Repo -> Settings -> Security -> Actions -> Variables) to run only that test. + +commit 140ba45895de8ebfb3e2517b0ddee58729979c29 +Author: Darren Tucker +Date: Fri May 9 19:32:06 2025 +1000 + + Move misc-agent.o to LIBSSH_OBJS. + + It's needed by the fuzzer. + +commit 3357bf2fe2d11b6ed4465c1ed2871bd1099cbbc5 +Author: Darren Tucker +Date: Fri May 9 19:08:36 2025 +1000 + + Put PRIV_ECDSA back, it's still used. + + Should fix oss-fuzz test. + +commit f5726215957bb34e18bb872d527845c2f64e2389 +Author: Darren Tucker +Date: Thu May 8 18:56:39 2025 +1000 + + Since it's unused, make dirfd() take void *. + + Some platforms (eg Old BSDs) in some configurations define DIR to "void + *", which causes compile errors in the no-op implementation. + +commit 1511f113a27d8aafe080aa6493cb3c0cf2b5abe0 +Author: Darren Tucker +Date: Thu May 8 11:38:24 2025 +1000 + + Add no-op implmentation of dirfd(). + + Fixes build on pre-POSIX.1 2008 systems. + +commit 086369736a9496b39af0d9f09443fa81b59b7f05 +Author: Daniel Kahn Gillmor +Date: Wed Apr 16 10:18:34 2025 +1000 + + ssh-agent: exit 0 from SIGTERM under systemd socket-activation + + When the ssh-agent service is configured to be launched under systemd + socket-activation, the user can inspect the status of the agent with + something like: + + systemctl --user status ssh-agent.service + + If the user does: + + systemctl --user stop ssh-agent.service + + it causes the `systemd --user` supervisor to send a SIGTERM to the + agent, which terminates while leaving the systemd-managed socket in + place. That's good, and as expected. (If the user wants to close the + socket, they can do "systemctl --user stop ssh-agent.socket" instead) + + But because ssh-agent exits with code 2 in response to a SIGTERM, the + supervisor marks the service as "failed", even though the state of the + supervised service is exactly the same as during session startup (not + running, ready to launch when a client connects to the socket). + + This change makes ssh-agent exit cleanly (code 0) in response to a + SIGTERM when launched under socket activation. This aligns the systemd + supervisor's understanding of the state of supervised ssh-agent with + reality. + + Signed-off-by: Daniel Kahn Gillmor + +commit 755c3d082e59e6884f28d30e6333a1444e9173d1 +Author: Darren Tucker +Date: Wed May 7 21:05:06 2025 +1000 + + Skip d_type check on platforms that don't have it. + + On those, the subsequent stat() should catch the sockets. + +commit 207289a5663bdf49903e1aeb938dcc0924e2ac63 +Author: dtucker@openbsd.org +Date: Wed May 7 10:44:26 2025 +0000 + + upstream: Rename sockaddr_un sun -> sunaddr. + + This makes things easier in -portable, where on Solaris an derivatives + "sun" is defined to "1", causing compilation errors. ok deraadt@. + + OpenBSD-Commit-ID: 0669043afb49856b57b382f0489221bd98305d3b + +commit 7cc8e150d51a4545b86d996692b541419b35d1a3 +Author: djm@openbsd.org +Date: Tue May 6 06:05:48 2025 +0000 + + upstream: remove DSA from the regression/unit test suite too. + + OpenBSD-Regress-ID: 4424d2eaf0bce3887318ef6d18de6c06f3617d6e + +commit 0404fa799746c283325a463c363436eb152daefc +Author: djm@openbsd.org +Date: Tue Apr 15 05:31:24 2025 +0000 + + upstream: another missing ifdef + + OpenBSD-Regress-ID: 4f71f8f122eac4cbf7f1d2088a9be45317dd3e4a + +commit c5dbbe8805caaee132545ab4cffd3b2221e80975 +Author: djm@openbsd.org +Date: Tue Apr 15 05:00:13 2025 +0000 + + upstream: missing ifdef + + OpenBSD-Regress-ID: 7260fb672de5738c17dec06c71a5be0186bb2b09 + +commit 93e904a673a632604525fdc98b940b7996f1ce54 +Author: djm@openbsd.org +Date: Wed May 7 04:10:21 2025 +0000 + + upstream: memory leak on error path; bz3821 + + OpenBSD-Commit-ID: 65577596a15ad6dd9a1ab3fc24c1c31303ee6e2b + +commit 55b38ff4d7286c8fac2a472da664462e0f2d75e0 +Author: deraadt@openbsd.org +Date: Tue May 6 15:15:05 2025 +0000 + + upstream: test ssh-agent with the -T flag to force the old /tmp + + location rather than inside the homedir. During relink operation, + /.ssh/agent was created which is surprising. This test sequence could use + some improvement so this is a temporary fix. observed by florian, change ok + semarie + + OpenBSD-Commit-ID: c7246a6b519ac390ca550719f91acfdaef1fa0f0 + +commit a32d28d792567253bb601362f36391f155f8f772 +Author: djm@openbsd.org +Date: Tue May 6 05:40:56 2025 +0000 + + upstream: finally remove DSA signature support from OpenSSH. + + feedback/ok tb@, ok deraadt@ + + OpenBSD-Commit-ID: bfe6ee73c1b676c81a2901030c791f8ec888228f + +commit 928f8dcc1bb622c25be409c34374b655d0149373 +Author: djm@openbsd.org +Date: Mon May 5 05:51:11 2025 +0000 + + upstream: Now that there's an I-D for certificate keys, refer to + + that instead of the much more basic format description we had previously. + + OpenBSD-Commit-ID: cf01e0727a813fee8626ad7b3aa240621cc92014 + +commit fe883543bece18c975fa53aa02104f0433645d99 +Author: jmc@openbsd.org +Date: Mon May 5 05:47:28 2025 +0000 + + upstream: - add full stop to the text in -a - move the -U and -u + + text to the correct place + + OpenBSD-Commit-ID: 2fb484337a0978c703f61983bb14bc5cbaf898c2 + +commit 5fd6ef297dec23e3574646b6334087131230d0a6 +Author: Darren Tucker +Date: Tue May 6 19:01:00 2025 +1000 + + Add minimal implementations of fstatat and unlinkat. + + Fixes build on some pre-POSIX.1-2008 platforms. + +commit d2480827b3ef6ec119965822afdff35d734b2dee +Author: Darren Tucker +Date: Tue May 6 08:15:34 2025 +1000 + + New location of cygwin setup. + +commit 57eb87b15bd0343372f99d661ce95efb25a16f1e +Author: Darren Tucker +Date: Tue May 6 08:07:23 2025 +1000 + + Boringssl now puts libcrypto in a different place. + +commit 61525ba967ac1bb7394ea0792aa6030bcbbad049 +Author: Darren Tucker +Date: Mon May 5 20:45:42 2025 +1000 + + Handle systems that don't have st_mtim. + + Ignores nanoseconds, but it's checking for >1h old so a few nanoseconds + shouldn't matter much. Fixes build on Mac OS X. + +commit 27861e9b15151898841097c14ee974c026093131 +Author: Darren Tucker +Date: Mon May 5 19:09:25 2025 +1000 + + Supply timespecsub if needed. + +commit 7c0e6626e4be53efcfbb92f0c6382a76f1138e38 +Author: Darren Tucker +Date: Mon May 5 19:08:48 2025 +1000 + + includes.h for compat, time.h for clock_gettime. + +commit 7a7cc3cf721fe7fe9f4925d92bb7c694b8550a7f +Author: Darren Tucker +Date: Mon May 5 18:51:34 2025 +1000 + + Cygwin install in back on D: + +commit 6ab8133c067a8e91ba69ce7ca04f95b50f2f2d7b +Author: Damien Miller +Date: Mon May 5 14:59:30 2025 +1000 + + depend + +commit 12912429cf39cfeca97dd18a8f875ad9824d1751 +Author: djm@openbsd.org +Date: Mon May 5 03:35:06 2025 +0000 + + upstream: missing file in previous commit + + OpenBSD-Commit-ID: e526c97fcb2fd9f0b7b229720972426ab437d7eb + +commit 80162f9d7e7eadca4ffd0bd1c015d38cb1821ab6 +Author: djm@openbsd.org +Date: Mon May 5 02:48:06 2025 +0000 + + upstream: Move agent listener sockets from /tmp to under + + ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8). + + This ensures processes (such as Firefox) that have restricted + filesystem access that includes /tmp (via unveil(3)) do not have the + ability to use keys in an agent. + + Moving the default directory has the consequence that the OS will no + longer clean up stale agent sockets, so ssh-agent now gains this + ability. + + To support $HOME on NFS, the socket path includes a truncated hash of + the hostname. ssh-agent will by default only clean up sockets from + the same hostname. + + ssh-agent gains some new flags: -U suppresses the automatic cleanup + of stale sockets when it starts. -u forces a cleanup without + keeping a running agent, -uu forces a cleanup that ignores the + hostname. -T makes ssh-agent put the socket back in /tmp. + + feedback deraadt@ naddy@, doitdoitdoit deraadt@ + + OpenBSD-Commit-ID: 8383dabd98092fe5498d5f7f15c7d314b03a93e1 + +commit 566443b5f5d7bc4c5310313b4e46232760850c7a +Author: djm@openbsd.org +Date: Mon May 5 02:40:30 2025 +0000 + + upstream: correct log messages; the reap function is used for more + + than just the preauth process now + + OpenBSD-Commit-ID: 768c5b674bd77802bb197c31dba78559f1174c02 + +commit e048230106fb3f5e7cc07abc311c6feb5f52fd05 +Author: djm@openbsd.org +Date: Wed Apr 30 05:26:15 2025 +0000 + + upstream: make writing known_hosts lines more atomic, by writing + + the entire line in one operation and using unbuffered stdio. + + Usually writes to this file are serialised on the "Are you sure you + want to continue connecting?" prompt, but if host key checking is + disabled and connections were being made with high concurrency + then interleaved writes might have been possible. + + feedback/ok deraadt@ millert@ + + OpenBSD-Commit-ID: d11222b49dabe5cfe0937b49cb439ba3d4847b08 + +commit c991273c18afc490313a9f282383eaf59d9c13b9 +Author: djm@openbsd.org +Date: Wed Apr 30 05:23:15 2025 +0000 + + upstream: fix a out-of-bounds read if the known_hosts file is + + truncated after the hostname. + + Reported by the OpenAI Security Research Team + + ok deraadt@ + + OpenBSD-Commit-ID: c0b516d7c80c4779a403826f73bcd8adbbc54ebd + +commit b5b405fee7f3e79d44e2d2971a4b6b4cc53f112e +Author: Darren Tucker +Date: Sun Apr 20 09:07:57 2025 +1000 + + Set Windows permssions on regress dir. + + Prevents "unprotected private key file" error when running tests. + +commit 76631fdd04824c3e50ea6551d3611b1fe0216a41 +Author: Darren Tucker +Date: Fri Apr 18 08:18:52 2025 +1000 + + Add 10.0 branch to test status page. + +commit c627b468d3b99e487e2b24c90958ae57e633d681 +Author: Darren Tucker +Date: Fri Apr 18 08:14:16 2025 +1000 + + cygwin-install-action now puts setup.exe on D: + +commit 52bddbc1a7f53a1e5c871767913648eb639ac6d5 +Author: Darren Tucker +Date: Fri Apr 18 08:10:32 2025 +1000 + + Include time.h for clock_gettime(). + +commit 9b50cb171b5c56184ce6fa3994ce62f9882d2daf +Author: Darren Tucker +Date: Thu Apr 17 16:51:14 2025 +1000 + + Add includes.h for new tests. + + Fixes builds on older platforms. + +commit 46e52fdae08b89264a0b23f94391c2bf637def34 +Author: Darren Tucker +Date: Wed Apr 16 22:29:17 2025 +1000 + + Provide INFINITY if it's not provided. + + INFINITY is specified in c99, so define if not provided. + +commit 849c2fd894aa87a7e40c71e8d5bda5392b1205be +Author: Darren Tucker +Date: Tue Apr 15 21:58:49 2025 +1000 + + Look for sqrt(), possibly in libm. + + The unit tests now use sqrt(), which in some platforms (notably + DragonFlyBSD and Solaris) is not in libc but rather libm. Since only + the unit tests use this, add TESTLIBS and if necessary put libm in it. + +commit 1ec5b39f1f673beac039bb42c98a11aa2b08a0b2 +Author: dtucker@openbsd.org +Date: Tue Apr 15 09:22:25 2025 +0000 + + upstream: Cast signalled_keydrop to int when logging to prevent warning + + on platforms where sig_atomic_t is not the same as int. bz#3811, patch from + jlduran at gmail com. + + OpenBSD-Commit-ID: b6bc9e9006e7f81ade57d41a48623a4323deca6c + +commit f3d465530e75cb6c02e2cde1d15e6c4bb51ebfd9 +Author: djm@openbsd.org +Date: Tue Apr 15 04:00:42 2025 +0000 + + upstream: basic benchmarking support for the unit test framework enable + + with "make UNITTEST_BENCHMARK=yes" + + ok dtucker@ + + OpenBSD-Regress-ID: 7f16a2e247f860897ca46ff87bccbe6002a32564 + +commit 609fe2cae2459d721ac11d23cd27b8a94397ef3c +Author: jmc@openbsd.org +Date: Mon Apr 14 05:41:42 2025 +0000 + + upstream: rework the text for -3 to make it clearer what default + + behaviour is, and adjust the text for -R to make them more consistent; + + issue raised by mikhail mp39590; + behaviour explained by naddy + + ok djm + + OpenBSD-Commit-ID: 15ff3bd1518d86c84fa8e91d7aa72cfdb41dccc8 + +commit 8725dbc5b5fcc3e326fc71189ef8dba4333362cc +Author: Damien Miller +Date: Wed Apr 9 17:02:17 2025 +1000 + + update version numbers + +commit cc7feb9458ad3b893b53dc9c7500d1affd208bde +Author: djm@openbsd.org +Date: Wed Apr 9 07:00:21 2025 +0000 + + upstream: openssh-10.0 + + OpenBSD-Commit-ID: db5b4a1f1c9e988f8f166b56dc5643606294b403 + +commit fc86875e6acb36401dfc1dfb6b628a9d1460f367 +Author: djm@openbsd.org +Date: Wed Apr 9 07:00:03 2025 +0000 + + upstream: Fix logic error in DisableForwarding option. This option + + was documented as disabling X11 and agent forwarding but it failed to do so. + Spotted by Tim Rice. + + OpenBSD-Commit-ID: fffc89195968f7eedd2fc57f0b1f1ef3193f5ed1 + +commit dd73459e351b0a2908aed90910c8ff9b0b381c6d +Author: djm@openbsd.org +Date: Wed Apr 9 01:24:40 2025 +0000 + + upstream: oops, I accidentally backed out the typo fix + + OpenBSD-Commit-ID: f485f79bf3e9ebbe1de13ac96150cf458956cfd8 + +commit 0cb945891944bada5850e85d60afa3c807cf1af6 +Author: djm@openbsd.org +Date: Wed Apr 9 01:23:47 2025 +0000 + + upstream: typo + + OpenBSD-Commit-ID: f912725c7d303720706b3ccfb2cb846d46296d13 + +commit cd4a6bd50b658d707867caa1f5aa40b35c2b6c19 +Author: Damien Miller +Date: Wed Apr 9 09:49:55 2025 +1000 + + initialise websafe_allowlist in agent fuzzer + +commit 55b7cb48af96c1102ef8ab5a73bb329cbed30945 +Author: djm@openbsd.org +Date: Tue Apr 8 23:10:46 2025 +0000 + + upstream: typo + + OpenBSD-Regress-ID: 08477b936d1d0c1e8a98aa1c0e1bdde8871894c9 + +commit 985d8cbcd3438cc36b4e709476f1783e358ddfb1 +Author: djm@openbsd.org +Date: Tue Apr 8 23:10:08 2025 +0000 + + upstream: typo + + OpenBSD-Commit-ID: 6e683e13e72bf1e43bbd3bbc6a8332d5a98bdc99 + +commit 000c3d14e94d8f7597087c457260ea9417045b65 +Author: dtucker@openbsd.org +Date: Mon Apr 7 08:12:22 2025 +0000 + + upstream: Include time.h for time(). + + Fixes warning on some platforms when building without openssl. + + OpenBSD-Commit-ID: 04ca29b8eaae1860c7adde3e770baa1866e30a54 + +commit 49b8b9bf829e08af22366530614a5e59ac341ca9 +Author: tb@openbsd.org +Date: Wed Apr 2 04:28:03 2025 +0000 + + upstream: Wrap #include in #ifdef WITH_DSA + + ok djm + + OpenBSD-Commit-ID: ed01a7c102243f84e4a317aefb431916d98aab15 + +commit f80fb819e5521e13f167edbcc3eed66e22ad0c2a +Author: Damien Miller +Date: Thu Apr 3 09:10:19 2025 +1100 + + remove all instances of -pie from LDFLAGS + + Previously only the first instance of this flag was removed. + Unbreaks build on OpenSUSE Tumbleweed. Patch from Antonio Larrosa + +commit 6c9872faa1c297a84c6d3e3b95a927be99eadbf6 +Author: djm@openbsd.org +Date: Tue Apr 1 23:23:20 2025 +0000 + + upstream: remove ability to enable DSA support. Actual code will be + + g/c'd separately. ok deraadt@ + + OpenBSD-Commit-ID: 2a032b75156c4d922e8343fa97ff6bc227f09819 + +commit 8460aaa4e1f8680f03cc5334556b9440b401f010 +Author: dtucker@openbsd.org +Date: Fri Mar 28 21:45:55 2025 +0000 + + upstream: Add TEST_SSH_SSHD_ENV to sshd lines here too. + + OpenBSD-Regress-ID: 045f2c88b42d694b404db51c5de5eca20d748ff1 + +commit 5e60f5937b9c33190b9d7614f72d85d4a9b38d3d +Author: dtucker@openbsd.org +Date: Fri Mar 28 06:04:07 2025 +0000 + + upstream: Pass "ControlMaster no" to ssh when invoked by scp & sftp. + + If you have ControlMaster auto (or yes) in your config, and the + first connection you make is via scp or sftp, then you may get a + few unexpected options applied to it (eg ForwardX11 no), since sftp + and sftp explicitly disable those for reasons. These effects will + persist beyond the initial scp or sftp command. + + This explicitly disables persistent session *creation* by scp and sftp. + It will not prevent them from using an existing session if one has + already been created. + + From Github PR#557, ok djm@ kn@ + + OpenBSD-Commit-ID: 9dad7c737466837e0150c4318920f46d844770c4 + +commit bbd36869dfb4b770cc9e6a345c04a585a0955aec +Author: dtucker@openbsd.org +Date: Fri Mar 28 05:41:15 2025 +0000 + + upstream: Set sshd environment variables during sshd test run too. + + OpenBSD-Regress-ID: 50cb325d92c390a2909662c901f6ac5d80b6f74d + +commit 98f05b1484daddef2f56b79e24540523b5016143 +Author: dtucker@openbsd.org +Date: Fri Mar 28 05:36:24 2025 +0000 + + upstream: Add TEST_SSH_SSHD_ENV variable which is added to sshd's + + environment. Will be used in Portable to tweak behaviour of tcmalloc's + debugging. + + OpenBSD-Regress-ID: 67e38c3c4517ddb72c8a3549a3325a166d7bb6d6 + +commit 8cd9ed4df0eccc825eca0c45354a37332e125e38 +Author: dtucker@openbsd.org +Date: Fri Mar 28 05:33:30 2025 +0000 + + upstream: chown log directory in addition to log files. + + OpenBSD-Regress-ID: b520d54a0bbf2c6554413c798218bda26b385ad9 + +commit e32de6bf4f3229d4838beb127de45eed1377ccc5 +Author: Darren Tucker +Date: Fri Mar 28 16:47:58 2025 +1100 + + Be explicit about environment variables for tests. + + This will make it easier to reproduce a test failure by cut-and-paste of + the corresponding line from the github log. + +commit 77a3e6ba47381547b3fe4b29223256f276fbd07e +Author: Darren Tucker +Date: Fri Mar 28 16:46:40 2025 +1100 + + Add tcmalloc flags to TEST_SSH_SSHD_ENV. + + This will get passed to sshd via test-exec.sh. + +commit a73890e340fbd6121251854b658a72d738b86c84 +Author: Darren Tucker +Date: Thu Mar 27 23:04:44 2025 +1100 + + Add PuTTY 0.81, 0.82 and 0.83 to tests. + +commit 90a28de0d49570324d1695c0b4686354ef3bcae0 +Author: Darren Tucker +Date: Thu Mar 27 22:30:40 2025 +1100 + + Include TCMALLOC_STACKTRACE_METHOD in output. + + If TCMALLOC_STACKTRACE_METHOD happens to be set, include it in the debug + output to make reproducing test cases easier. + +commit fd5a6bb6dd7657c4bd8cd0ee11d5c8ddf0d927b2 +Author: Darren Tucker +Date: Thu Mar 27 20:15:11 2025 +1100 + + Test with-linux-memlock-onfault in kitchensink. + +commit 22330711e2459c23d9736ee16e0e2ee0fcc30b9a +Author: Collin Funk +Date: Wed Mar 26 18:24:59 2025 -0700 + + Include fcntl.h so AT_FDCWD does not get redefined. + +commit 6c49e5f7dcaf886b4a702a6c003cae9dca04d3ea +Author: Daniil Tatianin +Date: Thu Feb 27 11:37:13 2025 +0300 + + Add support for locking memory on Linux + + Linux wakes up kcompactd threads in order to make more contiguous memory + available on the system, it does this by migrating live movable pages + (actively modifying live processes' page tables and constantly flooding + them with page invalidation IPIs, which can be up to millions per + second), which causes the process to become unresponsive for up to + seconds or even minutes in some severe cases. In case of sshd, we want + to always be able to connect to the system, even if it's under heavy + kcompactd load. + + Introduce an option to protect sshd and its children sessions from being + compacted by kcompactd (this works in cojunction with + compact_unevictable_allowed = 0). Note that we depend on MCL_ONFAULT + being available, which was introduced in linux 4.4. MCL_ONFAULT allows + the system to lock pages lazily, thus drastically reducing memory usage + of a locked process (without MCL_ONFAULT, every existing mapping in the + process is instantly write-faulted). + +commit fdc4853c5b1567934d43ab13282f03033cc21325 +Author: Daniil Tatianin +Date: Thu Feb 27 11:46:25 2025 +0300 + + platform: introduce a way to hook new session start + + Previously this was possible via post_fork_child, but ever since sshd + was split into multiple binaries, this is now no longer possible becase + of execv. + +commit 1b311b6b17be81577514c38e8be4f5740d7df496 +Author: dtucker@openbsd.org +Date: Wed Mar 19 06:11:15 2025 +0000 + + upstream: Prevent theoretical NULL deref in throughlocal_sftp. + + Coverity CID 405019, although at the moment it's not reachable. ok djm@ + + OpenBSD-Commit-ID: 630d46c1021b69fbb470e349976c70e9a48b7644 + +commit 96493ebd6ff48bbb802576e208794a26928569b0 +Author: Darren Tucker +Date: Wed Mar 19 17:35:10 2025 +1100 + + Fix workflow syntax again. + +commit 575c43fd4c44d376b1771c0fdaf4941021ba88c9 +Author: Darren Tucker +Date: Tue Mar 18 20:54:48 2025 +1100 + + Differentiate logfiles better. + +commit 8a1294638f3a47d46263ea574fa85c8e115ea893 +Author: Darren Tucker +Date: Tue Mar 18 20:27:46 2025 +1100 + + Fix another typo in workflow. + +commit bd9e6bbcc864b3e10c4e11f5aec1b3a5e3a89b55 +Author: Darren Tucker +Date: Tue Mar 18 18:16:12 2025 +1100 + + Fix syntax error in workflow. + +commit ce88a1bb4a2e6425752094f7a2eb4adfb0ca7971 +Author: Darren Tucker +Date: Tue Mar 18 18:13:14 2025 +1100 + + Identify each logfile while printing them. + +commit b58e429960c4791fc4e30bb7c70d1f77d538b546 +Author: djm@openbsd.org +Date: Tue Mar 18 04:53:14 2025 +0000 + + upstream: fix NULL dereference for Match conditions missing + + arguments, e.g. "Match user". Spotted by Coverity (CID 477813) + + OpenBSD-Commit-ID: 13584281cfa23b8ebc41f9d128a6b9464ae960d4 + +commit 0ce5281f017c3ad7bdcc2bbd9745119a73e0cbb8 +Author: tb@openbsd.org +Date: Fri Mar 14 09:49:49 2025 +0000 + + upstream: Fix EVP_CIPHER_CTX_ctrl() return checks + + While this API tries to translate negative return values (i.e. -1) to 0 + in BoringSSL and LibreSSL, it is still possible for it to return negative + values in prinicple. We even incorrectly document that -1 can be returned + while Boring and OpenSSL plead the Fifth. + + In OpenSSL 3 there are now code paths that explicitly return -1 and they + started shifting their return checks to <= 0 - of course they do this in + inconsistent and sometimes incorrect manner. While these paths aren't + reachable from ssh right now, who can really tell what happens in the two + hundred lines of inscrutable bloated mess this has become. + + So error check with <= 0 to ensure that we don't accidentally translate an + error to success. + + ok markus schwarze + + OpenBSD-Commit-ID: a855c833cf4ecfce43bedc761f26ad924f70483c + +commit 2e81100763d5885e500f065b04c16ed87ce74318 +Author: Darren Tucker +Date: Mon Mar 17 21:35:55 2025 +1100 + + Fix debug log path. + +commit 442a44970179d70ebb62bba792699eaec978a1db +Author: Darren Tucker +Date: Fri Mar 14 16:24:06 2025 +1100 + + Also lazily unmount workspace in case of straggers. + +commit 20427f6735fe5ddab31911ce5315adc71acf47d8 +Author: Darren Tucker +Date: Fri Mar 14 16:17:39 2025 +1100 + + Make sure upstream tests run on correct hardware. + +commit 91a2f70a56827ae31649baf17227b0914ac5aa36 +Author: Darren Tucker +Date: Fri Mar 14 13:47:27 2025 +1100 + + Add OpenBSD upstream test on obsdsnap-arm64. + +commit c20f7413525602b0ea786d8974d03a81f7ca2a92 +Author: Damien Miller +Date: Thu Mar 13 10:45:53 2025 +1100 + + rebuild .depend + +commit d47ef958b89c6fa809302d654009d3dfabe11b75 +Author: djm@openbsd.org +Date: Wed Mar 12 22:43:44 2025 +0000 + + upstream: remove assumption that the sshd_config and any configs + + included from it can fit in a (possibly enlarged) socket buffer, by having + the sshd listener mainloop actively manage sending the configuration to the + sshd-session subprocess. + + work by markus@ w/ a little feedback from me; + ok me and committing on his behalf + + OpenBSD-Commit-ID: 8f54451483f64951853074adb76bc4f838eaf3ae + +commit 9c90b563943c16418d737433ac478974b8761ee5 +Author: dtucker@openbsd.org +Date: Tue Mar 11 11:46:44 2025 +0000 + + upstream: Prime caches for DNS names needed for tests. + + When running the SSHFP tests, particularly on an ephemeral VM, the first + query or two can fail for some reason, presumably because something isn't + fully initialized or something. To work around this, issue queries for the + names we'll need before we need them. + + OpenBSD-Regress-ID: 900841133540e7dead253407db5a874a6ed09eca + +commit 10124eefe875a3e4e1cfb84ebe6a613ed3213b78 +Author: dtucker@openbsd.org +Date: Tue Mar 11 09:06:50 2025 +0000 + + upstream: Some dd's don't understand "1m", so handle seperately. + + OpenBSD-Regress-ID: 1d983b27c96f28f69d3a288c19e8d8c58e1b2ee3 + +commit c21c8fc319376c2f5e0da166e9e89a97a245ae72 +Author: Darren Tucker +Date: Tue Mar 11 19:17:46 2025 +1100 + + Lazily unmount github workspace at end of workflow. + + Sometimes when a test times out the workspace is still busy when we try + to unmount it, which leaves the runner unusable until it's cleaned up + manually. We try to unmount this in the first step, but that usually + doesn't work since it fails during setup before it starts our workflow. + Move it to the end and make it a lazy unmount so it hopefully works + eventually. + +commit 4bcbac742968f5086cfd4c570a51de25ef77931f +Author: dtucker@openbsd.org +Date: Tue Mar 11 07:50:20 2025 +0000 + + upstream: Add regress test for sftp resume. + + OpenBSD-Regress-ID: 37f629b3014338fa23a85df1e1bb320ea12282e1 + +commit e2c4f070b43a4fd7d59a9350e2fe78df605830b5 +Author: dtucker@openbsd.org +Date: Tue Mar 11 07:46:02 2025 +0000 + + upstream: Use ssh binary instead of the (smaller) script when + + preparing test data files since it's faster. + + OpenBSD-Regress-ID: 4215e42682fdb73e131e10645d4a1a23a91d64f5 + +commit 62f02e95ba5cda4649c482d30f4370e2360eb94d +Author: dtucker@openbsd.org +Date: Tue Mar 11 07:43:45 2025 +0000 + + upstream: Set up dbclient's known_hosts as it expects. + + OpenBSD-Regress-ID: 9e0898e8423237ce5023be53787bb4062e0d0418 + +commit 395284bd52887dbaf7e78200c857d7f2d9ce398e +Author: dtucker@openbsd.org +Date: Tue Mar 11 07:43:03 2025 +0000 + + upstream: Use $DBCLIENT to access dbclient for consistency. + + OpenBSD-Regress-ID: 81e1b41e1ffc49aba1e6fcaeb6242f3b7875ea3c + +commit 97e10c0005a784622c61cb4e8bb7858b410bbcc6 +Author: dtucker@openbsd.org +Date: Tue Mar 11 07:42:08 2025 +0000 + + upstream: Check if dbclient supports SHA1 before trying SHA1-based + + KEX. + + Dropbear 2025.87 removed SHA1 support by default, which means + diffie-hellman-group14-sha1 is not available. Unfortunately there isn't a + flag to query supported KEX, so instead check MACs and if it doesn't have + SHA1 methods, assuming SHA1 based KEXes are likewise not available. Spotted + by anton@. + + OpenBSD-Regress-ID: acfa8e26c001cb18b9fb81a27271c3b51288d304 + +commit 29a5127f808d00aa539fd27d83a65c2c56179b0e +Author: dtucker@openbsd.org +Date: Tue Mar 11 07:48:51 2025 +0000 + + upstream: Set highwater when resuming a "put". Prevents bogus "server + + reordered acks" debug message. ok djm@ + + OpenBSD-Commit-ID: aa7f6d0fc2e893c8c278ea3e6e0974c2eca83f5d + +commit 6575859d7acb110acf408707f98ed9744ca7d692 +Author: dtucker@openbsd.org +Date: Mon Mar 3 06:54:37 2025 +0000 + + upstream: Test for %-token and env var expansion in SetEnv. + + OpenBSD-Regress-ID: bd6139a6177ac4afb29a0ce4afc23567b22ef9f9 + +commit fd7ad8d7bf7dbdeb8f11a8b51aa9d31df1a17e52 +Author: dtucker@openbsd.org +Date: Sun Mar 2 07:41:06 2025 +0000 + + upstream: Also test User expansions when supplied via -l option and + + user@host. + + OpenBSD-Regress-ID: 56415859260b53ef0dd20f71225ba5fdf6320f50 + +commit e6cfd783f1491b502db9322aa970822c63f1667d +Author: dtucker@openbsd.org +Date: Sat Mar 1 06:12:47 2025 +0000 + + upstream: Tests for User expansion of %-tokens and environment + + variables. + + OpenBSD-Regress-ID: 7ed21dd0e09fb1f3537b8b177f171018aa501628 + +commit 197e503b8e4b642ce0f405a5d65da4256fa96431 +Author: djm@openbsd.org +Date: Fri Dec 6 16:25:58 2024 +0000 + + upstream: use glob(3) wildcards in AuthorizedKeys/PrincipalsFile + + tests to exercise this feature; ok dtucker + + OpenBSD-Regress-ID: 7f7b19c0b05b1862cc6521ce61b2b301a3f9cc3b + +commit 396202180180a4ac16788d469508a348789dafa1 +Author: djm@openbsd.org +Date: Fri Dec 6 10:37:42 2024 +0000 + + upstream: implement attestation verification for ED25519 keys + + OpenBSD-Regress-ID: c44fa5cdb434375a8b5545fdb4fc651061afca1f + +commit b49875428cda9c16c5bd52552100da2b419cda5f +Author: dtucker@openbsd.org +Date: Mon Mar 3 06:53:09 2025 +0000 + + upstream: Add %-token and environment variable expansion to SetEnv. + + feedback deraadt@ jmc@, nits and ok djm@ + + OpenBSD-Commit-ID: 2f6e5070481cb73e6f35fd1c6608c1eeff88a5c1 + +commit b6bba67e6c31d268480773e4fed16d0a32b4218e +Author: djm@openbsd.org +Date: Sun Mar 2 22:44:00 2025 +0000 + + upstream: fix PerSourcePenalty incorrectly using "crash" penalty when + + LoginGraceTime was exceeded. Reported by irwin AT princeton.edu via bz3797 + + OpenBSD-Commit-ID: 1ba3e490a5a9451359618c550d995380af454d25 + +commit 38d69fee1b06948f160d94abd07b6b297630d30a +Author: Damien Miller +Date: Sun Mar 2 22:06:53 2025 +1100 + + include __builtin_popcount replacement function + + Some systems/compilers lack __builtin_popcount(), so replace it as + necessary. Reported by Dennis Clarke; ok dtucker@ + +commit c94138d02a45dda5015f38f5a60b0bdde29019c1 +Author: djm@openbsd.org +Date: Sun Mar 2 11:03:13 2025 +0000 + + upstream: whitespace + + OpenBSD-Commit-ID: 1bd8953a37451ef7e0991f9fceec5e8005fe986a + +commit 65d2c59628e68e166046efa69e76c1d395a8df6e +Author: dtucker@openbsd.org +Date: Sun Mar 2 07:02:49 2025 +0000 + + upstream: Make a copy of the user when handling ssh -l, so that + + later during User token expansion we don't end up freeing a member of argv. + Spotted by anton@'s regress tests. + + OpenBSD-Commit-ID: 2f671a4f5726b66d123b88b1fdd1a90581339955 + +commit bd30cf784d6e825ef71592fb723c41d4f2fd407b +Author: dtucker@openbsd.org +Date: Sat Mar 1 06:11:26 2025 +0000 + + upstream: Allow %-token and environment variable expansion in User, + + with the exception of %r and %C which are self-referential. Requested in + bz#3477, ok djm@, man page improvements jmc@ + + OpenBSD-Commit-ID: caeb46251ee073662f6f5864c6f7b92d8ac80fa8 + +commit 94f59dcfc57f95ae044f75c3ce544329c8956c35 +Author: Darren Tucker +Date: Sat Mar 1 10:28:59 2025 +1100 + + Rebuild config files if Makefile changes. + + This ensures paths are updated if they are changed by re-running configure. + Patch from rapier at psc.edu. + +commit dfd9880585db1570656022f9fe1519df673f7b8a +Author: Darren Tucker +Date: Wed Feb 26 18:16:03 2025 +1100 + + Check for le32toh, le64toh, htole64 individually. + + It appears that at least some versions of endian.h in glibc do not have + the latter two, so check for and replace each one individually. + bz#3794, ok djm@ + +commit cb99e8eb228df366af33f4fe88d7a9dd0dbf0756 +Author: djm@openbsd.org +Date: Tue Feb 25 06:25:30 2025 +0000 + + upstream: ressurect fix for "match invalid-user" that got clobbered + + by 1.423 + + OpenBSD-Commit-ID: d18bf0945976e0f3467d710d4bc8bdbe181c0567 + +commit 487cf4c18c123b66c1f3f733398cd37e6b2ab6ab +Author: deraadt@openbsd.org +Date: Fri Feb 21 18:22:41 2025 +0000 + + upstream: Also prohibit , (comma) in hostnames, proposed by David + + Leadbeater ok djm millert + + OpenBSD-Commit-ID: 2837fa31dc6e81976f510f0a259edaa559b20b07 + +commit 3bc6de98c830bd5207f6c371ba69c5874f06305b +Author: Damien Miller +Date: Mon Feb 24 17:27:50 2025 +1100 + + Try to fix github tcmalloc target failure + + tcmalloc may, depending on the stacktrace generator it uses, create + pipe(2) fds during shared library initialisation. These will later + get clobbered by ssh/sshd calling closefrom() and chaos will ensue. + Tell tcmalloc to use an unwinder that doesn't pull this stuff. + +commit 922e54bbfe8c8479453693ef52350338f0c19124 +Author: Damien Miller +Date: Fri Feb 21 13:44:35 2025 +1100 + + cleanup last mention of ubuntu-20.04 + +commit bc4b3f6dc1738d389e5c9dcca8c56d7e153fee49 +Author: Damien Miller +Date: Fri Feb 21 13:44:13 2025 +1100 + + prune gcc/clang versions to be tested + + Test only the oldest and latest versions of each + +commit 94b73755f931d592a612ef5cb998694643eab5ff +Author: Damien Miller +Date: Fri Feb 21 11:30:22 2025 +1100 + + Update AWS-LC version number + + Patch from Shubham Mittal bz bz3792 + +commit 6887099fae6d9f3482e1075d034e9343dc413200 +Author: Damien Miller +Date: Fri Feb 21 11:22:34 2025 +1100 + + adjust workflows for ubuntu version transition + + remove workflows for unsupported compilers, add a few for additional + supported compilers, move some workflows to run on ubuntu-latest + +commit 33bb47e6f74f2ca8093946e6f462d655a9ae46d3 +Author: Damien Miller +Date: Thu Feb 20 17:10:32 2025 +1100 + + Add ubuntu-*-arm test runners + +commit a0c95fbb215b2168fa51b15906e2d6990d7fef6b +Author: Damien Miller +Date: Thu Feb 20 17:03:28 2025 +1100 + + remove ubuntu-20.04 Github action runners + + ubuntu-20.04 is deprecated now, so migrate all its unique runners + to ubuntu-22.04. + + ok dtucker@ + +commit 0cbeedba81b57c56379e1d202b9ccd3b72af7ddc +Author: Damien Miller +Date: Tue Feb 18 19:03:42 2025 +1100 + + openssh-9.9p2 + +commit 0832aac79517611dd4de93ad0a83577994d9c907 +Author: djm@openbsd.org +Date: Tue Feb 18 08:02:48 2025 +0000 + + upstream: Fix cases where error codes were not correctly set + + Reported by the Qualys Security Advisory team. ok markus@ + + OpenBSD-Commit-ID: 7bcd4ffe0fa1e27ff98d451fb9c22f5fae6e610d + +commit 6ce00f0c2ecbb9f75023dbe627ee6460bcec78c2 +Author: djm@openbsd.org +Date: Tue Feb 18 08:02:12 2025 +0000 + + upstream: Don't reply to PING in preauth phase or during KEX + + Reported by the Qualys Security Advisory team. ok markus@ + + OpenBSD-Commit-ID: c656ac4abd1504389d1733d85152044b15830217 + +commit 9e5bd74a85192c00a842f63d7ab788713b4284c3 +Author: jmc@openbsd.org +Date: Sat Feb 15 06:48:56 2025 +0000 + + upstream: - use \& when contructs like "e.g." end a line, to avoid + + double spacing - macro is Qq not Oq + + OpenBSD-Commit-ID: 17e5d2d7f288cc7fc536e3af252224525f9fb43a + +commit f519e71fb7a46314ae16e2a75490649dc0bd01a2 +Author: Damien Miller +Date: Sat Feb 15 13:12:40 2025 +1100 + + depend + +commit 9131ac64b0ebe66dc1de9d44bf8d1bd64a24c350 +Author: djm@openbsd.org +Date: Sat Feb 15 01:52:07 2025 +0000 + + upstream: add "Match version" support to ssh_config. Allows + + matching on the local version of OpenSSH, e.g. "Match version OpenSSH_10.*" + + ok markus@ + + OpenBSD-Commit-ID: c0cb504d0b9e43ccf12e68a544a7cd625e89758d + +commit 192a20df00c8a56fe7d92ffa23d959c865d7fb9e +Author: djm@openbsd.org +Date: Sat Feb 15 01:50:47 2025 +0000 + + upstream: Add support for "Match sessiontype" to ssh_config. Allows + + matching on the type of session requested, either "shell" for interactive + sessions, "exec" for command execution sessions, "subsystem" for subsystem + requests, such as sftp, or "none" for transport/forwarding-only sessions. + + ok markus@ + + OpenBSD-Commit-ID: eff5c001aecb2283d36639cfb28c0935a8bfd468 + +commit caa3c0c77082888236b0b0c4feb3e6879731b3ba +Author: djm@openbsd.org +Date: Sat Feb 15 01:48:30 2025 +0000 + + upstream: "Match command ..." support for ssh_config to allow + + matching on the remote command specified on the commandline. + + Also relaxes matching rules for `Match tagged` to allow + `Match tagged ""` to match an empty tag value. This also works + for command. + + ok markus@ + + OpenBSD-Commit-ID: 00dcfea425bf58d824bf5e3464cfc2409121b60d + +commit 38f6000e9851a00e2e4b8e1eb4ea6a243ef7e6a3 +Author: Damien Miller +Date: Tue Feb 11 10:32:26 2025 +1100 + + depend + +commit aa1409e7a0a5605f0127651a3ba5a348666325bc +Author: djm@openbsd.org +Date: Mon Feb 10 23:19:26 2025 +0000 + + upstream: include arguments the command was invoked with, and + + operating system name, version and architecture in startup debugging output; + ok dtucker + + OpenBSD-Commit-ID: 2a509d319aaf31a6bf9998e1842832883fbc3edd + +commit 857ac20f5fe19f183defba5dbf4b7d9e6400230c +Author: djm@openbsd.org +Date: Mon Feb 10 23:16:51 2025 +0000 + + upstream: include line number in Match debug messages, makes it a + + little easier to see what's going on + + OpenBSD-Commit-ID: 1fcf4aa2ee667711b9497ded0fa52d757c69b1df + +commit af49d474e481d2d78b2f06b06a06b0b37629358e +Author: djm@openbsd.org +Date: Mon Feb 10 23:00:29 2025 +0000 + + upstream: fix "Match invalid-user" from incorrectly being activated + + in initial configuration pass when no other predicates were present on the + match line + + OpenBSD-Commit-ID: 02703b4bd207fafd03788bc4e7774bf80be6c9a8 + +commit 1c67bae3f5834e48ded71c406f2039dea6e536db +Author: schwarze@openbsd.org +Date: Sun Feb 9 18:24:08 2025 +0000 + + upstream: In a section 1 manual, use the plain English words + + "standard output" rather than the overly technical abbreviation "stdout" - we + are not talking about a device file or a FILE * object here. Issue reported + by on the groff mailing list. + + OpenBSD-Commit-ID: a0816999f970e6159523bed8484f62c42ec93109 + +commit 85b3d68dd931416ede657f371f1d60cdc3a66f34 +Author: dtucker@openbsd.org +Date: Fri Jan 17 00:09:41 2025 +0000 + + upstream: Fix debug logging of user specific delay. Patch from + + Achim Leitner (fjl5) via github PR#552. + + OpenBSD-Commit-ID: 834a869ed9b15058d3c1ef0cd75402ef989255d8 + +commit e4e5b06fdf4532705669c0ae944b364022d16b9d +Author: dtucker@openbsd.org +Date: Thu Jan 16 06:37:10 2025 +0000 + + upstream: Call log_init in sshd-auth and sshd-session immediately + + after parsing the config file so that any log settings set in the config file + take effect immediately. Move version banners to immediately after that, and + make them distinct per binary. ok djm@ + + OpenBSD-Commit-ID: acf3d090638edf9b6e6f78eed96b537fe671f0f5 + +commit 0643994b20f2cc54bca80842a984b3052ff1a6a9 +Author: dtucker@openbsd.org +Date: Wed Jan 15 22:23:13 2025 +0000 + + upstream: Use strprefix helper when processing sshd -C test args + + instead of counting bytes by hand. ok djm@ + + OpenBSD-Commit-ID: 2866d369d96fe04bf76112260ac37e489f98a9a9 + +commit 66efd0fbb6b8b95f8a520f2cdf8ede14e62b30b3 +Author: Damien Miller +Date: Thu Feb 6 09:38:09 2025 +1100 + + add support for AWS-LC (AWS libcrypto) + + Patch from Shubham Mittal via bz3784; ok dtucker + +commit 826483d51a9fee60703298bbf839d9ce37943474 +Author: Tim Rice +Date: Mon Dec 16 15:36:54 2024 -0800 + + fix old typo (s/SYSVINITSTOPT/SYSVINITSTOP/) + +commit 1a8ce460f1d0c3f7304edba0733783b57b430e21 +Author: dtucker@openbsd.org +Date: Thu Dec 12 09:09:09 2024 +0000 + + upstream: Plug leak on error path, spotted by Coverity. ok djm@ + + OpenBSD-Commit-ID: b1859959374b4709569760cae0866d22a16606d3 + +commit 924f996144fc0ae1a659fadcfc2237d1ae935fc4 +Author: Xavier Hsinyuan +Date: Mon Dec 9 11:21:05 2024 +0800 + + Add $(srcdir) for standalone sk-libfido2 make target. + + Fix out-of-tree build failure due to incorrect path for `sk-usbhid.c`. + +commit bbc9c18e84de29c83fa03e69290979fcca54a2b2 +Author: djm@openbsd.org +Date: Sat Dec 7 10:12:19 2024 +0000 + + upstream: replace bespoke logging of MaxSessions enforcement with + + new ratelimited logging infrastructure. + + Add ratelimits to logging of connections dropped by PerSourcePenalties + + ok dtucker + + OpenBSD-Commit-ID: f22fe7c39607e4361aadf95e33773ffd68c59489 + +commit 5a6ddf946cf105189c2c99a04f86ce95edc55fc5 +Author: djm@openbsd.org +Date: Sat Dec 7 10:05:36 2024 +0000 + + upstream: add infrastructure for ratelimited logging; feedback/ok + + dtucker + + OpenBSD-Commit-ID: 18a83e5ac09d59aaf1e834fd6b796db89dd842e7 + +commit 85f0c1e75e8f6c5d83b8070918ee2f6ab16d403e +Author: djm@openbsd.org +Date: Fri Dec 6 16:24:27 2024 +0000 + + upstream: allow glob(3) patterns for sshd_config AuthorizedKeysFile + + and AuthorizedPrincipalsFile directives; bz2755 ok dtucker + + OpenBSD-Commit-ID: 3e3e05a17fca39bba78b993a07b44664519adf7f + +commit 9a9ffee6e10bcd039f1f9385599577441ebe542a +Author: djm@openbsd.org +Date: Fri Dec 6 16:21:48 2024 +0000 + + upstream: support VersionAddendum in the client, mirroring the + + option of the same name in the server; bz2745 ok dtucker@ + + OpenBSD-Commit-ID: 6ff7905b3f9806649bde750515786553fb89cdf4 + +commit 41ab0ccecd68232e196efae5e224b31ca104c423 +Author: djm@openbsd.org +Date: Fri Dec 6 16:02:12 2024 +0000 + + upstream: clarify encoding of options/extensions; bz2389 + + OpenBSD-Commit-ID: c4e92356d44dfe6d0a4416deecb33d1d1eba016c + +commit 5488810359f0fd91e2f7b919c70a3798e46376cb +Author: djm@openbsd.org +Date: Fri Dec 6 15:17:15 2024 +0000 + + upstream: ignore SIGPIPE here; some downstreams have had this for + + years... + + OpenBSD-Commit-ID: 73674ee4f8ceb8fc9cb8de71d8ddea0c721eb035 + +commit 4389a792d9078212366eba124a3eed36e009d09e +Author: djm@openbsd.org +Date: Fri Dec 6 15:12:56 2024 +0000 + + upstream: sync -o option lists with ssh.1; requested jmc@ + + OpenBSD-Commit-ID: a7ac295b444da7b2ca7a33a52370594f6897f6bb + +commit 6b9cd095565ddc5402d5096dce248fa0521dbda3 +Author: Fabio Pedretti +Date: Mon Oct 16 17:12:24 2023 +0200 + + Remove ancient RHL 6.x config in RPM spec. + + It looks like build6x options were intended for RHL 6.x + (the Red Hat distro predating Fedora, not RHEL), but were + then applied to RHEL. + + Completely remove support for this ancient configuration. + + Successfully built, installed and run on RHEL 6. This also + remove a build warning about deprecation of PreReq. + +commit 5cacfa798f92b707491375fed748d1d1bcb33ec9 +Author: Darren Tucker +Date: Fri Dec 6 23:54:45 2024 +1100 + + Add new hardware-backed signing key for myself. + + Retire old non-hardware based signing key. + +commit f129b6ee1d4361799e65307216e3a4d5544356b7 +Author: Jonas 'Sortie' Termansen +Date: Sat Nov 2 22:05:45 2024 +0100 + + Fix configure implicit declaration and format warnings. + +commit 11a5e5179077f73c2d45bcdf3f60153ae3f17815 +Author: dtucker@openbsd.org +Date: Fri Dec 6 07:05:54 2024 +0000 + + upstream: Expand $SSH to absolute path if it's not already. + + Prevents problem later in increase_datafile_size if ssh is not in + the path. Patch from quaresmajose via GHPR#510. + + OpenBSD-Regress-ID: 2670a66af8b827410ca7139f0a89f4501cece77b + +commit dc2ef8f0944a4ff7ba19e52fd17b4654e6bd9b93 +Author: dtucker@openbsd.org +Date: Fri Dec 6 06:55:28 2024 +0000 + + upstream: Change "login again" to "log in again" + + in password change message. From ThinLinc-Zeijlon via github PR#532. + + OpenBSD-Commit-ID: fea5e9bc04caf613a118c419f16863733b340cf1 + +commit 8252f346eb21cd6b30816f905b7d94f10962373e +Author: naddy@openbsd.org +Date: Thu Dec 5 22:45:03 2024 +0000 + + upstream: catch up documentation: AES-GCM is preferred to AES-CTR + + OpenBSD-Commit-ID: 63360924b6834507fe70020edb936f5075043a9e + +commit 9a2f4c75081769bd45eba2bf3fab0a32b25f1879 +Author: Darren Tucker +Date: Fri Dec 6 17:56:17 2024 +1100 + + Change text from "login to" to "log in to". + + From ThinLinc-Zeijlon via GHPR#532. + +commit 24dcf368d816b06136a02845ebd0c7846bf18927 +Author: Xavier Hsinyuan +Date: Fri Dec 6 11:56:34 2024 +0800 + + Fix configure message typo in sk-libfido2 standalone. + +commit 1a0cac2f3411a22d69ae6918eff48456b805e73b +Author: Alexander Kanavin +Date: Thu Dec 5 16:26:46 2024 +0100 + + Skip 2038 key expiry test on 64 bit time_t systems. + + This allows testing Y2038 with system time set to after that (i.e. 2040), + so that actual Y2038 issues can be exposed, and not masked by key expiry + errors. + + Signed-off-by: Alexander Kanavin + +commit 6b4611dc1232c5d2c8e43201f580f19aab320c87 +Author: Darren Tucker +Date: Fri Dec 6 01:45:52 2024 +1100 + + Skip 64bit expiry time test on 32bit time_t. + +commit c9b7866a7dc5e6c30f5aa9d22dd0bbafda0d496f +Author: dtucker@openbsd.org +Date: Thu Dec 5 14:28:39 2024 +0000 + + upstream: Add key expiry test in the 64bit time_t range for additional + + coverage. From Alexander Kanavin via bz#3684. + + OpenBSD-Regress-ID: bdf6eb3c2421f2e1e11483d03b34c7931d1bccf7 + +commit 790c913b5fc6ee93ae14793443dc85a0f574b7eb +Author: Damien Miller +Date: Thu Dec 5 19:24:56 2024 +1100 + + typo + +commit d23a23aaeeabc228792e3fd7eb5f2fa6ae13c482 +Author: Damien Miller +Date: Thu Dec 5 08:47:02 2024 +1100 + + add a Makefile target for ssh-verify-attestation + + Not built by default, but easier than doing it by hand + +commit d0ac63d0f8b5f778d5fd326701ef4489bc27635e +Author: dtucker@openbsd.org +Date: Thu Dec 5 06:49:26 2024 +0000 + + upstream: De-magic the x11 base port number into a define. ok djm@ + + OpenBSD-Commit-ID: 23b85ca9d222cb739b9c33ee5e4d6ac9fdeecbfa + +commit 9998c93d57bf0f1df2bc93e0bc2d8112c6f8c720 +Author: dtucker@openbsd.org +Date: Thu Dec 5 06:47:00 2024 +0000 + + upstream: Prevent integer overflow in x11 port handling. These are + + theoretically possible if the admin misconfigures X11DisplayOffset or the + user misconfigures their own $DISPLAY, but don't happen in normal operation. + From Suhov Roman via bz#3730, ok djm@ + + OpenBSD-Commit-ID: e9e3860f1a19b862ccf07dc8ecbe8f1e1034f4ed + +commit 8c9ee046d40e4254c6c1711783ea11027b72c3e9 +Author: djm@openbsd.org +Date: Wed Dec 4 16:42:49 2024 +0000 + + upstream: add a work-in-progress tool to verify FIDO attestation + + blobs that ssh-keygen can write when enrolling FIDO keys. + + OpenBSD-Regress-ID: 6c97bf3f46e48866677ad69f54b77683eb92437f + +commit 50c640d874d0246dd0a0d949398c3d7f757c716a +Author: dtucker@openbsd.org +Date: Wed Dec 4 10:51:13 2024 +0000 + + upstream: Don't assume existence of SK provider in test. Patch from + + balu.gajjala at gmail via bz#3402. + + OpenBSD-Regress-ID: d571932016d07d135b54433d07520b9e1901db43 + +commit 73d782693144262570d3585b62f16b183170c014 +Author: djm@openbsd.org +Date: Wed Dec 4 14:37:55 2024 +0000 + + upstream: sync the list of options accepted by -o with ssh_config.5 + + prompted by bz3455 + + OpenBSD-Commit-ID: 0ecbfa70aea6c769bcc259defe07182edf461f57 + +commit 6993d9f0959534b0b7d52e17b95e9e79fb0b3d0a +Author: djm@openbsd.org +Date: Wed Dec 4 14:24:20 2024 +0000 + + upstream: don't screw up ssh-keygen -l output when the file + + contains CR characters; GHPR236 bz3385, fix from Dmitry Belyavskiy + + OpenBSD-Commit-ID: e458cf6b0adcea5b69ef4c7ba38e590841d02ef4 + +commit c0b03c2534946fc114880092177aa4a3683ced2d +Author: jsg@openbsd.org +Date: Tue Dec 3 22:30:03 2024 +0000 + + upstream: spelling; ok djm@ + + OpenBSD-Commit-ID: c8ff3f70020451eef214e598117b7ce1a29853ef + +commit 97eb247f40167f44324e88a537d5b4fe771a63b2 +Author: dtucker@openbsd.org +Date: Tue Dec 3 16:27:53 2024 +0000 + + upstream: Remove fallback to compiled-in gropup for dhgex when the + + moduli file exists, but does not contain moduli within the client-requested + range. The fallback behaviour remains for the case where the moduli file does + not exist (typically, running tests prior to installing). From bz#2793, based + in part on patch from Joe Testa, ok djm@ + + OpenBSD-Commit-ID: b1a8c5dbbedf249b42474679ebaf14db7332b1ab + +commit 30c746265ebde29806dba77c92fb1fd3803cbf5c +Author: tb@openbsd.org +Date: Tue Dec 3 15:53:51 2024 +0000 + + upstream: Remove redundant field of definition check + + This will allow us to get rid of EC_GROUP_method_of() in the near future. + + ok djm + + OpenBSD-Commit-ID: b4a3d2e00990cf5c2ec6881c21ddca67327c2df8 + +commit eaa1744f34c30740328fd0a0d84b5f2f9e6918c1 +Author: Damien Miller +Date: Thu Dec 5 00:59:19 2024 +1100 + + don't ignore changes in regress Makefiles + + reported by Torben Hansen in bz2880 + +commit 66e986880b2472fefaad781f10113b138b65ff27 +Author: Damien Miller +Date: Thu Dec 5 00:01:33 2024 +1100 + + Support systemd-style socket activation in agent + + Adds support for systemd LISTEN_PID/LISTEN_FDS socket activation to + ssh-agent. Activated when these environment variables are set and + the agent is started with the -d or -D option and no socket path + is set. + + Based on GHPR502 by Daniel Kahn Gillmor, ok dtucker + +commit 9b57c099f57152e6c94f633c114f544087f4bdaa +Author: Darren Tucker +Date: Wed Dec 4 21:36:01 2024 +1100 + + Update readme files to better reflect reality. + + Prompted by bz#3738, ok djm@. + +commit ffa885db1b960451d426455045d2f51288e48ee8 +Author: dtucker@openbsd.org +Date: Tue Dec 3 14:12:47 2024 +0000 + + upstream: Improve description of KbdInteractiveAuthentication. + + Based on bz#3658, fixes jmc@ ok markus@ djm@. + + OpenBSD-Commit-ID: 9fadb56b9afed554d501acbba911c685acd6ffc2 + +commit b460f82a67795bba37c6cc6c78f788e5b435b4cb +Author: Jonas 'Sortie' Termansen +Date: Sat Nov 2 17:53:23 2024 +0100 + + Inherit DESTDIR from the environment. + + autoconf packages conventionally inherit the DESTDIR variable from the + environment. + +commit 9da7fa7c7464df241ae5d17da94e4ebed9013719 +Author: Jonas 'Sortie' Termansen +Date: Sat Nov 2 22:10:39 2024 +0100 + + Define u_short and u_long if needed. + +commit d3a7ff7cecbc23cc37044bdf02e7118d05bf3c35 +Author: djm@openbsd.org +Date: Tue Dec 3 08:31:49 2024 +0000 + + upstream: support FIDO tokens that return no attestation data, e.g. + + recent WinHello. From Michael Braun via GHPR542 + + OpenBSD-Commit-ID: a71b0542f2f7819ba0e33a88908e01b6fc49e4ce + +commit 96b64056c812620014b65371a9e3ac86bfcd08d5 +Author: Thorsten Kukuk +Date: Tue Nov 19 10:53:28 2024 +0100 + + Add wtmpdb support as Y2038 safe wtmp replacement + +commit 1d9563a56f2ad5b0c0aeef20e19c1a03ad54f88a +Author: djm@openbsd.org +Date: Mon Dec 2 14:06:42 2024 +0000 + + upstream: unbreak + + OpenBSD-Commit-ID: 05b6c31f4a6e385338f43cc0e08776cea75802a1 + +commit d75837b9f6d0d6cc18ed5078789ea0f3dad08f00 +Author: djm@openbsd.org +Date: Mon Dec 2 13:37:18 2024 +0000 + + upstream: prefer AES-GCM to AES-CTR; ok deraadt markus + + OpenBSD-Commit-ID: 8366a72e0f300ee31c5dab2c95025387ec15bbc9 + +commit e19cd494b567a73dc390e09b47c1e21545e6116b +Author: Shiva Kaul +Date: Mon Dec 2 02:04:20 2024 -0500 + + Fix compilation with DEBUG_SK enabled + + In `ssh_ecdsa_sk_verify`, the `datalen` variable was renamed to `dlen` -- but not in this debugging block. + +commit 67ace92be0718df7e0f52c0a76684fc2ebae4089 +Author: dtucker@openbsd.org +Date: Fri Nov 29 00:13:36 2024 +0000 + + upstream: Import regenerated moduli. + + OpenBSD-Commit-ID: 311d271bf0fab8a119e84f4f696d8cd40731692f + +commit ca0697a90e5720ba4d76cb0ae9d5572b5260a16c +Author: Jeremy Stott +Date: Sat Oct 19 12:10:52 2024 +1300 + + Add make target for standalone sk-libfido2 + + Add a Makefile target for sk-libfido2, the standalone fido2 security + key shared library, suitable for use with the SecurityKeyProvider + option. + + Add a new configure option `--with-security-key-standalone` that + optionally sets the shared library target sk-libfido2$(SHLIBEXT), and + adds it to $(TARGETS). + + misc.h is required when SK_STANDALONE is defined, because of the use + of `monotime_tv` in `sk_select_by_touch`. + + Sets the shared library extension for sk-libfido2 is by setting + `SHLIBEXT` depending on the platform in configure.ac. + + Add the shared library to the CI builds in the `sk` target config to + make sure it can compile under the same conditions as + `--with-security-key-builtin`. + + Add a libssh-pic.a static library that compiles with `-fPIC` reusing + .c.lo method in sk-dummy.so for use in the shared library sk-libfido2. + + Note, a separate static library libssh-pic.a is needed, since defining + -DSK_STANDALONE excludes some symbols needed in sshkey.lo. + +commit 74d70841efbf41b9fcc8e6f6f4777d2e9d7e2004 +Author: Arnout Engelen +Date: Fri Oct 18 13:42:38 2024 +0200 + + mdoc2man: balance nested square brackets + + I noticed the square brackets in `destination [command [argument...]` + in the synopsis for the `ssh.1` manpage were not balanced, + this balances them. + + Signed-off-by: Arnout Engelen + +commit 8eabd2ae2ca1d7756417a1ee5b41f09c5d997634 +Author: djm@openbsd.org +Date: Wed Nov 27 16:07:08 2024 +0000 + + upstream: fix argument of "Compression" directive in ssh -G config + + dump, which used to work but broke in 9.8 + + OpenBSD-Commit-ID: c79936242d29c70d01941b28d2d07fd0b85fe46f + +commit 53c03961769d8879a81398074ea3cb36253d4f2e +Author: djm@openbsd.org +Date: Wed Nov 27 13:27:34 2024 +0000 + + upstream: new name/link for agent I-D + + OpenBSD-Commit-ID: e3420f3925a297a1b2ab7dfe7c7d274cfc8e1193 + +commit 785e3c9110df8f2d30e42ce8b45969c49700f35b +Author: djm@openbsd.org +Date: Wed Nov 27 13:00:23 2024 +0000 + + upstream: mention that biometrics may be used for FIDO key user + + verification as well as PIN. Prompted by Zack Newman, ok jmc@ + + OpenBSD-Commit-ID: b774a4438c9be70012661ee278450790d21277b8 + +commit fd2e64c9ec9ea3e89e396be0db41aaf982ae1210 +Author: djm@openbsd.org +Date: Tue Nov 26 22:05:51 2024 +0000 + + upstream: g/c outdated XXX comments + + OpenBSD-Commit-ID: 74d0c0b74994d9a4343c4d7ea4948cb34f609a6c + +commit 0ad34a6193357d286042322ea7347262a6fb0778 +Author: djm@openbsd.org +Date: Tue Nov 26 22:02:28 2024 +0000 + + upstream: regression test for UpdateHostkeys with multiple keys backed + + by ssh-agent. Patch from Maxime Rey. + + OpenBSD-Regress-ID: 1777ab6e639e57c0e20cbcb6df60455b49fd8bb3 + +commit 84023656d91b78f1ef86c8321ec563f2e90f7227 +Author: djm@openbsd.org +Date: Tue Nov 26 22:01:37 2024 +0000 + + upstream: Explicitly specify the signature algorithm when signing + + hostkeys-prove requests. + + Fixes a corner-case triggered by UpdateHostKeys with one or more unknown + host keys stored in ssh-agent where sshd refuses to accept the signature + coming back from the agent. + + Report/fix from Maxime Rey + + OpenBSD-Commit-ID: 460c7d527a24f92b7e5f68ca1a2fa242ebf0d086 + +commit d1c1cfc5e4e9b43593d4642810ea8135e4c7db49 +Author: djm@openbsd.org +Date: Tue Nov 26 21:23:35 2024 +0000 + + upstream: when using RSA keys to sign messages, select the + + signature algorithm based on the requested hash algorithm ("-Ohashalg=xxx"). + + This allows using something other than rsa-sha2-512, which may not + be supported on all signing backends, e.g. some smartcards only + support SHA256. + + Patch from Morten Linderud; ok markus@ + + OpenBSD-Commit-ID: 246353fac24e92629263996558c6788348363ad7 + +commit ac7544654441280071b90a4129a47467d40f2389 +Author: djm@openbsd.org +Date: Sun Nov 24 23:47:50 2024 +0000 + + upstream: turn off CDIAGFLAGS and turn back on INSTALL_STRIP + + accidentally changed in last commit + + OpenBSD-Commit-ID: 6d07e4606997e36b860621a14dd41975f2902f8f + +commit 953fa5b59afb04c3c74ed82d7bace65c13cd8baa +Author: Darren Tucker +Date: Sat Nov 9 11:41:44 2024 +1100 + + Disable security key for bigendian interop. + + It doesn't currently work. It's not clear why, but I suspect + sk-dummy.so ends up being built for the wrong architecture. + +commit a80eb71c428c474098087c672398f200be8fabdf +Author: Darren Tucker +Date: Sat Nov 9 05:14:16 2024 +1100 + + Reshuffle OpenWRT test configs. + + Move the the flags used by the OpenWRT distro to mipsel target and + enable OpenSSL on all targets to improve coverage. + + Explicitly disable security key and openssl on mips target so that host + end of the bigendian interop tests don't attempt them and fail (since + they're not enabled on the target side). + +commit d2709c461359e4129311cdff81ee05242d6c53cd +Author: Darren Tucker +Date: Sat Nov 9 03:26:08 2024 +1100 + + Add keytype to bigendian interop test. + +commit 50ac0f0e0627d29fd9becf5e15e8ceca5ad18078 +Author: Darren Tucker +Date: Sat Nov 9 03:24:29 2024 +1100 + + Ignore chown failure, eg due to dangling symlinks. + +commit 9e528e65a03245cf28e814f09b88c701bec935d1 +Author: Darren Tucker +Date: Sat Nov 2 18:05:41 2024 +1100 + + Test bigendian interop. + + Where our test target is a bigendian system, do an additional build on + the runner host (which is little endian) and test interop between the two. + Should hopefully catch obvious endianness bugs. + +commit dd416f5bfa96ac1ff44b27a93f7b55ee627c6baf +Author: Darren Tucker +Date: Fri Nov 1 19:44:29 2024 +1100 + + Allow overridding TEST_SSH_SSHD. + + This will allow tests to specify an alternative sshd, eg on a remote + machine with different endianness. + +commit 82662d562cf54829df8a941cdfb2fd307e1d9a90 +Author: djm@openbsd.org +Date: Wed Nov 6 22:51:26 2024 +0000 + + upstream: ssh-agent implemented an all-or-nothing allow-list of + + FIDO application IDs for security key-backed keys, to prevent web key handles + from being used remotely as this would likely lead to unpleasant surprises. + By default, only application IDs that start with "ssh:*" are allowed. + + This adds a -Owebsafe-allow=... argument that can override the default + list with a more or less restrictive one. The default remains unchanged. + + ok markus@ + + OpenBSD-Commit-ID: 957c1ed92a8d7c87453b9341f70cb3f4e6b23e8d + +commit 593a0b65c55c1e06a8c22b084aefc395aedb0127 +Author: jca@openbsd.org +Date: Mon Nov 4 21:59:15 2024 +0000 + + upstream: Ignore extra groups that don't fit in the buffer passed + + to getgrouplist(3) + + Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents + an admin from adding a user to more groups. With that tweak we'll keep + on ignoring them instead of potentially reading past the buffer passed to + getgrouplist(3). That behavior is explicitely described in initgroups(3). + + ok millert@ gilles@ + + OpenBSD-Commit-ID: a959fc45ea3431b36f52eda04faefc58bcde00db + +commit e7adebeff3a9d038d0eaeeb0fcefedf29acb7e90 +Author: Damien Miller +Date: Mon Nov 4 14:39:27 2024 +1100 + + Add git signing key for Tim Rice + +commit da4b84845e874f12af7e0686170fa391c919d1df +Author: Darren Tucker +Date: Fri Nov 1 18:51:22 2024 +1100 + + Correct path to c-cpp.yml file in workflow config. + +commit 28740aa2c75392a9c4191eb9523f9b20853e2932 +Author: Darren Tucker +Date: Fri Nov 1 18:44:42 2024 +1100 + + Test new OpenSSL and LibreSSL releases.` + +commit a74809fe06540f16231b354ffe21fcbf39e81f73 +Author: Darren Tucker +Date: Fri Nov 1 18:44:00 2024 +1100 + + Add nbsd10 default test config. + +commit 88b35cbdc1500efece65cd6a9a20a72cf7e46eaa +Author: Damien Miller +Date: Wed Oct 30 14:25:14 2024 +1100 + + fix uint64_t types; reported by Tom G. Christensen + +commit ef7c26cd2f0f9a8222f851d1e551f6dfd3113f8b +Author: Damien Miller +Date: Sun Oct 27 13:28:11 2024 +1100 + + htole64() etc for systems without endian.h + +commit 0c3927c45f8a57b511c874c4d51a8c89414f74ef +Author: djm@openbsd.org +Date: Sun Oct 27 02:06:59 2024 +0000 + + upstream: explicitly include endian.h + + OpenBSD-Commit-ID: 13511fdef7535bdbc35b644c90090013da43a318 + +commit cf3e48ee8ba1beeccddd2f203b558fa102be67a2 +Author: djm@openbsd.org +Date: Sun Oct 27 02:06:01 2024 +0000 + + upstream: fix ML-KEM768x25519 KEX on big-endian systems; spotted by + + jsg@ feedback/ok deraadt@ + + OpenBSD-Commit-ID: 26d81a430811672bc762687166986cad40d28cc0 + +commit ae566d51b64fa3dce7063e7745b9b35f8f47abde +Author: naddy@openbsd.org +Date: Fri Oct 25 21:53:24 2024 +0000 + + upstream: mlkem768x25519-sha256 has been promoted to default key + + exchange + + OpenBSD-Commit-ID: 5a3259a193fd42108a869ebf650b95b5f2d08dcf + +commit 3af1dba1384ca896df6e973c70398c41d36de1ea +Author: Darren Tucker +Date: Fri Oct 25 19:04:30 2024 +1100 + + Retire the minix3 test config. + + It got broken by the sshd-auth change, it's not obvious why, and the + platform lacks the debugging tools (eg gdb, strace) to figure it out. + The upstream project seems effectively dead (6 years since the last + commit, 10 since the last release). It was useful while it lasted + (we found a real bug because of it) but its time seems to have passed. + +commit 3b240cc44b8de9175280ddbe59331317d427b0e3 +Author: Preetish Amballi +Date: Mon Oct 21 14:07:02 2024 +0000 + + Updated gitignore to ignore sshd-session and sshd-auth targets + +commit 326495744f06a0ab18ee0d16f87b3fe91cac92fb +Author: Darren Tucker +Date: Fri Oct 25 19:01:02 2024 +1100 + + Simplify pselect shim and remove side effects. + + Instead of maintaing state (pipe descriptors, signal handlers) across + pselect-on-select invocations, set up and restore them each call. + This prevents outside factors (eg a closefrom or signal handler + installation) from potentially causing problems. This does result in a + drop in throughput of a couple of percent on geriatric platforms without + a native pselect due to the extra overhead. Tweaks & ok djm@ + +commit e53b615f3934ffac1efb3c1e491d126b9b09fd24 +Author: djm@openbsd.org +Date: Fri Oct 25 01:34:18 2024 +0000 + + upstream: promote mlkem768x25519-sha256 to be the default key exchange; + + ok markus@ + + OpenBSD-Commit-ID: fc673065e6505bb06b2e2b9362f78ccb4200a828 + +commit de644b1831b970f6655f871c051774cc871e8e74 +Author: djm@openbsd.org +Date: Thu Oct 24 03:28:34 2024 +0000 + + upstream: test SIGUSR1 dropping all keys from ssh-agent + + OpenBSD-Regress-ID: 8654b9aa8eb695b1499fffc408c25319592bf0e0 + +commit e86d7a077ce9a2b9ee9d4138c358a17cbdb786f9 +Author: djm@openbsd.org +Date: Thu Oct 24 03:15:47 2024 +0000 + + upstream: amake ssh-agent drop all keys when it receives SIGUSR1; + + let's users zap keys without access to $SSH_AUTH_SOCK + + ok deraadt@ + + OpenBSD-Commit-ID: dae9db0516b1011e5ba8c655ac702fce42e6c023 + +commit 94cdfebec852a2429c008cc2a55f8e4183f36972 +Author: djm@openbsd.org +Date: Thu Oct 24 03:14:37 2024 +0000 + + upstream: relax valid_domain() checks to allow an underscore as the + + first character. ok deraadt@ + + OpenBSD-Commit-ID: 3f8be6d32496e5596dd8b14e19cb067ddd7969ef + +commit 1b05d5437bf45bee5e3104772dea06ed51764f1b +Author: dtucker@openbsd.org +Date: Tue Oct 22 07:13:28 2024 +0000 + + upstream: Remove sshd logfile in start_sshd + + ... and ssh and sshd log wrappers before recreating them. Prevents "can't + create" errors during tests when running tests without SUDO after having + run them with SUDO. + + OpenBSD-Regress-ID: 2f0a83532e3dccd673a9bf0291090277268c69a6 + +commit 307ab3c7720f8879b835614b02687358ee4df9b9 +Author: dtucker@openbsd.org +Date: Tue Oct 22 06:16:26 2024 +0000 + + upstream: Add a sshd debug wrapper + + ... to run all of the subprograms from the build directory while + developing and debugging. Should help prevent accidentally testing + against unchanged installed sshd-auth and sshd-session binaries. ok djm@ + + OpenBSD-Commit-ID: 61760cdc98c2bc8f1e9f83a6f97cca0f66b52e69 + +commit 87bd1cb3ccba5e91d2650eb7f753c898ee43858e +Author: dtucker@openbsd.org +Date: Tue Oct 22 06:13:00 2024 +0000 + + upstream: Make debug call printf("%s", NULL) safe. + + Prevents problems on platforms where this isn't safe (which it's not + required to be). ok djm@ + + OpenBSD-Commit-ID: 8fa4ce3ad90915c925b81b99a79ab920b0523387 + +commit c44c349edd157b2c00c42bd5ef5f9dfb37de26f3 +Author: Darren Tucker +Date: Tue Oct 22 17:48:32 2024 +1100 + + Resync cvsid missed in commit 6072e4c9. + +commit fe4305c37ffe53540a67586854e25f05cf615849 +Author: djm@openbsd.org +Date: Fri Oct 18 05:53:26 2024 +0000 + + upstream: mention that LocalForward and RemoteForward can accept Unix + + domain socket paths; GHPR115 + + OpenBSD-Commit-ID: a8a34d0a0c51a9ddab3dfce615f9878fa76ef842 + +commit 9c97b6af8e052ab5ffe0f9096fadc8f9a4d0ed0f +Author: djm@openbsd.org +Date: Fri Oct 18 05:45:40 2024 +0000 + + upstream: remove duplicate check; GHPR392 from Pedro Martelletto + + OpenBSD-Commit-ID: 597ab7dd3f0e78939d2659fc1904d0f39ee95487 + +commit d9cd208e89a471a3ff8adfcec68d6210af9e9fd5 +Author: djm@openbsd.org +Date: Fri Oct 18 05:37:24 2024 +0000 + + upstream: allow "-" as output file for moduli screening + + based on GHPR393 + + OpenBSD-Commit-ID: 1517763764eb55d03a6092dd120d2909c6fef0e1 + +commit 5eb5c4b2820d0636b1eccee646fb32ec946c4a95 +Author: djm@openbsd.org +Date: Fri Oct 18 05:32:51 2024 +0000 + + upstream: ssh-keyscan doesn't need it's own sshfatal() definition, it + + can use the shared one from fatal.c + + based on GHPR401 from lengyijun + + OpenBSD-Commit-ID: 8ea75ea99f27f464c9223cbc89cb046ccf9cd5c4 + +commit 0a1e75499e2c6fc258ee903645c878480949f362 +Author: djm@openbsd.org +Date: Fri Oct 18 05:14:51 2024 +0000 + + upstream: in _ssh_order_hostkeyalgs() consider ECDSA curve type when + + arranging the hostkey algorithms. AFAIK this code is unused in OpenSSH, but I + guess others are using it + + based on GHPR387 from Pawel Jakub Dawidek + + OpenBSD-Commit-ID: 4d462495ac0c40f7b7dd66178e0005b9b2128225 + +commit d01ee7a88c5f4b1aa8c75a7c739f8f3bc1ad8bde +Author: djm@openbsd.org +Date: Fri Oct 18 05:03:34 2024 +0000 + + upstream: require control-escape character sequences passed via the '-e + + ^x' commandline to be exactly two characters long. Avoids one by OOB read if + ssh is invoked as "ssh -e^ ..." + + Spotted by Maciej Domanski in GHPR368 + + OpenBSD-Commit-ID: baa72bc60898fc5639e6c62de7493a202c95823d + +commit 74ff6382f5743e09930e6cbd195dac65cd6062c9 +Author: djm@openbsd.org +Date: Fri Oct 18 04:30:09 2024 +0000 + + upstream: remove addr.[ch] functions that are unused and + + visbility-restrict ones that are unused outside the implementation itself; + based on GHPR#282 by tobias@ + + OpenBSD-Commit-ID: a0140f2418b4d46cfaa7b33febc0a0931f9b2744 + +commit a9d6d7d93c533fa729f08b405e786d912553f33e +Author: djm@openbsd.org +Date: Fri Oct 18 04:14:59 2024 +0000 + + upstream: unreachable POLLERR case; from ya0guang via GHPR485 + + OpenBSD-Commit-ID: b3c82655190532b01eb817e532742cfaa4687eff + +commit d76424bf279ff951383e21213eb3759ea4090674 +Author: djm@openbsd.org +Date: Fri Oct 18 04:11:54 2024 +0000 + + upstream: s/Sx/Cm/ for external references; from Domen Puncer + + Kugler via GHPR501 + + OpenBSD-Commit-ID: f864a34feb5d5ff17160cf7c42ad0f7744fe8a3f + +commit ca204b994e2981e7bf95627b3105408917105649 +Author: naddy@openbsd.org +Date: Mon Oct 14 23:53:34 2024 +0000 + + upstream: mention SshdAuthPath option; ok djm@ + + OpenBSD-Commit-ID: 9a5d3add25e4e77bd3805bc5583a842ecf34d85c + +commit be27770e840c4dd9d9fcad1aa879400c727d7c2f +Author: Darren Tucker +Date: Fri Oct 18 13:37:55 2024 +1100 + + Remove references to systrace and pledge sandboxes. + + ok djm@ + +commit 49e64bf63fbf2f14961062dafe8ef08cb816bb08 +Author: Pavel Miadzvedzeu +Date: Wed Apr 24 10:19:56 2024 +0300 + + Fix "undeclared 'ut'" error by replacing it with 'utx' + +commit 67f684733f60f66479854a2867b953de731e71b2 +Author: Darren Tucker +Date: Thu Oct 17 20:50:29 2024 +1100 + + Seed RNG when starting up sshd-auth. + + Makes builds configured --without-openssl work again since otherwise + the first use of the RNG comes after the sandbox init and it can't + open /dev/random. + +commit c06c681aeebbe8e84e7410095514e7ee91f7e6cb +Author: Darren Tucker +Date: Thu Oct 17 19:18:23 2024 +1100 + + MacOS 12 runners are deprecated, replace with 15. + +commit 39db1f23bafb48a7c0cc9c65c716a0370f4cc677 +Author: Damien Miller +Date: Thu Oct 17 13:28:47 2024 +1100 + + Fix lookup path for sshd-auth; bz3745 + +commit c537eeb1ae5f069450053b0027e64efe5bdb37d2 +Author: Damien Miller +Date: Wed Oct 16 08:28:21 2024 +1100 + + fix breakage; missing saved_argc symbol + +commit 98a0883bdef28a06c7e017f27adf21ba57898bf4 +Author: Damien Miller +Date: Mon Oct 14 17:17:50 2024 +1100 + + fix capsicum sandbox + +commit 164ea4380564a2a83713eacf71908e3946e5e4e4 +Author: Damien Miller +Date: Mon Oct 14 17:16:41 2024 +1100 + + put back some portable bits for sshd-auth.c + +commit f8edf08c258ee2918689872c4702302052729726 +Author: Damien Miller +Date: Mon Oct 14 14:49:25 2024 +1100 + + there's only one sandbox, move to a static global + +commit 4482f0042b41d3d63c3845d7ba9fcf47c9252a84 +Author: Damien Miller +Date: Mon Oct 14 14:49:20 2024 +1100 + + depend + +commit 74856204a353a187dc6e7706c6cf84b7f14d775d +Author: djm@openbsd.org +Date: Mon Oct 14 03:02:08 2024 +0000 + + upstream: regress support for split sshd-auth binary + + OpenBSD-Regress-ID: df7d18a87b475f70004770f0f4e404adba5f6ab7 + +commit 461741083d7254595fecea274e60fe3ebf3ce3f9 +Author: djm@openbsd.org +Date: Fri Sep 27 01:05:54 2024 +0000 + + upstream: test some more Match syntax, including criteria=arg and + + negations + + OpenBSD-Regress-ID: 67476baccc60bf1a255fd4e329ada950047b8b8d + +commit 6072e4c9385713e9c166f32cfca6a7e603d4f0b8 +Author: djm@openbsd.org +Date: Mon Oct 14 01:57:50 2024 +0000 + + upstream: Split per-connection sshd-session binary + + This splits the user authentication code from the sshd-session + binary into a separate sshd-auth binary. This will be executed by + sshd-session to complete the user authentication phase of the + protocol only. + + Splitting this code into a separate binary ensures that the crucial + pre-authentication attack surface has an entirely disjoint address + space from the code used for the rest of the connection. It also + yields a small runtime memory saving as the authentication code will + be unloaded after thhe authentication phase completes. + + Joint work with markus@ feedback deraadt@ + + Tested in snaps since last week + + OpenBSD-Commit-ID: 9c3b2087ae08626ec31b4177b023db600e986d9c + +commit fe6c6330c1a94c7a537efe9069853ce7a275c50a +Author: djm@openbsd.org +Date: Sun Oct 13 22:20:06 2024 +0000 + + upstream: don't start the ObscureKeystrokeTiming mitigations if + + there has been traffic on a X11 forwarding channel recently. + + Should fix X11 forwarding performance problems when this setting is + enabled. Patch from Antonio Larrosa via bz3655 + + OpenBSD-Commit-ID: 820284a92eb4592fcd3d181a62c1b86b08a4a7ab + +commit 538cd28598ae942c94b99855b06fdd937e2e7381 +Author: jsg@openbsd.org +Date: Sat Oct 12 10:50:37 2024 +0000 + + upstream: remove duplicate misc.h include ok dtucker@ + + OpenBSD-Commit-ID: fdd056e7854294834d54632b4282b877cfe4c12e + +commit 0051381a8c33740a77a1eca6859efa1c78887d80 +Author: djm@openbsd.org +Date: Sun Oct 6 23:37:17 2024 +0000 + + upstream: Turn off finite field (a.k.a modp) Diffie-Hellman key + + exchange in sshd by default. Specifically, this removes the + diffie-hellman-group* and diffie-hellman-group-exchange-* methods. The client + is unchanged and continues to support these methods by default. + + Finite field Diffie Hellman is slow and computationally expensive for + the same security level as Elliptic Curve DH or PQ key agreement while + offering no redeeming advantages. + + ECDH has been specified for the SSH protocol for 15 years and some + form of ECDH has been the default key exchange in OpenSSH for the last + 14 years. + + ok markus@ + + OpenBSD-Commit-ID: 4e238ad480a33312667cc10ae0eb6393abaec8da + +commit 67a115e7a56dbdc3f5a58c64b29231151f3670f5 +Author: djm@openbsd.org +Date: Thu Sep 26 23:55:08 2024 +0000 + + upstream: fix previous change to ssh_config Match, which broken on + + negated Matches; spotted by phessler@ ok deraadt@ + + OpenBSD-Commit-ID: b1c6acec66cd5bd1252feff1d02ad7129ced37c7 + +commit 220b6c1290042acd5180d783dea01efe1365c265 +Author: jsg@openbsd.org +Date: Wed Sep 25 23:01:39 2024 +0000 + + upstream: remove some unused defines; ok djm@ + + OpenBSD-Commit-ID: 3a63e4e11d455704f684c28715d61b17f91e0996 + +commit 3ef4f6e8a4d774f73852391fdccbb95f39fc71bf +Author: jmc@openbsd.org +Date: Wed Sep 25 06:13:01 2024 +0000 + + upstream: remove some unneeded Xo/Xc calls; from evan silberman the + + original diff had a couple of errors, which i've fixed + + OpenBSD-Commit-ID: f37ad5888adbc0d4e1cd6b6de237841f4b1e650d + +commit 3f02368e8e9121847727c46b280efc280e5eb615 +Author: djm@openbsd.org +Date: Wed Sep 25 01:24:04 2024 +0000 + + upstream: fix regression introduced when I switched the "Match" + + criteria tokeniser to a more shell-like one. Apparently the old tokeniser + (accidentally?) allowed "Match criteria=argument" as well as the "Match + criteria argument" syntax that we tested for. + + People were using this syntax so this adds back support for + "Match criteria=argument" + + bz3739 ok dtucker + + OpenBSD-Commit-ID: d1eebedb8c902002b75b75debfe1eeea1801f58a + +commit 9517cc58577f85a0ba5f8bb46778dff625f0688f +Author: djm@openbsd.org +Date: Tue Sep 24 02:28:17 2024 +0000 + + upstream: some extra paranoia, reminded by jsg@ + + OpenBSD-Commit-ID: 22072bfa1df1391858ae7768a6c627e08593a91e + +commit 815a94e86a68c1000b8310cb47695cea9329516c +Author: Damien Miller +Date: Wed Sep 25 11:15:45 2024 +1000 + + gss-serv.c needs sys/param.h + + From Void Linux + +commit 76a618d2842c34c16cd21a4efc7230e2f459008d +Author: Damien Miller +Date: Wed Sep 25 11:13:05 2024 +1000 + + build construct_utmp() when USE_BTMP is set + + Fixes compile error on Void Linux/Musl + +commit d3aee17f6d395202eaa42a0c449b6da41f61527c +Author: Darren Tucker +Date: Tue Sep 24 18:41:44 2024 +1000 + + Test the flags from OpenWRT's package. + +commit 0f5d19e6fe4b58a89e6dc8c71a2aae30365d193e +Author: Christoph Ostarek +Date: Wed Jul 3 12:46:59 2024 +0200 + + fix utmpx ifdef + + 02e16ad95fb1f56ab004b01a10aab89f7103c55d did a copy-paste for + utmpx, but forgot to change the ifdef appropriately + +commit e03239f999acf9dc3da0f2f72bde36abbe678911 +Author: jsg@openbsd.org +Date: Sun Sep 22 12:56:21 2024 +0000 + + upstream: remove some unused defines; ok djm@ + + OpenBSD-Commit-ID: 81869ee6356fdbff19dae6ff757095e6b24de712 + +commit a35f543d3a6275fef781e515c262d1c687c3bc28 +Author: jsg@openbsd.org +Date: Fri Sep 20 02:00:46 2024 +0000 + + upstream: remove unneeded semicolons; checked by millert@ + + OpenBSD-Commit-ID: 3fb621a58e04b759a875ad6a33f35bb57ca80231 + +commit 1641f2d4d6e05d2147913442864cae546e64f08b +Author: Darren Tucker +Date: Mon Sep 23 20:52:31 2024 +1000 + + Add 9.9 branch to CI status console. + +commit 46d1fb16b20e971b9ac15e86a3d3e350b49c9ad6 +Author: Damien Miller +Date: Fri Sep 20 08:20:13 2024 +1000 + + update version numbers + +commit 0bdca1f218971b38728a0a129f482476baff0968 +Author: djm@openbsd.org +Date: Thu Sep 19 22:17:44 2024 +0000 + + upstream: openssh-9.9 + + OpenBSD-Commit-ID: 303417285f1a73b9cb7a2ae78d3f493bbbe31f98 + +commit ef2d7f2d3e1b4c9ae71bacf963e76a92ab8be543 +Author: Damien Miller +Date: Wed Sep 18 16:03:23 2024 +1000 + + include openbsd-compat/base64.c license in LICENSE + +commit 7ef362b989c8d1f7596f557f22e5924b9c08f0ea +Author: Damien Miller +Date: Wed Sep 18 09:01:23 2024 +1000 + + conditionally include mman.h in arc4random code + +commit 5fb2b5ad0e748732a27fd8cc16a7ca3c21770806 +Author: Damien Miller +Date: Tue Sep 17 11:53:24 2024 +1000 + + fix bug in recently-added sntrup761 fuzzer + + key values need to be static to persist across invocations; + spotted by the Qualys Security Advisory team. + +commit 0ca128c9ee894f1b0067abd473bfb33171df67f8 +Author: djm@openbsd.org +Date: Mon Sep 16 05:37:05 2024 +0000 + + upstream: use 64 bit math to avoid signed underflow. upstream code + + relies on using -fwrapv to provide defined over/underflow behaviour, but we + use -ftrapv to catch integer errors and abort the program. ok dtucker@ + + OpenBSD-Commit-ID: 8933369b33c17b5f02479503d0a92d87bc3a574b + +commit f82e5e22cad88c81d8a117de74241328c7b101c3 +Author: jmc@openbsd.org +Date: Sun Sep 15 08:27:38 2024 +0000 + + upstream: minor grammar/sort fixes for refuseconnection; ok djm + + OpenBSD-Commit-ID: 1c81f37b138b8b66abba811fec836388a0f3e6da + +commit 0c1165fc78e8fe69b5df71f81a8f944554a68b53 +Author: Damien Miller +Date: Sun Sep 15 13:30:13 2024 +1000 + + avoid gcc warning in fuzz test + +commit ce171d0718104b643854b53443ff72f7283d33f2 +Author: djm@openbsd.org +Date: Sun Sep 15 03:09:44 2024 +0000 + + upstream: bad whitespace in config dump output + + OpenBSD-Commit-ID: d899c13b0e8061d209298eaf58fe53e3643e967c + +commit 671c440786a5a66216922f15d0007b60f1e6733f +Author: Damien Miller +Date: Sun Sep 15 12:53:59 2024 +1000 + + use construct_utmp to construct btmp records + + Simpler and removes some code with the old-style BSD license. + +commit 930cb02b6113df72fbc732b9feb8e4f490952a81 +Author: djm@openbsd.org +Date: Sun Sep 15 02:20:51 2024 +0000 + + upstream: update the Streamlined NTRU Prime code from the "ref" + + implementation in SUPERCOP 20201130 to the "compact" implementation in + SUPERCOP 20240808. The new version is substantially faster. Thanks to Daniel + J Bernstein for pointing out the new implementation (and of course for + writing it). + + tested in snaps/ok deraadt@ + + OpenBSD-Commit-ID: bf1a77924c125ecdbf03e2f3df8ad13bd3dafdcb + +commit 9306d6017e0ce5dea6824c29ca5ba5673c2923ad +Author: djm@openbsd.org +Date: Sun Sep 15 01:19:56 2024 +0000 + + upstream: document Match invalid-user + + OpenBSD-Commit-ID: 2c84a9b517283e9711e2812c1f268081dcb02081 + +commit 0118a4da21147a88a56dc8b90bbc2849fefd5c1e +Author: djm@openbsd.org +Date: Sun Sep 15 01:18:26 2024 +0000 + + upstream: add a "Match invalid-user" predicate to sshd_config Match + + options. + + This allows writing Match conditions that trigger for invalid username. + E.g. + + PerSourcePenalties refuseconnection:90s + Match invalid-user + RefuseConnection yes + + Will effectively penalise bots try to guess passwords for bogus accounts, + at the cost of implicitly revealing which accounts are invalid. + + feedback markus@ + + OpenBSD-Commit-ID: 93d3a46ca04bbd9d84a94d1e1d9d3a21073fbb07 + +commit 7875975136f275619427604900cb0ffd7020e845 +Author: djm@openbsd.org +Date: Sun Sep 15 01:11:26 2024 +0000 + + upstream: Add a "refuseconnection" penalty class to sshd_config + + PerSourcePenalties + + This allows penalising connection sources that have had connections + dropped by the RefuseConnection option. ok markus@ + + OpenBSD-Commit-ID: 3c8443c427470bb3eac1880aa075cb4864463cb6 + +commit 8d21713b669b8516ca6d43424a356fccc37212bb +Author: djm@openbsd.org +Date: Sun Sep 15 01:09:40 2024 +0000 + + upstream: Add a sshd_config "RefuseConnection" option + + If set, this will terminate the connection at the first authentication + request (this is the earliest we can evaluate sshd_config Match blocks) + + ok markus@ + + OpenBSD-Commit-ID: 43cc2533984074c44d0d2f92eb93f661e7a0b09c + +commit acad117e66018fe1fa5caf41b36e6dfbd61f76a1 +Author: djm@openbsd.org +Date: Sun Sep 15 00:58:01 2024 +0000 + + upstream: switch sshd_config Match processing to the argv tokeniser + + too; ok markus@ + + OpenBSD-Commit-ID: b74b5b0385f2e0379670e2b869318a65b0bc3923 + +commit baec3f7f4c60cd5aa1bb9adbeb6dfa4a172502a8 +Author: djm@openbsd.org +Date: Sun Sep 15 00:57:36 2024 +0000 + + upstream: switch "Match" directive processing over to the argv + + string tokeniser, making it possible to use shell-like quoting in Match + directives, particularly "Match exec". ok markus@ + + OpenBSD-Commit-ID: 0877309650b76f624b2194c35dbacaf065e769a5 + +commit dd424d7c382c2074ab70f1b8ad4f169a10f60ee7 +Author: djm@openbsd.org +Date: Sun Sep 15 00:47:01 2024 +0000 + + upstream: include pathname in some of the ssh-keygen passphrase + + prompts. Helps the user know what's going on when ssh-keygen is invoked via + other tools. Requested in GHPR503 + + OpenBSD-Commit-ID: 613b0bb6cf845b7e787d69a5b314057ceda6a8b6 + +commit 62bbf8f825cc390ecb0523752ddac1435006f206 +Author: djm@openbsd.org +Date: Sun Sep 15 00:41:18 2024 +0000 + + upstream: Do not apply authorized_keys options when signature + + verification fails. Prevents restrictive key options being incorrectly + applied to subsequent keys in authorized_keys. bz3733, ok markus@ + + OpenBSD-Commit-ID: ba3776d9da4642443c19dbc015a1333622eb5a4e + +commit 49f325fd47af4e53fcd7aafdbcc280e53f5aa5ce +Author: Wu Weixin +Date: Fri Aug 2 22:16:40 2024 +0800 + + Fix without_openssl always being set to 1 + + In Fedora systems, %{?rhel} is empty. In RHEL systems, %{?fedora} is + empty. Therefore, the original code always sets without_openssl to 1. + +commit c21c3a2419bbc1c59cb1a16ea356e703e99a90d9 +Author: djm@openbsd.org +Date: Thu Sep 12 00:36:27 2024 +0000 + + upstream: Relax absolute path requirement back to what it was prior to + + OpenSSH 9.8, which incorrectly required that sshd was started with an + absolute path in inetd mode. bz3717, patch from Colin Wilson + + OpenBSD-Commit-ID: 25c57f22764897242d942853f8cccc5e991ea058 + +commit 1bc426f51b0a5cfdcfbd205218f0b6839ffe91e9 +Author: naddy@openbsd.org +Date: Mon Sep 9 14:41:21 2024 +0000 + + upstream: document the mlkem768x25519-sha256 key exchange algorithm + + OpenBSD-Commit-ID: fa18dccdd9753dd287e62ecab189b3de45672521 + +commit 0a2db61a5ffc64d2e2961c52964f933879952fc7 +Author: Darren Tucker +Date: Tue Sep 10 21:11:14 2024 +1000 + + Spell omnios test host correctly. + +commit 059ed698a47c9af541a49cf754fd09f984ac5a21 +Author: Darren Tucker +Date: Tue Sep 10 18:52:02 2024 +1000 + + Add omnios test target. + +commit f4ff91575a448b19176ceaa8fd6843a25f39d572 +Author: Darren Tucker +Date: Tue Sep 10 18:45:55 2024 +1000 + + Wrap stdint.h in ifdef. + +commit ff714f001d20a9c843ee1fd9d92a16d40567d264 +Author: Darren Tucker +Date: Mon Sep 9 19:31:54 2024 +1000 + + Also test PAM on dfly64. + +commit 509b757c052ea969b3a41fc36818b44801caf1cf +Author: Damien Miller +Date: Mon Sep 9 21:50:14 2024 +1000 + + stubs for ML-KEM KEX functions + + used for C89 compilers + +commit 273581210c99ce7275b8efdefbb9f89e1c22e341 +Author: Damien Miller +Date: Mon Sep 9 17:30:38 2024 +1000 + + declare defeat trying to detect C89 compilers + + I can't find a reliable way to detect the features the ML-KEM code + requires in configure. Give up for now and use VLA support (that we + can detect) as a proxy for "old compiler" and turn off ML-KEM if + it isn't supported. + +commit e8a0f19b56dfa20f98ea9876d7171ec315fb338a +Author: Damien Miller +Date: Mon Sep 9 16:46:40 2024 +1000 + + fix previous; check for C99 compound literals + + The previous commit was incorrect (or at least insufficient), the + ML-KEM code is actually using compound literals, so test for them. + +commit 7c07bec1446978bebe0780ed822c8fedfb377ae8 +Author: Damien Miller +Date: Mon Sep 9 16:06:21 2024 +1000 + + test for compiler feature needed for ML-KEM + + The ML-KEM implementation we uses need the compiler to support + C99-style named struct initialisers (e.g foo = {.bar = 1}). We + still support (barely) building OpenSSH with older compilers, so + add a configure test for this. + +commit d469d5f348772058789d35332d1ccb0b109c28ef +Author: djm@openbsd.org +Date: Mon Sep 9 03:13:39 2024 +0000 + + upstream: test mlkem768x25519-sha256 + + OpenBSD-Regress-ID: 7baf6bc39ae55648db1a2bfdc55a624954847611 + +commit 62fb2b51bb7f6863c3ab697f397b2068da1c993f +Author: djm@openbsd.org +Date: Mon Sep 9 02:39:57 2024 +0000 + + upstream: pull post-quantum ML-KEM/x25519 key exchange out from + + compile-time flag now than an IANA codepoint has been assigned for the + algorithm. + + Add mlkem768x25519-sha256 in 2nd KexAlgorithms preference slot. + + ok markus@ + + OpenBSD-Commit-ID: 9f50a0fae7d7ae8b27fcca11f8dc6f979207451a + +commit a8ad7a2952111c6ce32949a775df94286550af6b +Author: djm@openbsd.org +Date: Fri Sep 6 02:30:44 2024 +0000 + + upstream: make parsing user@host consistently look for the last '@' in + + the string rather than the first. This makes it possible to use usernames + that contain '@' characters. + MIME-Version: 1.0 + Content-Type: text/plain; charset=UTF-8 + Content-Transfer-Encoding: 8bit + + Prompted by Max Zettlmeißl; feedback/ok millert@ + + OpenBSD-Commit-ID: 0b16eec246cda15469ebdcf3b1e2479810e394c5 + +commit 13cc78d016b67a74a67f1c97c7c348084cd9212c +Author: djm@openbsd.org +Date: Wed Sep 4 05:33:34 2024 +0000 + + upstream: be more strict in parsing key type names. Only allow + + shortnames (e.g "rsa") in user-interface code and require full SSH protocol + names (e.g. "ssh-rsa") everywhere else. + + Prompted by bz3725; ok markus@ + + OpenBSD-Commit-ID: b3d8de9dac37992eab78adbf84fab2fe0d84b187 + +commit ef8472309a68e319018def6f8ea47aeb40d806f5 +Author: djm@openbsd.org +Date: Wed Sep 4 05:11:33 2024 +0000 + + upstream: fix RCSID in output + + OpenBSD-Commit-ID: 889ae07f2d2193ddc4351711919134664951dd76 + +commit ba2ef20c75c5268d4d1257adfc2ac11c930d31e1 +Author: jmc@openbsd.org +Date: Tue Sep 3 06:17:48 2024 +0000 + + upstream: envrionment -> environment; + + OpenBSD-Commit-ID: b719f39c20e8c671ec6135c832d6cc67a595af9c + +commit e66c0c5673a4304a3a9fbf8305c6a19f8653740f +Author: Damien Miller +Date: Wed Sep 4 15:35:29 2024 +1000 + + add basic fuzzers for our import of sntrup761 + +commit d19dea6330ecd4eb403fef2423bd7e127f4c9828 +Author: djm@openbsd.org +Date: Tue Sep 3 05:58:56 2024 +0000 + + upstream: regression test for Include variable expansion + + OpenBSD-Regress-ID: 35477da3ba1abd9ca64bc49080c50a9c1350c6ca + +commit 8c4d6a628051e318bae2f283e8dc38b896400862 +Author: djm@openbsd.org +Date: Tue Sep 3 05:29:55 2024 +0000 + + upstream: allow the "Include" directive to expand the same set of + + %-tokens that "Match Exec" and environment variables. + + ok dtucker@ + + OpenBSD-Commit-ID: 12ef521eaa966a9241e684258564f52f1f3c5d37 + +commit 51b82648b6827675fc0cde21175fd1ed8e89aab2 +Author: djm@openbsd.org +Date: Mon Sep 2 12:18:35 2024 +0000 + + upstream: missing ifdef + + OpenBSD-Commit-ID: 85f09da957dd39fd0abe08fe5ee19393f25c2021 + +commit f68312eb593943127b39ba79a4d7fa438c34c153 +Author: djm@openbsd.org +Date: Mon Sep 2 12:13:56 2024 +0000 + + upstream: Add experimental support for hybrid post-quantum key exchange + + ML-KEM768 with ECDH/X25519 from the Internet-draft: + https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 + + This is based on previous patches from markus@ but adapted to use the + final FIPS203 standard ML-KEM using a formally-verified implementation + from libcrux. + + Note this key exchange method is still a draft and thus subject to + change. It is therefore disabled by default; set MLKEM=yes to build it. + We're making it available now to make it easy for other SSH + implementations to test against it. + + ok markus@ deraadt@ + + OpenBSD-Commit-ID: 02a8730a570b63fa8acd9913ec66353735dea42c + +commit 05f2b141cfcc60c7cdedf9450d2b9d390c19eaad +Author: Antonio Larrosa +Date: Fri Aug 23 12:21:06 2024 +0200 + + Don't skip audit before exitting cleanup_exit + + This fixes an issue where the SSH_CONNECTION_ABANDON event is not + audited because cleanup_exit overrides the regular _exit too soon and + as a result, failed auth attempts are not logged correctly. + + The problem was introduced in 81c1099d22b81ebfd20a334ce986c4f753b0db29 + where the code from upstream was merged before the audit_event call when + it should have been merged right before the _exit call in order to honor + the comment that just mentions an override of the exit value. + +commit 16eaf9d401e70996f89f3f417738a8db421aa959 +Author: djm@openbsd.org +Date: Wed Aug 28 12:08:26 2024 +0000 + + upstream: fix test: -F is the argument to specify a non-default + + ssh_config, not -f (this is sadly not a new bug) + + OpenBSD-Regress-ID: 45a7bda4cf33f2cea218507d8b6a55cddbcfb322 + +commit 10ccf611ab8ecba9ce6b0548c5ccd8c1220baf92 +Author: deraadt@openbsd.org +Date: Fri Aug 23 04:51:00 2024 +0000 + + upstream: As defined in the RFC, the SSH protocol has negotiable + + compression support (which is requested as the name "zlib"). Compression + starts very early in the session. Relative early in OpenSSH lifetime, privsep + was added to sshd, and this required a shared-memory hack so the two + processes could see what was going on in the dataflow. This shared-memory + hack was soon recognized as a tremendous complexity risk, because it put libz + (which very much trusts it's memory) in a dangerous place, and a new option + ("zlib@openssh.com") was added begins compression after authentication (aka + delayed-compression). That change also permitted removal of the + shared-memory hack. Despite removal from the server, the old "zlib" support + remained in the client, to allow negotiation with non-OpenSSH daemons which + lack the delayed-compression option. This commit deletes support for the + older "zlib" option in the client. It reduces our featureset in a small way, + and encourages other servers to move to a better design. The SSH protocol is + different enough that compressed-key-material attacks like BEAST are + unlikely, but who wants to take the chance? We encourage other ssh servers + who care about optional compression support to add delayed-zlib support. + (Some already do "zlib@openssh.com") ok djm markus + + OpenBSD-Commit-ID: 6df986f38e4ab389f795a6e39e7c6857a763ba72 + +commit aee54878255d71bf93aa6e91bbd4eb1825c0d1b9 +Author: djm@openbsd.org +Date: Thu Aug 22 23:11:30 2024 +0000 + + upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, so + + we can make the algorithm available without the @openssh.com suffix too. ok + markus@ deraadt@ + + OpenBSD-Commit-ID: eeed8fcde688143a737729d3d56d20ab4353770f + +commit a76a6b85108e3032c8175611ecc5746e7131f876 +Author: Darren Tucker +Date: Thu Aug 22 20:36:12 2024 +1000 + + Move rekey test into valgrind-2. + + Now that the rekey test has been optimized it's fast enough to not be in + its own valgrind test, so move it into valgrind-2, which is currently + the quickest of the others, bringing all of them to roughly the same + runtime of ~1.1 hours. + +commit 7e75e3f57c41b9a6e6401e7674d7c2ff5c33975b +Author: dtucker@openbsd.org +Date: Thu Aug 22 10:21:02 2024 +0000 + + upstream: Use aes128-ctr for MAC tests since default has implicit MAC. + + Also verify that the Cipher or MAC we intended to use is actually the one + selected during the test. + + OpenBSD-Regress-ID: ff43fed30552afe23d1364526fe8cf88cbfafe1d + +commit ebc890b8b4ba08c84cd1066b7b94b2b11f6c4cb4 +Author: Damien Miller +Date: Thu Aug 22 09:45:49 2024 +1000 + + fix incorrect default for PasswordAuthentication + + merge botch spotted by gsgleason + +commit 15ace435ea1c2fab2a1cc7d9c3157fe20c776b80 +Author: dtucker@openbsd.org +Date: Wed Aug 21 10:33:27 2024 +0000 + + upstream: Some awks won't match on the \r so delete it instead. Fixes + + regress in portable on, eg Solaris. + + OpenBSD-Regress-ID: 44a96d6d2f8341d89b7d5fff777502b92ac9e9ba + +commit 51c96b6ed627779a04493a8fe25747996a37f3c2 +Author: dtucker@openbsd.org +Date: Wed Aug 21 07:06:27 2024 +0000 + + upstream: Import regenerated moduli. + + OpenBSD-Commit-ID: 5db7049ad5558dee5b2079d3422e8ddab187c1cc + +commit 25c52f37a82c4da48ec537de37d7c168982b8d6d +Author: dtucker@openbsd.org +Date: Wed Aug 21 06:59:08 2024 +0000 + + upstream: Use curve25519-sha256 kex where possible. + + Except where we're explicitly testing a different kex, use + curve25519-sha256 since it's faster than the default and supported even + when configured without OpenSSL. Add a check to ensure that the kex we + intended to test is the one we actually tested. Speeds test up by ~5%. + + OpenBSD-Regress-ID: 3b27fcc2ae953cb08fd82a0d3155c498b226d6e0 + +commit 3eb62b7ba49483c309b483eb9002a679014f3887 +Author: dtucker@openbsd.org +Date: Tue Aug 20 12:36:59 2024 +0000 + + upstream: Send only as much data as needed to trigger rekeying. Speeds + + up tests by about 10% in the common case, hopefully more when instrumented + with something like valgrind. + + OpenBSD-Regress-ID: 7bf9292b4803357efcf0baf7cfbdc8521f212da1 + +commit cbd3f034bbf7853618fac99d7d868a2250154ea7 +Author: Damien Miller +Date: Wed Aug 21 09:18:29 2024 +1000 + + simplify sshkey_prekey_alloc(); always use mmap + +commit 4442bbc2fc661277a6dabfedb756a7e15ee8b8b8 +Author: dtucker@openbsd.org +Date: Tue Aug 20 09:15:49 2024 +0000 + + upstream: Merge AEAD test into main test loop. + + Removes 3 duplicate tests and speeds overall test up by about 1%. + + OpenBSD-Regress-ID: 5e5c9ff3f7588091ed369e34ac28520490ad2619 + +commit 829976a63fd1efae3a4c3e7c16fded59d92edb67 +Author: dtucker@openbsd.org +Date: Tue Aug 20 09:02:45 2024 +0000 + + upstream: Set a default RekeyLimit of 256k. + + Used unless overridden by a command-line flag, which simplifies some of + the ssh command lines. + + OpenBSD-Regress-ID: e7cffa57027088e10336e412b34113969f88cb87 + +commit 57d02c9ea36aebad4e7146d46e041b6b2e582f7f +Author: dtucker@openbsd.org +Date: Tue Aug 20 07:52:43 2024 +0000 + + upstream: Add Compression=no to default ssh_config. + + All of the rekey tests use it (otherwise the encrypted byte counts would + not match) so this lets us simplify the command lines. + + OpenBSD-Regress-ID: dab7ce10f4cf6c68827eb8658141272aab3ea262 + +commit 7254eb26f7c0772c4b47c3b32f6d1b15855cdd8c +Author: dtucker@openbsd.org +Date: Tue Aug 20 07:41:35 2024 +0000 + + upstream: Remove duplicate curve25519-sha256 kex. + + curve25519-sha256@libssh.org is the pre-standardization name for the same + thing, so remove it as a duplicate. Speeds up test by a tiny amount. + + OpenBSD-Regress-ID: 5a5ee5fa1595a6e140b1cc16040bedf5996a5715 + +commit 749896b874928c2785256cae4d75161dc3bfcc7d +Author: dtucker@openbsd.org +Date: Tue Aug 20 07:27:25 2024 +0000 + + upstream: Unnest rekey param parsing test and use ssh not sshd. + + ssh uses the same parsing code, now has "-G" to dump its config and is + slightly faster to start up. This speeds up the test slightly (~5%) in the + common case but should help more during instrumented tests, eg under + valgrind, where startup costs are magnified. + + OpenBSD-Regress-ID: 07c3acaf4c728e641033071f4441afc88141b0d0 + +commit 2b1762115481ff2b7a60fd4db2ae69b725437462 +Author: djm@openbsd.org +Date: Tue Aug 20 11:10:04 2024 +0000 + + upstream: actually use the length parameter that was passed in rather + + than a constant (this makes no difference in practice because the length is + always the same); reported by martin AT nmkd.net + + OpenBSD-Commit-ID: 4aecce232c2fe9b16e9217ff6bcb3c848d853e7e + +commit d922762ca16a7381131b242f49d7376c41fabcb5 +Author: Damien Miller +Date: Tue Aug 20 13:55:30 2024 +1000 + + private key coredump protection for Linux/FreeBSD + + platforms not supporting coredump exclusion using mmap/madvise flags + fall back to plain old malloc(3). + +commit cc048ca536d6bed6f2285b07040b0d57cd559ba5 +Author: djm@openbsd.org +Date: Tue Aug 20 03:48:30 2024 +0000 + + upstream: place shielded keys (i.e. keys at rest in RAM) into memory + + allocated using mmap(3) with MAP_CONCEAL set. This prevents exposure of the + key material in coredumps, etc (this is in addition to other measures we take + in this area). + + ok deraadt@ + + OpenBSD-Commit-ID: cbbae59f337a00c9858d6358bc65f74e62261369 + +commit a0b35c791cad1f85481b23ba46373060292e1c80 +Author: djm@openbsd.org +Date: Sat Aug 17 08:35:04 2024 +0000 + + upstream: mention that ed25519 is the default key type generated and + + clarify that rsa-sha2-512 is the default signature scheme when RSA is in use. + Based on GHPR505 from SebastianRzk + + OpenBSD-Commit-ID: 1d90df71636a04601685d2a10a8233bcc8d4f4c5 + +commit 127a50f2c80572ed1a021feb11ecf941e92cbbef +Author: djm@openbsd.org +Date: Sat Aug 17 08:23:04 2024 +0000 + + upstream: fix minor memory leak in Subsystem option parsing; from + + Antonio Larrosa via GHPR515 + + OpenBSD-Commit-ID: fff3bbefd1b2c45c98cbe45c6b857b15d8a2d364 + +commit 171427261d2079941eb1041079dbae875da37cbc +Author: djm@openbsd.org +Date: Sat Aug 17 08:09:50 2024 +0000 + + upstream: fix swapping of source and destination addresses in some sshd + + log messages + + OpenBSD-Commit-ID: 24d4cbb86325275df1f037545aa3b91456e52d25 + +commit 2a50a8f1fa57857a5e124a2280bcf61cc63c77f7 +Author: Darren Tucker +Date: Sat Aug 17 11:10:19 2024 +1000 + + Add compat functions for EVP_Digest{Sign,Verify}. + + This should make LibreSSL 3.1.x through 3.3.x work again. Code from + tb@, ok djm@. Restore the test configs covering those. + +commit 1c3a7145260e03037cc18715b883880836fd122d +Author: Philip Hands +Date: Thu Aug 8 13:03:51 2024 +0200 + + make sure that usage & man page match + + SSH-Copy-ID-Upstream: da5b1abe55b72a16e0430e7598e1573da01779c0 + +commit cd0d681645b9adcf2467e7838bfd9d5142de4c4e +Author: Philip Hands +Date: Thu Aug 8 13:01:47 2024 +0200 + + update copyright notices + + Bump the year to 2024, but also reflect the fact that hands.com Ltd. has + been wound up in the UK, and its assets (including this copyright) have + now reverted to its owner, Philip Hands. + + SSH-Copy-ID-Upstream: 0e4c4d072747a6568b11a790c29dd1b4ce663d7f + +commit 7fc9ccdce18841ebd0a97e31e43258512ab32a32 +Author: Philip Hands +Date: Sun Aug 4 20:45:00 2024 +0200 + + restore optionality of -i's argument + + SSH-Copy-ID-Upstream: f70e3abb510e4eeb040b47894e41828246c1b720 + +commit c37aa7012b1a3c2c322fd19e71310aadc90fc674 +Author: Philip Hands +Date: Fri Aug 2 15:52:07 2024 +0200 + + avoid exploring .ssh/id*.pub subdirectories + + SSH-Copy-ID-Upstream: 0b9e08b7707ad16de3c8e6a0410d9f42fbd56997 + +commit 777dce9e2e0d12f7e81e162f77749f30899869fe +Author: Philip Hands +Date: Fri Aug 2 10:07:11 2024 +0200 + + ensure that we're always told the source of keys + + SSH-Copy-ID-Upstream: 1bee96f4793e8ec3fab9f9361204ae58f5cc7cae + +commit fb94fd2339848e40cad6c9bb42b822244cc1a7bc +Author: Philip Hands +Date: Wed Jul 31 23:19:51 2024 +0200 + + add $HOME to ERROR if one cannot write to ~/.ssh + + SSH-Copy-ID-Upstream: ebef3e9c06e0447bff06e9d84b33023cf592e0ba + +commit eb5aafa1ffaeee75799141ec5ded406a65ec7d18 +Author: Philip Hands +Date: Wed Jul 31 23:19:03 2024 +0200 + + assert that SCRATCH_DIR is a writable directory + + SSH-Copy-ID-Upstream: ecb2b9d10883b9a16df56c83896c9bb47a80cde2 + +commit abcc460a2af46f0d812f8433d97a8eae1d80724c +Author: Philip Hands +Date: Wed Jul 31 23:17:54 2024 +0200 + + quote to avoid potential for word splitting + + SSH-Copy-ID-Upstream: f379adbe06ac2ef1daf0f130752234c7f8b97e3c + +commit b3f91411fd1473605f74c40c1a91a024c7171e27 +Author: Philip Hands +Date: Wed Jul 31 23:15:11 2024 +0200 + + ensure ERROR output goes to STDERR + + SSH-Copy-ID-Upstream: ac394b05eead3b91feb7c2ae4129a3e9b892f1e2 + +commit 674b8f30f0dbacd787eb1e4e7e1ece34b5543d8f +Author: Philip Hands +Date: Thu Aug 1 14:03:06 2024 +0200 + + avoid extra space when no arg given to -i option + + SSH-Copy-ID-Upstream: feca9e67e6e37c5653445d1c733569d7abb1770e + +commit 0efa0e1c41427c0c6ba839a18c72c1afcd7b7cc0 +Author: Philip Hands +Date: Wed Jul 31 23:28:36 2024 +0200 + + put the -i before -[pP] (matching man pages) + + The man pages (ssh, sftp & ssh-copy-id) all list -i before the port + setting, so make the output match that order, which also seems more + natural with the port being next to the server. + + SSH-Copy-ID-Upstream: 34d5d614172c78f9a42249466c4b81975b8883a1 + +commit 87831345e9745f2d13bd7a4a7972809f6788f331 +Author: Shreyas Mahangade +Date: Mon Jul 29 15:26:05 2024 +0000 + + Minor space issue fixed + + SSH-Copy-ID-Upstream: 335e44d7be78b03962a54c3a5c99a2ff45294a54 + +commit 2f3010f4736b4b3f5c10a4be97a24e90ff04c5e7 +Author: Shreyas Mahangade +Date: Mon Jul 29 16:55:28 2024 +0530 + + Show identity file in 'ssh' command + + - Previously no identity file is shown in "ssh" command output on the line "Now try logging into the..." + - This commit makes sure whenever "ssh-copy-id" with "-i" is invoked, it also reflects in "ssh" command + + SSH-Copy-ID-Upstream: 58e022ec26cb2315eb3be581d01e0ba787082428 + +commit a13856374b894397a7682b32257ed0bf67cfede9 +Author: Damien Miller +Date: Fri Aug 16 08:30:20 2024 +1000 + + more OPENSSL_HAS_ECC + +commit 4da2a1a7f648979bea6eaf3b17f5f250faed4afc +Author: Damien Miller +Date: Thu Aug 15 23:35:54 2024 +1000 + + fix merge botch that broke !OPENSSL_HAS_ECC + +commit 2c53d2f32b8e3992b61682c909ae5bc5122b6e5d +Author: Damien Miller +Date: Thu Aug 15 15:09:45 2024 +1000 + + missed OPENSSL_HAS_ECC case + +commit 342dd7a219f39119b8b686b5aaa99c8e15ede368 +Author: Damien Miller +Date: Thu Aug 15 15:06:55 2024 +1000 + + retire testing aginst older LibreSSL versions + + libressl prior to 3.4.x lack support for the EVP_DigestSign and + EVP_DigestVerify APIs that we need now that sshkey is converted + to EVP_PKEY. + + If someone makes a good case for why we should support these versions + then we could bring back support with wrappers. + +commit a7c6ea8eebe0f179141ec5dbf0c9e5354417930f +Author: Damien Miller +Date: Thu Aug 15 12:44:17 2024 +1000 + + sync TEST_MALLOC_OPTIONS for OpenBSD + +commit 60c2cf22e8f64f35d8b1175e4671257313f2e4d3 +Author: Damien Miller +Date: Thu Aug 15 12:43:47 2024 +1000 + + remove gratuitious difference from OpenBSD + +commit 339c4fc60a6250429d41fa8713f783d82aad4551 +Author: djm@openbsd.org +Date: Thu Aug 15 00:52:23 2024 +0000 + + upstream: adapt to EVP_PKEY conversion + + OpenBSD-Regress-ID: 0e2d4efb0ed0e392e23cd8fda183fe56531ac446 + +commit 63a94f99b9d7c8a48182a40192e45879d1ba8791 +Author: djm@openbsd.org +Date: Fri Jul 19 04:33:36 2024 +0000 + + upstream: test transfers in mux proxy mode too + + OpenBSD-Regress-ID: 2edfc980628cfef3550649cab8d69fa23b5cd6c4 + +commit 7bdfc20516e288b58c8c847958059c7b141eeff9 +Author: djm@openbsd.org +Date: Thu Aug 15 00:51:51 2024 +0000 + + upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API. + + DSA remains unconverted as it will be removed within six months. + + Based on patches originally from Dmitry Belyavskiy, but significantly + reworked based on feedback from Bob Beck, Joel Sing and especially + Theo Buehler (apologies to anyone I've missed). + + ok tb@ + + OpenBSD-Commit-ID: d098744e89f1dc7e5952a6817bef234eced648b5 + +commit 0af06e2c5b898992a18c74333e75a0136506acc6 +Author: tobias@openbsd.org +Date: Wed Aug 14 15:42:18 2024 +0000 + + upstream: Reorder calloc arguments + + The first argument should be the amount, the second argument should be the + element size. Fixing this also silences some gcc compiler warnings for + portable. + + Spotted with Benny Baumann (BenBE at geshi dot org). + + ok djm@ + + OpenBSD-Commit-ID: 711ad6f7bd7fb48bf52208f2cf9f108cddb6d41a + +commit 56ce0aa3c6cf28d9fcbce3207457abeac91b5050 +Author: tobias@openbsd.org +Date: Wed Aug 14 15:40:30 2024 +0000 + + upstream: Extend sshbuf validation + + Multiple sshbuf structs can be linked through a parent/child relationship. + Make sure that a single sshbuf cannot be its own parent. If this would ever + happen, it would result in reference counting issues. + + This is a cheap way of testing this with very little overhead. It does not + detect A->B->A linkages though for performance reason and the fact that it + takes a programming error for this to occur anyway. + + Authored with Benny Baumann (BenBE at geshi dot org). + + ok djm@ + + OpenBSD-Commit-ID: fb3fa9ee2cad3c7e842ebadfd7f5db220c4aaf16 + +commit fc48ddf6998188517af42dce807e2088b6a0c0be +Author: tobias@openbsd.org +Date: Wed Aug 14 15:37:11 2024 +0000 + + upstream: Use freezero for better readability + + It has the same meaning as the current pair of calling explicit_bzero + and free. Spotted with Benny Baumann (BenBE at geshi dot org). + + ok djm@ + + OpenBSD-Commit-ID: 939fbe9ccf52d0d48c5fa53694d6f3bb9927970c + +commit 1ff6907ec26dac6ac59fe9fe232899a63b4c14d8 +Author: tobias@openbsd.org +Date: Wed Aug 14 15:35:23 2024 +0000 + + upstream: Fix typo in comment + + Spotted with Benny Baumann (BenBE at geshi dot org). + + ok djm@ + + OpenBSD-Commit-ID: 829160ac8ef3ad3409695ce3a3ade835061cae57 + +commit 487faaed8f3bb9ffb19e8f807a3da72895b16421 +Author: dlg@openbsd.org +Date: Wed Jul 31 12:00:18 2024 +0000 + + upstream: add a random amount of time (up to 4 seconds) to the + + grace login time. + + ok deraadt@ djm@ + + OpenBSD-Commit-ID: abd3c57aaa5861517529b322df79b6be35ee67f4 + +commit 2865f5b7520bed3e74fbbb5f8d7a44193d7a4314 +Author: naddy@openbsd.org +Date: Fri Jul 26 15:24:49 2024 +0000 + + upstream: document the reduced logingrace penalty + + OpenBSD-Commit-ID: 9b63e0e3599d524ddc10edc4f978081382c3548b + +commit 1ec0a64c5dc57b8a2053a93b5ef0d02ff8598e5c +Author: Darren Tucker +Date: Sun Jul 28 21:26:51 2024 +1000 + + Explicitly install libssl-devel cygwin. + + Should fix CI tests for cygwin default config. + +commit 0bf6e5bb750b66b25c20a1c5a471f91850de3748 +Author: djm@openbsd.org +Date: Thu Jul 25 23:44:01 2024 +0000 + + upstream: reduce logingrace penalty. + + A single forgotton login that times out should be below the penalty + threshold. + + ok deraadt/claudio + + OpenBSD-Commit-ID: cee1f7d17597c97bff8e5092af5d136fdb08f81d + +commit 29fb6f6d46b67770084b4f12bcf8a01bd535041b +Author: djm@openbsd.org +Date: Thu Jul 25 22:40:08 2024 +0000 + + upstream: Fix proxy multiplexing (-O proxy) bug + + If a mux started with ControlPersist then later has a forwarding added using + mux proxy connection and the forwarding was used, then when the mux proxy + session terminates, the mux master process will send a channel close to the + server with a bad channel ID and crash the connection. + + This was caused by my stupidly reusing c->remote_id for mux channel + associations when I should have just added another member to struct channel. + + ok markus@ + + OpenBSD-Commit-ID: c9f474e0124e3fe456c5e43749b97d75e65b82b2 + +commit 53d1d307438517805989c7d5616d752739a97e03 +Author: djm@openbsd.org +Date: Thu Jul 18 01:47:27 2024 +0000 + + upstream: mention mux proxy mode + + OpenBSD-Commit-ID: fd77a77779f06d316a314e4540dc57c93fc3369a + +commit a9b90859d252c2f5a24142f985d38610ac74685f +Author: jsg@openbsd.org +Date: Sun Jul 14 10:19:23 2024 +0000 + + upstream: fix double word; ok dtucker@ + + OpenBSD-Commit-ID: e6aff005914fa350b896d2be030be3d3b56ec0e8 + +commit b05fda224bbcd2f641254534ed2175c42487f3c8 +Author: Darren Tucker +Date: Thu Jul 25 17:59:35 2024 +1000 + + Check for SA_RESTART before using it. + + ok djm@ + +commit c276672fc0e99f0c4389988d54a84c203ce325b6 +Author: Yuichiro Naito +Date: Wed Sep 1 10:19:32 2021 +0900 + + Class-imposed login restrictions + + If the following functions are available, + add an additional check if users are allowed to login imposed by login class. + + * auth_hostok(3) + * auth_timeok(3) + + These functions are implemented on FreeBSD. + +commit 7717b9e9155209916cc6b4b4b54f4e8fa578e889 +Author: djm@openbsd.org +Date: Wed Jul 10 21:58:34 2024 +0000 + + upstream: correct keyword; from Yatao Su via GHPR509 + + OpenBSD-Commit-ID: 81c778c76dea7ef407603caa157eb0c381c52ad2 + +commit f2b78bb8f149d6b4d1f62c21aa1f06995dccf4ce +Author: djm@openbsd.org +Date: Mon Jul 8 03:04:34 2024 +0000 + + upstream: don't need return at end of void function + + OpenBSD-Commit-ID: 42d322d37f13aa075ae7b1ad9eef591e20b89717 + +commit a395d37a813c0177cb5bfc4bebf5a52badb73cf0 +Author: djm@openbsd.org +Date: Thu Jul 4 22:53:59 2024 +0000 + + upstream: fix grammar: "a pattern lists" -> "one or more pattern + + lists" + + OpenBSD-Commit-ID: f3c844763398faa9800687e8ff6621225498202a + +commit 8b664df75966e5aed8dabea00b8838303d3488b8 +Author: Darren Tucker +Date: Sun Jul 7 18:46:19 2024 +1000 + + Cast to sockaddr * in systemd interface. + + Fixes build with musl libx. bz#3707. + +commit 30c8c81da2169e78357d08dbb0ddd823b60e93bc +Author: Darren Tucker +Date: Thu Jul 4 20:12:26 2024 +1000 + + Add 9.8 branch to ci-status page. + +commit ee6b9e661633fcefd29dba0c811cecbc4d027f6f +Author: Samuel Thibault +Date: Tue Mar 26 22:15:08 2024 +0100 + + Fix detection of setres*id on GNU/Hurd + + Like Linux, proper _SOURCE macros need to be set to get declarations of + various standard functions, notably setres*id. Now that Debian is using + -Werror=implicit-function-declaration this is really required. While at + it, define other _SOURCE macros like on GNU/Linux, since GNU/Hurd uses + the same glibc. + +commit fa41f6592ff1b6ead4a652ac75af31eabb05b912 +Author: Damien Miller +Date: Mon Jul 1 14:33:26 2024 +1000 + + version numbers + +commit bfebb8a5130a792c5356bd06e1ddef72a0a0449f +Author: djm@openbsd.org +Date: Mon Jul 1 04:31:59 2024 +0000 + + upstream: openssh-9.8 + + OpenBSD-Commit-ID: 5f8b89e38a4c5f7c6d52ffa19f796d49f36fab19 + +commit 146c420d29d055cc75c8606327a1cf8439fe3a08 +Author: djm@openbsd.org +Date: Mon Jul 1 04:31:17 2024 +0000 + + upstream: when sending ObscureKeystrokeTiming chaff packets, we + + can't rely on channel_did_enqueue to tell that there is data to send. This + flag indicates that the channels code enqueued a packet on _this_ ppoll() + iteration, not that data was enqueued in _any_ ppoll() iteration in the + timeslice. ok markus@ + + OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136 + +commit 637e4dfea4ed81264e264b6200172ce319c64ead +Author: djm@openbsd.org +Date: Mon Jul 1 03:10:19 2024 +0000 + + upstream: use "lcd" to change directory before "lls" rather then "cd", + + since the directory we're trying to list is local. Spotted by Corinna + Vinschen + + OpenBSD-Regress-ID: 821feca4a4bebe491944e624c8f7f2990b891415 + +commit c8cfe258cee0b8466ea84597bf15e1fcff3bc328 +Author: djm@openbsd.org +Date: Thu Jun 27 23:01:15 2024 +0000 + + upstream: delete obsolete comment + + OpenBSD-Commit-ID: 5fb04f298ed155053f3fbfdf0c6fe7cdf84bbfa2 + +commit 94b9d37100f6fa536aaa1d1a0e4926fe44fbf04d +Author: djm@openbsd.org +Date: Thu Jun 27 22:36:44 2024 +0000 + + upstream: retire unused API + + OpenBSD-Commit-ID: 3e30d7b0615e2707f6bbe70f61b1c2f72f78161b + +commit 268c3a7f5783e731ed60f4e28da66ee3743581d3 +Author: jmc@openbsd.org +Date: Thu Jun 27 21:02:16 2024 +0000 + + upstream: ssl(8) no longer contains a HISTORY section; + + OpenBSD-Commit-ID: 83b7ff34433d79595e9c2a5d2a561a6660251245 + +commit 12b6cc09ce6c430681f03af2a8069e37a664690b +Author: djm@openbsd.org +Date: Wed Jun 26 23:47:46 2024 +0000 + + upstream: move child process waitpid() loop out of SIGCHLD handler; + + ok deraadt + + OpenBSD-Commit-ID: 65815a39564e431414aed7c5ace8076f4e9ca741 + +commit d6bcd13297c2ab8b528df5a6898f994734849031 +Author: deraadt@openbsd.org +Date: Wed Jun 26 23:16:52 2024 +0000 + + upstream: Instead of using possibly complex ssh_signal(), write all + + the parts of the grace_alarm_handler() using the exact things allowed by the + signal-safe rules. This is a good rule of thumb: Handlers should be written + to either set a global volatile sig_atomic_t inspected from outside, and/or + directly perform only safe operations listed in our sigaction(2) manual page. + ok djm markus + + OpenBSD-Commit-ID: 14168ae8368aab76e4ed79e17a667cb46f404ecd + +commit b8793e2b0851f7d71b97554fa5260b23796d6277 +Author: deraadt@openbsd.org +Date: Wed Jun 26 23:14:14 2024 +0000 + + upstream: save_errno wrappers inside two small signal handlers that + + perform system calls, for systems with libc that do perform libc sigtramps. + ok djm markus + + OpenBSD-Commit-ID: 7749b56419a7c9dcfe4c6c04811e429813346c62 + +commit f23e9332c4c8df37465c4a4f38275ea98980ed7e +Author: jmc@openbsd.org +Date: Mon Jun 24 06:59:39 2024 +0000 + + upstream: - uppercase start of sentence - correct sentence grammar + + ok djm + + OpenBSD-Commit-ID: 1ec4b0fdb633a43667f2c8fff1d600bd647dde25 + +commit 1839e3eb71a759aa795602c1e4196300f4ac2615 +Author: djm@openbsd.org +Date: Mon Jun 24 04:05:11 2024 +0000 + + upstream: mention SshdSessionPath option + + OpenBSD-Commit-ID: c29734d36c21003973b15c1c9965c35f36cef30c + +commit 603193e32aef5db7d60c58066d5de89806e79312 +Author: Darren Tucker +Date: Thu Jun 20 18:45:14 2024 +1000 + + Rerun upstream tests on .sh file changes too. + +commit dbbf9337c19381786a8e5a8a49152fe6b80c780d +Author: dtucker@openbsd.org +Date: Thu Jun 20 08:23:18 2024 +0000 + + upstream: Work around dbclient cipher/mac query bug. + + Unlike earlier versions, recent Dropbear (at least v2024.85) requires + a host arg when querying supported ciphers and macs via "-c/-m + help". Earlier versions accept but do not require it, so always + provide it. If these queries fail, skip the test with a warning. + + OpenBSD-Regress-ID: 98eb863a3f0363416922efb273885e6b3c7f68d4 + +commit 8de2c8cebc46bbdb94b7a2c120fcadfb66a3cccc +Author: dtucker@openbsd.org +Date: Thu Jun 20 08:18:34 2024 +0000 + + upstream: Remove dropbear key types not supported + + by current OpenSSH. Allows subsequent test runs to work if OpenSSH is + rebuilt w/out OpenSSL. + + OpenBSD-Regress-ID: e0129eb2b1d31771105903a8055216fbba20a770 + +commit e9b6471c59b21e5d9ef1b3832d4bf727338add85 +Author: djm@openbsd.org +Date: Thu Jun 20 00:18:05 2024 +0000 + + upstream: stricter check for overfull tables in penalty record path + + OpenBSD-Commit-ID: 7df01e648a0723418c554e64a9f2b6d38db060a6 + +commit d9336d344eb2a1e898c5e66147b3f108c7214694 +Author: djm@openbsd.org +Date: Wed Jun 19 23:24:47 2024 +0000 + + upstream: put back reaping of preauth child process when writes + + from the monitor fail. Not sure how this got lost in the avalanche of + patches. + + OpenBSD-Commit-ID: eb7eb36371e1ac01050b32b70fb2b3e5d98e72f5 + +commit 579d9adb70ec0206a788eb5c63804c31a67e9310 +Author: naddy@openbsd.org +Date: Mon Jun 17 13:50:18 2024 +0000 + + upstream: remove one more mention of DSA + + OpenBSD-Commit-ID: 8515f55a15f02836ba657df341415f63c60526ca + +commit 7089b5f8436ef0b8d3d3ad9ce01045fb9e7aab15 +Author: Darren Tucker +Date: Wed Jun 19 23:09:05 2024 +1000 + + Move -f to the place needed to restart sshd. + +commit d5f83cfd852b14a25f347f082ab539a9454702ad +Author: Darren Tucker +Date: Wed Jun 19 21:04:01 2024 +1000 + + Need to supply "-f" to restart sshd. + +commit fad34b4ca25c0ef31e5aa841d461b6f21da5b8c1 +Author: dtucker@openbsd.org +Date: Wed Jun 19 10:15:51 2024 +0000 + + upstream: Provide defaults for ciphers and macs + + if querying for them fails since on some versions of Dropbear (at least + v2024.85) "-m help" doesn't seem to work. Enable all supported pubkey + algorithms in the server. + + OpenBSD-Regress-ID: 4f95556a49ee9f621789f25217c367a33d2745ca + +commit 5521060e35ada9f957cecdddc06d0524e75409ef +Author: dtucker@openbsd.org +Date: Wed Jun 19 10:10:46 2024 +0000 + + upstream: Use ed25519 keys for kex tests + + since that's supported by OpenSSH even when built without OpenSSL. + Only test diffie-hellman kex if OpenSSH is compiled with support for it. + + OpenBSD-Regress-ID: a5d09ef9bbd171f9e4ec73ed0d9eeb49a8878e97 + +commit dbd3b833f6e3815e58f2dc6e14f61a51bcd4d6bd +Author: dtucker@openbsd.org +Date: Wed Jun 19 10:08:34 2024 +0000 + + upstream: Rework dropbear key setup + + to always generate ed25519 keys, other types only if OpenSSH has support + for the corresponding key type. + + OpenBSD-Regress-ID: 8f91f12604cddb9f8d93aa34f3f93a3f6074395d + +commit d6218504e11ae9148adf410fc69b0710a052be36 +Author: Darren Tucker +Date: Wed Jun 19 20:20:24 2024 +1000 + + Restart sshd after installing it for testing. + + When installing an sshd built without OpenSSL the mismatch between + the running sshd and newly installed sshd-session will cause the + remainder of the test to fail. + +commit 786a4465b6bb702daf4fb17b7c3bcb42b52f0b46 +Author: Darren Tucker +Date: Tue Jun 18 19:59:59 2024 +1000 + + Remove macos-11 runner. + + Github is retiring them soon. + +commit df1c72a55edbebac14363b57de66ac6a147ecc67 +Author: Damien Miller +Date: Wed Jun 19 09:34:34 2024 +1000 + + PAMServiceName may appear in a Match block + +commit de1c2e70e5a5dc3c8d2fe04b24cc93d8ef6930e7 +Author: dtucker@openbsd.org +Date: Tue Jun 18 08:11:48 2024 +0000 + + upstream: Re-enable ssh-dss tests + + ... if ssh is compiled with DSA support + + OpenBSD-Regress-ID: bbfaf8c17f2b50a2d46ac35cb97af99b990c990d + +commit dabc2c7cf3c141e8e5d5a1a60d6c1d2d2422cf43 +Author: anton@openbsd.org +Date: Tue Jun 18 06:14:27 2024 +0000 + + upstream: Stop using DSA in dropbear interop tests. + + OpenBSD-Regress-ID: abfd4457d99d8cc1417fd22ca2c570270f74c1cf + +commit 761438012710169445acc179e3870c53c862bda0 +Author: Damien Miller +Date: Tue Jun 18 12:29:45 2024 +1000 + + missed a bit of DSA in the fuzzer + +commit 3f9cc47da588e8de520720e59f98438043fdaf93 +Author: Damien Miller +Date: Tue Jun 18 09:35:53 2024 +1000 + + DSA support is disabled, so remove from fuzzers + +commit 00eb95957dea5484b2c7c043f7d2bbc87301bef2 +Author: djm@openbsd.org +Date: Mon Jun 17 08:30:29 2024 +0000 + + upstream: disable the DSA signature algorithm by default; ok + + markus@ + + (yes, I know this expands to "the Digitial Signature Algorithm + signature algorithm) + + OpenBSD-Commit-ID: 961ef594e46dd2dcade8dd5721fa565cee79ffed + +commit 5603befe11c9464ea26fe77cbacc95a7cc0b1ea7 +Author: djm@openbsd.org +Date: Mon Jun 17 08:28:31 2024 +0000 + + upstream: promote connection-closed messages from verbose to info + + log level; they could be the only record of the connection terminating if the + client doesn't send a SSH2_MSG_DISCONNECT message. ok dtucker@ + + OpenBSD-Commit-ID: 0c8bfaf5e9fdff945cee09ac21e641f6c5d65d3c + +commit b00331402fe5c60d577f3ffcc35e49286cdc6b47 +Author: Damien Miller +Date: Mon Jun 17 17:02:18 2024 +1000 + + propagate PAM crashes to PerSourcePenalties + + If the PAM subprocess crashes, exit with a crash status that will be + picked up by the sshd(8) listener process where it can be used by + PerSourcePenalties to block the client. This is similar handling to + the privsep preauth process. + +commit 1c207f456ace38987deda047758d13fbf857f948 +Author: Damien Miller +Date: Mon Jun 17 15:06:01 2024 +1000 + + minix doesn't have loopback, so skip penalty tests + + pointed out by dtucker@ + +commit 48443d202eaec52d4d39defdd709a4499a7140c6 +Author: djm@openbsd.org +Date: Sun Jun 16 11:54:49 2024 +0000 + + upstream: same treatment for this test + + OpenBSD-Regress-ID: d0cc9efca7833e673ea7b0cb3a679a3acee8d4c7 + +commit 45562a95ea11d328c22d97bf39401cd29684fb1f +Author: djm@openbsd.org +Date: Sun Jun 16 08:18:06 2024 +0000 + + upstream: penalty test is still a bit racy + + OpenBSD-Regress-ID: 90c9ac224db454637baf1ebee5857e007321e824 + +commit 8d0f7eb147ef72d18acb16c0b18672d44941a8ca +Author: djm@openbsd.org +Date: Sat Jun 15 03:59:10 2024 +0000 + + upstream: crank up penalty timeouts so this should work on even the + + slowest of test builders + + OpenBSD-Regress-ID: 70bda39c83e3fc9d0f3c1fad4542ed33e173d468 + +commit 93c75471a1202ab3e29db6938648d4e2602c0475 +Author: jmc@openbsd.org +Date: Fri Jun 14 05:20:34 2024 +0000 + + upstream: sort -q in the options list; + + OpenBSD-Commit-ID: 6839b38378f38f754de638a5e988c13b4164cc7c + +commit dd7807bbe80a93ffb4616f2bd5cf83ad5a5595fb +Author: djm@openbsd.org +Date: Fri Jun 14 05:01:22 2024 +0000 + + upstream: clarify KEXAlgorithms supported vs available. Inspired by + + bz3701 from Colin Watson. + + OpenBSD-Commit-ID: e698e69bea19bd52971d253f2b1094490c4701f7 + +commit d172ad56df85b68316dbadbedad16761a1265874 +Author: djm@openbsd.org +Date: Fri Jun 14 05:00:42 2024 +0000 + + upstream: ssh-keyscan -q man bits + + OpenBSD-Commit-ID: ba28d0e1ac609a4c99c453e57e86560c79079db1 + +commit 092e4ff9ccaacbe035f286feb1b56ed499604743 +Author: Damien Miller +Date: Fri Jun 14 14:46:35 2024 +1000 + + skip penalty-expire test in valgrind test env + +commit 2866ad08a9c50d7b67ce9424ca990532b806a21a +Author: djm@openbsd.org +Date: Fri Jun 14 04:43:11 2024 +0000 + + upstream: split the PerSourcePenalties test in two: one tests penalty + + enforcement but not penalty expiry, the other tests penalty expiry. + + This lets us disable the expiry testing in certain CI test environments. + + OpenBSD-Regress-ID: f56811064f3e3cb52ee73a206b8c2a06af1c8791 + +commit b2c64bc170d75823622a37cab3ca1804ca87ad16 +Author: Damien Miller +Date: Fri Jun 14 14:19:23 2024 +1000 + + add a sshd_config PamServiceName option + + Allows selecting which PAM service name to use when UsePAM is + enabled. Defaults to "sshd" unless overridden at compile time + by defining SSHD_PAM_SERVICE. + + bz2102, ok dtucker@ + +commit 9f032a4dd17bf0ae6066223d82aa5e784285d987 +Author: djm@openbsd.org +Date: Fri Jun 14 00:26:12 2024 +0000 + + upstream: don't redirect stderr for ssh-keyscan we expect to succeed + + OpenBSD-Regress-ID: 8878b8eb4e070ed2e343166d3eb86db4a08a216c + +commit 1e84d0cf40e94ae3a77d6a7ca8c036d8e3d55a40 +Author: djm@openbsd.org +Date: Fri Jun 14 00:25:25 2024 +0000 + + upstream: make host/banner comments go to stderr instead of stdout, + + so they are useful as comments without extra shell redirection and so they + don't clutter actual errors on stderr. + + Add a -q flag to shut them up. + + ok dtucker@ + + OpenBSD-Commit-ID: bec813de56a71adb5c1a76adcf49621130d24264 + +commit 3e806d011855d6bd648ec95b9df630ebbd11c3bf +Author: naddy@openbsd.org +Date: Thu Jun 13 15:06:33 2024 +0000 + + upstream: separate keywords with comma + + OpenBSD-Commit-ID: d65a99666202a8188c4991c18d14374a229f7be5 + +commit abfd1f7a3cbd0a92581a0febba254b2f6649c0d9 +Author: djm@openbsd.org +Date: Fri Jun 14 00:23:55 2024 +0000 + + upstream: specify an algorithm for ssh-keyscan, otherwise it will make + + multiple attempts simultaneously and confuse the test + + OpenBSD-Regress-ID: 6e910f3315c4345053db1bf5cbf61826b194d0b9 + +commit a8fbe2f7d0d96d299ee8e69769e3b51067978748 +Author: Damien Miller +Date: Thu Jun 13 16:41:29 2024 +1000 + + sshd: don't use argv[0] as PAM service name + + sshd would implicitly use argv[0] as the PAM service name to + allow people to select different PAM service names by making + differently-named copies/links to the sshd binary. + + Splitting sshd into sshd/sshd-session broke this, as the process + that starts PAM is always sshd-session and the user has no control + over this. + + Hardcode "sshd" as the default PAM service name unless/until we + figure out a better way. Should unbreak OSX integration tests. + +commit bf204bd05c3ae650f87e2b96527688579f59774c +Author: Damien Miller +Date: Thu Jun 13 15:00:28 2024 +1000 + + prepare for checking in autogenerated files + + We plan to check in automatically generated files (config.h.in, etc) on + release branches. These files are normally ignored by .gitignore, but + this shuffles the contents of this file to make it easy to un-ignore + them. + +commit 425f79a837489904c343b349ef00e09aeaa4e752 +Author: Damien Miller +Date: Thu Jun 13 14:41:33 2024 +1000 + + typo in comment + +commit afe10313c1fa8d478af399ee7d54c8f85503013b +Author: Damien Miller +Date: Thu Jun 13 14:35:25 2024 +1000 + + fix PTY allocation on Cygwin, broken by sshd split + + Cygwin doesn't support FD passing and so used to disable post-auth + privilege separation entirely because privsep requires PTY allocation + to happen in the privileged monitor process with the PTY file + descriptors being passed back to the unprivileged process. + + This brings back a minimal version of the previous special treatment + for Cygwin (and any other platform that sets DISABLE_FD_PASSING): + privilege separation remains enabled, but PTY allocation happens in + the post-auth user process rather than the monitor. + + This either requires PTY allocation to not need privilege to begin + with (this appears to be the case on Cygwin), or the post-auth + privsep process retain privilege (other platforms that set the + DISABLE_FD_PASSING option). + + Keeping privileges here is bad, but the non-Cygwin systems that set + DISABLE_FD_PASSING are so deeply legacy that this is likely to be the + least of their problems. + +commit f66d4df5749551380a8c4ae642347675a0b6a2e9 +Author: Damien Miller +Date: Thu Jun 13 11:33:09 2024 +1000 + + delay lookup of privsep user until config loaded + + sshd-session attempting to use options.kerberos_authentication to + decide whether it needed to lookup the privsep user before the + configuration was loaded. This caused it to get a placeholder value + that caused it always to try to lookup the privsep user, breaking at + least one test environment. + +commit f1c42858b94f5d9b58867b34dce3afb39c6b56a8 +Author: Damien Miller +Date: Thu Jun 13 11:16:57 2024 +1000 + + missing file for PerSourcePenalties regress test + +commit 4de80ff4e6fab5a6bb0028e7d57c6c23d1485adb +Author: djm@openbsd.org +Date: Wed Jun 12 22:36:00 2024 +0000 + + upstream: split PerSourcePenalties address tracking. Previously it + + used one shared table and overflow policy for IPv4 and IPv6 addresses, now it + will use separate tables and optionally different overflow policies. + + This prevents misbehaviour from IPv6 addresses (which are vastly easier + to obtain many of) from affecting IPv4 connections and may allow for + stricter overflow policies. + + ok deraadt@ + + OpenBSD-Commit-ID: 12637ed0aa4d5f1f3e702da42ea967cbd8bfdfd9 + +commit 06ab4c6931b0aaa4334db2faaa7e1069e76d0df6 +Author: jmc@openbsd.org +Date: Tue Jun 11 05:24:39 2024 +0000 + + upstream: do not mark up "(default: 20ms)"; + + OpenBSD-Commit-ID: 54151ecdecfa1b67dcdda4fd24826ef6e2148ad4 + +commit cfe243cd9fde148ed060637876e27bb55ac78be9 +Author: djm@openbsd.org +Date: Tue Jun 11 02:54:51 2024 +0000 + + upstream: reap preauth net child if it hangs up during privsep message + + send, not just message receive + + OpenBSD-Commit-ID: 02a093f4ab4f8f83f0cd1ea2bb35b9ca420448f0 + +commit b0a711c00b9c64afd1c9d6fb538275c6604a2676 +Author: djm@openbsd.org +Date: Tue Jun 11 01:58:27 2024 +0000 + + upstream: fix PIDFILE handling, broken for SUDO=doas in last commit + + here + + OpenBSD-Regress-ID: 96fec579af228f87a036e94801eb294af9074625 + +commit 90fb801e2d9241be50a2a7ff79428386442a041f +Author: djm@openbsd.org +Date: Tue Jun 11 02:00:30 2024 +0000 + + upstream: reap the pre-auth [net] child if it hangs up during privsep + + message sending, not just receiving + + OpenBSD-Commit-ID: f7341605bf08c4c15830910446e6775323f2f8cb + +commit ef878d58798f6688c7f4d4e417dc0c29023ea831 +Author: djm@openbsd.org +Date: Tue Jun 11 01:23:25 2024 +0000 + + upstream: a little more RB_TREE paranoia + + OpenBSD-Commit-ID: 8dc2fd21eebd8830c4a4d25461ac4fe228e11156 + +commit fc4e96b2174d6a894d2033421699d091679baced +Author: djm@openbsd.org +Date: Tue Jun 11 01:22:25 2024 +0000 + + upstream: fix off-by-one comparison for PerSourcePenalty + + OpenBSD-Commit-ID: af4f5d01c41ef870b23e55655bfbf73474a6c02b + +commit 82c836df4ff41145553cd7adb11c5b985aeaa06f +Author: djm@openbsd.org +Date: Tue Jun 11 01:21:41 2024 +0000 + + upstream: move tree init before possible early return + + OpenBSD-Commit-ID: 72e2c5b69f151c08a7c5bf5ad929b97a92c273df + +commit a2300f015cc4939c4d9c564b58b74e71202dc978 +Author: djm@openbsd.org +Date: Tue Jun 11 01:07:35 2024 +0000 + + upstream: update to mention that PerSourcePenalties default to + + being enabled and document the default values for each parameter. + + OpenBSD-Commit-ID: b981288bddfb097aad269f62df4081c688ce0034 + +commit 41987efd356d3fc30139aeab4b09374acf8f91a0 +Author: djm@openbsd.org +Date: Tue Jun 11 00:44:52 2024 +0000 + + upstream: reap the [net] child if it hangs up while writing privsep + + message payloads, not just the message header + + OpenBSD-Commit-ID: 24dbd400aa381ac96be7ed2dd49018487dfef6ce + +commit 6211aa085fa91155a24922e5329576ac9a8f3175 +Author: djm@openbsd.org +Date: Tue Jun 11 00:40:21 2024 +0000 + + upstream: log waitpid() status for abnormal exits + + OpenBSD-Commit-ID: b317930e06b51819c1a2bc6a4359764fecfb1c2d + +commit a59634c7adb9ae988748d99963dfafb3070d8d41 +Author: djm@openbsd.org +Date: Tue Jun 11 00:36:20 2024 +0000 + + upstream: correct error message + + OpenBSD-Commit-ID: 581f60f73099083392887206860229ab104620ed + +commit fa7d7a667f2ee031e72873e36de2d2a36bca973b +Author: deraadt@openbsd.org +Date: Fri Jun 7 13:23:30 2024 +0000 + + upstream: avoid shadowing issues which some compilers won't accept + + ok djm + + OpenBSD-Commit-ID: 1e89572397dda83433d58c4fa6333a08f51170d4 + +commit 3ad4cd9eeca5c9bc6706db44b6de88e2e4513fd6 +Author: jmc@openbsd.org +Date: Thu Jun 6 21:14:49 2024 +0000 + + upstream: escape the final dot at eol in "e.g." to avoid double + + spacing; + + OpenBSD-Commit-ID: 0a9fb10bc9f7d577afe2da3f498a08bc431115b9 + +commit 0e0c69761a4c33ccd4a256560f522784a753d1a8 +Author: djm@openbsd.org +Date: Thu Jun 6 20:25:48 2024 +0000 + + upstream: enable PerSourcePenalties by default. + + ok markus + + NB. if you run a sshd that accepts connections from behind large NAT + blocks, proxies or anything else that aggregates many possible users + behind few IP addresses, then this change may cause legitimate traffic + to be denied. + + Please read the PerSourcePenalties, PerSourcePenaltyExemptList and + PerSourceNetBlockSize options in sshd_config(5) for how to tune your + sshd(8) for your specific circumstances. + + OpenBSD-Commit-ID: 24a0e5c23d37e5a63e16d2c6da3920a51078f6ce + +commit bd1f74741daabeaf20939a85cd8cec08c76d0bec +Author: djm@openbsd.org +Date: Thu Jun 6 20:20:42 2024 +0000 + + upstream: mention that PerSourcePenalties don't affect concurrent + + in-progress connections. + + OpenBSD-Commit-ID: 20389da6264f2c97ac3463edfaa1182c212d420c + +commit 9774b938578327d88a651f4c63c504809717590a +Author: djm@openbsd.org +Date: Thu Jun 6 19:49:25 2024 +0000 + + upstream: regress test for PerSourcePenalties + + OpenBSD-Regress-ID: a1af13d411b25a727742644459d26480b9a1b0f1 + +commit b8ebd86cefe9812204a10c028dc90de29918667d +Author: djm@openbsd.org +Date: Thu Jun 6 19:48:40 2024 +0000 + + upstream: make sure logs are saved from sshd run via start_sshd + + OpenBSD-Regress-ID: de4ef0e32e3ab85ff3a6c36eb08d1909c0dd1b4a + +commit d7b2070bdaa4ebbfafb9975c1d5a62b73289d31f +Author: djm@openbsd.org +Date: Thu Jun 6 19:47:48 2024 +0000 + + upstream: simplify + + OpenBSD-Regress-ID: 50316e0d1ae0c0a057a45af042253e54ce23d11c + +commit e6ea3d224513b6bfb93818809d4c7397f5995ba2 +Author: djm@openbsd.org +Date: Thu Jun 6 18:48:13 2024 +0000 + + upstream: prepare for PerSourcePenalties being enabled by default + + in future + + OpenBSD-Regress-ID: 5236c6d1c823997aac5a35e2915da30f1903bec7 + +commit c0cb3b8c837761816a60a3cdb54062668df09652 +Author: djm@openbsd.org +Date: Thu Jun 6 19:50:01 2024 +0000 + + upstream: disable stderr redirection before closing fds + + OpenBSD-Commit-ID: d42cb895ee4542098050367fc35321c9303f003a + +commit 81c1099d22b81ebfd20a334ce986c4f753b0db29 +Author: djm@openbsd.org +Date: Thu Jun 6 17:15:25 2024 +0000 + + upstream: Add a facility to sshd(8) to penalise particular + + problematic client behaviours, controlled by two new sshd_config(5) options: + PerSourcePenalties and PerSourcePenaltyExemptList. + + When PerSourcePenalties are enabled, sshd(8) will monitor the exit + status of its child pre-auth session processes. Through the exit + status, it can observe situations where the session did not + authenticate as expected. These conditions include when the client + repeatedly attempted authentication unsucessfully (possibly indicating + an attack against one or more accounts, e.g. password guessing), or + when client behaviour caused sshd to crash (possibly indicating + attempts to exploit sshd). + + When such a condition is observed, sshd will record a penalty of some + duration (e.g. 30 seconds) against the client's address. If this time + is above a minimum threshold specified by the PerSourcePenalties, then + connections from the client address will be refused (along with any + others in the same PerSourceNetBlockSize CIDR range). + + Repeated offenses by the same client address will accrue greater + penalties, up to a configurable maximum. A PerSourcePenaltyExemptList + option allows certain address ranges to be exempt from all penalties. + + We hope these options will make it significantly more difficult for + attackers to find accounts with weak/guessable passwords or exploit + bugs in sshd(8) itself. + + PerSourcePenalties is off by default, but we expect to enable it + automatically in the near future. + + much feedback markus@ and others, ok markus@ + + OpenBSD-Commit-ID: 89ded70eccb2b4926ef0366a4d58a693de366cca + +commit 916b0b6174e203cf2c5ec9bcf409472eb7ffbf43 +Author: Damien Miller +Date: Fri Jun 7 03:31:02 2024 +1000 + + whitespace + +commit 49b55e44182b8294419aa580cbf043d5b9e3d953 +Author: deraadt@openbsd.org +Date: Tue Jun 4 15:14:45 2024 +0000 + + upstream: enable -fret-clean on amd64, for libc libcrypto ld.so + + kernel, and all the ssh tools. The dynamic objects are entirely ret-clean, + static binaries will contain a blend of cleaning and non-cleaning callers. + + OpenBSD-Commit-ID: 112aacedd3b61cc5c34b1fa6d9fb759214179172 + +commit cc80d51d034bcb24fd0f2564a4bdf1612000a2a2 +Author: Damien Miller +Date: Wed Jun 5 02:21:30 2024 +1000 + + remove PRIVSEP macros for osx + +commit 8785491123d4d722b310c20f383570be758f8263 +Author: djm@openbsd.org +Date: Sat Jun 1 07:03:37 2024 +0000 + + upstream: be really strict with fds reserved for communication with the + + separate sshd-session process - reserve them early and fatal if we can't + dup2(2) them later. The pre-split fallback to re-reading the configuration + files is not possible, so sshd-session absolutely requires the fd the + configuration is passed over to be in order. + + ok deraadt@ + + OpenBSD-Commit-ID: 308a98ef3c8a6665ebf92c7c9a0fc9600ccd7065 + +commit f1c8918cb98459910fb159373baea053ba4108c0 +Author: Damien Miller +Date: Fri May 31 19:12:26 2024 +1000 + + depend + +commit 94b4866cb1f4b0ed29a9f367047b30f81002316f +Author: Damien Miller +Date: Fri May 31 19:11:14 2024 +1000 + + rename need_privsep to need_chroot + + privsep is mandatory, chroot is optional (disabled when running + sshd as non-root) + +commit e68a95142e5024b144f8eeccd5ffdee42c34f44c +Author: Damien Miller +Date: Fri May 31 19:05:34 2024 +1000 + + remove remaining use_privsep mention + +commit b21d271f651d2536dca819cc6d74032fe98634db +Author: djm@openbsd.org +Date: Fri May 31 09:01:08 2024 +0000 + + upstream: warn when -r (deprecated option to disable re-exec) is + + passed + + OpenBSD-Commit-ID: 73145ef5150edbe3ce7889f0844ed8fa6155f551 + +commit a4b5bc246cbca476deeeb4462aa31746a56e3021 +Author: djm@openbsd.org +Date: Fri May 31 08:49:35 2024 +0000 + + upstream: typos + + OpenBSD-Commit-ID: edfa72eb06bfa65da30fabf7d2fe76d2d33f77bf + +commit 8054b906983ceaed01fabd8188d3dac24c05ba39 +Author: djm@openbsd.org +Date: Mon May 27 01:52:26 2024 +0000 + + upstream: don't need sys/queue.h here + + OpenBSD-Commit-ID: dd137396828171eb19e4911581812ca58de6c578 + +commit 210d4239733da6180ce853538aeb9413d5c62ad5 +Author: naddy@openbsd.org +Date: Sun May 26 20:35:12 2024 +0000 + + upstream: remove references to SSH1 and DSA server keys + + OpenBSD-Commit-ID: 57cc1c98d4f998981473734f144b904af7d178a2 + +commit f0b9261d7fdd0ef86806b49fe76344bd16770cd0 +Author: jsg@openbsd.org +Date: Thu May 23 23:47:16 2024 +0000 + + upstream: remove unused struct fwd_perm_list, no decl with complete + + type ok djm@ + + OpenBSD-Commit-ID: 416fb3970b7e73c76d2963c4f00cf96f2b2ee2fb + +commit 2477a98c3ef78e63b11a1393656e00288f52ae97 +Author: naddy@openbsd.org +Date: Wed May 22 15:24:55 2024 +0000 + + upstream: Do not pass -Werror twice when building with clang. + + OpenBSD-Commit-ID: 5f378c38ad8976d507786dc4db9283a879ec8cd0 + +commit 435844f5675245b4271f8581f15e6d1f34fde3bc +Author: miod@openbsd.org +Date: Wed May 22 11:49:36 2024 +0000 + + upstream: Do not pass -Werror if building with gcc 3, for asn1.h + + and bio.h cause (admittedly bogus) warnings with gcc 3. + + OpenBSD-Commit-ID: fb39324748824cb0387e9d67c41d1bef945c54ea + +commit fc5dc092830de23767c6ef67baa18310a64ee533 +Author: djm@openbsd.org +Date: Wed May 22 04:20:00 2024 +0000 + + upstream: this test has been broken since 2014, and has been + + testing the same key exchange algorithm repeatedly instead of testing all of + them. Spotted by nreilly AT blackberry.com in bz3692 + + Who broke the test? me. + + OpenBSD-Regress-ID: 48f4f5946276f975667141957d25441b3c9a50e2 + +commit fd4816791beaed2fdae7eea3e1494d1972b2a39d +Author: anton@openbsd.org +Date: Sun May 19 19:10:01 2024 +0000 + + upstream: Add missing kex-names.c source file required since the + + ssh split. + + OpenBSD-Regress-ID: ca666223f828fc4b069cb9016bff1eb50faf9fbb + +commit beccb7319c5449f6454889013403c336446d622e +Author: naddy@openbsd.org +Date: Fri May 17 14:42:00 2024 +0000 + + upstream: remove duplicate copy of relink kit for sshd-session + + OpenBSD-Commit-ID: 6d2ded4cd91d4d727c2b26e099b91ea935bed504 + +commit dcd79fa141311c287e0595ede684b7116122fae0 +Author: jsg@openbsd.org +Date: Fri May 17 06:42:04 2024 +0000 + + upstream: remove prototypes with no matching function; ok djm@ + + OpenBSD-Commit-ID: 6d9065dadea5f14a01bece0dbfe2fba1be31c693 + +commit 6454a05e7c6574d70adf17efe505a8581a86ca4f +Author: jsg@openbsd.org +Date: Fri May 17 06:38:00 2024 +0000 + + upstream: remove externs for removed vars; ok djm@ + + OpenBSD-Commit-ID: f51ea791d45c15d4927eb4ae7d877ccc1e5a2aab + +commit f3e4db4601ef7d2feb1d6f7447e432aaf353a616 +Author: deraadt@openbsd.org +Date: Fri May 17 06:11:17 2024 +0000 + + upstream: -Werror was turned on (probably just for development), + + and this is a simple way to satisfy older gcc. + + OpenBSD-Commit-ID: 7f698df54384b437ce33ab7405f0b86c87019e86 + +commit 24a1f3e5ad6f4a49377d4c74c36637e9a239efd0 +Author: Damien Miller +Date: Fri May 17 14:50:43 2024 +1000 + + attempt at updating RPM specs for sshd-session + +commit 17b566eeb7a0c6acc9c48b35c08885901186f861 +Author: djm@openbsd.org +Date: Fri May 17 04:42:13 2024 +0000 + + upstream: g/c unused variable + + OpenBSD-Commit-ID: aa6ef0778a1f1bde0d73efba72a777c48d2bd010 + +commit 01fb82eb2aa0a4eaf5c394ea8bb37ea4c26f8a3f +Author: jsg@openbsd.org +Date: Fri May 17 02:39:11 2024 +0000 + + upstream: spelling; ok djm@ + + OpenBSD-Commit-ID: bdea29bb3ed2a5a7782999c4c663b219d2270483 + +commit b88b690e99145a021fc1a1a116a11e0bce0594e7 +Author: djm@openbsd.org +Date: Fri May 17 01:45:22 2024 +0000 + + upstream: allow overriding the sshd-session binary path + + OpenBSD-Regress-ID: 5058cd1c4b6ca1a15474e33546142931d9f964da + +commit a68f80f2511f0e0c5cef737a8284cc2dfabad818 +Author: anton@openbsd.org +Date: Wed Apr 3 06:01:11 2024 +0000 + + upstream: Since ssh-agent(1) is only readable by root by now, use + + ssh(1) while generating data in tests. + + OpenBSD-Regress-ID: 24eb40de2e6b0ace185caaba35e2d470331ffe68 + +commit 92e55890314ce2b0be21a43ebcbc043b4abc232f +Author: djm@openbsd.org +Date: Fri May 17 01:17:40 2024 +0000 + + upstream: fix incorrect debug option name introduce in previous + + commit + + OpenBSD-Commit-ID: 66d69e22b1c072c694a7267c847f212284614ed3 + +commit 4ad72878af7b6ec28da6e230e36a91650ebe84c1 +Author: deraadt@openbsd.org +Date: Fri May 17 00:33:25 2024 +0000 + + upstream: construct and install a relink-kit for sshd-session ok + + djm + + OpenBSD-Commit-ID: 8b3820adb4da4e139c4b3cffbcc0bde9f08bf0c6 + +commit 02e679a2cb3f6df8e9dbb1519ed578226485157f +Author: Damien Miller +Date: Fri May 17 12:21:27 2024 +1000 + + Makefile support for sshd-session + +commit c0416035c5eaf70a8450d11c8833c5f7068ee7ad +Author: djm@openbsd.org +Date: Fri May 17 00:32:32 2024 +0000 + + upstream: missing files from previous + + OpenBSD-Commit-ID: 4b7be4434d8799f02365552b641a7a70a7ebeb2f + +commit 03e3de416ed7c34faeb692967737be4a7bbe2eb5 +Author: djm@openbsd.org +Date: Fri May 17 00:30:23 2024 +0000 + + upstream: Start the process of splitting sshd into separate + + binaries. This step splits sshd into a listener and a session binary. More + splits are planned. + + After this changes, the listener binary will validate the configuration, + load the hostkeys, listen on port 22 and manage MaxStartups only. All + session handling will be performed by a new sshd-session binary that the + listener fork+execs. + + This reduces the listener process to the minimum necessary and sets us + up for future work on the sshd-session binary. + + feedback/ok markus@ deraadt@ + + NB. if you're updating via source, please restart sshd after installing, + otherwise you run the risk of locking yourself out. + + OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934 + +commit 1c0d81357921f8d3bab06841df649edac515ae5b +Author: djm@openbsd.org +Date: Thu May 9 09:46:47 2024 +0000 + + upstream: simplify exit message handling, which was more complicated + + than it needed to be because of unexpunged ssh1 remnants. ok markus@ + + OpenBSD-Commit-ID: 8b0cd2c0dee75fb053718f442aa89510b684610b + +commit cbbbf76aa6cd54fce32eacce1300e7abcf9461d4 +Author: tobias@openbsd.org +Date: Mon May 6 19:26:17 2024 +0000 + + upstream: remove SSH1 leftovers + + Authored with Space Meyer + + ok djm + + OpenBSD-Commit-ID: 81db602e4cb407baae472689db1c222ed7b2afa3 + +commit bc5dcb8ab9a4e8af54a724883732af378f42ea78 +Author: tobias@openbsd.org +Date: Tue Apr 30 15:40:43 2024 +0000 + + upstream: never close stdin + + The sanitise_stdfd call makes sure that standard file descriptors are + open (if they were closed, they are connected with /dev/null). + + Do not close stdin in any case to prevent error messages when stdin is + read multiple times and to prevent later usage of fd 0 for connections, + e.g. + + echo localhost | ssh-keyscan -f - -f - + + While at it, make stdin-related error messages nicer. + + Authored with Max Kunzelmann + + ok djm + + OpenBSD-Commit-ID: 48e9b7938e2fa2f9bd47e6de6df66a31e0b375d3 + +commit 6a42b70e56bef1aacdcdf06352396e837883e84f +Author: Damien Miller +Date: Wed May 8 09:43:59 2024 +1000 + + sync getrrsetbyname.c with recent upstream changes + +commit 385ecb31e147dfea59c1c488a1d2011d3867e60e +Author: djm@openbsd.org +Date: Tue Apr 30 06:23:51 2024 +0000 + + upstream: fix home-directory extension implementation, it always + + returned the current user's home directory contrary to the spec. + + Patch from Jakub Jelen via GHPR477 + + OpenBSD-Commit-ID: 5afd775eab7f9cbe222d7fbae4c793de6c3b3d28 + +commit 14e2b16bc67ffcc188906f65008667e22f73d103 +Author: djm@openbsd.org +Date: Tue Apr 30 06:16:55 2024 +0000 + + upstream: flush stdout after writing "sftp>" prompt when not using + + editline. + + From Alpine Linux via GHPR480 + + OpenBSD-Commit-ID: 80bdc7ffe0358dc090eb9b93e6dedb2b087b24cd + +commit 2e69a724051488e3fb3cd11531c4b5bc1764945b +Author: djm@openbsd.org +Date: Tue Apr 30 05:53:03 2024 +0000 + + upstream: stricter validation of messaging socket fd number; disallow + + usage of stderr. Based on GHPR492 by RealHurrison + + OpenBSD-Commit-ID: 73dbbe82ea16f73ce1d044d3232bc869ae2f2ce8 + +commit da757b022bf18c6f7d04e685a10cd96ed00f83da +Author: djm@openbsd.org +Date: Tue Apr 30 05:45:56 2024 +0000 + + upstream: add missing reserved fields to key constraint protocol + + documentation. + + from Wiktor Kwapisiewicz via GHPR487 + + OpenBSD-Commit-ID: 0dfb69998cfdb3fa00cbb0e7809e7d2f6126e3df + +commit 16d0b82fa08038f35f1b3630c70116979f49784f +Author: Damien Miller +Date: Tue Apr 30 12:39:34 2024 +1000 + + depend + +commit 66aaa678dbe59aa21d0d9d89a3596ecedde0254b +Author: djm@openbsd.org +Date: Tue Apr 30 02:14:10 2024 +0000 + + upstream: correctly restore sigprocmask around ppoll() reported + + by Tõivo Leedjärv; ok deraadt@ + + OpenBSD-Commit-ID: c0c0f89de5294a166578f071eade2501929c4686 + +commit 80fb0eb21551aed3aebb009ab20aeffeb01e44e0 +Author: djm@openbsd.org +Date: Tue Apr 30 02:10:49 2024 +0000 + + upstream: add explict check for server hostkey type against + + HostkeyAlgorithms. Allows HostkeyAlgorithms to disable implicit fallback from + certificate keys to plain keys. ok markus@ + + OpenBSD-Commit-ID: 364087e4a395ff9b2f42bf3aefdb2090bb23643a + +commit 5b28096d31ff7d80748fc845553a4aef5bb05d86 +Author: jsg@openbsd.org +Date: Tue Apr 23 13:34:50 2024 +0000 + + upstream: correct indentation; no functional change ok tb@ + + OpenBSD-Commit-ID: dd9702fd43de546bc6a3f4f025c74d6f3692a0d4 + +commit fd3cb8a82784e05f621dea5b56ac6f89bc53c067 +Author: semarie@openbsd.org +Date: Thu Apr 4 16:00:51 2024 +0000 + + upstream: set right mode on ssh-agent at boot-time + + which sthen@ + ok deraadt@ + + OpenBSD-Commit-ID: 662b5056a2c6171563e1626f9c69f27862b5e7af + +commit 54343a260e3aa4bceca1852dde31cd08e2abd82b +Author: deraadt@openbsd.org +Date: Tue Apr 2 12:22:38 2024 +0000 + + upstream: Oops, incorrect hex conversion spotted by claudio. + + While here try to improve how it reads a bit better. Surprising the + regression tests didn't spot this error, maybe it fails to roundtrip the + values. + + OpenBSD-Commit-ID: 866cfcc1955aef8f3fc32da0b70c353a1b859f2e + +commit ec78c31409590ad74efc194f886273ed080a545a +Author: deraadt@openbsd.org +Date: Tue Apr 2 10:02:08 2024 +0000 + + upstream: for parse_ipqos(), use strtonum() instead of mostly + + idiomatic strtoul(), but wow it's so gross. ok djm + + OpenBSD-Commit-ID: cec14a76af2eb7b225300c80fc0e21052be67b05 + +commit 8176e1a6c2e6da9361a7abb6fbf6c23c299f495b +Author: deraadt@openbsd.org +Date: Tue Apr 2 09:56:58 2024 +0000 + + upstream: can shortcut by returning strtonum() value directly; ok + + djm + + OpenBSD-Commit-ID: 7bb2dd3d6d1f288dac14247d1de446e3d7ba8b8e + +commit 9f543d7022a781f80bb696f9d73f1d1c6f9e31d6 +Author: deraadt@openbsd.org +Date: Tue Apr 2 09:52:14 2024 +0000 + + upstream: rewrite convtime() to use a isdigit-scanner and + + strtonum() instead of strange strtoul can might be fooled by garage + characters. passes regress/usr.bin/ssh/unittests/misc ok djm + + OpenBSD-Commit-ID: 4b1ef826bb16047aea3f3bdcb385b72ffd450abc + +commit 8673137f780d8d9e4cda3c4605cb5d88d5cea271 +Author: claudio@openbsd.org +Date: Tue Apr 2 09:48:24 2024 +0000 + + upstream: Remove unused ptr[3] char array in pkcs11_decode_hex. + + OK deraadt@ + + OpenBSD-Commit-ID: 3d14433e39fd558f662d3b0431c4c555ef920481 + +commit c7fec708f331f108343d69e4d74c9a5d86d6cfe7 +Author: deraadt@openbsd.org +Date: Tue Apr 2 09:32:28 2024 +0000 + + upstream: Replace non-idiomatic strtoul(, 16) to parse a region + + of 2-character hex sequences with a low-level replacement designed just for + the task. ok djm + + OpenBSD-Commit-ID: 67bab8b8a4329a19a0add5085eacd6f4cc215e85 + +commit 019a5f483b0f588da6270ec401d0b4bb35032f3f +Author: deraadt@openbsd.org +Date: Tue Apr 2 09:29:31 2024 +0000 + + upstream: Use strtonum() instead of severely non-idomatic + + strtoul() In particular this will now reject trailing garbage, ie. + '12garbage'. ok djm + + OpenBSD-Commit-ID: c82d95e3ccbfedfc91a8041c2f8bf0cf987d1501 + +commit 8231ca046fa39ea4eb99b79e0a6e09dec50ac952 +Author: deraadt@openbsd.org +Date: Mon Apr 1 15:50:17 2024 +0000 + + upstream: also create a relink kit for ssh-agent, since it is a + + long-running setgid program carrying keys with some (not very powerful) + communication channels. solution for testing the binary from dtucker. + agreement from djm. Will add it into /etc/rc in a few days. + + OpenBSD-Commit-ID: 2fe8d707ae35ba23c7916adcb818bb5b66837ba0 + +commit bf7bf50bd6a14e49c9c243cb8f4de31e555a5a2e +Author: deraadt@openbsd.org +Date: Mon Apr 1 15:48:16 2024 +0000 + + upstream: new-style relink kit for sshd. The old scheme created + + a Makefile by concatenating two Makefiles and was incredibly fragile. In the + new way a narrow-purposed install.sh script is created and shipped with the + objects. A recently commited /etc/rc script understands these files. + + OpenBSD-Commit-ID: ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3 + +commit 00e63688920905e326d8667cb47f17a156b6dc8f +Author: renmingshuai +Date: Fri Apr 12 10:20:49 2024 +0800 + + Shell syntax fix (leftover from a sync). + + Signed-off-by: renmingshuai + +commit 2eded551ba96e66bc3afbbcc883812c2eac02bd7 +Author: Darren Tucker +Date: Thu Apr 25 13:20:19 2024 +1000 + + Merge flags for OpenSSL 3.x versions. + + OpenSSL has moved to 3.4 which we don't currently accept. Based on + the OpenSSL versioning policy[0] it looks like all of the 3.x versions + should work with OpenSSH, so remove the distinction in configure and + accept all of them. + + [0] https://openssl.org/policies/general/versioning-policy.html + +commit 8673245918081c6d1dc7fb3733c8eb2c5a902c5e +Author: Darren Tucker +Date: Thu Apr 25 13:19:03 2024 +1000 + + Remove 9.6 branch from status page. + +commit 70d43049747fa3c66cf876d52271859407cec2fa +Author: Darren Tucker +Date: Thu Apr 25 13:16:58 2024 +1000 + + Update LibreSSL and OpenSSL versions tested. + + Update LibreSSL versions to current releases (3.8.4 & 3.9.1). + Add newly-released OpenSSL 3.3.0, and add tests against the 3.1 and + 3.3 branches. + +commit 88351eca17dcc55189991ba60e50819b6d4193c1 +Author: 90 +Date: Fri Apr 5 19:36:06 2024 +0100 + + Fix missing header for systemd notification + +commit 08f579231cd38a1c657aaa6ddeb8ab57a1fd4f5c +Author: Damien Miller +Date: Wed Apr 3 14:40:32 2024 +1100 + + notify systemd on listen and reload + + Standalone implementation that does not depend on libsystemd. + With assistance from Luca Boccassi, and feedback/testing from Colin + Watson. bz2641 diff --git a/aclocal.m4 b/aclocal.m4 new file mode 100644 index 000000000000..5a19d278477f --- /dev/null +++ b/aclocal.m4 @@ -0,0 +1,15 @@ +# generated automatically by aclocal 1.16.5 -*- Autoconf -*- + +# Copyright (C) 1996-2021 Free Software Foundation, Inc. + +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) +m4_include([m4/openssh.m4]) diff --git a/config.h.in b/config.h.in new file mode 100644 index 000000000000..4c12a6c0dc59 --- /dev/null +++ b/config.h.in @@ -0,0 +1,2107 @@ +/* config.h.in. Generated from configure.ac by autoheader. */ + +/* Define if building universal (internal helper macro) */ +#undef AC_APPLE_UNIVERSAL_BUILD + +/* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address + */ +#undef AIX_GETNAMEINFO_HACK + +/* Define if your AIX loginfailed() function takes 4 arguments (AIX >= 5.2) */ +#undef AIX_LOGINFAILED_4ARG + +/* System only supports IPv4 audit records */ +#undef AU_IPv4 + +/* Define if your resolver libs need this for getrrsetbyname */ +#undef BIND_8_COMPAT + +/* The system has incomplete BSM API */ +#undef BROKEN_BSM_API + +/* broken in chroots on older kernels */ +#undef BROKEN_CLOSEFROM + +/* Define if cmsg_type is not passed correctly */ +#undef BROKEN_CMSG_TYPE + +/* getaddrinfo is broken (if present) */ +#undef BROKEN_GETADDRINFO + +/* getgroups(0,NULL) will return -1 */ +#undef BROKEN_GETGROUPS + +/* getline is not what we expect */ +#undef BROKEN_GETLINE + +/* Do not use system glob */ +#undef BROKEN_GLOB + +/* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */ +#undef BROKEN_INET_NTOA + +/* Define if your struct dirent expects you to allocate extra space for d_name + */ +#undef BROKEN_ONE_BYTE_DIRENT_D_NAME + +/* System poll(2) implementation is broken */ +#undef BROKEN_POLL + +/* Can't do comparisons on readv */ +#undef BROKEN_READV_COMPARISON + +/* NetBSD read function is sometimes redirected, breaking atomicio comparisons + against it */ +#undef BROKEN_READ_COMPARISON + +/* Needed for NeXT */ +#undef BROKEN_SAVED_UIDS + +/* Define if your setregid() is broken */ +#undef BROKEN_SETREGID + +/* Define if your setresgid() is broken */ +#undef BROKEN_SETRESGID + +/* Define if your setresuid() is broken */ +#undef BROKEN_SETRESUID + +/* Define if your setreuid() is broken */ +#undef BROKEN_SETREUID + +/* LynxOS has broken setvbuf() implementation */ +#undef BROKEN_SETVBUF + +/* QNX shadow support is broken */ +#undef BROKEN_SHADOW_EXPIRE + +/* Define if your snprintf is busted */ +#undef BROKEN_SNPRINTF + +/* strndup broken, see APAR IY61211 */ +#undef BROKEN_STRNDUP + +/* strnlen broken, see APAR IY62551 */ +#undef BROKEN_STRNLEN + +/* strnvis detected broken */ +#undef BROKEN_STRNVIS + +/* tcgetattr with ICANON may hang */ +#undef BROKEN_TCGETATTR_ICANON + +/* updwtmpx is broken (if present) */ +#undef BROKEN_UPDWTMPX + +/* Define if you have BSD auth support */ +#undef BSD_AUTH + +/* Define if you want to specify the path to your lastlog file */ +#undef CONF_LASTLOG_FILE + +/* Define if you want to specify the path to your utmp file */ +#undef CONF_UTMP_FILE + +/* Define if you want to specify the path to your wtmpx file */ +#undef CONF_WTMPX_FILE + +/* Define if you want to specify the path to your wtmp file */ +#undef CONF_WTMP_FILE + +/* Need to call setpgrp as root */ +#undef DISABLE_FD_PASSING + +/* Define if you don't want to use lastlog */ +#undef DISABLE_LASTLOG + +/* Define if you don't want to use your system's login() call */ +#undef DISABLE_LOGIN + +/* Define if you don't want to use pututline() etc. to write [uw]tmp */ +#undef DISABLE_PUTUTLINE + +/* Define if you don't want to use pututxline() etc. to write [uw]tmpx */ +#undef DISABLE_PUTUTXLINE + +/* Define if you want to disable shadow passwords */ +#undef DISABLE_SHADOW + +/* Define if you don't want to use utmp */ +#undef DISABLE_UTMP + +/* Define if you don't want to use utmpx */ +#undef DISABLE_UTMPX + +/* Define if you don't want to use wtmp */ +#undef DISABLE_WTMP + +/* Define if you don't want to use wtmpx */ +#undef DISABLE_WTMPX + +/* Enable for PKCS#11 support */ +#undef ENABLE_PKCS11 + +/* Enable for U2F/FIDO support */ +#undef ENABLE_SK + +/* Enable for built-in U2F/FIDO support */ +#undef ENABLE_SK_INTERNAL + +/* define if fflush(NULL) does not work */ +#undef FFLUSH_NULL_BUG + +/* File names may not contain backslash characters */ +#undef FILESYSTEM_NO_BACKSLASH + +/* fsid_t has member val */ +#undef FSID_HAS_VAL + +/* fsid_t has member __val */ +#undef FSID_HAS___VAL + +/* getpgrp takes one arg */ +#undef GETPGRP_VOID + +/* Conflicting defs for getspnam */ +#undef GETSPNAM_CONFLICTING_DEFS + +/* Define if your system glob() function has the GLOB_ALTDIRFUNC extension */ +#undef GLOB_HAS_ALTDIRFUNC + +/* Define if your system glob() function has gl_matchc options in glob_t */ +#undef GLOB_HAS_GL_MATCHC + +/* Define if your system glob() function has gl_statv options in glob_t */ +#undef GLOB_HAS_GL_STATV + +/* Define this if you want GSSAPI support in the version 2 protocol */ +#undef GSSAPI + +/* Define if you want to use shadow password expire field */ +#undef HAS_SHADOW_EXPIRE + +/* Define if your system uses access rights style file descriptor passing */ +#undef HAVE_ACCRIGHTS_IN_MSGHDR + +/* Define if you have ut_addr in utmp.h */ +#undef HAVE_ADDR_IN_UTMP + +/* Define if you have ut_addr in utmpx.h */ +#undef HAVE_ADDR_IN_UTMPX + +/* Define if you have ut_addr_v6 in utmp.h */ +#undef HAVE_ADDR_V6_IN_UTMP + +/* Define if you have ut_addr_v6 in utmpx.h */ +#undef HAVE_ADDR_V6_IN_UTMPX + +/* Define to 1 if you have the `arc4random' function. */ +#undef HAVE_ARC4RANDOM + +/* Define to 1 if you have the `arc4random_buf' function. */ +#undef HAVE_ARC4RANDOM_BUF + +/* Define to 1 if you have the `arc4random_stir' function. */ +#undef HAVE_ARC4RANDOM_STIR + +/* Define to 1 if you have the `arc4random_uniform' function. */ +#undef HAVE_ARC4RANDOM_UNIFORM + +/* Define to 1 if you have the `asprintf' function. */ +#undef HAVE_ASPRINTF + +/* OpenBSD's gcc has bounded */ +#undef HAVE_ATTRIBUTE__BOUNDED__ + +/* Have attribute nonnull */ +#undef HAVE_ATTRIBUTE__NONNULL__ + +/* compiler supports nonstring attribute */ +#undef HAVE_ATTRIBUTE__NONSTRING__ + +/* OpenBSD's gcc has sentinel */ +#undef HAVE_ATTRIBUTE__SENTINEL__ + +/* Define to 1 if you have the `aug_get_machine' function. */ +#undef HAVE_AUG_GET_MACHINE + +/* Define to 1 if you have the `auth_hostok' function. */ +#undef HAVE_AUTH_HOSTOK + +/* Define to 1 if you have the `auth_timeok' function. */ +#undef HAVE_AUTH_TIMEOK + +/* Define to 1 if you have the `b64_ntop' function. */ +#undef HAVE_B64_NTOP + +/* Define to 1 if you have the `b64_pton' function. */ +#undef HAVE_B64_PTON + +/* Define if you have the basename function. */ +#undef HAVE_BASENAME + +/* Define to 1 if you have the `bcopy' function. */ +#undef HAVE_BCOPY + +/* Define to 1 if you have the `bcrypt_pbkdf' function. */ +#undef HAVE_BCRYPT_PBKDF + +/* Define to 1 if you have the `bindresvport_sa' function. */ +#undef HAVE_BINDRESVPORT_SA + +/* Define to 1 if you have the `blf_enc' function. */ +#undef HAVE_BLF_ENC + +/* Define to 1 if you have the header file. */ +#undef HAVE_BLF_H + +/* Define to 1 if you have the `Blowfish_expand0state' function. */ +#undef HAVE_BLOWFISH_EXPAND0STATE + +/* Define to 1 if you have the `Blowfish_expandstate' function. */ +#undef HAVE_BLOWFISH_EXPANDSTATE + +/* Define to 1 if you have the `Blowfish_initstate' function. */ +#undef HAVE_BLOWFISH_INITSTATE + +/* Define to 1 if you have the `Blowfish_stream2word' function. */ +#undef HAVE_BLOWFISH_STREAM2WORD + +/* Define to 1 if you have the `BN_is_prime_ex' function. */ +#undef HAVE_BN_IS_PRIME_EX + +/* Define to 1 if you have the header file. */ +#undef HAVE_BSD_LIBUTIL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_BSM_AUDIT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_BSTRING_H + +/* Define to 1 if you have the `bzero' function. */ +#undef HAVE_BZERO + +/* calloc(0, x) returns NULL */ +#undef HAVE_CALLOC + +/* Define if you have caph_cache_tzdata */ +#undef HAVE_CAPH_CACHE_TZDATA + +/* Define to 1 if you have the header file. */ +#undef HAVE_CAPSICUM_HELPERS_H + +/* Define to 1 if you have the `cap_rights_limit' function. */ +#undef HAVE_CAP_RIGHTS_LIMIT + +/* Define to 1 if you have the `clock' function. */ +#undef HAVE_CLOCK + +/* Have clock_gettime */ +#undef HAVE_CLOCK_GETTIME + +/* define if you have clock_t data type */ +#undef HAVE_CLOCK_T + +/* Define to 1 if you have the `closefrom' function. */ +#undef HAVE_CLOSEFROM + +/* Define to 1 if you have the `close_range' function. */ +#undef HAVE_CLOSE_RANGE + +/* Define if gai_strerror() returns const char * */ +#undef HAVE_CONST_GAI_STRERROR_PROTO + +/* Define if your system uses ancillary data style file descriptor passing */ +#undef HAVE_CONTROL_IN_MSGHDR + +/* Define to 1 if you have the `crypt' function. */ +#undef HAVE_CRYPT + +/* Define to 1 if you have the header file. */ +#undef HAVE_CRYPTO_SHA2_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_CRYPT_H + +/* Define if you are on Cygwin */ +#undef HAVE_CYGWIN + +/* Define if your libraries define daemon() */ +#undef HAVE_DAEMON + +/* Define to 1 if you have the declaration of `AI_NUMERICSERV', and to 0 if + you don't. */ +#undef HAVE_DECL_AI_NUMERICSERV + +/* Define to 1 if you have the declaration of `authenticate', and to 0 if you + don't. */ +#undef HAVE_DECL_AUTHENTICATE + +/* Define to 1 if you have the declaration of `bzero', and to 0 if you don't. + */ +#undef HAVE_DECL_BZERO + +/* Define to 1 if you have the declaration of `ftruncate', and to 0 if you + don't. */ +#undef HAVE_DECL_FTRUNCATE + +/* Define to 1 if you have the declaration of `getentropy', and to 0 if you + don't. */ +#undef HAVE_DECL_GETENTROPY + +/* Define to 1 if you have the declaration of `getpeereid', and to 0 if you + don't. */ +#undef HAVE_DECL_GETPEEREID + +/* Define to 1 if you have the declaration of `GLOB_NOMATCH', and to 0 if you + don't. */ +#undef HAVE_DECL_GLOB_NOMATCH + +/* Define to 1 if you have the declaration of `GSS_C_NT_HOSTBASED_SERVICE', + and to 0 if you don't. */ +#undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE + +/* Define to 1 if you have the declaration of `howmany', and to 0 if you + don't. */ +#undef HAVE_DECL_HOWMANY + +/* Define to 1 if you have the declaration of `htole64', and to 0 if you + don't. */ +#undef HAVE_DECL_HTOLE64 + +/* Define to 1 if you have the declaration of `h_errno', and to 0 if you + don't. */ +#undef HAVE_DECL_H_ERRNO + +/* Define to 1 if you have the declaration of `INFINITY', and to 0 if you + don't. */ +#undef HAVE_DECL_INFINITY + +/* Define to 1 if you have the declaration of `le32toh', and to 0 if you + don't. */ +#undef HAVE_DECL_LE32TOH + +/* Define to 1 if you have the declaration of `le64toh', and to 0 if you + don't. */ +#undef HAVE_DECL_LE64TOH + +/* Define to 1 if you have the declaration of `loginfailed', and to 0 if you + don't. */ +#undef HAVE_DECL_LOGINFAILED + +/* Define to 1 if you have the declaration of `loginrestrictions', and to 0 if + you don't. */ +#undef HAVE_DECL_LOGINRESTRICTIONS + +/* Define to 1 if you have the declaration of `loginsuccess', and to 0 if you + don't. */ +#undef HAVE_DECL_LOGINSUCCESS + +/* Define to 1 if you have the declaration of `MAXSYMLINKS', and to 0 if you + don't. */ +#undef HAVE_DECL_MAXSYMLINKS + +/* Define to 1 if you have the declaration of `memmem', and to 0 if you don't. + */ +#undef HAVE_DECL_MEMMEM + +/* Define to 1 if you have the declaration of `NFDBITS', and to 0 if you + don't. */ +#undef HAVE_DECL_NFDBITS + +/* Define to 1 if you have the declaration of `offsetof', and to 0 if you + don't. */ +#undef HAVE_DECL_OFFSETOF + +/* Define to 1 if you have the declaration of `O_NONBLOCK', and to 0 if you + don't. */ +#undef HAVE_DECL_O_NONBLOCK + +/* Define to 1 if you have the declaration of `passwdexpired', and to 0 if you + don't. */ +#undef HAVE_DECL_PASSWDEXPIRED + +/* Define to 1 if you have the declaration of `readv', and to 0 if you don't. + */ +#undef HAVE_DECL_READV + +/* Define to 1 if you have the declaration of `setauthdb', and to 0 if you + don't. */ +#undef HAVE_DECL_SETAUTHDB + +/* Define to 1 if you have the declaration of `SHUT_RD', and to 0 if you + don't. */ +#undef HAVE_DECL_SHUT_RD + +/* Define to 1 if you have the declaration of `UINT32_MAX', and to 0 if you + don't. */ +#undef HAVE_DECL_UINT32_MAX + +/* Define to 1 if you have the declaration of `writev', and to 0 if you don't. + */ +#undef HAVE_DECL_WRITEV + +/* Define to 1 if you have the declaration of `_getlong', and to 0 if you + don't. */ +#undef HAVE_DECL__GETLONG + +/* Define to 1 if you have the declaration of `_getshort', and to 0 if you + don't. */ +#undef HAVE_DECL__GETSHORT + +/* Define to 1 if you have the declaration of `__builtin_inff', and to 0 if + you don't. */ +#undef HAVE_DECL___BUILTIN_INFF + +/* Define to 1 if you have the `DES_crypt' function. */ +#undef HAVE_DES_CRYPT + +/* Define if you have /dev/ptmx */ +#undef HAVE_DEV_PTMX + +/* Define if you have /dev/ptc */ +#undef HAVE_DEV_PTS_AND_PTC + +/* Define to 1 if you have the header file. */ +#undef HAVE_DIRENT_H + +/* Define to 1 if you have the `dirfd' function. */ +#undef HAVE_DIRFD + +/* Define to 1 if you have the `dirname' function. */ +#undef HAVE_DIRNAME + +/* Define to 1 if you have the `dlopen' function. */ +#undef HAVE_DLOPEN + +/* Define to 1 if you have the `EC_KEY_METHOD_new' function. */ +#undef HAVE_EC_KEY_METHOD_NEW + +/* Define to 1 if you have the `EC_POINT_get_affine_coordinates' function. */ +#undef HAVE_EC_POINT_GET_AFFINE_COORDINATES + +/* Define to 1 if you have the `EC_POINT_get_affine_coordinates_GFp' function. + */ +#undef HAVE_EC_POINT_GET_AFFINE_COORDINATES_GFP + +/* Define to 1 if you have the `EC_POINT_set_affine_coordinates' function. */ +#undef HAVE_EC_POINT_SET_AFFINE_COORDINATES + +/* Define to 1 if you have the `EC_POINT_set_affine_coordinates_GFp' function. + */ +#undef HAVE_EC_POINT_SET_AFFINE_COORDINATES_GFP + +/* Define to 1 if you have the header file. */ +#undef HAVE_ELF_H + +/* Define to 1 if you have the `endgrent' function. */ +#undef HAVE_ENDGRENT + +/* Define to 1 if you have the header file. */ +#undef HAVE_ENDIAN_H + +/* Define to 1 if you have the `endutent' function. */ +#undef HAVE_ENDUTENT + +/* Define to 1 if you have the `endutxent' function. */ +#undef HAVE_ENDUTXENT + +/* Define to 1 if you have the `err' function. */ +#undef HAVE_ERR + +/* Define to 1 if you have the `errx' function. */ +#undef HAVE_ERRX + +/* Define to 1 if you have the header file. */ +#undef HAVE_ERR_H + +/* Define if your system has /etc/default/login */ +#undef HAVE_ETC_DEFAULT_LOGIN + +/* Define to 1 if you have the `EVP_chacha20' function. */ +#undef HAVE_EVP_CHACHA20 + +/* Define to 1 if you have the `EVP_CIPHER_CTX_get_iv' function. */ +#undef HAVE_EVP_CIPHER_CTX_GET_IV + +/* Define to 1 if you have the `EVP_CIPHER_CTX_get_updated_iv' function. */ +#undef HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV + +/* Define to 1 if you have the `EVP_CIPHER_CTX_iv' function. */ +#undef HAVE_EVP_CIPHER_CTX_IV + +/* Define to 1 if you have the `EVP_CIPHER_CTX_iv_noconst' function. */ +#undef HAVE_EVP_CIPHER_CTX_IV_NOCONST + +/* Define to 1 if you have the `EVP_CIPHER_CTX_set_iv' function. */ +#undef HAVE_EVP_CIPHER_CTX_SET_IV + +/* Define to 1 if you have the `EVP_DigestFinal_ex' function. */ +#undef HAVE_EVP_DIGESTFINAL_EX + +/* Define to 1 if you have the `EVP_DigestInit_ex' function. */ +#undef HAVE_EVP_DIGESTINIT_EX + +/* Define to 1 if you have the `EVP_DigestSign' function. */ +#undef HAVE_EVP_DIGESTSIGN + +/* Define to 1 if you have the `EVP_DigestVerify' function. */ +#undef HAVE_EVP_DIGESTVERIFY + +/* Define to 1 if you have the `EVP_MD_CTX_cleanup' function. */ +#undef HAVE_EVP_MD_CTX_CLEANUP + +/* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */ +#undef HAVE_EVP_MD_CTX_COPY_EX + +/* Define to 1 if you have the `EVP_MD_CTX_init' function. */ +#undef HAVE_EVP_MD_CTX_INIT + +/* Define to 1 if you have the `EVP_PKEY_get_raw_private_key' function. */ +#undef HAVE_EVP_PKEY_GET_RAW_PRIVATE_KEY + +/* Define to 1 if you have the `EVP_PKEY_get_raw_public_key' function. */ +#undef HAVE_EVP_PKEY_GET_RAW_PUBLIC_KEY + +/* Define to 1 if you have the `EVP_sha256' function. */ +#undef HAVE_EVP_SHA256 + +/* Define to 1 if you have the `EVP_sha384' function. */ +#undef HAVE_EVP_SHA384 + +/* Define to 1 if you have the `EVP_sha512' function. */ +#undef HAVE_EVP_SHA512 + +/* Define if you have ut_exit in utmp.h */ +#undef HAVE_EXIT_IN_UTMP + +/* Define to 1 if you have the `explicit_bzero' function. */ +#undef HAVE_EXPLICIT_BZERO + +/* Define to 1 if you have the `explicit_memset' function. */ +#undef HAVE_EXPLICIT_MEMSET + +/* Define to 1 if you have the `fchmod' function. */ +#undef HAVE_FCHMOD + +/* Define to 1 if you have the `fchmodat' function. */ +#undef HAVE_FCHMODAT + +/* Define to 1 if you have the `fchown' function. */ +#undef HAVE_FCHOWN + +/* Define to 1 if you have the `fchownat' function. */ +#undef HAVE_FCHOWNAT + +/* Use F_CLOSEM fcntl for closefrom */ +#undef HAVE_FCNTL_CLOSEM + +/* Define to 1 if you have the header file. */ +#undef HAVE_FCNTL_H + +/* Define to 1 if the system has the type `fd_mask'. */ +#undef HAVE_FD_MASK + +/* Define to 1 if you have the header file. */ +#undef HAVE_FEATURES_H + +/* Define to 1 if you have the `fido_assert_set_clientdata' function. */ +#undef HAVE_FIDO_ASSERT_SET_CLIENTDATA + +/* Define to 1 if you have the `fido_cred_prot' function. */ +#undef HAVE_FIDO_CRED_PROT + +/* Define to 1 if you have the `fido_cred_set_clientdata' function. */ +#undef HAVE_FIDO_CRED_SET_CLIENTDATA + +/* Define to 1 if you have the `fido_cred_set_prot' function. */ +#undef HAVE_FIDO_CRED_SET_PROT + +/* Define to 1 if you have the `fido_dev_get_touch_begin' function. */ +#undef HAVE_FIDO_DEV_GET_TOUCH_BEGIN + +/* Define to 1 if you have the `fido_dev_get_touch_status' function. */ +#undef HAVE_FIDO_DEV_GET_TOUCH_STATUS + +/* Define to 1 if you have the `fido_dev_is_winhello' function. */ +#undef HAVE_FIDO_DEV_IS_WINHELLO + +/* Define to 1 if you have the `fido_dev_supports_cred_prot' function. */ +#undef HAVE_FIDO_DEV_SUPPORTS_CRED_PROT + +/* Define to 1 if you have the header file. */ +#undef HAVE_FLOATINGPOINT_H + +/* Define to 1 if you have the `flock' function. */ +#undef HAVE_FLOCK + +/* Define to 1 if you have the `fmt_scaled' function. */ +#undef HAVE_FMT_SCALED + +/* Define to 1 if you have the `fnmatch' function. */ +#undef HAVE_FNMATCH + +/* Define to 1 if you have the header file. */ +#undef HAVE_FNMATCH_H + +/* Define to 1 if you have the `freeaddrinfo' function. */ +#undef HAVE_FREEADDRINFO + +/* Define to 1 if you have the `freezero' function. */ +#undef HAVE_FREEZERO + +/* Define to 1 if the system has the type `fsblkcnt_t'. */ +#undef HAVE_FSBLKCNT_T + +/* Define to 1 if the system has the type `fsfilcnt_t'. */ +#undef HAVE_FSFILCNT_T + +/* Define to 1 if you have the `fstatat' function. */ +#undef HAVE_FSTATAT + +/* Define to 1 if you have the `fstatfs' function. */ +#undef HAVE_FSTATFS + +/* Define to 1 if you have the `fstatvfs' function. */ +#undef HAVE_FSTATVFS + +/* Define to 1 if you have the `futimes' function. */ +#undef HAVE_FUTIMES + +/* Define to 1 if you have the `gai_strerror' function. */ +#undef HAVE_GAI_STRERROR + +/* Define to 1 if you have the `getaddrinfo' function. */ +#undef HAVE_GETADDRINFO + +/* Define to 1 if you have the `getaudit' function. */ +#undef HAVE_GETAUDIT + +/* Define to 1 if you have the `getaudit_addr' function. */ +#undef HAVE_GETAUDIT_ADDR + +/* Define to 1 if you have the `getcwd' function. */ +#undef HAVE_GETCWD + +/* Define to 1 if you have the `getentropy' function. */ +#undef HAVE_GETENTROPY + +/* Define to 1 if you have the `getgrouplist' function. */ +#undef HAVE_GETGROUPLIST + +/* Define to 1 if you have the `getgrset' function. */ +#undef HAVE_GETGRSET + +/* Define to 1 if you have the `getlastlogxbyname' function. */ +#undef HAVE_GETLASTLOGXBYNAME + +/* Define to 1 if you have the `getline' function. */ +#undef HAVE_GETLINE + +/* Define to 1 if you have the `getluid' function. */ +#undef HAVE_GETLUID + +/* Define to 1 if you have the `getnameinfo' function. */ +#undef HAVE_GETNAMEINFO + +/* Define to 1 if you have the `getopt' function. */ +#undef HAVE_GETOPT + +/* Define to 1 if you have the header file. */ +#undef HAVE_GETOPT_H + +/* Define if your getopt(3) defines and uses optreset */ +#undef HAVE_GETOPT_OPTRESET + +/* Define if your libraries define getpagesize() */ +#undef HAVE_GETPAGESIZE + +/* Define to 1 if you have the `getpeereid' function. */ +#undef HAVE_GETPEEREID + +/* Define to 1 if you have the `getpeerucred' function. */ +#undef HAVE_GETPEERUCRED + +/* Define to 1 if you have the `getpgid' function. */ +#undef HAVE_GETPGID + +/* Define to 1 if you have the `getpgrp' function. */ +#undef HAVE_GETPGRP + +/* Define to 1 if you have the `getpwanam' function. */ +#undef HAVE_GETPWANAM + +/* Define to 1 if you have the `getrandom' function. */ +#undef HAVE_GETRANDOM + +/* Define to 1 if you have the `getrlimit' function. */ +#undef HAVE_GETRLIMIT + +/* Define if getrrsetbyname() exists */ +#undef HAVE_GETRRSETBYNAME + +/* Define to 1 if you have the `getseuserbyname' function. */ +#undef HAVE_GETSEUSERBYNAME + +/* Define to 1 if you have the `getsid' function. */ +#undef HAVE_GETSID + +/* Define to 1 if you have the `gettimeofday' function. */ +#undef HAVE_GETTIMEOFDAY + +/* Define to 1 if you have the `getttyent' function. */ +#undef HAVE_GETTTYENT + +/* Define to 1 if you have the `getutent' function. */ +#undef HAVE_GETUTENT + +/* Define to 1 if you have the `getutid' function. */ +#undef HAVE_GETUTID + +/* Define to 1 if you have the `getutline' function. */ +#undef HAVE_GETUTLINE + +/* Define to 1 if you have the `getutxent' function. */ +#undef HAVE_GETUTXENT + +/* Define to 1 if you have the `getutxid' function. */ +#undef HAVE_GETUTXID + +/* Define to 1 if you have the `getutxline' function. */ +#undef HAVE_GETUTXLINE + +/* Define to 1 if you have the `getutxuser' function. */ +#undef HAVE_GETUTXUSER + +/* Define to 1 if you have the `get_default_context_with_level' function. */ +#undef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL + +/* Define to 1 if you have the `glob' function. */ +#undef HAVE_GLOB + +/* Define to 1 if you have the header file. */ +#undef HAVE_GLOB_H + +/* Define to 1 if you have the `group_from_gid' function. */ +#undef HAVE_GROUP_FROM_GID + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GENERIC_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GSSAPI_GENERIC_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GSSAPI_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GSSAPI_KRB5_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_KRB5_H + +/* Define if HEADER.ad exists in arpa/nameser.h */ +#undef HAVE_HEADER_AD + +/* Define to 1 if you have the `HMAC_CTX_init' function. */ +#undef HAVE_HMAC_CTX_INIT + +/* Define if you have ut_host in utmp.h */ +#undef HAVE_HOST_IN_UTMP + +/* Define if you have ut_host in utmpx.h */ +#undef HAVE_HOST_IN_UTMPX + +/* Define to 1 if you have the header file. */ +#undef HAVE_IAF_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_IA_H + +/* Define if you have ut_id in utmp.h */ +#undef HAVE_ID_IN_UTMP + +/* Define if you have ut_id in utmpx.h */ +#undef HAVE_ID_IN_UTMPX + +/* Define to 1 if you have the header file. */ +#undef HAVE_IFADDRS_H + +/* Define to 1 if you have the `inet_aton' function. */ +#undef HAVE_INET_ATON + +/* Define to 1 if you have the `inet_ntoa' function. */ +#undef HAVE_INET_NTOA + +/* Define to 1 if you have the `inet_ntop' function. */ +#undef HAVE_INET_NTOP + +/* Define to 1 if you have the `innetgr' function. */ +#undef HAVE_INNETGR + +/* define if you have int64_t data type */ +#undef HAVE_INT64_T + +/* Define to 1 if the system has the type `intmax_t'. */ +#undef HAVE_INTMAX_T + +/* Define to 1 if you have the header file. */ +#undef HAVE_INTTYPES_H + +/* define if you have intxx_t data type */ +#undef HAVE_INTXX_T + +/* Define to 1 if the system has the type `in_addr_t'. */ +#undef HAVE_IN_ADDR_T + +/* Define to 1 if the system has the type `in_port_t'. */ +#undef HAVE_IN_PORT_T + +/* Define if you have isblank(3C). */ +#undef HAVE_ISBLANK + +/* Define to 1 if you have the `killpg' function. */ +#undef HAVE_KILLPG + +/* Define to 1 if you have the `krb5_cc_new_unique' function. */ +#undef HAVE_KRB5_CC_NEW_UNIQUE + +/* Define to 1 if you have the `krb5_free_error_message' function. */ +#undef HAVE_KRB5_FREE_ERROR_MESSAGE + +/* Define to 1 if you have the `krb5_get_error_message' function. */ +#undef HAVE_KRB5_GET_ERROR_MESSAGE + +/* Define to 1 if you have the header file. */ +#undef HAVE_LANGINFO_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_LASTLOG_H + +/* Define if you want ldns support */ +#undef HAVE_LDNS + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBAUDIT_H + +/* Define to 1 if you have the `bsm' library (-lbsm). */ +#undef HAVE_LIBBSM + +/* Define to 1 if you have the `dl' library (-ldl). */ +#undef HAVE_LIBDL + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBGEN_H + +/* Define if system has libiaf that supports set_id */ +#undef HAVE_LIBIAF + +/* Define to 1 if you have the `network' library (-lnetwork). */ +#undef HAVE_LIBNETWORK + +/* Define to 1 if you have the `pam' library (-lpam). */ +#undef HAVE_LIBPAM + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBPROC_H + +/* Define to 1 if you have the `socket' library (-lsocket). */ +#undef HAVE_LIBSOCKET + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBUTIL_H + +/* Define to 1 if you have the `xnet' library (-lxnet). */ +#undef HAVE_LIBXNET + +/* Define to 1 if you have the `z' library (-lz). */ +#undef HAVE_LIBZ + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIMITS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_LINUX_AUDIT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_LINUX_FILTER_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_LINUX_IF_TUN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_LINUX_SECCOMP_H + +/* Define to 1 if you have the `llabs' function. */ +#undef HAVE_LLABS + +/* Define to 1 if you have the header file. */ +#undef HAVE_LOCALE_H + +/* Define to 1 if you have the `localtime_r' function. */ +#undef HAVE_LOCALTIME_R + +/* Define to 1 if you have the `login' function. */ +#undef HAVE_LOGIN + +/* Define to 1 if you have the header file. */ +#undef HAVE_LOGIN_CAP_H + +/* Define to 1 if you have the `login_getcapbool' function. */ +#undef HAVE_LOGIN_GETCAPBOOL + +/* Define to 1 if you have the `login_getpwclass' function. */ +#undef HAVE_LOGIN_GETPWCLASS + +/* Define to 1 if you have the header file. */ +#undef HAVE_LOGIN_H + +/* Define to 1 if you have the `logout' function. */ +#undef HAVE_LOGOUT + +/* Define to 1 if you have the `logwtmp' function. */ +#undef HAVE_LOGWTMP + +/* Define to 1 if the system has the type `long double'. */ +#undef HAVE_LONG_DOUBLE + +/* Define to 1 if the system has the type `long long'. */ +#undef HAVE_LONG_LONG + +/* Define to 1 if you have the header file. */ +#undef HAVE_MAILLOCK_H + +/* Define to 1 if your system has a GNU libc compatible `malloc' function, and + to 0 otherwise. */ +#undef HAVE_MALLOC + +/* Define to 1 if you have the `mblen' function. */ +#undef HAVE_MBLEN + +/* Define to 1 if you have the `mbtowc' function. */ +#undef HAVE_MBTOWC + +/* Define to 1 if you have the `memmem' function. */ +#undef HAVE_MEMMEM + +/* Define to 1 if you have the `memmove' function. */ +#undef HAVE_MEMMOVE + +/* Define to 1 if you have the `memset_s' function. */ +#undef HAVE_MEMSET_S + +/* Define to 1 if you have the `mkdtemp' function. */ +#undef HAVE_MKDTEMP + +/* Define to 1 if you have the `mmap' function. */ +#undef HAVE_MMAP + +/* define if you have mode_t data type */ +#undef HAVE_MODE_T + +/* Some systems put nanosleep outside of libc */ +#undef HAVE_NANOSLEEP + +/* Define to 1 if you have the header file. */ +#undef HAVE_NDIR_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETDB_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETGROUP_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_IF_TUN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_ROUTE_H + +/* Define if you are on NeXT */ +#undef HAVE_NEXT + +/* Define to 1 if the system has the type `nfds_t'. */ +#undef HAVE_NFDS_T + +/* Define to 1 if you have the `ngetaddrinfo' function. */ +#undef HAVE_NGETADDRINFO + +/* Define to 1 if you have the `nlist' function. */ +#undef HAVE_NLIST + +/* Define to 1 if you have the header file. */ +#undef HAVE_NLIST_H + +/* Define to 1 if you have the `nl_langinfo' function. */ +#undef HAVE_NL_LANGINFO + +/* Define to 1 if you have the `nsleep' function. */ +#undef HAVE_NSLEEP + +/* Define to 1 if you have the `ogetaddrinfo' function. */ +#undef HAVE_OGETADDRINFO + +/* Define if you have an old version of PAM which takes only one argument to + pam_strerror */ +#undef HAVE_OLD_PAM + +/* Define to 1 if you have the `openlog_r' function. */ +#undef HAVE_OPENLOG_R + +/* Define to 1 if you have the `openpty' function. */ +#undef HAVE_OPENPTY + +/* Define to 1 if you have the `OpenSSL_version' function. */ +#undef HAVE_OPENSSL_VERSION + +/* Define to 1 if you have the `OpenSSL_version_num' function. */ +#undef HAVE_OPENSSL_VERSION_NUM + +/* Define if you have Digital Unix Security Integration Architecture */ +#undef HAVE_OSF_SIA + +/* Define to 1 if you have the `pam_getenvlist' function. */ +#undef HAVE_PAM_GETENVLIST + +/* Define to 1 if you have the header file. */ +#undef HAVE_PAM_PAM_APPL_H + +/* Define to 1 if you have the `pam_putenv' function. */ +#undef HAVE_PAM_PUTENV + +/* Define to 1 if you have the header file. */ +#undef HAVE_PATHS_H + +/* Define if you have ut_pid in utmp.h */ +#undef HAVE_PID_IN_UTMP + +/* define if you have pid_t data type */ +#undef HAVE_PID_T + +/* Define to 1 if you have the `pledge' function. */ +#undef HAVE_PLEDGE + +/* Define to 1 if you have the `poll' function. */ +#undef HAVE_POLL + +/* Define to 1 if you have the header file. */ +#undef HAVE_POLL_H + +/* Define to 1 if you have the `ppoll' function. */ +#undef HAVE_PPOLL + +/* Define to 1 if you have the `prctl' function. */ +#undef HAVE_PRCTL + +/* Define to 1 if you have the `priv_basicset' function. */ +#undef HAVE_PRIV_BASICSET + +/* Define to 1 if you have the header file. */ +#undef HAVE_PRIV_H + +/* Define to 1 if you have the `procctl' function. */ +#undef HAVE_PROCCTL + +/* Define if you have /proc/$pid/fd */ +#undef HAVE_PROC_PID + +/* Define to 1 if you have the `proc_pidinfo' function. */ +#undef HAVE_PROC_PIDINFO + +/* Define to 1 if you have the `pselect' function. */ +#undef HAVE_PSELECT + +/* Define to 1 if you have the `pstat' function. */ +#undef HAVE_PSTAT + +/* Define to 1 if you have the header file. */ +#undef HAVE_PTY_H + +/* Define to 1 if you have the `pututline' function. */ +#undef HAVE_PUTUTLINE + +/* Define to 1 if you have the `pututxline' function. */ +#undef HAVE_PUTUTXLINE + +/* Define to 1 if you have the `raise' function. */ +#undef HAVE_RAISE + +/* Define to 1 if you have the `readpassphrase' function. */ +#undef HAVE_READPASSPHRASE + +/* Define to 1 if you have the header file. */ +#undef HAVE_READPASSPHRASE_H + +/* Define to 1 if your system has a GNU libc compatible `realloc' function, + and to 0 otherwise. */ +#undef HAVE_REALLOC + +/* Define to 1 if you have the `reallocarray' function. */ +#undef HAVE_REALLOCARRAY + +/* Define to 1 if you have the `realpath' function. */ +#undef HAVE_REALPATH + +/* Define to 1 if you have the `recallocarray' function. */ +#undef HAVE_RECALLOCARRAY + +/* Define to 1 if you have the `recvmsg' function. */ +#undef HAVE_RECVMSG + +/* sys/resource.h has RLIMIT_NPROC */ +#undef HAVE_RLIMIT_NPROC + +/* Define to 1 if you have the header file. */ +#undef HAVE_RPC_TYPES_H + +/* Define to 1 if you have the `rresvport_af' function. */ +#undef HAVE_RRESVPORT_AF + +/* Define to 1 if you have the `RSA_generate_key_ex' function. */ +#undef HAVE_RSA_GENERATE_KEY_EX + +/* Define to 1 if you have the `RSA_get_default_method' function. */ +#undef HAVE_RSA_GET_DEFAULT_METHOD + +/* Define to 1 if you have the header file. */ +#undef HAVE_SANDBOX_H + +/* Define to 1 if you have the `sandbox_init' function. */ +#undef HAVE_SANDBOX_INIT + +/* define if you have sa_family_t data type */ +#undef HAVE_SA_FAMILY_T + +/* Define to 1 if you have the `scan_scaled' function. */ +#undef HAVE_SCAN_SCALED + +/* Define if you have SecureWare-based protected password database */ +#undef HAVE_SECUREWARE + +/* Define to 1 if you have the header file. */ +#undef HAVE_SECURITY_PAM_APPL_H + +/* Define to 1 if you have the `sendmsg' function. */ +#undef HAVE_SENDMSG + +/* Define to 1 if you have the `setauthdb' function. */ +#undef HAVE_SETAUTHDB + +/* Define to 1 if you have the `setdtablesize' function. */ +#undef HAVE_SETDTABLESIZE + +/* Define to 1 if you have the `setegid' function. */ +#undef HAVE_SETEGID + +/* Define to 1 if you have the `setenv' function. */ +#undef HAVE_SETENV + +/* Define to 1 if you have the `seteuid' function. */ +#undef HAVE_SETEUID + +/* Define to 1 if you have the `setgroupent' function. */ +#undef HAVE_SETGROUPENT + +/* Define to 1 if you have the `setgroups' function. */ +#undef HAVE_SETGROUPS + +/* Define to 1 if you have the `setlinebuf' function. */ +#undef HAVE_SETLINEBUF + +/* Define to 1 if you have the `setlogin' function. */ +#undef HAVE_SETLOGIN + +/* Define to 1 if you have the `setluid' function. */ +#undef HAVE_SETLUID + +/* Define to 1 if you have the `setpassent' function. */ +#undef HAVE_SETPASSENT + +/* Define to 1 if you have the `setpcred' function. */ +#undef HAVE_SETPCRED + +/* Define to 1 if you have the `setpflags' function. */ +#undef HAVE_SETPFLAGS + +/* Define to 1 if you have the `setppriv' function. */ +#undef HAVE_SETPPRIV + +/* Define to 1 if you have the `setproctitle' function. */ +#undef HAVE_SETPROCTITLE + +/* Define to 1 if you have the `setregid' function. */ +#undef HAVE_SETREGID + +/* Define to 1 if you have the `setresgid' function. */ +#undef HAVE_SETRESGID + +/* Define to 1 if you have the `setresuid' function. */ +#undef HAVE_SETRESUID + +/* Define to 1 if you have the `setreuid' function. */ +#undef HAVE_SETREUID + +/* Define to 1 if you have the `setrlimit' function. */ +#undef HAVE_SETRLIMIT + +/* Define to 1 if you have the `setsid' function. */ +#undef HAVE_SETSID + +/* Define to 1 if you have the `setutent' function. */ +#undef HAVE_SETUTENT + +/* Define to 1 if you have the `setutxdb' function. */ +#undef HAVE_SETUTXDB + +/* Define to 1 if you have the `setutxent' function. */ +#undef HAVE_SETUTXENT + +/* Define to 1 if you have the `setvbuf' function. */ +#undef HAVE_SETVBUF + +/* Define to 1 if you have the `set_id' function. */ +#undef HAVE_SET_ID + +/* Define to 1 if you have the `SHA256Update' function. */ +#undef HAVE_SHA256UPDATE + +/* Define to 1 if you have the header file. */ +#undef HAVE_SHA2_H + +/* Define to 1 if you have the `SHA384Update' function. */ +#undef HAVE_SHA384UPDATE + +/* Define to 1 if you have the `SHA512Update' function. */ +#undef HAVE_SHA512UPDATE + +/* Define to 1 if you have the header file. */ +#undef HAVE_SHADOW_H + +/* Define to 1 if you have the `sigaction' function. */ +#undef HAVE_SIGACTION + +/* Define to 1 if the system has the type `sighandler_t'. */ +#undef HAVE_SIGHANDLER_T + +/* Define to 1 if you have the `sigvec' function. */ +#undef HAVE_SIGVEC + +/* Define to 1 if the system has the type `sig_atomic_t'. */ +#undef HAVE_SIG_ATOMIC_T + +/* define if you have size_t data type */ +#undef HAVE_SIZE_T + +/* Define to 1 if you have the `snprintf' function. */ +#undef HAVE_SNPRINTF + +/* Define to 1 if you have the `socketpair' function. */ +#undef HAVE_SOCKETPAIR + +/* Have PEERCRED socket option */ +#undef HAVE_SO_PEERCRED + +/* define if you have ssize_t data type */ +#undef HAVE_SSIZE_T + +/* Fields in struct sockaddr_storage */ +#undef HAVE_SS_FAMILY_IN_SS + +/* Define if you have ut_ss in utmpx.h */ +#undef HAVE_SS_IN_UTMPX + +/* Define to 1 if you have the `statfs' function. */ +#undef HAVE_STATFS + +/* Define to 1 if you have the `statvfs' function. */ +#undef HAVE_STATVFS + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDDEF_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDIO_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDLIB_H + +/* Define to 1 if you have the `strcasestr' function. */ +#undef HAVE_STRCASESTR + +/* Define to 1 if you have the `strdup' function. */ +#undef HAVE_STRDUP + +/* Define to 1 if you have the `strerror' function. */ +#undef HAVE_STRERROR + +/* Define to 1 if you have the `strftime' function. */ +#undef HAVE_STRFTIME + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRING_H + +/* Define to 1 if you have the `strlcat' function. */ +#undef HAVE_STRLCAT + +/* Define to 1 if you have the `strlcpy' function. */ +#undef HAVE_STRLCPY + +/* Define to 1 if you have the `strmode' function. */ +#undef HAVE_STRMODE + +/* Define to 1 if you have the `strndup' function. */ +#undef HAVE_STRNDUP + +/* Define to 1 if you have the `strnlen' function. */ +#undef HAVE_STRNLEN + +/* Define to 1 if you have the `strnvis' function. */ +#undef HAVE_STRNVIS + +/* Define to 1 if you have the `strptime' function. */ +#undef HAVE_STRPTIME + +/* Define to 1 if you have the `strsep' function. */ +#undef HAVE_STRSEP + +/* Define to 1 if you have the `strsignal' function. */ +#undef HAVE_STRSIGNAL + +/* Define to 1 if you have the `strtoll' function. */ +#undef HAVE_STRTOLL + +/* Define to 1 if you have the `strtonum' function. */ +#undef HAVE_STRTONUM + +/* Define to 1 if you have the `strtoul' function. */ +#undef HAVE_STRTOUL + +/* Define to 1 if you have the `strtoull' function. */ +#undef HAVE_STRTOULL + +/* define if you have struct addrinfo data type */ +#undef HAVE_STRUCT_ADDRINFO + +/* Define to 1 if `d_type' is a member of `struct dirent'. */ +#undef HAVE_STRUCT_DIRENT_D_TYPE + +/* define if you have struct in6_addr data type */ +#undef HAVE_STRUCT_IN6_ADDR + +/* Define to 1 if `pw_change' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_CHANGE + +/* Define to 1 if `pw_class' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_CLASS + +/* Define to 1 if `pw_expire' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_EXPIRE + +/* Define to 1 if `pw_gecos' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_GECOS + +/* Define to 1 if `fd' is a member of `struct pollfd'. */ +#undef HAVE_STRUCT_POLLFD_FD + +/* define if you have struct sockaddr_in6 data type */ +#undef HAVE_STRUCT_SOCKADDR_IN6 + +/* Define to 1 if `sin6_scope_id' is a member of `struct sockaddr_in6'. */ +#undef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID + +/* define if you have struct sockaddr_storage data type */ +#undef HAVE_STRUCT_SOCKADDR_STORAGE + +/* Define to 1 if `f_files' is a member of `struct statfs'. */ +#undef HAVE_STRUCT_STATFS_F_FILES + +/* Define to 1 if `f_flags' is a member of `struct statfs'. */ +#undef HAVE_STRUCT_STATFS_F_FLAGS + +/* Define to 1 if `st_blksize' is a member of `struct stat'. */ +#undef HAVE_STRUCT_STAT_ST_BLKSIZE + +/* Define to 1 if `st_mtim' is a member of `struct stat'. */ +#undef HAVE_STRUCT_STAT_ST_MTIM + +/* Define to 1 if `st_mtime' is a member of `struct stat'. */ +#undef HAVE_STRUCT_STAT_ST_MTIME + +/* define if you have struct timespec */ +#undef HAVE_STRUCT_TIMESPEC + +/* define if you have struct timeval */ +#undef HAVE_STRUCT_TIMEVAL + +/* Define to 1 if you have the `sysconf' function. */ +#undef HAVE_SYSCONF + +/* Define if you have syslen in utmpx.h */ +#undef HAVE_SYSLEN_IN_UTMPX + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_AUDIT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_BITYPES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_BSDTTY_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_BYTEORDER_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_CAPSICUM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_CDEFS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_DIR_H + +/* Define if your system defines sys_errlist[] */ +#undef HAVE_SYS_ERRLIST + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_FILE_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_LABEL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_MMAN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_MOUNT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_NDIR_H + +/* Define if your system defines sys_nerr */ +#undef HAVE_SYS_NERR + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PARAM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_POLL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PRCTL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PROCCTL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PSTAT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PTMS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PTRACE_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_RANDOM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SELECT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STATVFS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STAT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STREAM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STROPTS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STRTIO_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SYSCTL_H + +/* Force use of sys/syslog.h on Ultrix */ +#undef HAVE_SYS_SYSLOG_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SYSMACROS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TIMERS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TIME_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TYPES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_UN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_VFS_H + +/* Define to 1 if you have the `tcgetpgrp' function. */ +#undef HAVE_TCGETPGRP + +/* Define to 1 if you have the `tcsendbreak' function. */ +#undef HAVE_TCSENDBREAK + +/* Define to 1 if you have the `time' function. */ +#undef HAVE_TIME + +/* Define to 1 if you have the `timegm' function. */ +#undef HAVE_TIMEGM + +/* Define to 1 if you have the header file. */ +#undef HAVE_TIME_H + +/* Define if you have ut_time in utmp.h */ +#undef HAVE_TIME_IN_UTMP + +/* Define if you have ut_time in utmpx.h */ +#undef HAVE_TIME_IN_UTMPX + +/* Define to 1 if you have the `timingsafe_bcmp' function. */ +#undef HAVE_TIMINGSAFE_BCMP + +/* Define to 1 if you have the header file. */ +#undef HAVE_TMPDIR_H + +/* Define to 1 if you have the `truncate' function. */ +#undef HAVE_TRUNCATE + +/* Define to 1 if you have the header file. */ +#undef HAVE_TTYENT_H + +/* Define if you have ut_tv in utmp.h */ +#undef HAVE_TV_IN_UTMP + +/* Define if you have ut_tv in utmpx.h */ +#undef HAVE_TV_IN_UTMPX + +/* Define if you have ut_type in utmp.h */ +#undef HAVE_TYPE_IN_UTMP + +/* Define if you have ut_type in utmpx.h */ +#undef HAVE_TYPE_IN_UTMPX + +/* Define to 1 if you have the header file. */ +#undef HAVE_UCRED_H + +/* Define to 1 if the system has the type `uintmax_t'. */ +#undef HAVE_UINTMAX_T + +/* define if you have uintxx_t data type */ +#undef HAVE_UINTXX_T + +/* Define to 1 if you have the header file. */ +#undef HAVE_UNISTD_H + +/* Define to 1 if you have the `unlinkat' function. */ +#undef HAVE_UNLINKAT + +/* Define to 1 if you have the `unsetenv' function. */ +#undef HAVE_UNSETENV + +/* Define to 1 if the system has the type `unsigned long long'. */ +#undef HAVE_UNSIGNED_LONG_LONG + +/* Define to 1 if you have the `unveil' function. */ +#undef HAVE_UNVEIL + +/* Define to 1 if you have the `updwtmp' function. */ +#undef HAVE_UPDWTMP + +/* Define to 1 if you have the `updwtmpx' function. */ +#undef HAVE_UPDWTMPX + +/* Define to 1 if you have the header file. */ +#undef HAVE_USERSEC_H + +/* Define to 1 if you have the `user_from_uid' function. */ +#undef HAVE_USER_FROM_UID + +/* Define to 1 if you have the `usleep' function. */ +#undef HAVE_USLEEP + +/* Define to 1 if you have the header file. */ +#undef HAVE_UTIL_H + +/* Define to 1 if you have the `utimensat' function. */ +#undef HAVE_UTIMENSAT + +/* Define to 1 if you have the `utimes' function. */ +#undef HAVE_UTIMES + +/* Define to 1 if you have the header file. */ +#undef HAVE_UTIME_H + +/* Define to 1 if you have the `utmpname' function. */ +#undef HAVE_UTMPNAME + +/* Define to 1 if you have the `utmpxname' function. */ +#undef HAVE_UTMPXNAME + +/* Define to 1 if you have the header file. */ +#undef HAVE_UTMPX_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_UTMP_H + +/* define if you have u_char data type */ +#undef HAVE_U_CHAR + +/* define if you have u_int data type */ +#undef HAVE_U_INT + +/* define if you have u_int64_t data type */ +#undef HAVE_U_INT64_T + +/* define if you have u_intxx_t data type */ +#undef HAVE_U_INTXX_T + +/* Define to 1 if you have the `vasprintf' function. */ +#undef HAVE_VASPRINTF + +/* Define if va_copy exists */ +#undef HAVE_VA_COPY + +/* Define to 1 if you have the header file. */ +#undef HAVE_VIS_H + +/* Define to 1 if you have the `vsnprintf' function. */ +#undef HAVE_VSNPRINTF + +/* Define to 1 if you have the `waitpid' function. */ +#undef HAVE_WAITPID + +/* Define to 1 if you have the `warn' function. */ +#undef HAVE_WARN + +/* Define to 1 if you have the header file. */ +#undef HAVE_WCHAR_H + +/* Define to 1 if you have the `wcwidth' function. */ +#undef HAVE_WCWIDTH + +/* Define to 1 if you have the `_getlong' function. */ +#undef HAVE__GETLONG + +/* Define to 1 if you have the `_getpty' function. */ +#undef HAVE__GETPTY + +/* Define to 1 if you have the `_getshort' function. */ +#undef HAVE__GETSHORT + +/* Define if you have struct __res_state _res as an extern */ +#undef HAVE__RES_EXTERN + +/* Define to 1 if you have the `__b64_ntop' function. */ +#undef HAVE___B64_NTOP + +/* Define to 1 if you have the `__b64_pton' function. */ +#undef HAVE___B64_PTON + +/* Define if compiler implements __FUNCTION__ */ +#undef HAVE___FUNCTION__ + +/* Define if libc defines __progname */ +#undef HAVE___PROGNAME + +/* Fields in struct sockaddr_storage */ +#undef HAVE___SS_FAMILY_IN_SS + +/* Define if __va_copy exists */ +#undef HAVE___VA_COPY + +/* Define if compiler implements __func__ */ +#undef HAVE___func__ + +/* Define this if you are using the Heimdal version of Kerberos V5 */ +#undef HEIMDAL + +/* Define if you need to use IP address instead of hostname in $DISPLAY */ +#undef IPADDR_IN_DISPLAY + +/* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */ +#undef IPV4_IN_IPV6 + +/* Define if your system choked on IP TOS setting */ +#undef IP_TOS_IS_BROKEN + +/* Define if you want Kerberos 5 support */ +#undef KRB5 + +/* Define if pututxline updates lastlog too */ +#undef LASTLOG_WRITE_PUTUTXLINE + +/* Define to whatever link() returns for "not supported" if it doesn't return + EOPNOTSUPP. */ +#undef LINK_OPNOTSUPP_ERRNO + +/* Lock all memory to protect sshd against Linux kcompactd */ +#undef LINUX_MEMLOCK_ONFAULT + +/* Adjust Linux out-of-memory killer */ +#undef LINUX_OOM_ADJUST + +/* max value of long long calculated by configure */ +#undef LLONG_MAX + +/* min value of long long calculated by configure */ +#undef LLONG_MIN + +/* Account locked with pw(1) */ +#undef LOCKED_PASSWD_PREFIX + +/* String used in /etc/passwd to denote locked account */ +#undef LOCKED_PASSWD_STRING + +/* String used in /etc/passwd to denote locked account */ +#undef LOCKED_PASSWD_SUBSTR + +/* Some systems need a utmpx entry for /bin/login to work */ +#undef LOGIN_NEEDS_UTMPX + +/* Set this to your mail directory if you do not have _PATH_MAILDIR */ +#undef MAIL_DIRECTORY + +/* Define if your compiler lacks __builtin_popcount */ +#undef MISSING_BUILTIN_POPCOUNT + +/* Need setpgrp to for controlling tty */ +#undef NEED_SETPGRP + +/* compiler does not accept __attribute__ on prototype args */ +#undef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS + +/* compiler does not accept __attribute__ on return types */ +#undef NO_ATTRIBUTE_ON_RETURN_TYPE + +/* SA_RESTARTed signals do no interrupt select */ +#undef NO_SA_RESTART + +/* Define to disable UID restoration test */ +#undef NO_UID_RESTORATION_TEST + +/* Define if X11 doesn't support AF_UNIX sockets on that system */ +#undef NO_X11_UNIX_SOCKETS + +/* Define if EVP_DigestUpdate returns void */ +#undef OPENSSL_EVP_DIGESTUPDATE_VOID + +/* OpenSSL has ECC */ +#undef OPENSSL_HAS_ECC + +/* libcrypto has ed25519 support */ +#undef OPENSSL_HAS_ED25519 + +/* libcrypto has NID_X9_62_prime256v1 */ +#undef OPENSSL_HAS_NISTP256 + +/* libcrypto has NID_secp384r1 */ +#undef OPENSSL_HAS_NISTP384 + +/* libcrypto has NID_secp521r1 */ +#undef OPENSSL_HAS_NISTP521 + +/* libcrypto is missing AES 192 and 256 bit functions */ +#undef OPENSSL_LOBOTOMISED_AES + +/* Define if you want the OpenSSL internally seeded PRNG only */ +#undef OPENSSL_PRNG_ONLY + +/* Define to the address where bug reports for this package should be sent. */ +#undef PACKAGE_BUGREPORT + +/* Define to the full name of this package. */ +#undef PACKAGE_NAME + +/* Define to the full name and version of this package. */ +#undef PACKAGE_STRING + +/* Define to the one symbol short name of this package. */ +#undef PACKAGE_TARNAME + +/* Define to the home page for this package. */ +#undef PACKAGE_URL + +/* Define to the version of this package. */ +#undef PACKAGE_VERSION + +/* Define if you are using Solaris-derived PAM which passes pam_messages to + the conversation function with an extra level of indirection */ +#undef PAM_SUN_CODEBASE + +/* Work around problematic Linux PAM modules handling of PAM_TTY */ +#undef PAM_TTY_KLUDGE + +/* must supply username to passwd */ +#undef PASSWD_NEEDS_USERNAME + +/* System dirs owned by bin (uid 2) */ +#undef PLATFORM_SYS_DIR_UID + +/* need inet in pledge for setsockopt IP_TOS */ +#undef PLEDGE_EXTRA_INET + +/* Define if poll 2nd arg is ulong */ +#undef POLL_NFDS_T_ULONG + +/* Port number of PRNGD/EGD random number socket */ +#undef PRNGD_PORT + +/* Location of PRNGD/EGD random number socket */ +#undef PRNGD_SOCKET + +/* read(1) can return 0 for a non-closed fd */ +#undef PTY_ZEROREAD + +/* Sandbox using capsicum */ +#undef SANDBOX_CAPSICUM + +/* Sandbox using Darwin sandbox_init(3) */ +#undef SANDBOX_DARWIN + +/* no privsep sandboxing */ +#undef SANDBOX_NULL + +/* Sandbox using setrlimit(2) */ +#undef SANDBOX_RLIMIT + +/* Sandbox using seccomp filter */ +#undef SANDBOX_SECCOMP_FILTER + +/* setrlimit RLIMIT_FSIZE works */ +#undef SANDBOX_SKIP_RLIMIT_FSIZE + +/* define if setrlimit RLIMIT_NOFILE breaks things */ +#undef SANDBOX_SKIP_RLIMIT_NOFILE + +/* Sandbox using Solaris/Illumos privileges */ +#undef SANDBOX_SOLARIS + +/* Specify the system call convention in use */ +#undef SECCOMP_AUDIT_ARCH + +/* Define if your platform breaks doing a seteuid before a setuid */ +#undef SETEUID_BREAKS_SETUID + +/* The size of `int', as computed by sizeof. */ +#undef SIZEOF_INT + +/* The size of `long int', as computed by sizeof. */ +#undef SIZEOF_LONG_INT + +/* The size of `long long int', as computed by sizeof. */ +#undef SIZEOF_LONG_LONG_INT + +/* The size of `short int', as computed by sizeof. */ +#undef SIZEOF_SHORT_INT + +/* The size of `time_t', as computed by sizeof. */ +#undef SIZEOF_TIME_T + +/* Define as const if snprintf() can declare const char *fmt */ +#undef SNPRINTF_CONST + +/* sockaddr_in has sin_len */ +#undef SOCK_HAS_LEN + +/* Define to a Set Process Title type if your system is supported by + bsd-setproctitle.c */ +#undef SPT_TYPE + +/* Define if sshd somehow reacquires a controlling TTY after setsid() */ +#undef SSHD_ACQUIRES_CTTY + +/* sshd PAM service name */ +#undef SSHD_PAM_SERVICE + +/* Use audit debugging module */ +#undef SSH_AUDIT_EVENTS + +/* Windows is sensitive to read buffer size */ +#undef SSH_IOBUFSZ + +/* non-privileged user for privilege separation */ +#undef SSH_PRIVSEP_USER + +/* Use tunnel device compatibility to OpenBSD */ +#undef SSH_TUN_COMPAT_AF + +/* Open tunnel devices the FreeBSD way */ +#undef SSH_TUN_FREEBSD + +/* Open tunnel devices the Linux tun/tap way */ +#undef SSH_TUN_LINUX + +/* No layer 2 tunnel support */ +#undef SSH_TUN_NO_L2 + +/* Open tunnel devices the OpenBSD way */ +#undef SSH_TUN_OPENBSD + +/* Prepend the address family to IP tunnel traffic */ +#undef SSH_TUN_PREPEND_AF + +/* Define to 1 if all of the C90 standard headers exist (not just the ones + required in a freestanding environment). This macro is provided for + backward compatibility; new code need not use it. */ +#undef STDC_HEADERS + +/* Define if you want a different $PATH for the superuser */ +#undef SUPERUSER_PATH + +/* syslog_r function is safe to use in in a signal handler */ +#undef SYSLOG_R_SAFE_IN_SIGHAND + +/* Have sshd notify systemd on start/reload */ +#undef SYSTEMD_NOTIFY + +/* Support routing domains using Linux VRF */ +#undef SYS_RDOMAIN_LINUX + +/* Support passwords > 8 chars */ +#undef UNIXWARE_LONG_PASSWORDS + +/* Specify default $PATH */ +#undef USER_PATH + +/* Define this if you want to use libkafs' AFS support */ +#undef USE_AFS + +/* Use BSM audit module */ +#undef USE_BSM_AUDIT + +/* Use btmp to log bad logins */ +#undef USE_BTMP + +/* Use libedit for sftp */ +#undef USE_LIBEDIT + +/* Use Linux audit module */ +#undef USE_LINUX_AUDIT + +/* Enable OpenSSL engine support */ +#undef USE_OPENSSL_ENGINE + +/* Define if you want to enable PAM support */ +#undef USE_PAM + +/* Use PIPES instead of a socketpair() */ +#undef USE_PIPES + +/* Define if you have Solaris privileges */ +#undef USE_SOLARIS_PRIVS + +/* Define if you have Solaris process contracts */ +#undef USE_SOLARIS_PROCESS_CONTRACTS + +/* Define if you have Solaris projects */ +#undef USE_SOLARIS_PROJECTS + +/* Use libwtmpdb for sshd */ +#undef USE_WTMPDB + +/* compiler variable declarations after code */ +#undef VARIABLE_DECLARATION_AFTER_CODE + +/* compiler supports variable length arrays */ +#undef VARIABLE_LENGTH_ARRAYS + +/* Define if you shouldn't strip 'tty' from your ttyname in [uw]tmp */ +#undef WITH_ABBREV_NO_TTY + +/* Define if you want to enable AIX4's authenticate function */ +#undef WITH_AIXAUTHENTICATE + +/* Define if you have/want arrays (cluster-wide session management, not C + arrays) */ +#undef WITH_IRIX_ARRAY + +/* Define if you want IRIX audit trails */ +#undef WITH_IRIX_AUDIT + +/* Define if you want IRIX kernel jobs */ +#undef WITH_IRIX_JOBS + +/* Define if you want IRIX project management */ +#undef WITH_IRIX_PROJECT + +/* use libcrypto for cryptography */ +#undef WITH_OPENSSL + +/* Define if you want SELinux support. */ +#undef WITH_SELINUX + +/* Enable zlib */ +#undef WITH_ZLIB + +/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most + significant byte first (like Motorola and SPARC, unlike Intel). */ +#if defined AC_APPLE_UNIVERSAL_BUILD +# if defined __BIG_ENDIAN__ +# define WORDS_BIGENDIAN 1 +# endif +#else +# ifndef WORDS_BIGENDIAN +# undef WORDS_BIGENDIAN +# endif +#endif + +/* Define if xauth is found in your path */ +#undef XAUTH_PATH + +/* Number of bits in a file offset, on hosts where this is settable. */ +#undef _FILE_OFFSET_BITS + +/* Define for large files, on AIX-style hosts. */ +#undef _LARGE_FILES + +/* log for bad login attempts */ +#undef _PATH_BTMP + +/* Full path of your "passwd" program */ +#undef _PATH_PASSWD_PROG + +/* Specify location of ssh.pid */ +#undef _PATH_SSH_PIDDIR + +/* Define if we don't have struct __res_state in resolv.h */ +#undef __res_state + +/* Define to rpl_calloc if the replacement function should be used. */ +#undef calloc + +/* Define to `__inline__' or `__inline' if that's what the C compiler + calls it, or to nothing if 'inline' is not supported under any name. */ +#ifndef __cplusplus +#undef inline +#endif + +/* Define to rpl_malloc if the replacement function should be used. */ +#undef malloc + +/* Define to rpl_realloc if the replacement function should be used. */ +#undef realloc + +/* type to use in place of socklen_t if not defined */ +#undef socklen_t diff --git a/configure b/configure new file mode 100755 index 000000000000..e2174fc0ff1f --- /dev/null +++ b/configure @@ -0,0 +1,28438 @@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.71 for OpenSSH Portable. +# +# Report bugs to . +# +# +# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, +# Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +as_nop=: +if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else $as_nop + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + + +# Reset variables that may have inherited troublesome values from +# the environment. + +# IFS needs to be set, to space, tab, and newline, in precisely that order. +# (If _AS_PATH_WALK were called with IFS unset, it would have the +# side effect of setting IFS to empty, thus disabling word splitting.) +# Quoting is to prevent editors from complaining about space-tab. +as_nl=' +' +export as_nl +IFS=" "" $as_nl" + +PS1='$ ' +PS2='> ' +PS4='+ ' + +# Ensure predictable behavior from utilities with locale-dependent output. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# We cannot yet rely on "unset" to work, but we need these variables +# to be unset--not just set to an empty or harmless value--now, to +# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct +# also avoids known problems related to "unset" and subshell syntax +# in other old shells (e.g. bash 2.01 and pdksh 5.2.14). +for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH +do eval test \${$as_var+y} \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done + +# Ensure that fds 0, 1, and 2 are open. +if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi +if (exec 3>&2) ; then :; else exec 2>/dev/null; fi + +# The user is always right. +if ${PATH_SEPARATOR+false} :; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + test -r "$as_dir$0" && as_myself=$as_dir$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + + +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="as_nop=: +if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else \$as_nop + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ) +then : + +else \$as_nop + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1 +blah=\$(echo \$(echo blah)) +test x\"\$blah\" = xblah || exit 1 +test -x / || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1" + if (eval "$as_required") 2>/dev/null +then : + as_have_required=yes +else $as_nop + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null +then : + +else $as_nop + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + as_run=a "$as_shell" -c "$as_bourne_compatible""$as_required" 2>/dev/null +then : + CONFIG_SHELL=$as_shell as_have_required=yes + if as_run=a "$as_shell" -c "$as_bourne_compatible""$as_suggested" 2>/dev/null +then : + break 2 +fi +fi + done;; + esac + as_found=false +done +IFS=$as_save_IFS +if $as_found +then : + +else $as_nop + if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null +then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi +fi + + + if test "x$CONFIG_SHELL" != x +then : + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 +fi + + if test x$as_have_required = xno +then : + printf "%s\n" "$0: This script requires a shell more modern than all" + printf "%s\n" "$0: the shells that I found on your system." + if test ${ZSH_VERSION+y} ; then + printf "%s\n" "$0: In particular, zsh $ZSH_VERSION has bugs and should" + printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later." + else + printf "%s\n" "$0: Please tell bug-autoconf@gnu.org and +$0: openssh-unix-dev@mindrot.org about your system, +$0: including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit +# as_fn_nop +# --------- +# Do nothing but, unlike ":", preserve the value of $?. +as_fn_nop () +{ + return $? +} +as_nop=as_fn_nop + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +printf "%s\n" X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null +then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else $as_nop + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null +then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else $as_nop + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + +# as_fn_nop +# --------- +# Do nothing but, unlike ":", preserve the value of $?. +as_fn_nop () +{ + return $? +} +as_nop=as_fn_nop + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + printf "%s\n" "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +printf "%s\n" X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { printf "%s\n" "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + + +# Determine whether it's possible to make 'echo' print without a newline. +# These variables are no longer used directly by Autoconf, but are AC_SUBSTed +# for compatibility with existing Makefiles. +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +# For backward compatibility with old third-party macros, we provide +# the shell variables $as_echo and $as_echo_n. New code should use +# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. +as_echo='printf %s\n' +as_echo_n='printf %s' + + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='OpenSSH' +PACKAGE_TARNAME='openssh' +PACKAGE_VERSION='Portable' +PACKAGE_STRING='OpenSSH Portable' +PACKAGE_BUGREPORT='openssh-unix-dev@mindrot.org' +PACKAGE_URL='' + +ac_unique_file="ssh.c" +# Factoring default headers for most tests. +ac_includes_default="\ +#include +#ifdef HAVE_STDIO_H +# include +#endif +#ifdef HAVE_STDLIB_H +# include +#endif +#ifdef HAVE_STRING_H +# include +#endif +#ifdef HAVE_INTTYPES_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif +#ifdef HAVE_STRINGS_H +# include +#endif +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_STAT_H +# include +#endif +#ifdef HAVE_UNISTD_H +# include +#endif" + +ac_header_c_list= +ac_subst_vars='LTLIBOBJS +COMPATINCLUDES +CFLAGS_NOPIE +LDFLAGS_NOPIE +TMUX +DROPBEARCONVERT +DROPBEARKEY +DBCLIENT +DROPBEAR +CONCH +PUTTYGEN +PLINK +DEPEND +UNSUPPORTED_ALGORITHMS +TEST_MALLOC_OPTIONS +TEST_SSH_UTF8 +TEST_SSH_IPV6 +piddir +user_path +mansubdir +MANTYPE +XAUTH_PATH +STRIP_OPT +xauth_path +PRIVSEP_PATH +CHANNELLIBS +K5LIBS +GSSLIBS +KRB5CONF +SSHDLIBS +SSH_PRIVSEP_USER +SK_STANDALONE +LIBFIDO2 +SK_DUMMY_LIBRARY +OPENSSL_BIN +openssl_bin +PICFLAG +LIBWTMPDB +LIBEDIT +LDNSCONFIG +LIBOBJS +TESTLIBS +LD +PATH_PASSWD_PROG +STARTUP_SCRIPT_SHELL +MAKE_PACKAGE_SUPPORTED +PATH_USERADD_PROG +PATH_GROUPADD_PROG +MANFMT +TEST_SHELL +PKGCONFIG +MANDOC +NROFF +GROFF +SH +TEST_MINUS_S_SH +SED +KILL +CAT +ac_ct_AR +AR +MKDIR_P +EGREP +GREP +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +RANLIB +CPP +AWK +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +runstatedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_largefile +with_openssl +with_stackprotect +with_hardening +with_retpoline +with_rpath +with_cflags +with_cflags_after +with_cppflags +with_ldflags +with_ldflags_after +with_libs +with_Werror +with_linux_memlock_onfault +with_solaris_contracts +with_solaris_projects +with_solaris_privs +with_osfsia +with_zlib +with_zlib_version_check +with_ldns +with_libedit +with_wtmpdb +with_audit +with_pie +enable_pkcs11 +enable_security_key +with_security_key_builtin +with_security_key_standalone +with_ssl_dir +with_openssl_header_check +with_ssl_engine +with_prngd_port +with_prngd_socket +with_pam +with_pam_service +with_privsep_user +with_sandbox +with_selinux +with_kerberos5 +with_privsep_path +with_xauth +enable_strip +with_maildir +with_mantype +with_shadow +with_ipaddr_display +enable_etc_default_login +with_default_path +with_superuser_path +with_4in6 +with_bsd_auth +with_pid_dir +enable_fd_passing +enable_lastlog +enable_utmp +enable_utmpx +enable_wtmp +enable_wtmpx +enable_libutil +enable_pututline +enable_pututxline +with_lastlog +' + ac_precious_vars='build_alias +host_alias +target_alias +CC +CFLAGS +LDFLAGS +LIBS +CPPFLAGS +CPP' + + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; + esac + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: \`$ac_useropt'" + ac_useropt_orig=$ac_useropt + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: \`$ac_useropt'" + ac_useropt_orig=$ac_useropt + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: \`$ac_useropt'" + ac_useropt_orig=$ac_useropt + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: \`$ac_useropt'" + ac_useropt_orig=$ac_useropt + ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + printf "%s\n" "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + printf "%s\n" "$as_me: WARNING: invalid host type: $ac_option" >&2 + : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir runstatedir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error $? "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error $? "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +printf "%s\n" X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures OpenSSH Portable to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking ...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/openssh] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF + +System types: + --build=BUILD configure for building on BUILD [guessed] + --host=HOST cross-compile to build programs to run on HOST [BUILD] +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of OpenSSH Portable:";; + esac + cat <<\_ACEOF + +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-largefile omit support for large files + --disable-pkcs11 disable PKCS#11 support code [no] + --disable-security-key disable U2F/FIDO support code no + --disable-strip Disable calling strip(1) on install + --disable-etc-default-login Disable using PATH from /etc/default/login no + --disable-fd-passing disable file descriptor passsing no + --disable-lastlog disable use of lastlog even if detected no + --disable-utmp disable use of utmp even if detected no + --disable-utmpx disable use of utmpx even if detected no + --disable-wtmp disable use of wtmp even if detected no + --disable-wtmpx disable use of wtmpx even if detected no + --disable-libutil disable use of libutil (login() etc.) no + --disable-pututline disable use of pututline() etc. (uwtmp) no + --disable-pututxline disable use of pututxline() etc. (uwtmpx) no + +Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --without-openssl Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL** + --without-stackprotect Don't use compiler's stack protection + --without-hardening Don't use toolchain hardening flags + --without-retpoline Enable retpoline spectre mitigation + --without-rpath Disable auto-added -R linker paths + --with-cflags Specify additional flags to pass to compiler + --with-cflags-after Specify additional flags to pass to compiler after configure + --with-cppflags Specify additional flags to pass to preprocessor + --with-ldflags Specify additional flags to pass to linker + --with-ldflags-after Specify additional flags to pass to linker after configure + --with-libs Specify additional libraries to link with + --with-Werror Build main code with -Werror + --with-linux-memlock-onfault Enables memory locking on Linux + --with-solaris-contracts Enable Solaris process contracts (experimental) + --with-solaris-projects Enable Solaris projects (experimental) + --with-solaris-privs Enable Solaris/Illumos privileges (experimental) + --with-osfsia Enable Digital Unix SIA + --with-zlib=PATH Use zlib in PATH + --without-zlib-version-check Disable zlib version check + --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH) + --with-libedit[=PATH] Enable libedit support for sftp + --with-wtmpdb[=PATH] Enable wtmpdb support for sshd + --with-audit=module Enable audit support (modules=debug,bsm,linux) + --with-pie Build Position Independent Executables if possible + --with-security-key-builtin include builtin U2F/FIDO support + --with-security-key-standalone build standalone sk-libfido2 SecurityKeyProvider + --with-ssl-dir=PATH Specify path to OpenSSL installation + --without-openssl-header-check Disable OpenSSL version consistency check + --with-ssl-engine Enable OpenSSL (hardware) ENGINE support + --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT + --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool) + --with-pam Enable PAM support + --with-pam-service=name Specify PAM service name + --with-privsep-user=user Specify non-privileged user for privilege separation + --with-sandbox=style Specify privilege separation sandbox (no, capsicum, darwin, rlimit, seccomp_filter) + --with-selinux Enable SELinux support + --with-kerberos5=PATH Enable Kerberos 5 support + --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty) + --with-xauth=PATH Specify path to xauth program + --with-maildir=/path/to/mail Specify your system mail directory + --with-mantype=man|cat|doc Set man page type + --without-shadow Disable shadow password support + --with-ipaddr-display Use ip address instead of hostname in $DISPLAY + --with-default-path= Specify default $PATH environment for server + --with-superuser-path= Specify different path for super-user + --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses + --with-bsd-auth Enable BSD auth support + --with-pid-dir=PATH Specify location of sshd.pid file + --with-lastlog=FILE|DIR specify lastlog location common locations + +Some influential environment variables: + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + LIBS libraries to pass to the linker, e.g. -l + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if + you have headers in a nonstandard directory + CPP C preprocessor + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. + +Report bugs to . +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for configure.gnu first; this name is used for a wrapper for + # Metaconfig's "Configure" on case-insensitive file systems. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + printf "%s\n" "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +OpenSSH configure Portable +generated by GNU Autoconf 2.71 + +Copyright (C) 2021 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest.beam + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext +then : + ac_retval=0 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_compile + +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to run conftest.$ac_ext, and return whether this succeeded. Assumes that +# executables *can* be run. +ac_fn_c_try_run () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; } +then : + ac_retval=0 +else $as_nop + printf "%s\n" "$as_me: program exited with status $ac_status" >&5 + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_run + +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + eval "$3=yes" +else $as_nop + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_header_compile + +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } > conftest.i && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + } +then : + ac_retval=0 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_cpp + +# ac_fn_check_decl LINENO SYMBOL VAR INCLUDES EXTRA-OPTIONS FLAG-VAR +# ------------------------------------------------------------------ +# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR +# accordingly. Pass EXTRA-OPTIONS to the compiler, using FLAG-VAR. +ac_fn_check_decl () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + as_decl_name=`echo $2|sed 's/ *(.*//'` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 +printf %s "checking whether $as_decl_name is declared... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` + eval ac_save_FLAGS=\$$6 + as_fn_append $6 " $5" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +#ifndef $as_decl_name +#ifdef __cplusplus + (void) $as_decl_use; +#else + (void) $as_decl_name; +#endif +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + eval "$3=yes" +else $as_nop + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + eval $6=\$ac_save_FLAGS + +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_check_decl + +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest.beam conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + test -x conftest$ac_exeext + } +then : + ac_retval=0 +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_link + +# ac_fn_c_check_func LINENO FUNC VAR +# ---------------------------------- +# Tests whether FUNC exists, setting the cache variable VAR accordingly +ac_fn_c_check_func () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Define $2 to an innocuous variant, in case declares $2. + For example, HP-UX 11i declares gettimeofday. */ +#define $2 innocuous_$2 + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $2 (); below. */ + +#include +#undef $2 + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $2 (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$2 || defined __stub___$2 +choke me +#endif + +int +main (void) +{ +return $2 (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + eval "$3=yes" +else $as_nop + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_func + +# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES +# ---------------------------------------------------- +# Tries to find if the field MEMBER exists in type AGGR, after including +# INCLUDES, setting cache variable VAR accordingly. +ac_fn_c_check_member () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5 +printf %s "checking for $2.$3... " >&6; } +if eval test \${$4+y} +then : + printf %s "(cached) " >&6 +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$5 +int +main (void) +{ +static $2 ac_aggr; +if (ac_aggr.$3) +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + eval "$4=yes" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$5 +int +main (void) +{ +static $2 ac_aggr; +if (sizeof ac_aggr.$3) +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + eval "$4=yes" +else $as_nop + eval "$4=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +eval ac_res=\$$4 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_member + +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +else $as_nop + eval "$3=yes" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_type + +# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES +# -------------------------------------------- +# Tries to find the compile-time value of EXPR in a program that includes +# INCLUDES, setting VAR accordingly. Returns whether the value could be +# computed +ac_fn_c_compute_int () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if test "$cross_compiling" = yes; then + # Depending upon the size, compute the lo and hi bounds. +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +static int test_array [1 - 2 * !(($2) >= 0)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_lo=0 ac_mid=0 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_hi=$ac_mid; break +else $as_nop + as_fn_arith $ac_mid + 1 && ac_lo=$as_val + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + done +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +static int test_array [1 - 2 * !(($2) < 0)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_hi=-1 ac_mid=-1 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +static int test_array [1 - 2 * !(($2) >= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_lo=$ac_mid; break +else $as_nop + as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + done +else $as_nop + ac_lo= ac_hi= +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +# Binary search between lo and hi bounds. +while test "x$ac_lo" != "x$ac_hi"; do + as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_hi=$ac_mid +else $as_nop + as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +done +case $ac_lo in #(( +?*) eval "$3=\$ac_lo"; ac_retval=0 ;; +'') ac_retval=1 ;; +esac + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +static long int longval (void) { return $2; } +static unsigned long int ulongval (void) { return $2; } +#include +#include +int +main (void) +{ + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + return 1; + if (($2) < 0) + { + long int i = longval (); + if (i != ($2)) + return 1; + fprintf (f, "%ld", i); + } + else + { + unsigned long int i = ulongval (); + if (i != ($2)) + return 1; + fprintf (f, "%lu", i); + } + /* Do not output a trailing newline, as this causes \r\n confusion + on some platforms. */ + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + echo >>conftest.val; read $3 config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by OpenSSH $as_me Portable, which was +generated by GNU Autoconf 2.71. Invocation command line was + + $ $0$ac_configure_args_raw + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + printf "%s\n" "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Sanitize IFS. + IFS=" "" $as_nl" + # Save into config.log some information that might help in debugging. + { + echo + + printf "%s\n" "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + printf "%s\n" "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + printf "%s\n" "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + printf "%s\n" "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + printf "%s\n" "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + printf "%s\n" "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + printf "%s\n" "$as_me: caught signal $ac_signal" + printf "%s\n" "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +printf "%s\n" "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +printf "%s\n" "#define PACKAGE_NAME \"$PACKAGE_NAME\"" >>confdefs.h + +printf "%s\n" "#define PACKAGE_TARNAME \"$PACKAGE_TARNAME\"" >>confdefs.h + +printf "%s\n" "#define PACKAGE_VERSION \"$PACKAGE_VERSION\"" >>confdefs.h + +printf "%s\n" "#define PACKAGE_STRING \"$PACKAGE_STRING\"" >>confdefs.h + +printf "%s\n" "#define PACKAGE_BUGREPORT \"$PACKAGE_BUGREPORT\"" >>confdefs.h + +printf "%s\n" "#define PACKAGE_URL \"$PACKAGE_URL\"" >>confdefs.h + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +if test -n "$CONFIG_SITE"; then + ac_site_files="$CONFIG_SITE" +elif test "x$prefix" != xNONE; then + ac_site_files="$prefix/share/config.site $prefix/etc/config.site" +else + ac_site_files="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" +fi + +for ac_site_file in $ac_site_files +do + case $ac_site_file in #( + */*) : + ;; #( + *) : + ac_site_file=./$ac_site_file ;; +esac + if test -f "$ac_site_file" && test -r "$ac_site_file"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +printf "%s\n" "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5; } + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +printf "%s\n" "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +printf "%s\n" "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Test code for whether the C compiler supports C89 (global declarations) +ac_c_conftest_c89_globals=' +/* Does the compiler advertise C89 conformance? + Do not test the value of __STDC__, because some compilers set it to 0 + while being otherwise adequately conformant. */ +#if !defined __STDC__ +# error "Compiler does not advertise C89 conformance" +#endif + +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7 src/conf.sh. */ +struct buf { int x; }; +struct buf * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not \xHH hex character constants. + These do not provoke an error unfortunately, instead are silently treated + as an "x". The following induces an error, until -std is added to get + proper ANSI mode. Curiously \x00 != x always comes out true, for an + array size at least. It is necessary to write \x00 == 0 to get something + that is true only with -std. */ +int osf4_cc_array ['\''\x00'\'' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) '\''x'\'' +int xlc6_cc_array[FOO(a) == '\''x'\'' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, int *(*)(struct buf *, struct stat *, int), + int, int);' + +# Test code for whether the C compiler supports C89 (body of main). +ac_c_conftest_c89_main=' +ok |= (argc == 0 || f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]); +' + +# Test code for whether the C compiler supports C99 (global declarations) +ac_c_conftest_c99_globals=' +// Does the compiler advertise C99 conformance? +#if !defined __STDC_VERSION__ || __STDC_VERSION__ < 199901L +# error "Compiler does not advertise C99 conformance" +#endif + +#include +extern int puts (const char *); +extern int printf (const char *, ...); +extern int dprintf (int, const char *, ...); +extern void *malloc (size_t); + +// Check varargs macros. These examples are taken from C99 6.10.3.5. +// dprintf is used instead of fprintf to avoid needing to declare +// FILE and stderr. +#define debug(...) dprintf (2, __VA_ARGS__) +#define showlist(...) puts (#__VA_ARGS__) +#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) +static void +test_varargs_macros (void) +{ + int x = 1234; + int y = 5678; + debug ("Flag"); + debug ("X = %d\n", x); + showlist (The first, second, and third items.); + report (x>y, "x is %d but y is %d", x, y); +} + +// Check long long types. +#define BIG64 18446744073709551615ull +#define BIG32 4294967295ul +#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) +#if !BIG_OK + #error "your preprocessor is broken" +#endif +#if BIG_OK +#else + #error "your preprocessor is broken" +#endif +static long long int bignum = -9223372036854775807LL; +static unsigned long long int ubignum = BIG64; + +struct incomplete_array +{ + int datasize; + double data[]; +}; + +struct named_init { + int number; + const wchar_t *name; + double average; +}; + +typedef const char *ccp; + +static inline int +test_restrict (ccp restrict text) +{ + // See if C++-style comments work. + // Iterate through items via the restricted pointer. + // Also check for declarations in for loops. + for (unsigned int i = 0; *(text+i) != '\''\0'\''; ++i) + continue; + return 0; +} + +// Check varargs and va_copy. +static bool +test_varargs (const char *format, ...) +{ + va_list args; + va_start (args, format); + va_list args_copy; + va_copy (args_copy, args); + + const char *str = ""; + int number = 0; + float fnumber = 0; + + while (*format) + { + switch (*format++) + { + case '\''s'\'': // string + str = va_arg (args_copy, const char *); + break; + case '\''d'\'': // int + number = va_arg (args_copy, int); + break; + case '\''f'\'': // float + fnumber = va_arg (args_copy, double); + break; + default: + break; + } + } + va_end (args_copy); + va_end (args); + + return *str && number && fnumber; +} +' + +# Test code for whether the C compiler supports C99 (body of main). +ac_c_conftest_c99_main=' + // Check bool. + _Bool success = false; + success |= (argc != 0); + + // Check restrict. + if (test_restrict ("String literal") == 0) + success = true; + char *restrict newvar = "Another string"; + + // Check varargs. + success &= test_varargs ("s, d'\'' f .", "string", 65, 34.234); + test_varargs_macros (); + + // Check flexible array members. + struct incomplete_array *ia = + malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); + ia->datasize = 10; + for (int i = 0; i < ia->datasize; ++i) + ia->data[i] = i * 1.234; + + // Check named initializers. + struct named_init ni = { + .number = 34, + .name = L"Test wide string", + .average = 543.34343, + }; + + ni.number = 58; + + int dynamic_array[ni.number]; + dynamic_array[0] = argv[0][0]; + dynamic_array[ni.number - 1] = 543; + + // work around unused variable warnings + ok |= (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == '\''x'\'' + || dynamic_array[ni.number - 1] != 543); +' + +# Test code for whether the C compiler supports C11 (global declarations) +ac_c_conftest_c11_globals=' +// Does the compiler advertise C11 conformance? +#if !defined __STDC_VERSION__ || __STDC_VERSION__ < 201112L +# error "Compiler does not advertise C11 conformance" +#endif + +// Check _Alignas. +char _Alignas (double) aligned_as_double; +char _Alignas (0) no_special_alignment; +extern char aligned_as_int; +char _Alignas (0) _Alignas (int) aligned_as_int; + +// Check _Alignof. +enum +{ + int_alignment = _Alignof (int), + int_array_alignment = _Alignof (int[100]), + char_alignment = _Alignof (char) +}; +_Static_assert (0 < -_Alignof (int), "_Alignof is signed"); + +// Check _Noreturn. +int _Noreturn does_not_return (void) { for (;;) continue; } + +// Check _Static_assert. +struct test_static_assert +{ + int x; + _Static_assert (sizeof (int) <= sizeof (long int), + "_Static_assert does not work in struct"); + long int y; +}; + +// Check UTF-8 literals. +#define u8 syntax error! +char const utf8_literal[] = u8"happens to be ASCII" "another string"; + +// Check duplicate typedefs. +typedef long *long_ptr; +typedef long int *long_ptr; +typedef long_ptr long_ptr; + +// Anonymous structures and unions -- taken from C11 6.7.2.1 Example 1. +struct anonymous +{ + union { + struct { int i; int j; }; + struct { int k; long int l; } w; + }; + int m; +} v1; +' + +# Test code for whether the C compiler supports C11 (body of main). +ac_c_conftest_c11_main=' + _Static_assert ((offsetof (struct anonymous, i) + == offsetof (struct anonymous, w.k)), + "Anonymous union alignment botch"); + v1.i = 2; + v1.w.k = 5; + ok |= v1.i != 5; +' + +# Test code for whether the C compiler supports C11 (complete). +ac_c_conftest_c11_program="${ac_c_conftest_c89_globals} +${ac_c_conftest_c99_globals} +${ac_c_conftest_c11_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_c_conftest_c89_main} + ${ac_c_conftest_c99_main} + ${ac_c_conftest_c11_main} + return ok; +} +" + +# Test code for whether the C compiler supports C99 (complete). +ac_c_conftest_c99_program="${ac_c_conftest_c89_globals} +${ac_c_conftest_c99_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_c_conftest_c89_main} + ${ac_c_conftest_c99_main} + return ok; +} +" + +# Test code for whether the C compiler supports C89 (complete). +ac_c_conftest_c89_program="${ac_c_conftest_c89_globals} + +int +main (int argc, char **argv) +{ + int ok = 0; + ${ac_c_conftest_c89_main} + return ok; +} +" + +as_fn_append ac_header_c_list " stdio.h stdio_h HAVE_STDIO_H" +as_fn_append ac_header_c_list " stdlib.h stdlib_h HAVE_STDLIB_H" +as_fn_append ac_header_c_list " string.h string_h HAVE_STRING_H" +as_fn_append ac_header_c_list " inttypes.h inttypes_h HAVE_INTTYPES_H" +as_fn_append ac_header_c_list " stdint.h stdint_h HAVE_STDINT_H" +as_fn_append ac_header_c_list " strings.h strings_h HAVE_STRINGS_H" +as_fn_append ac_header_c_list " sys/stat.h sys_stat_h HAVE_SYS_STAT_H" +as_fn_append ac_header_c_list " sys/types.h sys_types_h HAVE_SYS_TYPES_H" +as_fn_append ac_header_c_list " unistd.h unistd_h HAVE_UNISTD_H" + +# Auxiliary files required by this configure script. +ac_aux_files="install-sh config.guess config.sub" + +# Locations in which to look for auxiliary files. +ac_aux_dir_candidates="${srcdir}${PATH_SEPARATOR}${srcdir}/..${PATH_SEPARATOR}${srcdir}/../.." + +# Search for a directory containing all of the required auxiliary files, +# $ac_aux_files, from the $PATH-style list $ac_aux_dir_candidates. +# If we don't find one directory that contains all the files we need, +# we report the set of missing files from the *first* directory in +# $ac_aux_dir_candidates and give up. +ac_missing_aux_files="" +ac_first_candidate=: +printf "%s\n" "$as_me:${as_lineno-$LINENO}: looking for aux files: $ac_aux_files" >&5 +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in $ac_aux_dir_candidates +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + as_found=: + + printf "%s\n" "$as_me:${as_lineno-$LINENO}: trying $as_dir" >&5 + ac_aux_dir_found=yes + ac_install_sh= + for ac_aux in $ac_aux_files + do + # As a special case, if "install-sh" is required, that requirement + # can be satisfied by any of "install-sh", "install.sh", or "shtool", + # and $ac_install_sh is set appropriately for whichever one is found. + if test x"$ac_aux" = x"install-sh" + then + if test -f "${as_dir}install-sh"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install-sh found" >&5 + ac_install_sh="${as_dir}install-sh -c" + elif test -f "${as_dir}install.sh"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install.sh found" >&5 + ac_install_sh="${as_dir}install.sh -c" + elif test -f "${as_dir}shtool"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}shtool found" >&5 + ac_install_sh="${as_dir}shtool install -c" + else + ac_aux_dir_found=no + if $ac_first_candidate; then + ac_missing_aux_files="${ac_missing_aux_files} install-sh" + else + break + fi + fi + else + if test -f "${as_dir}${ac_aux}"; then + printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}${ac_aux} found" >&5 + else + ac_aux_dir_found=no + if $ac_first_candidate; then + ac_missing_aux_files="${ac_missing_aux_files} ${ac_aux}" + else + break + fi + fi + fi + done + if test "$ac_aux_dir_found" = yes; then + ac_aux_dir="$as_dir" + break + fi + ac_first_candidate=false + + as_found=false +done +IFS=$as_save_IFS +if $as_found +then : + +else $as_nop + as_fn_error $? "cannot find required auxiliary files:$ac_missing_aux_files" "$LINENO" 5 +fi + + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +if test -f "${ac_aux_dir}config.guess"; then + ac_config_guess="$SHELL ${ac_aux_dir}config.guess" +fi +if test -f "${ac_aux_dir}config.sub"; then + ac_config_sub="$SHELL ${ac_aux_dir}config.sub" +fi +if test -f "$ac_aux_dir/configure"; then + ac_configure="$SHELL ${ac_aux_dir}configure" +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +printf "%s\n" "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +printf "%s\n" "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +printf "%s\n" "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +printf "%s\n" "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +printf "%s\n" "$as_me: former value: \`$ac_old_val'" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +printf "%s\n" "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`printf "%s\n" "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +printf "%s\n" "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`${MAKE-make} distclean' and/or \`rm $cache_file' + and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + + +# Check for stale configure as early as possible. +for i in $srcdir/configure.ac $srcdir/m4/*.m4; do + if test "$i" -nt "$srcdir/configure"; then + as_fn_error $? "$i newer than configure, run autoreconf" "$LINENO" 5 + fi +done + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +ac_config_headers="$ac_config_headers config.h" + + + + + + + + + + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + for ac_prog in cc gcc clang + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +printf "%s\n" "$CC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cc gcc clang +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +printf "%s\n" "$ac_ct_CC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + test -n "$ac_ct_CC" && break +done + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi + + +test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } + +# Provide some information about the compiler. +printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion -version; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +printf %s "checking whether the C compiler works... " >&6; } +ac_link_default=`printf "%s\n" "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles + +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test ${ac_cv_exeext+y} && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= + +else $as_nop + ac_file='' +fi +if test -z "$ac_file" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +printf %s "checking for C compiler default output file name... " >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +printf "%s\n" "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext + +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +printf %s "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else $as_nop + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest conftest$ac_cv_exeext +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +printf "%s\n" "$ac_cv_exeext" >&6; } + +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +printf %s "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details" "$LINENO" 5; } + fi + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +printf "%s\n" "$cross_compiling" >&6; } + +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +printf %s "checking for suffix of object files... " >&6; } +if test ${ac_cv_objext+y} +then : + printf %s "(cached) " >&6 +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +printf "%s\n" "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else $as_nop + printf "%s\n" "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +printf "%s\n" "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports GNU C" >&5 +printf %s "checking whether the compiler supports GNU C... " >&6; } +if test ${ac_cv_c_compiler_gnu+y} +then : + printf %s "(cached) " >&6 +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_compiler_gnu=yes +else $as_nop + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; } +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi +ac_test_CFLAGS=${CFLAGS+y} +ac_save_CFLAGS=$CFLAGS +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +printf %s "checking whether $CC accepts -g... " >&6; } +if test ${ac_cv_prog_cc_g+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_g=yes +else $as_nop + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +else $as_nop + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +printf "%s\n" "$ac_cv_prog_cc_g" >&6; } +if test $ac_test_CFLAGS; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +ac_prog_cc_stdc=no +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C11 features" >&5 +printf %s "checking for $CC option to enable C11 features... " >&6; } +if test ${ac_cv_prog_cc_c11+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c11=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c11_program +_ACEOF +for ac_arg in '' -std=gnu11 +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c11=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c11" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c11" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c11" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 +printf "%s\n" "$ac_cv_prog_cc_c11" >&6; } + CC="$CC $ac_cv_prog_cc_c11" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 + ac_prog_cc_stdc=c11 +fi +fi +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C99 features" >&5 +printf %s "checking for $CC option to enable C99 features... " >&6; } +if test ${ac_cv_prog_cc_c99+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c99=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c99_program +_ACEOF +for ac_arg in '' -std=gnu99 -std=c99 -c99 -qlanglvl=extc1x -qlanglvl=extc99 -AC99 -D_STDC_C99= +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c99=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c99" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c99" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c99" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +printf "%s\n" "$ac_cv_prog_cc_c99" >&6; } + CC="$CC $ac_cv_prog_cc_c99" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 + ac_prog_cc_stdc=c99 +fi +fi +if test x$ac_prog_cc_stdc = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C89 features" >&5 +printf %s "checking for $CC option to enable C89 features... " >&6; } +if test ${ac_cv_prog_cc_c89+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_c_conftest_c89_program +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC +fi + +if test "x$ac_cv_prog_cc_c89" = xno +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +printf "%s\n" "unsupported" >&6; } +else $as_nop + if test "x$ac_cv_prog_cc_c89" = x +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +printf "%s\n" "none needed" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +printf "%s\n" "$ac_cv_prog_cc_c89" >&6; } + CC="$CC $ac_cv_prog_cc_c89" +fi + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 + ac_prog_cc_stdc=c89 +fi +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +# XXX relax this after reimplementing logit() etc. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports C99-style variadic macros" >&5 +printf %s "checking if $CC supports C99-style variadic macros... " >&6; } + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int f(int a, int b, int c) { return a + b + c; } +#define F(a, ...) f(a, __VA_ARGS__) + +int +main (void) +{ +return F(1, 2, -3); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + as_fn_error $? "*** OpenSSH requires support for C99-style variadic macros" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + + + + + # Make sure we can run config.sub. +$SHELL "${ac_aux_dir}config.sub" sun4 >/dev/null 2>&1 || + as_fn_error $? "cannot run $SHELL ${ac_aux_dir}config.sub" "$LINENO" 5 + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +printf %s "checking build system type... " >&6; } +if test ${ac_cv_build+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_build_alias=$build_alias +test "x$ac_build_alias" = x && + ac_build_alias=`$SHELL "${ac_aux_dir}config.guess"` +test "x$ac_build_alias" = x && + as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 +ac_cv_build=`$SHELL "${ac_aux_dir}config.sub" $ac_build_alias` || + as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $ac_build_alias failed" "$LINENO" 5 + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +printf "%s\n" "$ac_cv_build" >&6; } +case $ac_cv_build in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; +esac +build=$ac_cv_build +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_build +shift +build_cpu=$1 +build_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +build_os=$* +IFS=$ac_save_IFS +case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +printf %s "checking host system type... " >&6; } +if test ${ac_cv_host+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test "x$host_alias" = x; then + ac_cv_host=$ac_cv_build +else + ac_cv_host=`$SHELL "${ac_aux_dir}config.sub" $host_alias` || + as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $host_alias failed" "$LINENO" 5 +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +printf "%s\n" "$ac_cv_host" >&6; } +case $ac_cv_host in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; +esac +host=$ac_cv_host +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_host +shift +host_cpu=$1 +host_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +host_os=$* +IFS=$ac_save_IFS +case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac + + +ac_header= ac_cache= +for ac_item in $ac_header_c_list +do + if test $ac_cache; then + ac_fn_c_check_header_compile "$LINENO" $ac_header ac_cv_header_$ac_cache "$ac_includes_default" + if eval test \"x\$ac_cv_header_$ac_cache\" = xyes; then + printf "%s\n" "#define $ac_item 1" >> confdefs.h + fi + ac_header= ac_cache= + elif test $ac_header; then + ac_cache=$ac_item + else + ac_header=$ac_item + fi +done + + + + + + + + +if test $ac_cv_header_stdlib_h = yes && test $ac_cv_header_string_h = yes +then : + +printf "%s\n" "#define STDC_HEADERS 1" >>confdefs.h + +fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 +printf %s "checking whether byte ordering is bigendian... " >&6; } +if test ${ac_cv_c_bigendian+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_c_bigendian=unknown + # See if we're dealing with a universal compiler. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifndef __APPLE_CC__ + not a universal capable compiler + #endif + typedef int dummy; + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + # Check for potential -arch flags. It is not universal unless + # there are at least two -arch flags with different values. + ac_arch= + ac_prev= + for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do + if test -n "$ac_prev"; then + case $ac_word in + i?86 | x86_64 | ppc | ppc64) + if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then + ac_arch=$ac_word + else + ac_cv_c_bigendian=universal + break + fi + ;; + esac + ac_prev= + elif test "x$ac_word" = "x-arch"; then + ac_prev=arch + fi + done +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + if test $ac_cv_c_bigendian = unknown; then + # See if sys/param.h defines the BYTE_ORDER macro. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main (void) +{ +#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ + && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ + && LITTLE_ENDIAN) + bogus endian macros + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + # It does; now see whether it defined to BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main (void) +{ +#if BYTE_ORDER != BIG_ENDIAN + not big endian + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_c_bigendian=yes +else $as_nop + ac_cv_c_bigendian=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main (void) +{ +#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) + bogus endian macros + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + # It does; now see whether it defined to _BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main (void) +{ +#ifndef _BIG_ENDIAN + not big endian + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_c_bigendian=yes +else $as_nop + ac_cv_c_bigendian=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # Compile a test program. + if test "$cross_compiling" = yes +then : + # Try to guess by grepping values from an object file. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +unsigned short int ascii_mm[] = + { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; + unsigned short int ascii_ii[] = + { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; + int use_ascii (int i) { + return ascii_mm[i] + ascii_ii[i]; + } + unsigned short int ebcdic_ii[] = + { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; + unsigned short int ebcdic_mm[] = + { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; + int use_ebcdic (int i) { + return ebcdic_mm[i] + ebcdic_ii[i]; + } + extern int foo; + +int +main (void) +{ +return use_ascii (foo) == use_ebcdic (foo); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then + ac_cv_c_bigendian=yes + fi + if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then + if test "$ac_cv_c_bigendian" = unknown; then + ac_cv_c_bigendian=no + else + # finding both strings is unlikely to happen, but who knows? + ac_cv_c_bigendian=unknown + fi + fi +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main (void) +{ + + /* Are we little or big endian? From Harbison&Steele. */ + union + { + long int l; + char c[sizeof (long int)]; + } u; + u.l = 1; + return u.c[sizeof (long int) - 1] == 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + ac_cv_c_bigendian=no +else $as_nop + ac_cv_c_bigendian=yes +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 +printf "%s\n" "$ac_cv_c_bigendian" >&6; } + case $ac_cv_c_bigendian in #( + yes) + printf "%s\n" "#define WORDS_BIGENDIAN 1" >>confdefs.h +;; #( + no) + ;; #( + universal) + +printf "%s\n" "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h + + ;; #( + *) + as_fn_error $? "unknown endianness + presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;; + esac + + +# Checks for programs. +for ac_prog in gawk mawk nawk awk +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_AWK+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$AWK"; then + ac_cv_prog_AWK="$AWK" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_AWK="$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AWK=$ac_cv_prog_AWK +if test -n "$AWK"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +printf "%s\n" "$AWK" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + test -n "$AWK" && break +done + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +printf %s "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if test ${ac_cv_prog_CPP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + # Double quotes because $CC needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" cpp /lib/cpp + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + +else $as_nop + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + # Broken: success on invalid input. +continue +else $as_nop + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok +then : + break +fi + + done + ac_cv_prog_CPP=$CPP + +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +printf "%s\n" "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + +else $as_nop + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + # Broken: success on invalid input. +continue +else $as_nop + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok +then : + +else $as_nop + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_RANLIB+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +printf "%s\n" "$RANLIB" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_RANLIB+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +printf "%s\n" "$ac_ct_RANLIB" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RANLIB=$ac_ct_RANLIB + fi +else + RANLIB="$ac_cv_prog_RANLIB" +fi + + + # Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +printf %s "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if test ${ac_cv_path_install+y} +then : + printf %s "(cached) " >&6 +else $as_nop + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + # Account for fact that we put trailing slashes in our PATH walk. +case $as_dir in #(( + ./ | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir/" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac + + done +IFS=$as_save_IFS + +rm -rf conftest.one conftest.two conftest.dir + +fi + if test ${ac_cv_path_install+y}; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +printf "%s\n" "$INSTALL" >&6; } + +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' + +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +printf %s "checking for grep that handles long lines and -e... " >&6; } +if test ${ac_cv_path_GREP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in grep ggrep + do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_GREP" || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_GREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_GREP=$GREP +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +printf "%s\n" "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +printf %s "checking for egrep... " >&6; } +if test ${ac_cv_path_EGREP+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in egrep + do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP" || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_EGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_EGREP=$EGREP +fi + + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +printf "%s\n" "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a race-free mkdir -p" >&5 +printf %s "checking for a race-free mkdir -p... " >&6; } +if test -z "$MKDIR_P"; then + if test ${ac_cv_path_mkdir+y} +then : + printf %s "(cached) " >&6 +else $as_nop + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do + as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext" || continue + case `"$as_dir$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir ('*'coreutils) '* | \ + 'BusyBox '* | \ + 'mkdir (fileutils) '4.1*) + ac_cv_path_mkdir=$as_dir$ac_prog$ac_exec_ext + break 3;; + esac + done + done + done +IFS=$as_save_IFS + +fi + + test -d ./--version && rmdir ./--version + if test ${ac_cv_path_mkdir+y}; then + MKDIR_P="$ac_cv_path_mkdir -p" + else + # As a last resort, use the slow shell script. Don't cache a + # value for MKDIR_P within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + MKDIR_P="$ac_install_sh -d" + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +printf "%s\n" "$MKDIR_P" >&6; } + +if test -n "$ac_tool_prefix"; then + for ac_prog in ar + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_AR+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$AR"; then + ac_cv_prog_AR="$AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_AR="$ac_tool_prefix$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AR=$ac_cv_prog_AR +if test -n "$AR"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 +printf "%s\n" "$AR" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + test -n "$AR" && break + done +fi +if test -z "$AR"; then + ac_ct_AR=$AR + for ac_prog in ar +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_AR+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$ac_ct_AR"; then + ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_AR="$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_AR=$ac_cv_prog_ac_ct_AR +if test -n "$ac_ct_AR"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 +printf "%s\n" "$ac_ct_AR" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + test -n "$ac_ct_AR" && break +done + + if test "x$ac_ct_AR" = x; then + AR="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + AR=$ac_ct_AR + fi +fi + +# Extract the first word of "cat", so it can be a program name with args. +set dummy cat; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_CAT+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $CAT in + [\\/]* | ?:[\\/]*) + ac_cv_path_CAT="$CAT" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_CAT="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +CAT=$ac_cv_path_CAT +if test -n "$CAT"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CAT" >&5 +printf "%s\n" "$CAT" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "kill", so it can be a program name with args. +set dummy kill; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_KILL+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $KILL in + [\\/]* | ?:[\\/]*) + ac_cv_path_KILL="$KILL" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_KILL="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +KILL=$ac_cv_path_KILL +if test -n "$KILL"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $KILL" >&5 +printf "%s\n" "$KILL" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "sed", so it can be a program name with args. +set dummy sed; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_SED+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $SED in + [\\/]* | ?:[\\/]*) + ac_cv_path_SED="$SED" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_SED="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +SED=$ac_cv_path_SED +if test -n "$SED"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $SED" >&5 +printf "%s\n" "$SED" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "bash", so it can be a program name with args. +set dummy bash; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_TEST_MINUS_S_SH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $TEST_MINUS_S_SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_TEST_MINUS_S_SH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH +if test -n "$TEST_MINUS_S_SH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5 +printf "%s\n" "$TEST_MINUS_S_SH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "ksh", so it can be a program name with args. +set dummy ksh; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_TEST_MINUS_S_SH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $TEST_MINUS_S_SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_TEST_MINUS_S_SH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH +if test -n "$TEST_MINUS_S_SH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5 +printf "%s\n" "$TEST_MINUS_S_SH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "sh", so it can be a program name with args. +set dummy sh; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_TEST_MINUS_S_SH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $TEST_MINUS_S_SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_TEST_MINUS_S_SH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH +if test -n "$TEST_MINUS_S_SH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5 +printf "%s\n" "$TEST_MINUS_S_SH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "bash", so it can be a program name with args. +set dummy bash; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_SH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_SH="$SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_SH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +SH=$ac_cv_path_SH +if test -n "$SH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $SH" >&5 +printf "%s\n" "$SH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "ksh", so it can be a program name with args. +set dummy ksh; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_SH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_SH="$SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_SH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +SH=$ac_cv_path_SH +if test -n "$SH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $SH" >&5 +printf "%s\n" "$SH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "sh", so it can be a program name with args. +set dummy sh; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_SH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $SH in + [\\/]* | ?:[\\/]*) + ac_cv_path_SH="$SH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_SH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +SH=$ac_cv_path_SH +if test -n "$SH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $SH" >&5 +printf "%s\n" "$SH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "groff", so it can be a program name with args. +set dummy groff; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_GROFF+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $GROFF in + [\\/]* | ?:[\\/]*) + ac_cv_path_GROFF="$GROFF" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_GROFF="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +GROFF=$ac_cv_path_GROFF +if test -n "$GROFF"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GROFF" >&5 +printf "%s\n" "$GROFF" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "nroff awf", so it can be a program name with args. +set dummy nroff awf; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_NROFF+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $NROFF in + [\\/]* | ?:[\\/]*) + ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_NROFF="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +NROFF=$ac_cv_path_NROFF +if test -n "$NROFF"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5 +printf "%s\n" "$NROFF" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "mandoc", so it can be a program name with args. +set dummy mandoc; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_MANDOC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $MANDOC in + [\\/]* | ?:[\\/]*) + ac_cv_path_MANDOC="$MANDOC" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_MANDOC="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +MANDOC=$ac_cv_path_MANDOC +if test -n "$MANDOC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MANDOC" >&5 +printf "%s\n" "$MANDOC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_PKGCONFIG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_PKGCONFIG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PKGCONFIG=$ac_cv_path_PKGCONFIG +if test -n "$PKGCONFIG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5 +printf "%s\n" "$PKGCONFIG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_PKGCONFIG"; then + ac_pt_PKGCONFIG=$PKGCONFIG + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_ac_pt_PKGCONFIG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $ac_pt_PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_PKGCONFIG="$ac_pt_PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_ac_pt_PKGCONFIG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_PKGCONFIG=$ac_cv_path_ac_pt_PKGCONFIG +if test -n "$ac_pt_PKGCONFIG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKGCONFIG" >&5 +printf "%s\n" "$ac_pt_PKGCONFIG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_pt_PKGCONFIG" = x; then + PKGCONFIG="no" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + PKGCONFIG=$ac_pt_PKGCONFIG + fi +else + PKGCONFIG="$ac_cv_path_PKGCONFIG" +fi + +TEST_SHELL=sh + + +if test "x$MANDOC" != "x" ; then + MANFMT="$MANDOC" +elif test "x$NROFF" != "x" ; then + MANFMT="$NROFF -mandoc" +elif test "x$GROFF" != "x" ; then + MANFMT="$GROFF -mandoc -Tascii" +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: no manpage formatter found" >&5 +printf "%s\n" "$as_me: WARNING: no manpage formatter found" >&2;} + MANFMT="false" +fi + + +# Extract the first word of "groupadd", so it can be a program name with args. +set dummy groupadd; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_PATH_GROUPADD_PROG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $PATH_GROUPADD_PROG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PATH_GROUPADD_PROG="$PATH_GROUPADD_PROG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in /usr/sbin${PATH_SEPARATOR}/etc +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_PATH_GROUPADD_PROG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_PATH_GROUPADD_PROG" && ac_cv_path_PATH_GROUPADD_PROG="groupadd" + ;; +esac +fi +PATH_GROUPADD_PROG=$ac_cv_path_PATH_GROUPADD_PROG +if test -n "$PATH_GROUPADD_PROG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PATH_GROUPADD_PROG" >&5 +printf "%s\n" "$PATH_GROUPADD_PROG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "useradd", so it can be a program name with args. +set dummy useradd; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_PATH_USERADD_PROG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $PATH_USERADD_PROG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PATH_USERADD_PROG="$PATH_USERADD_PROG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in /usr/sbin${PATH_SEPARATOR}/etc +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_PATH_USERADD_PROG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_PATH_USERADD_PROG" && ac_cv_path_PATH_USERADD_PROG="useradd" + ;; +esac +fi +PATH_USERADD_PROG=$ac_cv_path_PATH_USERADD_PROG +if test -n "$PATH_USERADD_PROG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PATH_USERADD_PROG" >&5 +printf "%s\n" "$PATH_USERADD_PROG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "pkgmk", so it can be a program name with args. +set dummy pkgmk; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_MAKE_PACKAGE_SUPPORTED+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test -n "$MAKE_PACKAGE_SUPPORTED"; then + ac_cv_prog_MAKE_PACKAGE_SUPPORTED="$MAKE_PACKAGE_SUPPORTED" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_MAKE_PACKAGE_SUPPORTED="yes" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_prog_MAKE_PACKAGE_SUPPORTED" && ac_cv_prog_MAKE_PACKAGE_SUPPORTED="no" +fi +fi +MAKE_PACKAGE_SUPPORTED=$ac_cv_prog_MAKE_PACKAGE_SUPPORTED +if test -n "$MAKE_PACKAGE_SUPPORTED"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MAKE_PACKAGE_SUPPORTED" >&5 +printf "%s\n" "$MAKE_PACKAGE_SUPPORTED" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +if test -x /sbin/sh; then + STARTUP_SCRIPT_SHELL=/sbin/sh + +else + STARTUP_SCRIPT_SHELL=/bin/sh + +fi + +# System features +# Check whether --enable-largefile was given. +if test ${enable_largefile+y} +then : + enableval=$enable_largefile; +fi + +if test "$enable_largefile" != no; then + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 +printf %s "checking for special C compiler options needed for large files... " >&6; } +if test ${ac_cv_sys_largefile_CC+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_sys_largefile_CC=no + if test "$GCC" != yes; then + ac_save_CC=$CC + while :; do + # IRIX 6.2 and later do not support large files by default, + # so use the C compiler's -n32 option if that helps. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main (void) +{ + + ; + return 0; +} +_ACEOF + if ac_fn_c_try_compile "$LINENO" +then : + break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + CC="$CC -n32" + if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_sys_largefile_CC=' -n32'; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam + break + done + CC=$ac_save_CC + rm -f conftest.$ac_ext + fi +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 +printf "%s\n" "$ac_cv_sys_largefile_CC" >&6; } + if test "$ac_cv_sys_largefile_CC" != no; then + CC=$CC$ac_cv_sys_largefile_CC + fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 +printf %s "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } +if test ${ac_cv_sys_file_offset_bits+y} +then : + printf %s "(cached) " >&6 +else $as_nop + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_sys_file_offset_bits=no; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#define _FILE_OFFSET_BITS 64 +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_sys_file_offset_bits=64; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + ac_cv_sys_file_offset_bits=unknown + break +done +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 +printf "%s\n" "$ac_cv_sys_file_offset_bits" >&6; } +case $ac_cv_sys_file_offset_bits in #( + no | unknown) ;; + *) +printf "%s\n" "#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits" >>confdefs.h +;; +esac +rm -rf conftest* + if test $ac_cv_sys_file_offset_bits = unknown; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 +printf %s "checking for _LARGE_FILES value needed for large files... " >&6; } +if test ${ac_cv_sys_large_files+y} +then : + printf %s "(cached) " >&6 +else $as_nop + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_sys_large_files=no; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#define _LARGE_FILES 1 +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_sys_large_files=1; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + ac_cv_sys_large_files=unknown + break +done +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 +printf "%s\n" "$ac_cv_sys_large_files" >&6; } +case $ac_cv_sys_large_files in #( + no | unknown) ;; + *) +printf "%s\n" "#define _LARGE_FILES $ac_cv_sys_large_files" >>confdefs.h +;; +esac +rm -rf conftest* + fi +fi + + +if test -z "$AR" ; then + as_fn_error $? "*** 'ar' missing, please install or fix your \$PATH ***" "$LINENO" 5 +fi + +# Extract the first word of "passwd", so it can be a program name with args. +set dummy passwd; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_PATH_PASSWD_PROG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $PATH_PASSWD_PROG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PATH_PASSWD_PROG="$PATH_PASSWD_PROG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_PATH_PASSWD_PROG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PATH_PASSWD_PROG=$ac_cv_path_PATH_PASSWD_PROG +if test -n "$PATH_PASSWD_PROG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PATH_PASSWD_PROG" >&5 +printf "%s\n" "$PATH_PASSWD_PROG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +if test ! -z "$PATH_PASSWD_PROG" ; then + +printf "%s\n" "#define _PATH_PASSWD_PROG \"$PATH_PASSWD_PROG\"" >>confdefs.h + +fi + +LD="$CC" + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 +printf %s "checking for inline... " >&6; } +if test ${ac_cv_c_inline+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_cv_c_inline=no +for ac_kw in inline __inline__ __inline; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifndef __cplusplus +typedef int foo_t; +static $ac_kw foo_t static_foo (void) {return 0; } +$ac_kw foo_t foo (void) {return 0; } +#endif + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_c_inline=$ac_kw +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + test "$ac_cv_c_inline" != no && break +done + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 +printf "%s\n" "$ac_cv_c_inline" >&6; } + +case $ac_cv_c_inline in + inline | yes) ;; + *) + case $ac_cv_c_inline in + no) ac_val=;; + *) ac_val=$ac_cv_c_inline;; + esac + cat >>confdefs.h <<_ACEOF +#ifndef __cplusplus +#define inline $ac_val +#endif +_ACEOF + ;; +esac + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC options needed to detect all undeclared functions" >&5 +printf %s "checking for $CC options needed to detect all undeclared functions... " >&6; } +if test ${ac_cv_c_undeclared_builtin_options+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_save_CFLAGS=$CFLAGS + ac_cv_c_undeclared_builtin_options='cannot detect' + for ac_arg in '' -fno-builtin; do + CFLAGS="$ac_save_CFLAGS $ac_arg" + # This test program should *not* compile successfully. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ +(void) strchr; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +else $as_nop + # This test program should compile successfully. + # No library function is consistently available on + # freestanding implementations, so test against a dummy + # declaration. Include always-available headers on the + # off chance that they somehow elicit warnings. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include +extern void ac_decl (int, char *); + +int +main (void) +{ +(void) ac_decl (0, (char *) 0); + (void) ac_decl; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + if test x"$ac_arg" = x +then : + ac_cv_c_undeclared_builtin_options='none needed' +else $as_nop + ac_cv_c_undeclared_builtin_options=$ac_arg +fi + break +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + done + CFLAGS=$ac_save_CFLAGS + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_undeclared_builtin_options" >&5 +printf "%s\n" "$ac_cv_c_undeclared_builtin_options" >&6; } + case $ac_cv_c_undeclared_builtin_options in #( + 'cannot detect') : + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot make $CC report undeclared builtins +See \`config.log' for more details" "$LINENO" 5; } ;; #( + 'none needed') : + ac_c_undeclared_builtin_options='' ;; #( + *) : + ac_c_undeclared_builtin_options=$ac_cv_c_undeclared_builtin_options ;; +esac + +ac_fn_check_decl "$LINENO" "LLONG_MAX" "ac_cv_have_decl_LLONG_MAX" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_LLONG_MAX" = xyes +then : + have_llong_max=1 +fi +ac_fn_check_decl "$LINENO" "LONG_LONG_MAX" "ac_cv_have_decl_LONG_LONG_MAX" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_LONG_LONG_MAX" = xyes +then : + have_long_long_max=1 +fi +ac_fn_check_decl "$LINENO" "RLIMIT_NPROC" "ac_cv_have_decl_RLIMIT_NPROC" " + #include + #include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_RLIMIT_NPROC" = xyes +then : + +printf "%s\n" "#define HAVE_RLIMIT_NPROC /**/" >>confdefs.h + +fi +ac_fn_check_decl "$LINENO" "PR_SET_NO_NEW_PRIVS" "ac_cv_have_decl_PR_SET_NO_NEW_PRIVS" " + #include + #include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_PR_SET_NO_NEW_PRIVS" = xyes +then : + have_linux_no_new_privs=1 +fi + +openssl=yes +openssl_bin=openssl + +# Check whether --with-openssl was given. +if test ${with_openssl+y} +then : + withval=$with_openssl; if test "x$withval" = "xno" ; then + openssl=no + openssl_bin="" + fi + + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL will be used for cryptography" >&5 +printf %s "checking whether OpenSSL will be used for cryptography... " >&6; } +if test "x$openssl" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define WITH_OPENSSL 1" >>confdefs.h + +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + +use_stack_protector=1 +use_toolchain_hardening=1 +use_retpoline=1 + +# Check whether --with-stackprotect was given. +if test ${with_stackprotect+y} +then : + withval=$with_stackprotect; + if test "x$withval" = "xno"; then + use_stack_protector=0 + fi +fi + + +# Check whether --with-hardening was given. +if test ${with_hardening+y} +then : + withval=$with_hardening; + if test "x$withval" = "xno"; then + use_toolchain_hardening=0 + fi +fi + + +# Check whether --with-retpoline was given. +if test ${with_retpoline+y} +then : + withval=$with_retpoline; + if test "x$withval" = "xno"; then + use_retpoline=0 + fi +fi + + +# We use -Werror for the tests only so that we catch warnings like "this is +# on by default" for things like -fPIE. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Werror" >&5 +printf %s "checking if $CC supports -Werror... " >&6; } +saved_CFLAGS="$CFLAGS" +CFLAGS="$CFLAGS -Werror" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int main(void) { return 0; } +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + WERROR="-Werror" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + WERROR="" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +CFLAGS="$saved_CFLAGS" + +if test "$GCC" = "yes" || test "$GCC" = "egcs"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 +printf %s "checking gcc version... " >&6; } + GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` + case "$GCC_VER" in + 1.*) no_attrib_nonnull=1 ;; + 2.8* | 2.9*) + no_attrib_nonnull=1 + ;; + 2.*) no_attrib_nonnull=1 ;; + *) ;; + esac + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GCC_VER" >&5 +printf "%s\n" "$GCC_VER" >&6; } + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking clang version" >&5 +printf %s "checking clang version... " >&6; } + ver="`$CC -v 2>&1`" + if echo "$ver" | grep "Apple" >/dev/null; then + CLANG_VER=apple-`echo "$ver" | grep 'clang version' | \ + $SED 's/.*clang version //g' | $AWK '{print $1}'` + else + CLANG_VER=`echo "$ver" | grep 'clang version' | \ + $SED 's/.*clang version //g' | $AWK '{print $1}'` + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CLANG_VER" >&5 +printf "%s\n" "$CLANG_VER" >&6; } + + { + ossh_cache_var=ossh_cv_cflag__pipe + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -pipe" >&5 +printf %s "checking if $CC supports compile flag -pipe... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -pipe" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-pipe" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wunknown_warning_option + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunknown-warning-option" >&5 +printf %s "checking if $CC supports compile flag -Wunknown-warning-option... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wunknown-warning-option" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wunknown-warning-option" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wno_error_format_truncation + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wno-error=format-truncation" >&5 +printf %s "checking if $CC supports compile flag -Wno-error=format-truncation... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wno-error=format-truncation" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wno-error=format-truncation" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Qunused_arguments + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Qunused-arguments" >&5 +printf %s "checking if $CC supports compile flag -Qunused-arguments... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Qunused-arguments" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Qunused-arguments" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wall + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wall" >&5 +printf %s "checking if $CC supports compile flag -Wall... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wall" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wall" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wextra + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wextra" >&5 +printf %s "checking if $CC supports compile flag -Wextra... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wextra" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wextra" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wpointer_arith + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wpointer-arith" >&5 +printf %s "checking if $CC supports compile flag -Wpointer-arith... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wpointer-arith" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wpointer-arith" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wuninitialized + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wuninitialized" >&5 +printf %s "checking if $CC supports compile flag -Wuninitialized... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wuninitialized" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wuninitialized" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wsign_compare + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wsign-compare" >&5 +printf %s "checking if $CC supports compile flag -Wsign-compare... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wsign-compare" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wsign-compare" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wformat_security + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wformat-security" >&5 +printf %s "checking if $CC supports compile flag -Wformat-security... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wformat-security" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wformat-security" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wsizeof_pointer_memaccess + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wsizeof-pointer-memaccess" >&5 +printf %s "checking if $CC supports compile flag -Wsizeof-pointer-memaccess... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wsizeof-pointer-memaccess" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wsizeof-pointer-memaccess" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wpointer_sign + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wpointer-sign" >&5 +printf %s "checking if $CC supports compile flag -Wpointer-sign... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wpointer-sign" + _define_flag="-Wno-pointer-sign" + test "x$_define_flag" = "x" && _define_flag="-Wpointer-sign" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wunused_parameter + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunused-parameter" >&5 +printf %s "checking if $CC supports compile flag -Wunused-parameter... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wunused-parameter" + _define_flag="-Wno-unused-parameter" + test "x$_define_flag" = "x" && _define_flag="-Wunused-parameter" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wunused_result + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunused-result" >&5 +printf %s "checking if $CC supports compile flag -Wunused-result... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wunused-result" + _define_flag="-Wno-unused-result" + test "x$_define_flag" = "x" && _define_flag="-Wunused-result" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wimplicit_fallthrough + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wimplicit-fallthrough" >&5 +printf %s "checking if $CC supports compile flag -Wimplicit-fallthrough... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wimplicit-fallthrough" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wimplicit-fallthrough" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wmisleading_indentation + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wmisleading-indentation" >&5 +printf %s "checking if $CC supports compile flag -Wmisleading-indentation... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wmisleading-indentation" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wmisleading-indentation" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__Wbitwise_instead_of_logical + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wbitwise-instead-of-logical" >&5 +printf %s "checking if $CC supports compile flag -Wbitwise-instead-of-logical... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wbitwise-instead-of-logical" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wbitwise-instead-of-logical" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_cflag__fno_strict_aliasing + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fno-strict-aliasing" >&5 +printf %s "checking if $CC supports compile flag -fno-strict-aliasing... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -fno-strict-aliasing" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-fno-strict-aliasing" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + if test "x$use_toolchain_hardening" = "x1"; then + { + ossh_cache_var=ossh_cv_cflag__D_FORTIFY_SOURCE_2 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -D_FORTIFY_SOURCE=2" >&5 +printf %s "checking if $CC supports compile flag -D_FORTIFY_SOURCE=2... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -D_FORTIFY_SOURCE=2" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-D_FORTIFY_SOURCE=2" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_ldflag__Wl__z_relro + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,relro" >&5 +printf %s "checking if $LD supports link flag -Wl,-z,relro... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $WERROR -Wl,-z,relro" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wl,-z,relro" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + LDFLAGS="$saved_LDFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_ldflag__Wl__z_now + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,now" >&5 +printf %s "checking if $LD supports link flag -Wl,-z,now... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $WERROR -Wl,-z,now" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wl,-z,now" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + LDFLAGS="$saved_LDFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_ldflag__Wl__z_noexecstack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,noexecstack" >&5 +printf %s "checking if $LD supports link flag -Wl,-z,noexecstack... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $WERROR -Wl,-z,noexecstack" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wl,-z,noexecstack" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + LDFLAGS="$saved_LDFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + # NB. -ftrapv expects certain support functions to be present in + # the compiler library (libgcc or similar) to detect integer operations + # that can overflow. We must check that the result of enabling it + # actually links. The test program compiled/linked includes a number + # of integer operations that should exercise this. + { + ossh_cache_var=ossh_cv_cflag__ftrapv + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -ftrapv and linking succeeds" >&5 +printf %s "checking if $CC supports compile flag -ftrapv and linking succeeds... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -ftrapv" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-ftrapv" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + # clang 15 seems to have a bug in -fzero-call-used-regs=all. See + # https://bugzilla.mindrot.org/show_bug.cgi?id=3475 and + # https://github.com/llvm/llvm-project/issues/59242 + # clang 17 has a different bug that causes an ICE when using this + # flag at all (https://bugzilla.mindrot.org/show_bug.cgi?id=3629) + case "$CLANG_VER" in + apple-15*) { + ossh_cache_var=ossh_cv_cflag__fzero_call_used_regs_used + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fzero-call-used-regs=used and linking succeeds" >&5 +printf %s "checking if $CC supports compile flag -fzero-call-used-regs=used and linking succeeds... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -fzero-call-used-regs=used" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-fzero-call-used-regs=used" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} ;; + 17*) ;; + *) { + ossh_cache_var=ossh_cv_cflag__fzero_call_used_regs_used + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fzero-call-used-regs=used and linking succeeds" >&5 +printf %s "checking if $CC supports compile flag -fzero-call-used-regs=used and linking succeeds... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -fzero-call-used-regs=used" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-fzero-call-used-regs=used" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} ;; + esac + { + ossh_cache_var=ossh_cv_cflag__ftrivial_auto_var_init_zero + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -ftrivial-auto-var-init=zero" >&5 +printf %s "checking if $CC supports compile flag -ftrivial-auto-var-init=zero... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -ftrivial-auto-var-init=zero" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-ftrivial-auto-var-init=zero" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + fi + if test "x$use_retpoline" = "x1"; then + { + ossh_cache_var=ossh_cv_cflag__mretpoline + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mretpoline" >&5 +printf %s "checking if $CC supports compile flag -mretpoline... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -mretpoline" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-mretpoline" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} # clang + { + ossh_cache_var=ossh_cv_ldflag__Wl__z_retpolineplt + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,retpolineplt" >&5 +printf %s "checking if $LD supports link flag -Wl,-z,retpolineplt... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $WERROR -Wl,-z,retpolineplt" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wl,-z,retpolineplt" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + LDFLAGS="$saved_LDFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC accepts -fno-builtin-memset" >&5 +printf %s "checking if $CC accepts -fno-builtin-memset... " >&6; } + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fno-builtin-memset" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + char b[10]; memset(b, 0, sizeof(b)); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + # -fstack-protector-all doesn't always work for some GCC versions + # and/or platforms, so we test if we can. If it's not supported + # on a given platform gcc will emit a warning so we use -Werror. + if test "x$use_stack_protector" = "x1"; then + for t in -fstack-protector-strong -fstack-protector-all \ + -fstack-protector; do + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports $t" >&5 +printf %s "checking if $CC supports $t... " >&6; } + saved_CFLAGS="$CFLAGS" + saved_LDFLAGS="$LDFLAGS" + CFLAGS="$CFLAGS $t -Werror" + LDFLAGS="$LDFLAGS $t -Werror" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + int func (int t) {char b[100]; snprintf(b,sizeof b,"%d",t); return t;} + +int +main (void) +{ + + char x[256]; + snprintf(x, sizeof(x), "XXX%d", func(1)); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + CFLAGS="$saved_CFLAGS $t" + LDFLAGS="$saved_LDFLAGS $t" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $t works" >&5 +printf %s "checking if $t works... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: cannot test" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: cannot test" >&2;} + break + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + int func (int t) {char b[100]; snprintf(b,sizeof b,"%d",t); return t;} + +int +main (void) +{ + + char x[256]; + snprintf(x, sizeof(x), "XXX%d", func(1)); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + break +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS="$saved_CFLAGS" + LDFLAGS="$saved_LDFLAGS" + done + fi + + if test -z "$have_llong_max"; then + # retry LLONG_MAX with -std=gnu99, needed on some Linuxes + unset ac_cv_have_decl_LLONG_MAX + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -std=gnu99" + ac_fn_check_decl "$LINENO" "LLONG_MAX" "ac_cv_have_decl_LLONG_MAX" "#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_LLONG_MAX" = xyes +then : + have_llong_max=1 +else $as_nop + CFLAGS="$saved_CFLAGS" +fi + fi +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler allows __attribute__ on return types" >&5 +printf %s "checking if compiler allows __attribute__ on return types... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +__attribute__((__unused__)) static void foo(void){return;} +int +main (void) +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define NO_ATTRIBUTE_ON_RETURN_TYPE 1" >>confdefs.h + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler allows __attribute__ prototype args" >&5 +printf %s "checking if compiler allows __attribute__ prototype args... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +typedef void foo(const char *, ...) __attribute__((format(printf, 1, 2))); +int +main (void) +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define NO_ATTRIBUTE_ON_PROTOTYPE_ARGS 1" >>confdefs.h + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler supports variable length arrays" >&5 +printf %s "checking if compiler supports variable length arrays... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ + int i; for (i=0; i<3; i++){int a[i]; a[i-1]=0;} exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define VARIABLE_LENGTH_ARRAYS 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler accepts variable declarations after code" >&5 +printf %s "checking if compiler accepts variable declarations after code... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ + int a; a = 1; int b = 1; exit(a-b); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define VARIABLE_DECLARATION_AFTER_CODE 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +saved_CFLAGS="$CFLAGS" +CFLAGS="$CFLAGS -Werror" +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler supports __nonstring__ attribute on char arrays" >&5 +printf %s "checking if compiler supports __nonstring__ attribute on char arrays... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ + char __attribute__ ((__nonstring__)) h[5] = "hello"; return h[0]!='h'; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HAVE_ATTRIBUTE__NONSTRING__ 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +CFLAGS="$saved_CFLAGS" + +if test "x$no_attrib_nonnull" != "x1" ; then + +printf "%s\n" "#define HAVE_ATTRIBUTE__NONNULL__ 1" >>confdefs.h + +fi + + +# Check whether --with-rpath was given. +if test ${with_rpath+y} +then : + withval=$with_rpath; + if test "x$withval" = "xno" ; then + rpath_opt="" + elif test "x$withval" = "xyes" ; then + rpath_opt="-R" + else + rpath_opt="$withval" + fi + + +fi + + +# Allow user to specify flags + +# Check whether --with-cflags was given. +if test ${with_cflags+y} +then : + withval=$with_cflags; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + CFLAGS="$CFLAGS $withval" + fi + + +fi + + + +# Check whether --with-cflags-after was given. +if test ${with_cflags_after+y} +then : + withval=$with_cflags_after; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + CFLAGS_AFTER="$withval" + fi + + +fi + + +# Check whether --with-cppflags was given. +if test ${with_cppflags+y} +then : + withval=$with_cppflags; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + CPPFLAGS="$CPPFLAGS $withval" + fi + + +fi + + +# Check whether --with-ldflags was given. +if test ${with_ldflags+y} +then : + withval=$with_ldflags; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + LDFLAGS="$LDFLAGS $withval" + fi + + +fi + + +# Check whether --with-ldflags-after was given. +if test ${with_ldflags_after+y} +then : + withval=$with_ldflags_after; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + LDFLAGS_AFTER="$withval" + fi + + +fi + + +# Check whether --with-libs was given. +if test ${with_libs+y} +then : + withval=$with_libs; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + LIBS="$LIBS $withval" + fi + + +fi + + +# Check whether --with-Werror was given. +if test ${with_Werror+y} +then : + withval=$with_Werror; + if test -n "$withval" && test "x$withval" != "xno"; then + werror_flags="-Werror" + if test "x${withval}" != "xyes"; then + werror_flags="$withval" + fi + fi + + +fi + + +if test "x$ac_cv_header_sys_stat_h" != "xyes"; then + unset ac_cv_header_sys_stat_h + ac_fn_c_check_header_compile "$LINENO" "sys/stat.h" "ac_cv_header_sys_stat_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_stat_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_STAT_H 1" >>confdefs.h + +fi + +fi + +ac_fn_c_check_header_compile "$LINENO" "blf.h" "ac_cv_header_blf_h" "$ac_includes_default" +if test "x$ac_cv_header_blf_h" = xyes +then : + printf "%s\n" "#define HAVE_BLF_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "bstring.h" "ac_cv_header_bstring_h" "$ac_includes_default" +if test "x$ac_cv_header_bstring_h" = xyes +then : + printf "%s\n" "#define HAVE_BSTRING_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "crypt.h" "ac_cv_header_crypt_h" "$ac_includes_default" +if test "x$ac_cv_header_crypt_h" = xyes +then : + printf "%s\n" "#define HAVE_CRYPT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "crypto/sha2.h" "ac_cv_header_crypto_sha2_h" "$ac_includes_default" +if test "x$ac_cv_header_crypto_sha2_h" = xyes +then : + printf "%s\n" "#define HAVE_CRYPTO_SHA2_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "dirent.h" "ac_cv_header_dirent_h" "$ac_includes_default" +if test "x$ac_cv_header_dirent_h" = xyes +then : + printf "%s\n" "#define HAVE_DIRENT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "elf.h" "ac_cv_header_elf_h" "$ac_includes_default" +if test "x$ac_cv_header_elf_h" = xyes +then : + printf "%s\n" "#define HAVE_ELF_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "err.h" "ac_cv_header_err_h" "$ac_includes_default" +if test "x$ac_cv_header_err_h" = xyes +then : + printf "%s\n" "#define HAVE_ERR_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "features.h" "ac_cv_header_features_h" "$ac_includes_default" +if test "x$ac_cv_header_features_h" = xyes +then : + printf "%s\n" "#define HAVE_FEATURES_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "fcntl.h" "ac_cv_header_fcntl_h" "$ac_includes_default" +if test "x$ac_cv_header_fcntl_h" = xyes +then : + printf "%s\n" "#define HAVE_FCNTL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "floatingpoint.h" "ac_cv_header_floatingpoint_h" "$ac_includes_default" +if test "x$ac_cv_header_floatingpoint_h" = xyes +then : + printf "%s\n" "#define HAVE_FLOATINGPOINT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "fnmatch.h" "ac_cv_header_fnmatch_h" "$ac_includes_default" +if test "x$ac_cv_header_fnmatch_h" = xyes +then : + printf "%s\n" "#define HAVE_FNMATCH_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "getopt.h" "ac_cv_header_getopt_h" "$ac_includes_default" +if test "x$ac_cv_header_getopt_h" = xyes +then : + printf "%s\n" "#define HAVE_GETOPT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "ia.h" "ac_cv_header_ia_h" "$ac_includes_default" +if test "x$ac_cv_header_ia_h" = xyes +then : + printf "%s\n" "#define HAVE_IA_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "iaf.h" "ac_cv_header_iaf_h" "$ac_includes_default" +if test "x$ac_cv_header_iaf_h" = xyes +then : + printf "%s\n" "#define HAVE_IAF_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "inttypes.h" "ac_cv_header_inttypes_h" "$ac_includes_default" +if test "x$ac_cv_header_inttypes_h" = xyes +then : + printf "%s\n" "#define HAVE_INTTYPES_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "langinfo.h" "ac_cv_header_langinfo_h" "$ac_includes_default" +if test "x$ac_cv_header_langinfo_h" = xyes +then : + printf "%s\n" "#define HAVE_LANGINFO_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "limits.h" "ac_cv_header_limits_h" "$ac_includes_default" +if test "x$ac_cv_header_limits_h" = xyes +then : + printf "%s\n" "#define HAVE_LIMITS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "locale.h" "ac_cv_header_locale_h" "$ac_includes_default" +if test "x$ac_cv_header_locale_h" = xyes +then : + printf "%s\n" "#define HAVE_LOCALE_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "login.h" "ac_cv_header_login_h" "$ac_includes_default" +if test "x$ac_cv_header_login_h" = xyes +then : + printf "%s\n" "#define HAVE_LOGIN_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "maillock.h" "ac_cv_header_maillock_h" "$ac_includes_default" +if test "x$ac_cv_header_maillock_h" = xyes +then : + printf "%s\n" "#define HAVE_MAILLOCK_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "ndir.h" "ac_cv_header_ndir_h" "$ac_includes_default" +if test "x$ac_cv_header_ndir_h" = xyes +then : + printf "%s\n" "#define HAVE_NDIR_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "net/if_tun.h" "ac_cv_header_net_if_tun_h" "$ac_includes_default" +if test "x$ac_cv_header_net_if_tun_h" = xyes +then : + printf "%s\n" "#define HAVE_NET_IF_TUN_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "netdb.h" "ac_cv_header_netdb_h" "$ac_includes_default" +if test "x$ac_cv_header_netdb_h" = xyes +then : + printf "%s\n" "#define HAVE_NETDB_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "pam/pam_appl.h" "ac_cv_header_pam_pam_appl_h" "$ac_includes_default" +if test "x$ac_cv_header_pam_pam_appl_h" = xyes +then : + printf "%s\n" "#define HAVE_PAM_PAM_APPL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "pty.h" "ac_cv_header_pty_h" "$ac_includes_default" +if test "x$ac_cv_header_pty_h" = xyes +then : + printf "%s\n" "#define HAVE_PTY_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "readpassphrase.h" "ac_cv_header_readpassphrase_h" "$ac_includes_default" +if test "x$ac_cv_header_readpassphrase_h" = xyes +then : + printf "%s\n" "#define HAVE_READPASSPHRASE_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "rpc/types.h" "ac_cv_header_rpc_types_h" "$ac_includes_default" +if test "x$ac_cv_header_rpc_types_h" = xyes +then : + printf "%s\n" "#define HAVE_RPC_TYPES_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "security/pam_appl.h" "ac_cv_header_security_pam_appl_h" "$ac_includes_default" +if test "x$ac_cv_header_security_pam_appl_h" = xyes +then : + printf "%s\n" "#define HAVE_SECURITY_PAM_APPL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sha2.h" "ac_cv_header_sha2_h" "$ac_includes_default" +if test "x$ac_cv_header_sha2_h" = xyes +then : + printf "%s\n" "#define HAVE_SHA2_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "shadow.h" "ac_cv_header_shadow_h" "$ac_includes_default" +if test "x$ac_cv_header_shadow_h" = xyes +then : + printf "%s\n" "#define HAVE_SHADOW_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "stddef.h" "ac_cv_header_stddef_h" "$ac_includes_default" +if test "x$ac_cv_header_stddef_h" = xyes +then : + printf "%s\n" "#define HAVE_STDDEF_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "string.h" "ac_cv_header_string_h" "$ac_includes_default" +if test "x$ac_cv_header_string_h" = xyes +then : + printf "%s\n" "#define HAVE_STRING_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "strings.h" "ac_cv_header_strings_h" "$ac_includes_default" +if test "x$ac_cv_header_strings_h" = xyes +then : + printf "%s\n" "#define HAVE_STRINGS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/bitypes.h" "ac_cv_header_sys_bitypes_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_bitypes_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_BITYPES_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/byteorder.h" "ac_cv_header_sys_byteorder_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_byteorder_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_BYTEORDER_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/bsdtty.h" "ac_cv_header_sys_bsdtty_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_bsdtty_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_BSDTTY_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/cdefs.h" "ac_cv_header_sys_cdefs_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_cdefs_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_CDEFS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/dir.h" "ac_cv_header_sys_dir_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_dir_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_DIR_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/file.h" "ac_cv_header_sys_file_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_file_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_FILE_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/mman.h" "ac_cv_header_sys_mman_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_mman_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_MMAN_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/label.h" "ac_cv_header_sys_label_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_label_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_LABEL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/ndir.h" "ac_cv_header_sys_ndir_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_ndir_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_NDIR_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/param.h" "ac_cv_header_sys_param_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_param_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PARAM_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/poll.h" "ac_cv_header_sys_poll_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_poll_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_POLL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/prctl.h" "ac_cv_header_sys_prctl_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_prctl_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PRCTL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/procctl.h" "ac_cv_header_sys_procctl_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_procctl_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PROCCTL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/pstat.h" "ac_cv_header_sys_pstat_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_pstat_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PSTAT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/ptrace.h" "ac_cv_header_sys_ptrace_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_ptrace_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PTRACE_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/random.h" "ac_cv_header_sys_random_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_random_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_RANDOM_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/select.h" "ac_cv_header_sys_select_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_select_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_SELECT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/stream.h" "ac_cv_header_sys_stream_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_stream_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_STREAM_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/stropts.h" "ac_cv_header_sys_stropts_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_stropts_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_STROPTS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/strtio.h" "ac_cv_header_sys_strtio_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_strtio_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_STRTIO_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/statvfs.h" "ac_cv_header_sys_statvfs_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_statvfs_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_STATVFS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/sysmacros.h" "ac_cv_header_sys_sysmacros_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_sysmacros_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_SYSMACROS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/timers.h" "ac_cv_header_sys_timers_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_timers_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_TIMERS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/vfs.h" "ac_cv_header_sys_vfs_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_vfs_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_VFS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "tmpdir.h" "ac_cv_header_tmpdir_h" "$ac_includes_default" +if test "x$ac_cv_header_tmpdir_h" = xyes +then : + printf "%s\n" "#define HAVE_TMPDIR_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "ttyent.h" "ac_cv_header_ttyent_h" "$ac_includes_default" +if test "x$ac_cv_header_ttyent_h" = xyes +then : + printf "%s\n" "#define HAVE_TTYENT_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "ucred.h" "ac_cv_header_ucred_h" "$ac_includes_default" +if test "x$ac_cv_header_ucred_h" = xyes +then : + printf "%s\n" "#define HAVE_UCRED_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "unistd.h" "ac_cv_header_unistd_h" "$ac_includes_default" +if test "x$ac_cv_header_unistd_h" = xyes +then : + printf "%s\n" "#define HAVE_UNISTD_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "usersec.h" "ac_cv_header_usersec_h" "$ac_includes_default" +if test "x$ac_cv_header_usersec_h" = xyes +then : + printf "%s\n" "#define HAVE_USERSEC_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "utime.h" "ac_cv_header_utime_h" "$ac_includes_default" +if test "x$ac_cv_header_utime_h" = xyes +then : + printf "%s\n" "#define HAVE_UTIME_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "utmp.h" "ac_cv_header_utmp_h" "$ac_includes_default" +if test "x$ac_cv_header_utmp_h" = xyes +then : + printf "%s\n" "#define HAVE_UTMP_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "utmpx.h" "ac_cv_header_utmpx_h" "$ac_includes_default" +if test "x$ac_cv_header_utmpx_h" = xyes +then : + printf "%s\n" "#define HAVE_UTMPX_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "vis.h" "ac_cv_header_vis_h" "$ac_includes_default" +if test "x$ac_cv_header_vis_h" = xyes +then : + printf "%s\n" "#define HAVE_VIS_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "wchar.h" "ac_cv_header_wchar_h" "$ac_includes_default" +if test "x$ac_cv_header_wchar_h" = xyes +then : + printf "%s\n" "#define HAVE_WCHAR_H 1" >>confdefs.h + +fi + + +# Create replacement header files for common headers that are missing on this +# platform. Usually these are just empty, but in some cases they'll include +# the equivalent file. This avoids having to wrap those includes in +# '#ifdef HAVE_FOO_H'. If we create any such headers, add the path to includes. +COMPATINCLUDESDIR="openbsd-compat/include" +COMPATINCLUDES="" + for ac_header in endian.h ifaddrs.h libgen.h paths.h netgroup.h nlist.h poll.h stdint.h sys/mman.h sys/stat.h sys/statvfs.h sys/time.h sys/un.h time.h util.h +do : + as_ac_Header=`printf "%s\n" "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes" +then : + cat >>confdefs.h <<_ACEOF +#define `printf "%s\n" "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + + # Remove any old shims. + rm -f "$COMPATINCLUDESDIR/$ac_header" + +else $as_nop + + COMPATINCLUDES="$COMPATINCLUDESDIR" + header="$COMPATINCLUDES/$ac_header" + dir=`dirname "$header"` + mkdir -p "$dir" + case "$ac_header" in + poll.h) echo '#ifdef HAVE_SYS_POLL_H' + echo '#include ' + echo '#endif' ;; + *) ;; + esac >"$header" + +fi + +done + +for include in sys/queue.h sys/tree.h; do + COMPATINCLUDES="$COMPATINCLUDESDIR" + header="$COMPATINCLUDES/$include" + dir=`dirname "$header"` + mkdir -p "$dir" + case "$include" in + sys/queue.h) + echo '#include "openbsd-compat/sys-queue.h"' + ;; + sys/tree.h) + echo '#include "openbsd-compat/sys-tree.h"' + ;; + esac >"$header" +done + +ac_fn_check_decl "$LINENO" "le32toh" "ac_cv_have_decl_le32toh" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif +#ifdef HAVE_ENDIAN_H +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_le32toh" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_LE32TOH $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "le64toh" "ac_cv_have_decl_le64toh" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif +#ifdef HAVE_ENDIAN_H +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_le64toh" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_LE64TOH $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "htole64" "ac_cv_have_decl_htole64" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif +#ifdef HAVE_ENDIAN_H +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_htole64" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_HTOLE64 $ac_have_decl" >>confdefs.h + + +# On some platforms (eg SunOS4) sys/audit.h requires sys/[time|types|label.h] +# to be included first. +ac_fn_c_check_header_compile "$LINENO" "sys/audit.h" "ac_cv_header_sys_audit_h" " +#ifdef HAVE_SYS_TIME_H +# include +#endif +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_LABEL_H +# include +#endif + +" +if test "x$ac_cv_header_sys_audit_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_AUDIT_H 1" >>confdefs.h + +fi + + +# sys/capsicum.h requires sys/types.h +ac_fn_c_check_header_compile "$LINENO" "sys/capsicum.h" "ac_cv_header_sys_capsicum_h" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +" +if test "x$ac_cv_header_sys_capsicum_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_CAPSICUM_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "capsicum_helpers.h" "ac_cv_header_capsicum_helpers_h" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +" +if test "x$ac_cv_header_capsicum_helpers_h" = xyes +then : + printf "%s\n" "#define HAVE_CAPSICUM_HELPERS_H 1" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for caph_cache_tzdata" >&5 +printf %s "checking for caph_cache_tzdata... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ +caph_cache_tzdata(); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HAVE_CAPH_CACHE_TZDATA 1" >>confdefs.h + + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +# net/route.h requires sys/socket.h and sys/types.h. +# sys/sysctl.h also requires sys/param.h +ac_fn_c_check_header_compile "$LINENO" "net/route.h" "ac_cv_header_net_route_h" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#include +#include + +" +if test "x$ac_cv_header_net_route_h" = xyes +then : + printf "%s\n" "#define HAVE_NET_ROUTE_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "sys/sysctl.h" "ac_cv_header_sys_sysctl_h" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#include +#include + +" +if test "x$ac_cv_header_sys_sysctl_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_SYSCTL_H 1" >>confdefs.h + +fi + + +# lastlog.h requires sys/time.h to be included first on Solaris +ac_fn_c_check_header_compile "$LINENO" "lastlog.h" "ac_cv_header_lastlog_h" " +#ifdef HAVE_SYS_TIME_H +# include +#endif + +" +if test "x$ac_cv_header_lastlog_h" = xyes +then : + printf "%s\n" "#define HAVE_LASTLOG_H 1" >>confdefs.h + +fi + + +# sys/ptms.h requires sys/stream.h to be included first on Solaris +ac_fn_c_check_header_compile "$LINENO" "sys/ptms.h" "ac_cv_header_sys_ptms_h" " +#ifdef HAVE_SYS_STREAM_H +# include +#endif + +" +if test "x$ac_cv_header_sys_ptms_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_PTMS_H 1" >>confdefs.h + +fi + + +# login_cap.h requires sys/types.h on NetBSD +ac_fn_c_check_header_compile "$LINENO" "login_cap.h" "ac_cv_header_login_cap_h" " +#include + +" +if test "x$ac_cv_header_login_cap_h" = xyes +then : + printf "%s\n" "#define HAVE_LOGIN_CAP_H 1" >>confdefs.h + +fi + + +# older BSDs need sys/param.h before sys/mount.h +ac_fn_c_check_header_compile "$LINENO" "sys/mount.h" "ac_cv_header_sys_mount_h" " +#include + +" +if test "x$ac_cv_header_sys_mount_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_MOUNT_H 1" >>confdefs.h + +fi + + +# Android requires sys/socket.h to be included before sys/un.h +ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" " +#include +#include + +" +if test "x$ac_cv_header_sys_un_h" = xyes +then : + printf "%s\n" "#define HAVE_SYS_UN_H 1" >>confdefs.h + +fi + + +# Messages for features tested for in target-specific section +SIA_MSG="no" +SPC_MSG="no" +SP_MSG="no" +SPP_MSG="no" + +# Support for Solaris/Illumos privileges (this test is used by both +# the --with-solaris-privs option and --with-sandbox=solaris). +SOLARIS_PRIVS="no" + +# Default shared library extension +SHLIBEXT=".so" + +# See OpenBSD section in $host case below. +need_pledge_inet="" + +# Check for some target-specific stuff +case "$host" in +*-*-aix*) + # Some versions of VAC won't allow macro redefinitions at + # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that + # particularly with older versions of vac or xlc. + # It also throws errors about null macro arguments, but these are + # not fatal. + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler allows macro redefinitions" >&5 +printf %s "checking if compiler allows macro redefinitions... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#define testmacro foo +#define testmacro bar +int +main (void) +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" + CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" + CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to specify blibpath for linker ($LD)" >&5 +printf %s "checking how to specify blibpath for linker ($LD)... " >&6; } + if (test -z "$blibpath"); then + blibpath="/usr/lib:/lib" + fi + saved_LDFLAGS="$LDFLAGS" + if test "$GCC" = "yes"; then + flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" + else + flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," + fi + for tryflags in $flags ;do + if (test -z "$blibflags"); then + LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + blibflags=$tryflags +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + fi + done + if (test -z "$blibflags"); then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5 +printf "%s\n" "not found" >&6; } + as_fn_error $? "*** must be able to specify blibpath on AIX - check config.log" "$LINENO" 5 + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $blibflags" >&5 +printf "%s\n" "$blibflags" >&6; } + fi + LDFLAGS="$saved_LDFLAGS" + ac_fn_c_check_func "$LINENO" "authenticate" "ac_cv_func_authenticate" +if test "x$ac_cv_func_authenticate" = xyes +then : + +printf "%s\n" "#define WITH_AIXAUTHENTICATE 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for authenticate in -ls" >&5 +printf %s "checking for authenticate in -ls... " >&6; } +if test ${ac_cv_lib_s_authenticate+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-ls $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char authenticate (); +int +main (void) +{ +return authenticate (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_s_authenticate=yes +else $as_nop + ac_cv_lib_s_authenticate=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_s_authenticate" >&5 +printf "%s\n" "$ac_cv_lib_s_authenticate" >&6; } +if test "x$ac_cv_lib_s_authenticate" = xyes +then : + printf "%s\n" "#define WITH_AIXAUTHENTICATE 1" >>confdefs.h + + LIBS="$LIBS -ls" + +fi + + +fi + + ac_fn_check_decl "$LINENO" "authenticate" "ac_cv_have_decl_authenticate" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_authenticate" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_AUTHENTICATE $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "loginrestrictions" "ac_cv_have_decl_loginrestrictions" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_loginrestrictions" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_LOGINRESTRICTIONS $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "loginsuccess" "ac_cv_have_decl_loginsuccess" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_loginsuccess" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_LOGINSUCCESS $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "passwdexpired" "ac_cv_have_decl_passwdexpired" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_passwdexpired" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_PASSWDEXPIRED $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "setauthdb" "ac_cv_have_decl_setauthdb" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_setauthdb" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_SETAUTHDB $ac_have_decl" >>confdefs.h + + ac_fn_check_decl "$LINENO" "loginfailed" "ac_cv_have_decl_loginfailed" "#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_loginfailed" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_LOGINFAILED $ac_have_decl" >>confdefs.h +if test $ac_have_decl = 1 +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if loginfailed takes 4 arguments" >&5 +printf %s "checking if loginfailed takes 4 arguments... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + (void)loginfailed("user","host","tty",0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define AIX_LOGINFAILED_4ARG 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + ac_fn_c_check_func "$LINENO" "getgrset" "ac_cv_func_getgrset" +if test "x$ac_cv_func_getgrset" = xyes +then : + printf "%s\n" "#define HAVE_GETGRSET 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setauthdb" "ac_cv_func_setauthdb" +if test "x$ac_cv_func_setauthdb" = xyes +then : + printf "%s\n" "#define HAVE_SETAUTHDB 1" >>confdefs.h + +fi + + ac_fn_check_decl "$LINENO" "F_CLOSEM" "ac_cv_have_decl_F_CLOSEM" " #include + #include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_F_CLOSEM" = xyes +then : + +printf "%s\n" "#define HAVE_FCNTL_CLOSEM 1" >>confdefs.h + +fi + check_for_aix_broken_getaddrinfo=1 + +printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_LASTLOG 1" >>confdefs.h + + +printf "%s\n" "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h + + +printf "%s\n" "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h + + +printf "%s\n" "#define PTY_ZEROREAD 1" >>confdefs.h + + +printf "%s\n" "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h + + +printf "%s\n" "#define BROKEN_STRNDUP 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_STRNLEN 1" >>confdefs.h + + ;; +*-*-android*) + +printf "%s\n" "#define DISABLE_UTMP 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_WTMP 1" >>confdefs.h + + ;; +*-*-cygwin*) + LIBS="$LIBS /usr/lib/textreadmode.o" + +printf "%s\n" "#define HAVE_CYGWIN 1" >>confdefs.h + + +printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + +printf "%s\n" "#define NO_UID_RESTORATION_TEST 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_SHADOW 1" >>confdefs.h + + +printf "%s\n" "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_FD_PASSING 1" >>confdefs.h + + +printf "%s\n" "#define SSH_IOBUFSZ 65535" >>confdefs.h + + +printf "%s\n" "#define FILESYSTEM_NO_BACKSLASH 1" >>confdefs.h + + # Cygwin defines optargs, optargs as declspec(dllimport) for historical + # reasons which cause compile warnings, so we disable those warnings. + { + ossh_cache_var=ossh_cv_cflag__Wno_attributes + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wno-attributes" >&5 +printf %s "checking if $CC supports compile flag -Wno-attributes... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -Wno-attributes" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wno-attributes" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + SHLIBEXT=".dll" + ;; +*-*-dgux*) + +printf "%s\n" "#define IP_TOS_IS_BROKEN 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + ;; +*-*-darwin*) + use_pie=auto + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we have working getaddrinfo" >&5 +printf %s "checking if we have working getaddrinfo... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: assume it is working" >&5 +printf "%s\n" "assume it is working" >&6; } +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) + exit(0); + else + exit(1); +} + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: working" >&5 +printf "%s\n" "working" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: buggy" >&5 +printf "%s\n" "buggy" >&6; } + +printf "%s\n" "#define BROKEN_GETADDRINFO 1" >>confdefs.h + + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + broken_glob=yes # OS X glob does not do what we expect + +printf "%s\n" "#define BIND_8_COMPAT 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_FREEBSD 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h + + + ac_fn_check_decl "$LINENO" "AU_IPv4" "ac_cv_have_decl_AU_IPv4" "$ac_includes_default" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_AU_IPv4" = xyes +then : + +else $as_nop + +printf "%s\n" "#define AU_IPv4 0" >>confdefs.h + + #include + +printf "%s\n" "#define LASTLOG_WRITE_PUTUTXLINE 1" >>confdefs.h + + +fi + +printf "%s\n" "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h + + ac_fn_c_check_func "$LINENO" "sandbox_init" "ac_cv_func_sandbox_init" +if test "x$ac_cv_func_sandbox_init" = xyes +then : + printf "%s\n" "#define HAVE_SANDBOX_INIT 1" >>confdefs.h + +fi + + ac_fn_c_check_header_compile "$LINENO" "sandbox.h" "ac_cv_header_sandbox_h" "$ac_includes_default" +if test "x$ac_cv_header_sandbox_h" = xyes +then : + printf "%s\n" "#define HAVE_SANDBOX_H 1" >>confdefs.h + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for sandbox_apply in -lsandbox" >&5 +printf %s "checking for sandbox_apply in -lsandbox... " >&6; } +if test ${ac_cv_lib_sandbox_sandbox_apply+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lsandbox $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char sandbox_apply (); +int +main (void) +{ +return sandbox_apply (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_sandbox_sandbox_apply=yes +else $as_nop + ac_cv_lib_sandbox_sandbox_apply=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_sandbox_sandbox_apply" >&5 +printf "%s\n" "$ac_cv_lib_sandbox_sandbox_apply" >&6; } +if test "x$ac_cv_lib_sandbox_sandbox_apply" = xyes +then : + + SSHDLIBS="$SSHDLIBS -lsandbox" + +fi + + # proc_pidinfo()-based closefrom() replacement. + ac_fn_c_check_header_compile "$LINENO" "libproc.h" "ac_cv_header_libproc_h" "$ac_includes_default" +if test "x$ac_cv_header_libproc_h" = xyes +then : + printf "%s\n" "#define HAVE_LIBPROC_H 1" >>confdefs.h + +fi + + ac_fn_c_check_func "$LINENO" "proc_pidinfo" "ac_cv_func_proc_pidinfo" +if test "x$ac_cv_func_proc_pidinfo" = xyes +then : + printf "%s\n" "#define HAVE_PROC_PIDINFO 1" >>confdefs.h + +fi + + # poll(2) is broken for character-special devices (at least). + # cf. Apple bug 3710161 (not public, but searchable) + +printf "%s\n" "#define BROKEN_POLL 1" >>confdefs.h + + SHLIBEXT=".dylib" + ;; +*-*-dragonfly*) + SSHDLIBS="$SSHDLIBS" + TEST_MALLOC_OPTIONS="AFGJPRX" + ;; +*-*-haiku*) + LIBS="$LIBS -lbsd " + CFLAGS="$CFLAGS -D_BSD_SOURCE" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for socket in -lnetwork" >&5 +printf %s "checking for socket in -lnetwork... " >&6; } +if test ${ac_cv_lib_network_socket+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lnetwork $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char socket (); +int +main (void) +{ +return socket (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_network_socket=yes +else $as_nop + ac_cv_lib_network_socket=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_network_socket" >&5 +printf "%s\n" "$ac_cv_lib_network_socket" >&6; } +if test "x$ac_cv_lib_network_socket" = xyes +then : + printf "%s\n" "#define HAVE_LIBNETWORK 1" >>confdefs.h + + LIBS="-lnetwork $LIBS" + +fi + + printf "%s\n" "#define HAVE_U_INT64_T 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_UTMPX 1" >>confdefs.h + + MANTYPE=man + ;; +*-*-hpux*) + # first we define all of the options common to all HP-UX releases + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" + IPADDR_IN_DISPLAY=yes + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h + + +printf "%s\n" "#define LOCKED_PASSWD_STRING \"*\"" >>confdefs.h + + printf "%s\n" "#define SPT_TYPE SPT_PSTAT" >>confdefs.h + + +printf "%s\n" "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h + + maildir="/var/mail" + LIBS="$LIBS -lsec" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for t_error in -lxnet" >&5 +printf %s "checking for t_error in -lxnet... " >&6; } +if test ${ac_cv_lib_xnet_t_error+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lxnet $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char t_error (); +int +main (void) +{ +return t_error (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_xnet_t_error=yes +else $as_nop + ac_cv_lib_xnet_t_error=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_xnet_t_error" >&5 +printf "%s\n" "$ac_cv_lib_xnet_t_error" >&6; } +if test "x$ac_cv_lib_xnet_t_error" = xyes +then : + printf "%s\n" "#define HAVE_LIBXNET 1" >>confdefs.h + + LIBS="-lxnet $LIBS" + +else $as_nop + as_fn_error $? "*** -lxnet needed on HP-UX - check config.log ***" "$LINENO" 5 +fi + + + # next, we define all of the options specific to major releases + case "$host" in + *-*-hpux10*) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + +printf "%s\n" "#define BROKEN_GETLINE 1" >>confdefs.h + + ;; + *-*-hpux11*) + +printf "%s\n" "#define PAM_SUN_CODEBASE 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_UTMP 1" >>confdefs.h + + +printf "%s\n" "#define USE_BTMP 1" >>confdefs.h + + check_for_hpux_broken_getaddrinfo=1 + check_for_conflicting_getspnam=1 + ;; + esac + + # lastly, we define options specific to minor releases + case "$host" in + *-*-hpux10.26) + +printf "%s\n" "#define HAVE_SECUREWARE 1" >>confdefs.h + + disable_ptmx_check=yes + LIBS="$LIBS -lsecpw" + ;; + esac + ;; +*-*-irix5*) + PATH="$PATH:/usr/etc" + +printf "%s\n" "#define BROKEN_INET_NTOA 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + +printf "%s\n" "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h + + printf "%s\n" "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h + + ;; +*-*-irix6*) + PATH="$PATH:/usr/etc" + +printf "%s\n" "#define WITH_IRIX_ARRAY 1" >>confdefs.h + + +printf "%s\n" "#define WITH_IRIX_PROJECT 1" >>confdefs.h + + +printf "%s\n" "#define WITH_IRIX_AUDIT 1" >>confdefs.h + + ac_fn_c_check_func "$LINENO" "jlimit_startjob" "ac_cv_func_jlimit_startjob" +if test "x$ac_cv_func_jlimit_startjob" = xyes +then : + +printf "%s\n" "#define WITH_IRIX_JOBS 1" >>confdefs.h + +fi + + printf "%s\n" "#define BROKEN_INET_NTOA 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_UPDWTMPX 1" >>confdefs.h + + printf "%s\n" "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h + + printf "%s\n" "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h + + ;; +*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu) + printf "%s\n" "#define PAM_TTY_KLUDGE 1" >>confdefs.h + + printf "%s\n" "#define LOCKED_PASSWD_PREFIX \"!\"" >>confdefs.h + + printf "%s\n" "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h + + +printf "%s\n" "#define _PATH_BTMP \"/var/log/btmp\"" >>confdefs.h + + +printf "%s\n" "#define USE_BTMP 1" >>confdefs.h + + ;; +*-*-linux*) + no_dev_ptmx=1 + use_pie=auto + check_for_openpty_ctty_bug=1 + CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE" + +printf "%s\n" "#define BROKEN_CLOSEFROM 1" >>confdefs.h + + +printf "%s\n" "#define PAM_TTY_KLUDGE 1" >>confdefs.h + + +printf "%s\n" "#define LOCKED_PASSWD_PREFIX \"!\"" >>confdefs.h + + printf "%s\n" "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h + + +printf "%s\n" "#define LINK_OPNOTSUPP_ERRNO EPERM" >>confdefs.h + + +printf "%s\n" "#define _PATH_BTMP \"/var/log/btmp\"" >>confdefs.h + + printf "%s\n" "#define USE_BTMP 1" >>confdefs.h + + +printf "%s\n" "#define LINUX_OOM_ADJUST 1" >>confdefs.h + + +# Check whether --with-linux-memlock-onfault was given. +if test ${with_linux_memlock_onfault+y} +then : + withval=$with_linux_memlock_onfault; + if test "x$withval" != "xno" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for MCL_ONFAULT" >&5 +printf %s "checking for MCL_ONFAULT... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + mlockall(MCL_FUTURE | MCL_ONFAULT); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: supported" >&5 +printf "%s\n" "supported" >&6; } + +printf "%s\n" "#define LINUX_MEMLOCK_ONFAULT 1" >>confdefs.h + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not supported" >&5 +printf "%s\n" "not supported" >&6; } + as_fn_error $? "MCL_ONFAULT is not available on your system" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + fi + +fi + + + +printf "%s\n" "#define SYSTEMD_NOTIFY 1" >>confdefs.h + + inet6_default_4in6=yes + case `uname -r` in + 1.*|2.0.*) + +printf "%s\n" "#define BROKEN_CMSG_TYPE 1" >>confdefs.h + + ;; + esac + # tun(4) forwarding compat code + ac_fn_c_check_header_compile "$LINENO" "linux/if_tun.h" "ac_cv_header_linux_if_tun_h" "$ac_includes_default" +if test "x$ac_cv_header_linux_if_tun_h" = xyes +then : + printf "%s\n" "#define HAVE_LINUX_IF_TUN_H 1" >>confdefs.h + +fi + + if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then + +printf "%s\n" "#define SSH_TUN_LINUX 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h + + fi + ac_fn_c_check_header_compile "$LINENO" "linux/if.h" "ac_cv_header_linux_if_h" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +" +if test "x$ac_cv_header_linux_if_h" = xyes +then : + +printf "%s\n" "#define SYS_RDOMAIN_LINUX 1" >>confdefs.h + +fi + + ac_fn_c_check_header_compile "$LINENO" "linux/seccomp.h" "ac_cv_header_linux_seccomp_h" "#include +" +if test "x$ac_cv_header_linux_seccomp_h" = xyes +then : + printf "%s\n" "#define HAVE_LINUX_SECCOMP_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "linux/filter.h" "ac_cv_header_linux_filter_h" "#include +" +if test "x$ac_cv_header_linux_filter_h" = xyes +then : + printf "%s\n" "#define HAVE_LINUX_FILTER_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "linux/audit.h" "ac_cv_header_linux_audit_h" "#include +" +if test "x$ac_cv_header_linux_audit_h" = xyes +then : + printf "%s\n" "#define HAVE_LINUX_AUDIT_H 1" >>confdefs.h + +fi + + # Obtain MIPS ABI + case "$host" in + mips*) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if _MIPS_SIM != _ABIO32 +#error +#endif + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + mips_abi="o32" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if _MIPS_SIM != _ABIN32 +#error +#endif + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + mips_abi="n32" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if _MIPS_SIM != _ABI64 +#error +#endif + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + mips_abi="n64" +else $as_nop + as_fn_error $? "unknown MIPS ABI" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + ;; + esac + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for seccomp architecture" >&5 +printf %s "checking for seccomp architecture... " >&6; } + seccomp_audit_arch= + case "$host" in + x86_64-*) + seccomp_audit_arch=AUDIT_ARCH_X86_64 + ;; + i*86-*) + seccomp_audit_arch=AUDIT_ARCH_I386 + ;; + arm*-*) + seccomp_audit_arch=AUDIT_ARCH_ARM + ;; + aarch64*-*) + seccomp_audit_arch=AUDIT_ARCH_AARCH64 + ;; + s390x-*) + seccomp_audit_arch=AUDIT_ARCH_S390X + ;; + s390-*) + seccomp_audit_arch=AUDIT_ARCH_S390 + ;; + powerpc-*) + seccomp_audit_arch=AUDIT_ARCH_PPC + ;; + powerpc64-*) + seccomp_audit_arch=AUDIT_ARCH_PPC64 + ;; + powerpc64le-*) + seccomp_audit_arch=AUDIT_ARCH_PPC64LE + ;; + mips-*) + seccomp_audit_arch=AUDIT_ARCH_MIPS + ;; + mipsel-*) + seccomp_audit_arch=AUDIT_ARCH_MIPSEL + ;; + mips64-*) + case "$mips_abi" in + "n32") + seccomp_audit_arch=AUDIT_ARCH_MIPS64N32 + ;; + "n64") + seccomp_audit_arch=AUDIT_ARCH_MIPS64 + ;; + esac + ;; + mips64el-*) + case "$mips_abi" in + "n32") + seccomp_audit_arch=AUDIT_ARCH_MIPSEL64N32 + ;; + "n64") + seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 + ;; + esac + ;; + riscv64-*) + seccomp_audit_arch=AUDIT_ARCH_RISCV64 + ;; + esac + if test "x$seccomp_audit_arch" != "x" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: \"$seccomp_audit_arch\"" >&5 +printf "%s\n" "\"$seccomp_audit_arch\"" >&6; } + +printf "%s\n" "#define SECCOMP_AUDIT_ARCH $seccomp_audit_arch" >>confdefs.h + + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: architecture not supported" >&5 +printf "%s\n" "architecture not supported" >&6; } + fi + ;; +*-*-minix) + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + # poll(2) seems to choke on /dev/null; "Bad file descriptor" + +printf "%s\n" "#define BROKEN_POLL 1" >>confdefs.h + + ;; +mips-sony-bsd|mips-sony-newsos4) + +printf "%s\n" "#define NEED_SETPGRP 1" >>confdefs.h + + SONY=1 + ;; +*-*-netbsd*) + if test "x$withval" != "xno" ; then + rpath_opt="-R" + fi + CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" + +printf "%s\n" "#define SSH_TUN_FREEBSD 1" >>confdefs.h + + ac_fn_c_check_header_compile "$LINENO" "net/if_tap.h" "ac_cv_header_net_if_tap_h" "$ac_includes_default" +if test "x$ac_cv_header_net_if_tap_h" = xyes +then : + +else $as_nop + +printf "%s\n" "#define SSH_TUN_NO_L2 1" >>confdefs.h + +fi + + +printf "%s\n" "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h + + TEST_MALLOC_OPTIONS="AJRX" + +printf "%s\n" "#define BROKEN_READ_COMPARISON 1" >>confdefs.h + + ;; +*-*-freebsd*) + +printf "%s\n" "#define LOCKED_PASSWD_PREFIX \"*LOCKED*\"" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_FREEBSD 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h + + ac_fn_c_check_header_compile "$LINENO" "net/if_tap.h" "ac_cv_header_net_if_tap_h" "$ac_includes_default" +if test "x$ac_cv_header_net_if_tap_h" = xyes +then : + +else $as_nop + +printf "%s\n" "#define SSH_TUN_NO_L2 1" >>confdefs.h + +fi + + broken_glob=yes # FreeBSD glob does not do what we need + TEST_MALLOC_OPTIONS="AJRX" + # Preauth crypto occasionally uses file descriptors for crypto offload + # and will crash if they cannot be opened. + +printf "%s\n" "#define SANDBOX_SKIP_RLIMIT_NOFILE 1" >>confdefs.h + + case "$host" in + *-*-freebsd9.*|*-*-freebsd10.*) + # Capsicum on 9 and 10 do not allow ppoll() so don't auto-enable. + disable_capsicum=yes + esac + ;; +*-*-bsdi*) + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + ;; +*-next-*) + conf_lastlog_location="/usr/adm/lastlog" + conf_utmp_location=/etc/utmp + conf_wtmp_location=/usr/adm/wtmp + maildir=/usr/spool/mail + +printf "%s\n" "#define HAVE_NEXT 1" >>confdefs.h + + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_SAVED_UIDS 1" >>confdefs.h + + ;; +*-*-openbsd*) + use_pie=auto + +printf "%s\n" "#define HAVE_ATTRIBUTE__SENTINEL__ 1" >>confdefs.h + + +printf "%s\n" "#define HAVE_ATTRIBUTE__BOUNDED__ 1" >>confdefs.h + + +printf "%s\n" "#define SSH_TUN_OPENBSD 1" >>confdefs.h + + +printf "%s\n" "#define SYSLOG_R_SAFE_IN_SIGHAND 1" >>confdefs.h + + TEST_MALLOC_OPTIONS="SJRU" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether pledge(2) allows IP_TOS" >&5 +printf %s "checking whether pledge(2) allows IP_TOS... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: cannot test" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: cannot test" >&2;} +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include + +int +main (void) +{ + +int s, one = 1; +if ((s = socket(AF_INET, SOCK_STREAM, 0)) == -1) + err(1, "socket"); +if (pledge("stdio", NULL) == -1) + err(1, "pledge"); +if (setsockopt(s, IPPROTO_IP, IP_TOS, &one, sizeof(one)) == -1) + err(1, "setsockopt"); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + need_pledge_inet=1 + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + ;; +*-*-solaris*) + if test "x$withval" != "xno" ; then + rpath_opt="-R" + fi + printf "%s\n" "#define PAM_SUN_CODEBASE 1" >>confdefs.h + + printf "%s\n" "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h + + printf "%s\n" "#define PAM_TTY_KLUDGE 1" >>confdefs.h + + printf "%s\n" "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h + + # Pushing STREAMS modules will cause sshd to acquire a controlling tty. + +printf "%s\n" "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h + + +printf "%s\n" "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_TCGETATTR_ICANON 1" >>confdefs.h + + external_path_file=/etc/default/login + # hardwire lastlog location (can't detect it on some versions) + conf_lastlog_location="/var/adm/lastlog" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for obsolete utmp and wtmp in solaris2.x" >&5 +printf %s "checking for obsolete utmp and wtmp in solaris2.x... " >&6; } + sol2ver=`echo "$host"| sed -e 's/.*[0-9]\.//'` + if test "$sol2ver" -ge 8; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + printf "%s\n" "#define DISABLE_UTMP 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_WTMP 1" >>confdefs.h + + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + ac_fn_c_check_func "$LINENO" "setpflags" "ac_cv_func_setpflags" +if test "x$ac_cv_func_setpflags" = xyes +then : + printf "%s\n" "#define HAVE_SETPFLAGS 1" >>confdefs.h + +fi + + ac_fn_c_check_func "$LINENO" "setppriv" "ac_cv_func_setppriv" +if test "x$ac_cv_func_setppriv" = xyes +then : + printf "%s\n" "#define HAVE_SETPPRIV 1" >>confdefs.h + +fi + + ac_fn_c_check_func "$LINENO" "priv_basicset" "ac_cv_func_priv_basicset" +if test "x$ac_cv_func_priv_basicset" = xyes +then : + printf "%s\n" "#define HAVE_PRIV_BASICSET 1" >>confdefs.h + +fi + + ac_fn_c_check_header_compile "$LINENO" "priv.h" "ac_cv_header_priv_h" "$ac_includes_default" +if test "x$ac_cv_header_priv_h" = xyes +then : + printf "%s\n" "#define HAVE_PRIV_H 1" >>confdefs.h + +fi + + +# Check whether --with-solaris-contracts was given. +if test ${with_solaris_contracts+y} +then : + withval=$with_solaris_contracts; + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ct_tmpl_activate in -lcontract" >&5 +printf %s "checking for ct_tmpl_activate in -lcontract... " >&6; } +if test ${ac_cv_lib_contract_ct_tmpl_activate+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcontract $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char ct_tmpl_activate (); +int +main (void) +{ +return ct_tmpl_activate (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_contract_ct_tmpl_activate=yes +else $as_nop + ac_cv_lib_contract_ct_tmpl_activate=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_contract_ct_tmpl_activate" >&5 +printf "%s\n" "$ac_cv_lib_contract_ct_tmpl_activate" >&6; } +if test "x$ac_cv_lib_contract_ct_tmpl_activate" = xyes +then : + +printf "%s\n" "#define USE_SOLARIS_PROCESS_CONTRACTS 1" >>confdefs.h + + LIBS="$LIBS -lcontract" + SPC_MSG="yes" +fi + + +fi + + +# Check whether --with-solaris-projects was given. +if test ${with_solaris_projects+y} +then : + withval=$with_solaris_projects; + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for setproject in -lproject" >&5 +printf %s "checking for setproject in -lproject... " >&6; } +if test ${ac_cv_lib_project_setproject+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lproject $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char setproject (); +int +main (void) +{ +return setproject (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_project_setproject=yes +else $as_nop + ac_cv_lib_project_setproject=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_project_setproject" >&5 +printf "%s\n" "$ac_cv_lib_project_setproject" >&6; } +if test "x$ac_cv_lib_project_setproject" = xyes +then : + +printf "%s\n" "#define USE_SOLARIS_PROJECTS 1" >>confdefs.h + + LIBS="$LIBS -lproject" + SP_MSG="yes" +fi + + +fi + + +# Check whether --with-solaris-privs was given. +if test ${with_solaris_privs+y} +then : + withval=$with_solaris_privs; + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for Solaris/Illumos privilege support" >&5 +printf %s "checking for Solaris/Illumos privilege support... " >&6; } + if test "x$ac_cv_func_setppriv" = "xyes" -a \ + "x$ac_cv_header_priv_h" = "xyes" ; then + SOLARIS_PRIVS=yes + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: found" >&5 +printf "%s\n" "found" >&6; } + +printf "%s\n" "#define NO_UID_RESTORATION_TEST 1" >>confdefs.h + + +printf "%s\n" "#define USE_SOLARIS_PRIVS 1" >>confdefs.h + + SPP_MSG="yes" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5 +printf "%s\n" "not found" >&6; } + as_fn_error $? "*** must have support for Solaris privileges to use --with-solaris-privs" "$LINENO" 5 + fi + +fi + + TEST_SHELL=$SHELL # let configure find us a capable shell + ;; +*-*-sunos4*) + CPPFLAGS="$CPPFLAGS -DSUNOS4" + ac_fn_c_check_func "$LINENO" "getpwanam" "ac_cv_func_getpwanam" +if test "x$ac_cv_func_getpwanam" = xyes +then : + printf "%s\n" "#define HAVE_GETPWANAM 1" >>confdefs.h + +fi + + printf "%s\n" "#define PAM_SUN_CODEBASE 1" >>confdefs.h + + conf_utmp_location=/etc/utmp + conf_wtmp_location=/var/adm/wtmp + conf_lastlog_location=/var/adm/lastlog + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_UTMPX 1" >>confdefs.h + + ;; +*-ncr-sysv*) + LIBS="$LIBS -lc89" + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + ;; +*-sni-sysv*) + # /usr/ucblib MUST NOT be searched on ReliantUNIX + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlsym in -ldl" >&5 +printf %s "checking for dlsym in -ldl... " >&6; } +if test ${ac_cv_lib_dl_dlsym+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char dlsym (); +int +main (void) +{ +return dlsym (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_dl_dlsym=yes +else $as_nop + ac_cv_lib_dl_dlsym=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlsym" >&5 +printf "%s\n" "$ac_cv_lib_dl_dlsym" >&6; } +if test "x$ac_cv_lib_dl_dlsym" = xyes +then : + printf "%s\n" "#define HAVE_LIBDL 1" >>confdefs.h + + LIBS="-ldl $LIBS" + +fi + + # -lresolv needs to be at the end of LIBS or DNS lookups break + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5 +printf %s "checking for res_query in -lresolv... " >&6; } +if test ${ac_cv_lib_resolv_res_query+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lresolv $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char res_query (); +int +main (void) +{ +return res_query (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_resolv_res_query=yes +else $as_nop + ac_cv_lib_resolv_res_query=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_res_query" >&5 +printf "%s\n" "$ac_cv_lib_resolv_res_query" >&6; } +if test "x$ac_cv_lib_resolv_res_query" = xyes +then : + LIBS="$LIBS -lresolv" +fi + + IPADDR_IN_DISPLAY=yes + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define IP_TOS_IS_BROKEN 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + printf "%s\n" "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h + + external_path_file=/etc/default/login + # /usr/ucblib/libucb.a no longer needed on ReliantUNIX + # Attention: always take care to bind libsocket and libnsl before libc, + # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog + ;; +# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. +*-*-sysv4.2*) + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + +printf "%s\n" "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h + + printf "%s\n" "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h + + TEST_SHELL=$SHELL # let configure find us a capable shell + ;; +# UnixWare 7.x, OpenUNIX 8 +*-*-sysv5*) + CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf" + +printf "%s\n" "#define UNIXWARE_LONG_PASSWORDS 1" >>confdefs.h + + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_GETADDRINFO 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + printf "%s\n" "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_TCGETATTR_ICANON 1" >>confdefs.h + + TEST_SHELL=$SHELL # let configure find us a capable shell + case "$host" in + *-*-sysv5SCO_SV*) # SCO OpenServer 6.x + maildir=/var/spool/mail + printf "%s\n" "#define BROKEN_UPDWTMPX 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for getluid in -lprot" >&5 +printf %s "checking for getluid in -lprot... " >&6; } +if test ${ac_cv_lib_prot_getluid+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lprot $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char getluid (); +int +main (void) +{ +return getluid (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_prot_getluid=yes +else $as_nop + ac_cv_lib_prot_getluid=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_prot_getluid" >&5 +printf "%s\n" "$ac_cv_lib_prot_getluid" >&6; } +if test "x$ac_cv_lib_prot_getluid" = xyes +then : + LIBS="$LIBS -lprot" + ac_fn_c_check_func "$LINENO" "getluid" "ac_cv_func_getluid" +if test "x$ac_cv_func_getluid" = xyes +then : + printf "%s\n" "#define HAVE_GETLUID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setluid" "ac_cv_func_setluid" +if test "x$ac_cv_func_setluid" = xyes +then : + printf "%s\n" "#define HAVE_SETLUID 1" >>confdefs.h + +fi + + +fi + + ;; + *) printf "%s\n" "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h + + ;; + esac + ;; +*-*-sysv*) + ;; +# SCO UNIX and OEM versions of SCO UNIX +*-*-sco3.2v4*) + as_fn_error $? "\"This Platform is no longer supported.\"" "$LINENO" 5 + ;; +# SCO OpenServer 5.x +*-*-sco3.2v5*) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -belf" + fi + LIBS="$LIBS -lprot -lx -ltinfo -lm" + no_dev_ptmx=1 + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define HAVE_SECUREWARE 1" >>confdefs.h + + printf "%s\n" "#define DISABLE_SHADOW 1" >>confdefs.h + + printf "%s\n" "#define DISABLE_FD_PASSING 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_GETADDRINFO 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + printf "%s\n" "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_UPDWTMPX 1" >>confdefs.h + + printf "%s\n" "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h + + ac_fn_c_check_func "$LINENO" "getluid" "ac_cv_func_getluid" +if test "x$ac_cv_func_getluid" = xyes +then : + printf "%s\n" "#define HAVE_GETLUID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setluid" "ac_cv_func_setluid" +if test "x$ac_cv_func_setluid" = xyes +then : + printf "%s\n" "#define HAVE_SETLUID 1" >>confdefs.h + +fi + + MANTYPE=man + TEST_SHELL=$SHELL # let configure find us a capable shell + SKIP_DISABLE_LASTLOG_DEFINE=yes + ;; +*-dec-osf*) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for Digital Unix SIA" >&5 +printf %s "checking for Digital Unix SIA... " >&6; } + no_osfsia="" + +# Check whether --with-osfsia was given. +if test ${with_osfsia+y} +then : + withval=$with_osfsia; + if test "x$withval" = "xno" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: disabled" >&5 +printf "%s\n" "disabled" >&6; } + no_osfsia=1 + fi + +fi + + if test -z "$no_osfsia" ; then + if test -f /etc/sia/matrix.conf; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HAVE_OSF_SIA 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_LOGIN 1" >>confdefs.h + + printf "%s\n" "#define DISABLE_FD_PASSING 1" >>confdefs.h + + LIBS="$LIBS -lsecurity -ldb -lm -laud" + SIA_MSG="yes" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define LOCKED_PASSWD_SUBSTR \"Nologin\"" >>confdefs.h + + fi + fi + printf "%s\n" "#define BROKEN_GETADDRINFO 1" >>confdefs.h + + printf "%s\n" "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREUID 1" >>confdefs.h + + printf "%s\n" "#define BROKEN_SETREGID 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_READV_COMPARISON 1" >>confdefs.h + + ;; + +*-*-nto-qnx*) + printf "%s\n" "#define USE_PIPES 1" >>confdefs.h + + printf "%s\n" "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h + + printf "%s\n" "#define DISABLE_LASTLOG 1" >>confdefs.h + + printf "%s\n" "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h + + +printf "%s\n" "#define BROKEN_SHADOW_EXPIRE 1" >>confdefs.h + + enable_etc_default_login=no # has incompatible /etc/default/login + case "$host" in + *-*-nto-qnx6*) + printf "%s\n" "#define DISABLE_FD_PASSING 1" >>confdefs.h + + ;; + esac + ;; + +*-*-ultrix*) + +printf "%s\n" "#define BROKEN_GETGROUPS 1" >>confdefs.h + + +printf "%s\n" "#define NEED_SETPGRP 1" >>confdefs.h + + +printf "%s\n" "#define HAVE_SYS_SYSLOG_H 1" >>confdefs.h + + +printf "%s\n" "#define DISABLE_UTMPX 1" >>confdefs.h + + # DISABLE_FD_PASSING so that we call setpgrp as root, otherwise we + # don't get a controlling tty. + +printf "%s\n" "#define DISABLE_FD_PASSING 1" >>confdefs.h + + # On Ultrix some headers are not protected against multiple includes, + # so we create wrappers and put it where the compiler will find it. + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: creating compat wrappers for headers" >&5 +printf "%s\n" "$as_me: WARNING: creating compat wrappers for headers" >&2;} + mkdir -p netinet + for header in netinet/ip.h netdb.h resolv.h; do + name=`echo $header | tr 'a-z/.' 'A-Z__'` + cat >$header <>confdefs.h + + ;; +*-*-gnu*) + CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE" + ;; +esac + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking compiler and flags for sanity" >&5 +printf %s "checking compiler and flags for sanity... " >&6; } +if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking compiler sanity" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking compiler sanity" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + as_fn_error $? "*** compiler cannot create working executables, check config.log ***" "$LINENO" 5 + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +if test -z "$need_pledge_inet" ; then + printf "%s\n" "#define PLEDGE_EXTRA_INET /**/" >>confdefs.h + +else + +printf "%s\n" "#define PLEDGE_EXTRA_INET \"inet \"" >>confdefs.h + +fi + +# Checks for libraries. +ac_fn_c_check_func "$LINENO" "setsockopt" "ac_cv_func_setsockopt" +if test "x$ac_cv_func_setsockopt" = xyes +then : + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for setsockopt in -lsocket" >&5 +printf %s "checking for setsockopt in -lsocket... " >&6; } +if test ${ac_cv_lib_socket_setsockopt+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lsocket $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char setsockopt (); +int +main (void) +{ +return setsockopt (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_socket_setsockopt=yes +else $as_nop + ac_cv_lib_socket_setsockopt=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_setsockopt" >&5 +printf "%s\n" "$ac_cv_lib_socket_setsockopt" >&6; } +if test "x$ac_cv_lib_socket_setsockopt" = xyes +then : + printf "%s\n" "#define HAVE_LIBSOCKET 1" >>confdefs.h + + LIBS="-lsocket $LIBS" + +fi + +fi + + + + for ac_func in dirname +do : + ac_fn_c_check_func "$LINENO" "dirname" "ac_cv_func_dirname" +if test "x$ac_cv_func_dirname" = xyes +then : + printf "%s\n" "#define HAVE_DIRNAME 1" >>confdefs.h + ac_fn_c_check_header_compile "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default" +if test "x$ac_cv_header_libgen_h" = xyes +then : + printf "%s\n" "#define HAVE_LIBGEN_H 1" >>confdefs.h + +fi + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dirname in -lgen" >&5 +printf %s "checking for dirname in -lgen... " >&6; } +if test ${ac_cv_lib_gen_dirname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lgen $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char dirname (); +int +main (void) +{ +return dirname (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_gen_dirname=yes +else $as_nop + ac_cv_lib_gen_dirname=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gen_dirname" >&5 +printf "%s\n" "$ac_cv_lib_gen_dirname" >&6; } +if test "x$ac_cv_lib_gen_dirname" = xyes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for broken dirname" >&5 +printf %s "checking for broken dirname... " >&6; } +if test ${ac_cv_have_broken_dirname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + save_LIBS="$LIBS" + LIBS="$LIBS -lgen" + if test "$cross_compiling" = yes +then : + ac_cv_have_broken_dirname="no" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int main(int argc, char **argv) { + char *s, buf[32]; + + strncpy(buf,"/etc", 32); + s = dirname(buf); + if (!s || strncmp(s, "/", 32) != 0) { + exit(1); + } else { + exit(0); + } +} + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + ac_cv_have_broken_dirname="no" +else $as_nop + ac_cv_have_broken_dirname="yes" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + LIBS="$save_LIBS" + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_broken_dirname" >&5 +printf "%s\n" "$ac_cv_have_broken_dirname" >&6; } + if test "x$ac_cv_have_broken_dirname" = "xno" ; then + LIBS="$LIBS -lgen" + printf "%s\n" "#define HAVE_DIRNAME 1" >>confdefs.h + + ac_fn_c_check_header_compile "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default" +if test "x$ac_cv_header_libgen_h" = xyes +then : + printf "%s\n" "#define HAVE_LIBGEN_H 1" >>confdefs.h + +fi + + fi + +fi + + +fi + +done + +ac_fn_c_check_func "$LINENO" "getspnam" "ac_cv_func_getspnam" +if test "x$ac_cv_func_getspnam" = xyes +then : + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for getspnam in -lgen" >&5 +printf %s "checking for getspnam in -lgen... " >&6; } +if test ${ac_cv_lib_gen_getspnam+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lgen $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char getspnam (); +int +main (void) +{ +return getspnam (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_gen_getspnam=yes +else $as_nop + ac_cv_lib_gen_getspnam=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gen_getspnam" >&5 +printf "%s\n" "$ac_cv_lib_gen_getspnam" >&6; } +if test "x$ac_cv_lib_gen_getspnam" = xyes +then : + LIBS="$LIBS -lgen" +fi + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing basename" >&5 +printf %s "checking for library containing basename... " >&6; } +if test ${ac_cv_search_basename+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char basename (); +int +main (void) +{ +return basename (); + ; + return 0; +} +_ACEOF +for ac_lib in '' gen +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_basename=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_basename+y} +then : + break +fi +done +if test ${ac_cv_search_basename+y} +then : + +else $as_nop + ac_cv_search_basename=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_basename" >&5 +printf "%s\n" "$ac_cv_search_basename" >&6; } +ac_res=$ac_cv_search_basename +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +printf "%s\n" "#define HAVE_BASENAME 1" >>confdefs.h + +fi + + +ac_fn_c_check_func "$LINENO" "sqrt" "ac_cv_func_sqrt" +if test "x$ac_cv_func_sqrt" = xyes +then : + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for sqrt in -lm" >&5 +printf %s "checking for sqrt in -lm... " >&6; } +if test ${ac_cv_lib_m_sqrt+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lm $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char sqrt (); +int +main (void) +{ +return sqrt (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_m_sqrt=yes +else $as_nop + ac_cv_lib_m_sqrt=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_m_sqrt" >&5 +printf "%s\n" "$ac_cv_lib_m_sqrt" >&6; } +if test "x$ac_cv_lib_m_sqrt" = xyes +then : + TESTLIBS="$TESTLIBS -lm" +fi + +fi + + + +zlib=yes + +# Check whether --with-zlib was given. +if test ${with_zlib+y} +then : + withval=$with_zlib; if test "x$withval" = "xno" ; then + zlib=no + elif test "x$withval" != "xyes"; then + if test -d "$withval/lib"; then + if test -n "${rpath_opt}"; then + LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" + else + LDFLAGS="-L${withval}/lib ${LDFLAGS}" + fi + else + if test -n "${rpath_opt}"; then + LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}" + else + LDFLAGS="-L${withval} ${LDFLAGS}" + fi + fi + if test -d "$withval/include"; then + CPPFLAGS="-I${withval}/include ${CPPFLAGS}" + else + CPPFLAGS="-I${withval} ${CPPFLAGS}" + fi + fi + +fi + + +# These libraries are needed for anything that links in the channel code. +CHANNELLIBS="" +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for zlib" >&5 +printf %s "checking for zlib... " >&6; } +if test "x${zlib}" = "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +else + saved_LIBS="$LIBS" + CHANNELLIBS="$CHANNELLIBS -lz" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define WITH_ZLIB 1" >>confdefs.h + + ac_fn_c_check_header_compile "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default" +if test "x$ac_cv_header_zlib_h" = xyes +then : + +else $as_nop + as_fn_error $? "*** zlib.h missing - please install first or check config.log ***" "$LINENO" 5 +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for deflate in -lz" >&5 +printf %s "checking for deflate in -lz... " >&6; } +if test ${ac_cv_lib_z_deflate+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lz $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char deflate (); +int +main (void) +{ +return deflate (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_z_deflate=yes +else $as_nop + ac_cv_lib_z_deflate=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_deflate" >&5 +printf "%s\n" "$ac_cv_lib_z_deflate" >&6; } +if test "x$ac_cv_lib_z_deflate" = xyes +then : + printf "%s\n" "#define HAVE_LIBZ 1" >>confdefs.h + + LIBS="-lz $LIBS" + +else $as_nop + + saved_CPPFLAGS="$CPPFLAGS" + saved_LDFLAGS="$LDFLAGS" + if test -n "${rpath_opt}"; then + LDFLAGS="-L/usr/local/lib ${rpath_opt}/usr/local/lib ${saved_LDFLAGS}" + else + LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" + fi + CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char deflate (); +int +main (void) +{ +return deflate (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + printf "%s\n" "#define HAVE_LIBZ 1" >>confdefs.h + +else $as_nop + + as_fn_error $? "*** zlib missing - please install first or check config.log ***" "$LINENO" 5 + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + +fi + + + +# Check whether --with-zlib-version-check was given. +if test ${with_zlib_version_check+y} +then : + withval=$with_zlib_version_check; if test "x$withval" = "xno" ; then + zlib_check_nonfatal=1 + fi + + +fi + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for possibly buggy zlib" >&5 +printf %s "checking for possibly buggy zlib... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking zlib version" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking zlib version" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + + int a=0, b=0, c=0, d=0, n, v; + n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); + if (n < 1) + exit(1); + v = a*1000000 + b*10000 + c*100 + d; + fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); + + /* 1.1.4 is OK */ + if (a == 1 && b == 1 && c >= 4) + exit(0); + + /* 1.2.3 and up are OK */ + if (v >= 1020300) + exit(0); + + exit(2); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + if test -z "$zlib_check_nonfatal" ; then + as_fn_error $? "*** zlib too old - check config.log *** +Your reported zlib version has known security problems. It's possible your +vendor has fixed these problems without changing the version number. If you +are sure this is the case, you can disable the check by running +\"./configure --without-zlib-version-check\". +If you are in doubt, upgrade zlib to version 1.2.3 or greater. +See http://www.gzip.org/zlib/ for details." "$LINENO" 5 + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib version may have security problems" >&5 +printf "%s\n" "$as_me: WARNING: zlib version may have security problems" >&2;} + fi + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + LIBS="$saved_LIBS" +fi + +ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" +if test "x$ac_cv_func_strcasecmp" = xyes +then : + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for strcasecmp in -lresolv" >&5 +printf %s "checking for strcasecmp in -lresolv... " >&6; } +if test ${ac_cv_lib_resolv_strcasecmp+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lresolv $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char strcasecmp (); +int +main (void) +{ +return strcasecmp (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_resolv_strcasecmp=yes +else $as_nop + ac_cv_lib_resolv_strcasecmp=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_strcasecmp" >&5 +printf "%s\n" "$ac_cv_lib_resolv_strcasecmp" >&6; } +if test "x$ac_cv_lib_resolv_strcasecmp" = xyes +then : + LIBS="$LIBS -lresolv" +fi + + +fi + + + for ac_func in utimes +do : + ac_fn_c_check_func "$LINENO" "utimes" "ac_cv_func_utimes" +if test "x$ac_cv_func_utimes" = xyes +then : + printf "%s\n" "#define HAVE_UTIMES 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for utimes in -lc89" >&5 +printf %s "checking for utimes in -lc89... " >&6; } +if test ${ac_cv_lib_c89_utimes+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lc89 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char utimes (); +int +main (void) +{ +return utimes (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_c89_utimes=yes +else $as_nop + ac_cv_lib_c89_utimes=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c89_utimes" >&5 +printf "%s\n" "$ac_cv_lib_c89_utimes" >&6; } +if test "x$ac_cv_lib_c89_utimes" = xyes +then : + printf "%s\n" "#define HAVE_UTIMES 1" >>confdefs.h + + LIBS="$LIBS -lc89" +fi + + +fi + +done + +ac_fn_c_check_header_compile "$LINENO" "bsd/libutil.h" "ac_cv_header_bsd_libutil_h" "$ac_includes_default" +if test "x$ac_cv_header_bsd_libutil_h" = xyes +then : + printf "%s\n" "#define HAVE_BSD_LIBUTIL_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "libutil.h" "ac_cv_header_libutil_h" "$ac_includes_default" +if test "x$ac_cv_header_libutil_h" = xyes +then : + printf "%s\n" "#define HAVE_LIBUTIL_H 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing fmt_scaled" >&5 +printf %s "checking for library containing fmt_scaled... " >&6; } +if test ${ac_cv_search_fmt_scaled+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char fmt_scaled (); +int +main (void) +{ +return fmt_scaled (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_fmt_scaled=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_fmt_scaled+y} +then : + break +fi +done +if test ${ac_cv_search_fmt_scaled+y} +then : + +else $as_nop + ac_cv_search_fmt_scaled=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fmt_scaled" >&5 +printf "%s\n" "$ac_cv_search_fmt_scaled" >&6; } +ac_res=$ac_cv_search_fmt_scaled +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing scan_scaled" >&5 +printf %s "checking for library containing scan_scaled... " >&6; } +if test ${ac_cv_search_scan_scaled+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char scan_scaled (); +int +main (void) +{ +return scan_scaled (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_scan_scaled=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_scan_scaled+y} +then : + break +fi +done +if test ${ac_cv_search_scan_scaled+y} +then : + +else $as_nop + ac_cv_search_scan_scaled=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_scan_scaled" >&5 +printf "%s\n" "$ac_cv_search_scan_scaled" >&6; } +ac_res=$ac_cv_search_scan_scaled +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing login" >&5 +printf %s "checking for library containing login... " >&6; } +if test ${ac_cv_search_login+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char login (); +int +main (void) +{ +return login (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_login=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_login+y} +then : + break +fi +done +if test ${ac_cv_search_login+y} +then : + +else $as_nop + ac_cv_search_login=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_login" >&5 +printf "%s\n" "$ac_cv_search_login" >&6; } +ac_res=$ac_cv_search_login +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing logout" >&5 +printf %s "checking for library containing logout... " >&6; } +if test ${ac_cv_search_logout+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char logout (); +int +main (void) +{ +return logout (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_logout=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_logout+y} +then : + break +fi +done +if test ${ac_cv_search_logout+y} +then : + +else $as_nop + ac_cv_search_logout=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_logout" >&5 +printf "%s\n" "$ac_cv_search_logout" >&6; } +ac_res=$ac_cv_search_logout +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing logwtmp" >&5 +printf %s "checking for library containing logwtmp... " >&6; } +if test ${ac_cv_search_logwtmp+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char logwtmp (); +int +main (void) +{ +return logwtmp (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_logwtmp=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_logwtmp+y} +then : + break +fi +done +if test ${ac_cv_search_logwtmp+y} +then : + +else $as_nop + ac_cv_search_logwtmp=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_logwtmp" >&5 +printf "%s\n" "$ac_cv_search_logwtmp" >&6; } +ac_res=$ac_cv_search_logwtmp +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing openpty" >&5 +printf %s "checking for library containing openpty... " >&6; } +if test ${ac_cv_search_openpty+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char openpty (); +int +main (void) +{ +return openpty (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_openpty=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_openpty+y} +then : + break +fi +done +if test ${ac_cv_search_openpty+y} +then : + +else $as_nop + ac_cv_search_openpty=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_openpty" >&5 +printf "%s\n" "$ac_cv_search_openpty" >&6; } +ac_res=$ac_cv_search_openpty +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing updwtmp" >&5 +printf %s "checking for library containing updwtmp... " >&6; } +if test ${ac_cv_search_updwtmp+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char updwtmp (); +int +main (void) +{ +return updwtmp (); + ; + return 0; +} +_ACEOF +for ac_lib in '' util bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_updwtmp=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_updwtmp+y} +then : + break +fi +done +if test ${ac_cv_search_updwtmp+y} +then : + +else $as_nop + ac_cv_search_updwtmp=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_updwtmp" >&5 +printf "%s\n" "$ac_cv_search_updwtmp" >&6; } +ac_res=$ac_cv_search_updwtmp +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +ac_fn_c_check_func "$LINENO" "fmt_scaled" "ac_cv_func_fmt_scaled" +if test "x$ac_cv_func_fmt_scaled" = xyes +then : + printf "%s\n" "#define HAVE_FMT_SCALED 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "scan_scaled" "ac_cv_func_scan_scaled" +if test "x$ac_cv_func_scan_scaled" = xyes +then : + printf "%s\n" "#define HAVE_SCAN_SCALED 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "login" "ac_cv_func_login" +if test "x$ac_cv_func_login" = xyes +then : + printf "%s\n" "#define HAVE_LOGIN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "logout" "ac_cv_func_logout" +if test "x$ac_cv_func_logout" = xyes +then : + printf "%s\n" "#define HAVE_LOGOUT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "openpty" "ac_cv_func_openpty" +if test "x$ac_cv_func_openpty" = xyes +then : + printf "%s\n" "#define HAVE_OPENPTY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "updwtmp" "ac_cv_func_updwtmp" +if test "x$ac_cv_func_updwtmp" = xyes +then : + printf "%s\n" "#define HAVE_UPDWTMP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "logwtmp" "ac_cv_func_logwtmp" +if test "x$ac_cv_func_logwtmp" = xyes +then : + printf "%s\n" "#define HAVE_LOGWTMP 1" >>confdefs.h + +fi + + +# On some platforms, inet_ntop and gethostbyname may be found in libresolv +# or libnsl. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing inet_ntop" >&5 +printf %s "checking for library containing inet_ntop... " >&6; } +if test ${ac_cv_search_inet_ntop+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char inet_ntop (); +int +main (void) +{ +return inet_ntop (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv nsl +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_inet_ntop=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_inet_ntop+y} +then : + break +fi +done +if test ${ac_cv_search_inet_ntop+y} +then : + +else $as_nop + ac_cv_search_inet_ntop=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_ntop" >&5 +printf "%s\n" "$ac_cv_search_inet_ntop" >&6; } +ac_res=$ac_cv_search_inet_ntop +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing gethostbyname" >&5 +printf %s "checking for library containing gethostbyname... " >&6; } +if test ${ac_cv_search_gethostbyname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char gethostbyname (); +int +main (void) +{ +return gethostbyname (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv nsl +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_gethostbyname=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_gethostbyname+y} +then : + break +fi +done +if test ${ac_cv_search_gethostbyname+y} +then : + +else $as_nop + ac_cv_search_gethostbyname=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gethostbyname" >&5 +printf "%s\n" "$ac_cv_search_gethostbyname" >&6; } +ac_res=$ac_cv_search_gethostbyname +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + +# Some Linux distribtions ship the BSD libc hashing functions in +# separate libraries. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing SHA256Update" >&5 +printf %s "checking for library containing SHA256Update... " >&6; } +if test ${ac_cv_search_SHA256Update+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char SHA256Update (); +int +main (void) +{ +return SHA256Update (); + ; + return 0; +} +_ACEOF +for ac_lib in '' md bsd +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_SHA256Update=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_SHA256Update+y} +then : + break +fi +done +if test ${ac_cv_search_SHA256Update+y} +then : + +else $as_nop + ac_cv_search_SHA256Update=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_SHA256Update" >&5 +printf "%s\n" "$ac_cv_search_SHA256Update" >&6; } +ac_res=$ac_cv_search_SHA256Update +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + +# "Particular Function Checks" +# see https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Particular-Functions.html + + for ac_func in strftime +do : + ac_fn_c_check_func "$LINENO" "strftime" "ac_cv_func_strftime" +if test "x$ac_cv_func_strftime" = xyes +then : + printf "%s\n" "#define HAVE_STRFTIME 1" >>confdefs.h + +else $as_nop + # strftime is in -lintl on SCO UNIX. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for strftime in -lintl" >&5 +printf %s "checking for strftime in -lintl... " >&6; } +if test ${ac_cv_lib_intl_strftime+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lintl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char strftime (); +int +main (void) +{ +return strftime (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_intl_strftime=yes +else $as_nop + ac_cv_lib_intl_strftime=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_strftime" >&5 +printf "%s\n" "$ac_cv_lib_intl_strftime" >&6; } +if test "x$ac_cv_lib_intl_strftime" = xyes +then : + printf "%s\n" "#define HAVE_STRFTIME 1" >>confdefs.h + +LIBS="-lintl $LIBS" +fi + +fi + +done +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU libc compatible malloc" >&5 +printf %s "checking for GNU libc compatible malloc... " >&6; } +if test ${ac_cv_func_malloc_0_nonnull+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test "$cross_compiling" = yes +then : + case "$host_os" in # (( + # Guess yes on platforms where we know the result. + *-gnu* | freebsd* | netbsd* | openbsd* | bitrig* \ + | hpux* | solaris* | cygwin* | mingw* | msys* ) + ac_cv_func_malloc_0_nonnull=yes ;; + # If we don't know, assume the worst. + *) ac_cv_func_malloc_0_nonnull=no ;; + esac +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main (void) +{ +void *p = malloc (0); + int result = !p; + free (p); + return result; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + ac_cv_func_malloc_0_nonnull=yes +else $as_nop + ac_cv_func_malloc_0_nonnull=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_malloc_0_nonnull" >&5 +printf "%s\n" "$ac_cv_func_malloc_0_nonnull" >&6; } +if test $ac_cv_func_malloc_0_nonnull = yes +then : + +printf "%s\n" "#define HAVE_MALLOC 1" >>confdefs.h + +else $as_nop + printf "%s\n" "#define HAVE_MALLOC 0" >>confdefs.h + + case " $LIBOBJS " in + *" malloc.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS malloc.$ac_objext" + ;; +esac + + +printf "%s\n" "#define malloc rpl_malloc" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU libc compatible realloc" >&5 +printf %s "checking for GNU libc compatible realloc... " >&6; } +if test ${ac_cv_func_realloc_0_nonnull+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if test "$cross_compiling" = yes +then : + case "$host_os" in # (( + # Guess yes on platforms where we know the result. + *-gnu* | freebsd* | netbsd* | openbsd* | bitrig* \ + | hpux* | solaris* | cygwin* | mingw* | msys* ) + ac_cv_func_realloc_0_nonnull=yes ;; + # If we don't know, assume the worst. + *) ac_cv_func_realloc_0_nonnull=no ;; + esac +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main (void) +{ +void *p = realloc (0, 0); + int result = !p; + free (p); + return result; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + ac_cv_func_realloc_0_nonnull=yes +else $as_nop + ac_cv_func_realloc_0_nonnull=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_realloc_0_nonnull" >&5 +printf "%s\n" "$ac_cv_func_realloc_0_nonnull" >&6; } +if test $ac_cv_func_realloc_0_nonnull = yes +then : + +printf "%s\n" "#define HAVE_REALLOC 1" >>confdefs.h + +else $as_nop + printf "%s\n" "#define HAVE_REALLOC 0" >>confdefs.h + + case " $LIBOBJS " in + *" realloc.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS realloc.$ac_objext" + ;; +esac + + +printf "%s\n" "#define realloc rpl_realloc" >>confdefs.h + +fi + + +# autoconf doesn't have AC_FUNC_CALLOC so fake it if malloc returns NULL; +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if calloc(0, N) returns non-null" >&5 +printf %s "checking if calloc(0, N) returns non-null... " >&6; } +if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming same as malloc" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming same as malloc" >&2;} + func_calloc_0_nonnull="$ac_cv_func_malloc_0_nonnull" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + void *p = calloc(0, 1); exit(p == NULL); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + func_calloc_0_nonnull=yes +else $as_nop + func_calloc_0_nonnull=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $func_calloc_0_nonnull" >&5 +printf "%s\n" "$func_calloc_0_nonnull" >&6; } + +if test "x$func_calloc_0_nonnull" = "xyes"; then + +printf "%s\n" "#define HAVE_CALLOC 1" >>confdefs.h + +else + +printf "%s\n" "#define HAVE_CALLOC 0" >>confdefs.h + + +printf "%s\n" "#define calloc rpl_calloc" >>confdefs.h + +fi + + + for ac_func in glob +do : + ac_fn_c_check_func "$LINENO" "glob" "ac_cv_func_glob" +if test "x$ac_cv_func_glob" = xyes +then : + printf "%s\n" "#define HAVE_GLOB 1" >>confdefs.h + for ac_header in glob.h +do : + ac_fn_c_check_header_compile "$LINENO" "glob.h" "ac_cv_header_glob_h" "$ac_includes_default" +if test "x$ac_cv_header_glob_h" = xyes +then : + printf "%s\n" "#define HAVE_GLOB_H 1" >>confdefs.h + use_system_glob=yes +else $as_nop + use_system_glob=no +fi + +done + +else $as_nop + use_system_glob=no + +fi + +done + +# Check for ALTDIRFUNC glob() extension +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GLOB_ALTDIRFUNC support" >&5 +printf %s "checking for GLOB_ALTDIRFUNC support... " >&6; } + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #ifdef GLOB_ALTDIRFUNC + FOUNDIT + #endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "FOUNDIT" >/dev/null 2>&1 +then : + + +printf "%s\n" "#define GLOB_HAS_ALTDIRFUNC 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + use_system_glob=no + + +fi +rm -rf conftest* + + +# Check for g.gl_matchc glob() extension +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gl_matchc field in glob_t" >&5 +printf %s "checking for gl_matchc field in glob_t... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + glob_t g; g.gl_matchc = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + +printf "%s\n" "#define GLOB_HAS_GL_MATCHC 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + use_system_glob=no + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +# Check for g.gl_statv glob() extension +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gl_statv and GLOB_KEEPSTAT extensions for glob" >&5 +printf %s "checking for gl_statv and GLOB_KEEPSTAT extensions for glob... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + +#ifndef GLOB_KEEPSTAT +#error "glob does not support GLOB_KEEPSTAT extension" +#endif +glob_t g; +g.gl_statv = NULL; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + +printf "%s\n" "#define GLOB_HAS_GL_STATV 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + use_system_glob=no + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +ac_fn_check_decl "$LINENO" "GLOB_NOMATCH" "ac_cv_have_decl_GLOB_NOMATCH" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_GLOB_NOMATCH" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_GLOB_NOMATCH $ac_have_decl" >>confdefs.h +if test $ac_have_decl = 1 +then : + +else $as_nop + use_system_glob=no +fi + + +if test "x$broken_glob" = "xyes"; then + +printf "%s\n" "#define BROKEN_GLOB 1" >>confdefs.h + + use_system_glob=no +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we can use the system glob" >&5 +printf %s "checking if we can use the system glob... " >&6; } +if test "x$use_system_glob" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + # Remove any old shims. + rm -f "$COMPATINCLUDESDIR/glob.h" +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + COMPATINCLUDES="$COMPATINCLUDESDIR" + mkdir -p "$COMPATINCLUDES" + echo '#include "openbsd-compat/glob.h"' >$COMPATINCLUDES/glob.h +fi + +ac_fn_check_decl "$LINENO" "VIS_ALL" "ac_cv_have_decl_VIS_ALL" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_VIS_ALL" = xyes +then : + +else $as_nop + +printf "%s\n" "#define BROKEN_STRNVIS 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether struct dirent allocates space for d_name" >&5 +printf %s "checking whether struct dirent allocates space for d_name... " >&6; } +if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&2;} + printf "%s\n" "#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1" >>confdefs.h + + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + + struct dirent d; + exit(sizeof(d.d_name)<=sizeof(char)); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1" >>confdefs.h + + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +ac_fn_c_check_member "$LINENO" "struct dirent" "d_type" "ac_cv_member_struct_dirent_d_type" " +#ifdef HAVE_DIRENT_H +#include +#endif + +" +if test "x$ac_cv_member_struct_dirent_d_type" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_DIRENT_D_TYPE 1" >>confdefs.h + + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for /proc/pid/fd directory" >&5 +printf %s "checking for /proc/pid/fd directory... " >&6; } +if test -d "/proc/$$/fd" ; then + +printf "%s\n" "#define HAVE_PROC_PID 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + +# Check whether user wants to use ldns +LDNS_MSG="no" + +# Check whether --with-ldns was given. +if test ${with_ldns+y} +then : + withval=$with_ldns; + ldns="" + if test "x$withval" = "xyes" ; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ldns-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}ldns-config; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_LDNSCONFIG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $LDNSCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_LDNSCONFIG="$LDNSCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_LDNSCONFIG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +LDNSCONFIG=$ac_cv_path_LDNSCONFIG +if test -n "$LDNSCONFIG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LDNSCONFIG" >&5 +printf "%s\n" "$LDNSCONFIG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_LDNSCONFIG"; then + ac_pt_LDNSCONFIG=$LDNSCONFIG + # Extract the first word of "ldns-config", so it can be a program name with args. +set dummy ldns-config; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_ac_pt_LDNSCONFIG+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $ac_pt_LDNSCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_LDNSCONFIG="$ac_pt_LDNSCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_ac_pt_LDNSCONFIG="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_LDNSCONFIG=$ac_cv_path_ac_pt_LDNSCONFIG +if test -n "$ac_pt_LDNSCONFIG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_pt_LDNSCONFIG" >&5 +printf "%s\n" "$ac_pt_LDNSCONFIG" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_pt_LDNSCONFIG" = x; then + LDNSCONFIG="no" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + LDNSCONFIG=$ac_pt_LDNSCONFIG + fi +else + LDNSCONFIG="$ac_cv_path_LDNSCONFIG" +fi + + if test "x$LDNSCONFIG" = "xno"; then + LIBS="-lldns $LIBS" + ldns=yes + else + LIBS="$LIBS `$LDNSCONFIG --libs`" + CPPFLAGS="$CPPFLAGS `$LDNSCONFIG --cflags`" + ldns=yes + fi + elif test "x$withval" != "xno" ; then + CPPFLAGS="$CPPFLAGS -I${withval}/include" + LDFLAGS="$LDFLAGS -L${withval}/lib" + LIBS="-lldns $LIBS" + ldns=yes + fi + + # Verify that it works. + if test "x$ldns" = "xyes" ; then + +printf "%s\n" "#define HAVE_LDNS 1" >>confdefs.h + + LDNS_MSG="yes" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ldns support" >&5 +printf %s "checking for ldns support... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_STDINT_H +# include +#endif +#include +int main(void) { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); status=LDNS_STATUS_OK; exit(0); } + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + as_fn_error $? "** Incomplete or missing ldns libraries." "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + fi + +fi + + +# Check whether user wants libedit support +LIBEDIT_MSG="no" + +# Check whether --with-libedit was given. +if test ${with_libedit+y} +then : + withval=$with_libedit; if test "x$withval" != "xno" ; then + if test "x$withval" = "xyes" ; then + if test "x$PKGCONFIG" != "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $PKGCONFIG knows about libedit" >&5 +printf %s "checking if $PKGCONFIG knows about libedit... " >&6; } + if "$PKGCONFIG" libedit; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + use_pkgconfig_for_libedit=yes + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + fi + else + CPPFLAGS="$CPPFLAGS -I${withval}/include" + if test -n "${rpath_opt}"; then + LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" + else + LDFLAGS="-L${withval}/lib ${LDFLAGS}" + fi + fi + if test "x$use_pkgconfig_for_libedit" = "xyes"; then + LIBEDIT=`$PKGCONFIG --libs libedit` + CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" + else + LIBEDIT="-ledit -lcurses" + fi + OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for el_init in -ledit" >&5 +printf %s "checking for el_init in -ledit... " >&6; } +if test ${ac_cv_lib_edit_el_init+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-ledit $OTHERLIBS + $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char el_init (); +int +main (void) +{ +return el_init (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_edit_el_init=yes +else $as_nop + ac_cv_lib_edit_el_init=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_edit_el_init" >&5 +printf "%s\n" "$ac_cv_lib_edit_el_init" >&6; } +if test "x$ac_cv_lib_edit_el_init" = xyes +then : + +printf "%s\n" "#define USE_LIBEDIT 1" >>confdefs.h + + LIBEDIT_MSG="yes" + + +else $as_nop + as_fn_error $? "libedit not found" "$LINENO" 5 +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if libedit version is compatible" >&5 +printf %s "checking if libedit version is compatible... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + + int i = H_SETSIZE; + el_init("", NULL, NULL, NULL); + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + as_fn_error $? "libedit version is not compatible" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + fi + +fi + + +# Check whether user wants wtmpdb support +WTMPDB_MSG="no" + +# Check whether --with-wtmpdb was given. +if test ${with_wtmpdb+y} +then : + withval=$with_wtmpdb; if test "x$withval" != "xno" ; then + if test "x$withval" = "xyes" ; then + if test "x$PKGCONFIG" != "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $PKGCONFIG knows about wtmpdb" >&5 +printf %s "checking if $PKGCONFIG knows about wtmpdb... " >&6; } + if "$PKGCONFIG" libwtmpdb; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + use_pkgconfig_for_libwtmpdb=yes + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + fi + else + CPPFLAGS="$CPPFLAGS -I${withval}/include" + if test -n "${rpath_opt}"; then + LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" + else + LDFLAGS="-L${withval}/lib ${LDFLAGS}" + fi + fi + if test "x$use_pkgconfig_for_libwtmpdb" = "xyes"; then + LIBWTMPDB=`$PKGCONFIG --libs libwtmpdb` + CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libwtmpdb`" + else + LIBWTMPDB="-lwtmpdb" + fi + OTHERLIBS=`echo $LIBWTMPDB | sed 's/-lwtmpdb//'` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for wtmpdb_login in -lwtmpdb" >&5 +printf %s "checking for wtmpdb_login in -lwtmpdb... " >&6; } +if test ${ac_cv_lib_wtmpdb_wtmpdb_login+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lwtmpdb $OTHERLIBS + $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char wtmpdb_login (); +int +main (void) +{ +return wtmpdb_login (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_wtmpdb_wtmpdb_login=yes +else $as_nop + ac_cv_lib_wtmpdb_wtmpdb_login=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_wtmpdb_wtmpdb_login" >&5 +printf "%s\n" "$ac_cv_lib_wtmpdb_wtmpdb_login" >&6; } +if test "x$ac_cv_lib_wtmpdb_wtmpdb_login" = xyes +then : + +printf "%s\n" "#define USE_WTMPDB 1" >>confdefs.h + + WTMPDB_MSG="yes" + + +else $as_nop + as_fn_error $? "libwtmpdb not found" "$LINENO" 5 +fi + + fi + +fi + + + +AUDIT_MODULE=none + +# Check whether --with-audit was given. +if test ${with_audit+y} +then : + withval=$with_audit; + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for supported audit module" >&5 +printf %s "checking for supported audit module... " >&6; } + case "$withval" in + bsm) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: bsm" >&5 +printf "%s\n" "bsm" >&6; } + AUDIT_MODULE=bsm + for ac_header in bsm/audit.h +do : + ac_fn_c_check_header_compile "$LINENO" "bsm/audit.h" "ac_cv_header_bsm_audit_h" " +#ifdef HAVE_TIME_H +# include +#endif + + +" +if test "x$ac_cv_header_bsm_audit_h" = xyes +then : + printf "%s\n" "#define HAVE_BSM_AUDIT_H 1" >>confdefs.h + +else $as_nop + as_fn_error $? "BSM enabled and bsm/audit.h not found" "$LINENO" 5 +fi + +done + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for getaudit in -lbsm" >&5 +printf %s "checking for getaudit in -lbsm... " >&6; } +if test ${ac_cv_lib_bsm_getaudit+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lbsm $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char getaudit (); +int +main (void) +{ +return getaudit (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_bsm_getaudit=yes +else $as_nop + ac_cv_lib_bsm_getaudit=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsm_getaudit" >&5 +printf "%s\n" "$ac_cv_lib_bsm_getaudit" >&6; } +if test "x$ac_cv_lib_bsm_getaudit" = xyes +then : + printf "%s\n" "#define HAVE_LIBBSM 1" >>confdefs.h + + LIBS="-lbsm $LIBS" + +else $as_nop + as_fn_error $? "BSM enabled and required library not found" "$LINENO" 5 +fi + + + for ac_func in getaudit +do : + ac_fn_c_check_func "$LINENO" "getaudit" "ac_cv_func_getaudit" +if test "x$ac_cv_func_getaudit" = xyes +then : + printf "%s\n" "#define HAVE_GETAUDIT 1" >>confdefs.h + +else $as_nop + as_fn_error $? "BSM enabled and required function not found" "$LINENO" 5 +fi + +done + # These are optional + ac_fn_c_check_func "$LINENO" "getaudit_addr" "ac_cv_func_getaudit_addr" +if test "x$ac_cv_func_getaudit_addr" = xyes +then : + printf "%s\n" "#define HAVE_GETAUDIT_ADDR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "aug_get_machine" "ac_cv_func_aug_get_machine" +if test "x$ac_cv_func_aug_get_machine" = xyes +then : + printf "%s\n" "#define HAVE_AUG_GET_MACHINE 1" >>confdefs.h + +fi + + +printf "%s\n" "#define USE_BSM_AUDIT 1" >>confdefs.h + + if test "$sol2ver" -ge 11; then + SSHDLIBS="$SSHDLIBS -lscf" + +printf "%s\n" "#define BROKEN_BSM_API 1" >>confdefs.h + + fi + ;; + linux) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: linux" >&5 +printf "%s\n" "linux" >&6; } + AUDIT_MODULE=linux + ac_fn_c_check_header_compile "$LINENO" "libaudit.h" "ac_cv_header_libaudit_h" "$ac_includes_default" +if test "x$ac_cv_header_libaudit_h" = xyes +then : + printf "%s\n" "#define HAVE_LIBAUDIT_H 1" >>confdefs.h + +fi + + SSHDLIBS="$SSHDLIBS -laudit" + +printf "%s\n" "#define USE_LINUX_AUDIT 1" >>confdefs.h + + ;; + debug) + AUDIT_MODULE=debug + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: debug" >&5 +printf "%s\n" "debug" >&6; } + +printf "%s\n" "#define SSH_AUDIT_EVENTS 1" >>confdefs.h + + ;; + no) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + ;; + *) + as_fn_error $? "Unknown audit module $withval" "$LINENO" 5 + ;; + esac + +fi + + + +# Check whether --with-pie was given. +if test ${with_pie+y} +then : + withval=$with_pie; + if test "x$withval" = "xno"; then + use_pie=no + fi + if test "x$withval" = "xyes"; then + use_pie=yes + fi + + +fi + +if test "x$use_pie" = "x"; then + use_pie=no +fi +if test "x$use_toolchain_hardening" != "x1" && test "x$use_pie" = "xauto"; then + # Turn off automatic PIE when toolchain hardening is off. + use_pie=no +fi +if test "x$use_pie" = "xauto"; then + # Automatic PIE requires gcc >= 4.x + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gcc >= 4.x" >&5 +printf %s "checking for gcc >= 4.x... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if !defined(__GNUC__) || __GNUC__ < 4 +#error gcc is too old +#endif + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + use_pie=no + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +if test "x$use_pie" != "xno"; then + SAVED_CFLAGS="$CFLAGS" + SAVED_LDFLAGS="$LDFLAGS" + { + ossh_cache_var=ossh_cv_cflag__fPIE + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fPIE" >&5 +printf %s "checking if $CC supports compile flag -fPIE... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -fPIE" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-fPIE" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + CFLAGS="$saved_CFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + CFLAGS="$saved_CFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + { + ossh_cache_var=ossh_cv_ldflag__pie + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -pie" >&5 +printf %s "checking if $LD supports link flag -pie... " >&6; } +if eval test \${$ossh_cache_var+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $WERROR -pie" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-pie" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null +then + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" +else + if test "$cross_compiling" = yes +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +/* Trivial function to help test for -fzero-call-used-regs */ +int f(int n) {return rand() % n;} +char *f2(char *s, ...) { + char ret[64]; + va_list args; + va_start(args, s); + vsnprintf(ret, sizeof(ret), s, args); + va_end(args); + return strdup(ret); +} +int i; +double d; +const char *f3(int s) { + i = (int)d; + return s ? "good" : "gooder"; +} +int main(int argc, char **argv) { + char b[256], *cp; + const char *s; + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + (void)argv; + f(1); + s = f3(f(2)); + snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, b, 0) == -1) exit(0); + cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s); + if (write(1, cp, 0) == -1) exit(0); + free(cp); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does + * not understand comments and we don't use the "fallthrough" attribute + * that it's looking for. + */ + switch(i){ + case 0: j += i; + /* FALLTHROUGH */ + default: j += k; + } + exit(0); +} + + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + eval "$ossh_cache_var=yes" + LDFLAGS="$saved_LDFLAGS $_define_flag" +else $as_nop + eval "$ossh_cache_var='no, fails at run time'" + LDFLAGS="$saved_LDFLAGS" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +else $as_nop + eval "$ossh_cache_var=no" + LDFLAGS="$saved_LDFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +eval ac_res=\$$ossh_cache_var + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +} + # We use both -fPIE and -pie or neither. + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether both -fPIE and -pie are supported" >&5 +printf %s "checking whether both -fPIE and -pie are supported... " >&6; } + if echo "x $CFLAGS" | grep ' -fPIE' >/dev/null 2>&1 && \ + echo "x $LDFLAGS" | grep ' -pie' >/dev/null 2>&1 ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + CFLAGS="$SAVED_CFLAGS" + LDFLAGS="$SAVED_LDFLAGS" + fi +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether -fPIC is accepted" >&5 +printf %s "checking whether -fPIC is accepted... " >&6; } +SAVED_CFLAGS="$CFLAGS" +CFLAGS="$CFLAGS -fPIC" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + PICFLAG="-fPIC"; +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + PICFLAG=""; +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +CFLAGS="$SAVED_CFLAGS" + + +ac_fn_c_check_func "$LINENO" "auth_hostok" "ac_cv_func_auth_hostok" +if test "x$ac_cv_func_auth_hostok" = xyes +then : + printf "%s\n" "#define HAVE_AUTH_HOSTOK 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "auth_timeok" "ac_cv_func_auth_timeok" +if test "x$ac_cv_func_auth_timeok" = xyes +then : + printf "%s\n" "#define HAVE_AUTH_TIMEOK 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "Blowfish_initstate" "ac_cv_func_Blowfish_initstate" +if test "x$ac_cv_func_Blowfish_initstate" = xyes +then : + printf "%s\n" "#define HAVE_BLOWFISH_INITSTATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "Blowfish_expandstate" "ac_cv_func_Blowfish_expandstate" +if test "x$ac_cv_func_Blowfish_expandstate" = xyes +then : + printf "%s\n" "#define HAVE_BLOWFISH_EXPANDSTATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "Blowfish_expand0state" "ac_cv_func_Blowfish_expand0state" +if test "x$ac_cv_func_Blowfish_expand0state" = xyes +then : + printf "%s\n" "#define HAVE_BLOWFISH_EXPAND0STATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "Blowfish_stream2word" "ac_cv_func_Blowfish_stream2word" +if test "x$ac_cv_func_Blowfish_stream2word" = xyes +then : + printf "%s\n" "#define HAVE_BLOWFISH_STREAM2WORD 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "SHA256Update" "ac_cv_func_SHA256Update" +if test "x$ac_cv_func_SHA256Update" = xyes +then : + printf "%s\n" "#define HAVE_SHA256UPDATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "SHA384Update" "ac_cv_func_SHA384Update" +if test "x$ac_cv_func_SHA384Update" = xyes +then : + printf "%s\n" "#define HAVE_SHA384UPDATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "SHA512Update" "ac_cv_func_SHA512Update" +if test "x$ac_cv_func_SHA512Update" = xyes +then : + printf "%s\n" "#define HAVE_SHA512UPDATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "asprintf" "ac_cv_func_asprintf" +if test "x$ac_cv_func_asprintf" = xyes +then : + printf "%s\n" "#define HAVE_ASPRINTF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "b64_ntop" "ac_cv_func_b64_ntop" +if test "x$ac_cv_func_b64_ntop" = xyes +then : + printf "%s\n" "#define HAVE_B64_NTOP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "__b64_ntop" "ac_cv_func___b64_ntop" +if test "x$ac_cv_func___b64_ntop" = xyes +then : + printf "%s\n" "#define HAVE___B64_NTOP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "b64_pton" "ac_cv_func_b64_pton" +if test "x$ac_cv_func_b64_pton" = xyes +then : + printf "%s\n" "#define HAVE_B64_PTON 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "__b64_pton" "ac_cv_func___b64_pton" +if test "x$ac_cv_func___b64_pton" = xyes +then : + printf "%s\n" "#define HAVE___B64_PTON 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "bcopy" "ac_cv_func_bcopy" +if test "x$ac_cv_func_bcopy" = xyes +then : + printf "%s\n" "#define HAVE_BCOPY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "bcrypt_pbkdf" "ac_cv_func_bcrypt_pbkdf" +if test "x$ac_cv_func_bcrypt_pbkdf" = xyes +then : + printf "%s\n" "#define HAVE_BCRYPT_PBKDF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "bindresvport_sa" "ac_cv_func_bindresvport_sa" +if test "x$ac_cv_func_bindresvport_sa" = xyes +then : + printf "%s\n" "#define HAVE_BINDRESVPORT_SA 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "blf_enc" "ac_cv_func_blf_enc" +if test "x$ac_cv_func_blf_enc" = xyes +then : + printf "%s\n" "#define HAVE_BLF_ENC 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "bzero" "ac_cv_func_bzero" +if test "x$ac_cv_func_bzero" = xyes +then : + printf "%s\n" "#define HAVE_BZERO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "cap_rights_limit" "ac_cv_func_cap_rights_limit" +if test "x$ac_cv_func_cap_rights_limit" = xyes +then : + printf "%s\n" "#define HAVE_CAP_RIGHTS_LIMIT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "clock" "ac_cv_func_clock" +if test "x$ac_cv_func_clock" = xyes +then : + printf "%s\n" "#define HAVE_CLOCK 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "closefrom" "ac_cv_func_closefrom" +if test "x$ac_cv_func_closefrom" = xyes +then : + printf "%s\n" "#define HAVE_CLOSEFROM 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "close_range" "ac_cv_func_close_range" +if test "x$ac_cv_func_close_range" = xyes +then : + printf "%s\n" "#define HAVE_CLOSE_RANGE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "dirfd" "ac_cv_func_dirfd" +if test "x$ac_cv_func_dirfd" = xyes +then : + printf "%s\n" "#define HAVE_DIRFD 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "endgrent" "ac_cv_func_endgrent" +if test "x$ac_cv_func_endgrent" = xyes +then : + printf "%s\n" "#define HAVE_ENDGRENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "err" "ac_cv_func_err" +if test "x$ac_cv_func_err" = xyes +then : + printf "%s\n" "#define HAVE_ERR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "errx" "ac_cv_func_errx" +if test "x$ac_cv_func_errx" = xyes +then : + printf "%s\n" "#define HAVE_ERRX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "explicit_bzero" "ac_cv_func_explicit_bzero" +if test "x$ac_cv_func_explicit_bzero" = xyes +then : + printf "%s\n" "#define HAVE_EXPLICIT_BZERO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "explicit_memset" "ac_cv_func_explicit_memset" +if test "x$ac_cv_func_explicit_memset" = xyes +then : + printf "%s\n" "#define HAVE_EXPLICIT_MEMSET 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fchmod" "ac_cv_func_fchmod" +if test "x$ac_cv_func_fchmod" = xyes +then : + printf "%s\n" "#define HAVE_FCHMOD 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fchmodat" "ac_cv_func_fchmodat" +if test "x$ac_cv_func_fchmodat" = xyes +then : + printf "%s\n" "#define HAVE_FCHMODAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fchown" "ac_cv_func_fchown" +if test "x$ac_cv_func_fchown" = xyes +then : + printf "%s\n" "#define HAVE_FCHOWN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fchownat" "ac_cv_func_fchownat" +if test "x$ac_cv_func_fchownat" = xyes +then : + printf "%s\n" "#define HAVE_FCHOWNAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "flock" "ac_cv_func_flock" +if test "x$ac_cv_func_flock" = xyes +then : + printf "%s\n" "#define HAVE_FLOCK 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fnmatch" "ac_cv_func_fnmatch" +if test "x$ac_cv_func_fnmatch" = xyes +then : + printf "%s\n" "#define HAVE_FNMATCH 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "freeaddrinfo" "ac_cv_func_freeaddrinfo" +if test "x$ac_cv_func_freeaddrinfo" = xyes +then : + printf "%s\n" "#define HAVE_FREEADDRINFO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "freezero" "ac_cv_func_freezero" +if test "x$ac_cv_func_freezero" = xyes +then : + printf "%s\n" "#define HAVE_FREEZERO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fstatat" "ac_cv_func_fstatat" +if test "x$ac_cv_func_fstatat" = xyes +then : + printf "%s\n" "#define HAVE_FSTATAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fstatfs" "ac_cv_func_fstatfs" +if test "x$ac_cv_func_fstatfs" = xyes +then : + printf "%s\n" "#define HAVE_FSTATFS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fstatvfs" "ac_cv_func_fstatvfs" +if test "x$ac_cv_func_fstatvfs" = xyes +then : + printf "%s\n" "#define HAVE_FSTATVFS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "futimes" "ac_cv_func_futimes" +if test "x$ac_cv_func_futimes" = xyes +then : + printf "%s\n" "#define HAVE_FUTIMES 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getaddrinfo" "ac_cv_func_getaddrinfo" +if test "x$ac_cv_func_getaddrinfo" = xyes +then : + printf "%s\n" "#define HAVE_GETADDRINFO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getcwd" "ac_cv_func_getcwd" +if test "x$ac_cv_func_getcwd" = xyes +then : + printf "%s\n" "#define HAVE_GETCWD 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getentropy" "ac_cv_func_getentropy" +if test "x$ac_cv_func_getentropy" = xyes +then : + printf "%s\n" "#define HAVE_GETENTROPY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getgrouplist" "ac_cv_func_getgrouplist" +if test "x$ac_cv_func_getgrouplist" = xyes +then : + printf "%s\n" "#define HAVE_GETGROUPLIST 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getline" "ac_cv_func_getline" +if test "x$ac_cv_func_getline" = xyes +then : + printf "%s\n" "#define HAVE_GETLINE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getnameinfo" "ac_cv_func_getnameinfo" +if test "x$ac_cv_func_getnameinfo" = xyes +then : + printf "%s\n" "#define HAVE_GETNAMEINFO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getopt" "ac_cv_func_getopt" +if test "x$ac_cv_func_getopt" = xyes +then : + printf "%s\n" "#define HAVE_GETOPT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getpeereid" "ac_cv_func_getpeereid" +if test "x$ac_cv_func_getpeereid" = xyes +then : + printf "%s\n" "#define HAVE_GETPEEREID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getpeerucred" "ac_cv_func_getpeerucred" +if test "x$ac_cv_func_getpeerucred" = xyes +then : + printf "%s\n" "#define HAVE_GETPEERUCRED 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getpgid" "ac_cv_func_getpgid" +if test "x$ac_cv_func_getpgid" = xyes +then : + printf "%s\n" "#define HAVE_GETPGID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "_getpty" "ac_cv_func__getpty" +if test "x$ac_cv_func__getpty" = xyes +then : + printf "%s\n" "#define HAVE__GETPTY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getrlimit" "ac_cv_func_getrlimit" +if test "x$ac_cv_func_getrlimit" = xyes +then : + printf "%s\n" "#define HAVE_GETRLIMIT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getrandom" "ac_cv_func_getrandom" +if test "x$ac_cv_func_getrandom" = xyes +then : + printf "%s\n" "#define HAVE_GETRANDOM 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getsid" "ac_cv_func_getsid" +if test "x$ac_cv_func_getsid" = xyes +then : + printf "%s\n" "#define HAVE_GETSID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getttyent" "ac_cv_func_getttyent" +if test "x$ac_cv_func_getttyent" = xyes +then : + printf "%s\n" "#define HAVE_GETTTYENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "group_from_gid" "ac_cv_func_group_from_gid" +if test "x$ac_cv_func_group_from_gid" = xyes +then : + printf "%s\n" "#define HAVE_GROUP_FROM_GID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "inet_aton" "ac_cv_func_inet_aton" +if test "x$ac_cv_func_inet_aton" = xyes +then : + printf "%s\n" "#define HAVE_INET_ATON 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "inet_ntoa" "ac_cv_func_inet_ntoa" +if test "x$ac_cv_func_inet_ntoa" = xyes +then : + printf "%s\n" "#define HAVE_INET_NTOA 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "inet_ntop" "ac_cv_func_inet_ntop" +if test "x$ac_cv_func_inet_ntop" = xyes +then : + printf "%s\n" "#define HAVE_INET_NTOP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "innetgr" "ac_cv_func_innetgr" +if test "x$ac_cv_func_innetgr" = xyes +then : + printf "%s\n" "#define HAVE_INNETGR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "killpg" "ac_cv_func_killpg" +if test "x$ac_cv_func_killpg" = xyes +then : + printf "%s\n" "#define HAVE_KILLPG 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "llabs" "ac_cv_func_llabs" +if test "x$ac_cv_func_llabs" = xyes +then : + printf "%s\n" "#define HAVE_LLABS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "localtime_r" "ac_cv_func_localtime_r" +if test "x$ac_cv_func_localtime_r" = xyes +then : + printf "%s\n" "#define HAVE_LOCALTIME_R 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "login_getcapbool" "ac_cv_func_login_getcapbool" +if test "x$ac_cv_func_login_getcapbool" = xyes +then : + printf "%s\n" "#define HAVE_LOGIN_GETCAPBOOL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "login_getpwclass" "ac_cv_func_login_getpwclass" +if test "x$ac_cv_func_login_getpwclass" = xyes +then : + printf "%s\n" "#define HAVE_LOGIN_GETPWCLASS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "memmem" "ac_cv_func_memmem" +if test "x$ac_cv_func_memmem" = xyes +then : + printf "%s\n" "#define HAVE_MEMMEM 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "memmove" "ac_cv_func_memmove" +if test "x$ac_cv_func_memmove" = xyes +then : + printf "%s\n" "#define HAVE_MEMMOVE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "memset_s" "ac_cv_func_memset_s" +if test "x$ac_cv_func_memset_s" = xyes +then : + printf "%s\n" "#define HAVE_MEMSET_S 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "mkdtemp" "ac_cv_func_mkdtemp" +if test "x$ac_cv_func_mkdtemp" = xyes +then : + printf "%s\n" "#define HAVE_MKDTEMP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "mmap" "ac_cv_func_mmap" +if test "x$ac_cv_func_mmap" = xyes +then : + printf "%s\n" "#define HAVE_MMAP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "ngetaddrinfo" "ac_cv_func_ngetaddrinfo" +if test "x$ac_cv_func_ngetaddrinfo" = xyes +then : + printf "%s\n" "#define HAVE_NGETADDRINFO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "nlist" "ac_cv_func_nlist" +if test "x$ac_cv_func_nlist" = xyes +then : + printf "%s\n" "#define HAVE_NLIST 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "nsleep" "ac_cv_func_nsleep" +if test "x$ac_cv_func_nsleep" = xyes +then : + printf "%s\n" "#define HAVE_NSLEEP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "ogetaddrinfo" "ac_cv_func_ogetaddrinfo" +if test "x$ac_cv_func_ogetaddrinfo" = xyes +then : + printf "%s\n" "#define HAVE_OGETADDRINFO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "openlog_r" "ac_cv_func_openlog_r" +if test "x$ac_cv_func_openlog_r" = xyes +then : + printf "%s\n" "#define HAVE_OPENLOG_R 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "pledge" "ac_cv_func_pledge" +if test "x$ac_cv_func_pledge" = xyes +then : + printf "%s\n" "#define HAVE_PLEDGE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "poll" "ac_cv_func_poll" +if test "x$ac_cv_func_poll" = xyes +then : + printf "%s\n" "#define HAVE_POLL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "ppoll" "ac_cv_func_ppoll" +if test "x$ac_cv_func_ppoll" = xyes +then : + printf "%s\n" "#define HAVE_PPOLL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "prctl" "ac_cv_func_prctl" +if test "x$ac_cv_func_prctl" = xyes +then : + printf "%s\n" "#define HAVE_PRCTL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "procctl" "ac_cv_func_procctl" +if test "x$ac_cv_func_procctl" = xyes +then : + printf "%s\n" "#define HAVE_PROCCTL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "pselect" "ac_cv_func_pselect" +if test "x$ac_cv_func_pselect" = xyes +then : + printf "%s\n" "#define HAVE_PSELECT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "pstat" "ac_cv_func_pstat" +if test "x$ac_cv_func_pstat" = xyes +then : + printf "%s\n" "#define HAVE_PSTAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "raise" "ac_cv_func_raise" +if test "x$ac_cv_func_raise" = xyes +then : + printf "%s\n" "#define HAVE_RAISE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "readpassphrase" "ac_cv_func_readpassphrase" +if test "x$ac_cv_func_readpassphrase" = xyes +then : + printf "%s\n" "#define HAVE_READPASSPHRASE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "reallocarray" "ac_cv_func_reallocarray" +if test "x$ac_cv_func_reallocarray" = xyes +then : + printf "%s\n" "#define HAVE_REALLOCARRAY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "realpath" "ac_cv_func_realpath" +if test "x$ac_cv_func_realpath" = xyes +then : + printf "%s\n" "#define HAVE_REALPATH 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "recvmsg" "ac_cv_func_recvmsg" +if test "x$ac_cv_func_recvmsg" = xyes +then : + printf "%s\n" "#define HAVE_RECVMSG 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "recallocarray" "ac_cv_func_recallocarray" +if test "x$ac_cv_func_recallocarray" = xyes +then : + printf "%s\n" "#define HAVE_RECALLOCARRAY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "rresvport_af" "ac_cv_func_rresvport_af" +if test "x$ac_cv_func_rresvport_af" = xyes +then : + printf "%s\n" "#define HAVE_RRESVPORT_AF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "sendmsg" "ac_cv_func_sendmsg" +if test "x$ac_cv_func_sendmsg" = xyes +then : + printf "%s\n" "#define HAVE_SENDMSG 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setdtablesize" "ac_cv_func_setdtablesize" +if test "x$ac_cv_func_setdtablesize" = xyes +then : + printf "%s\n" "#define HAVE_SETDTABLESIZE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setegid" "ac_cv_func_setegid" +if test "x$ac_cv_func_setegid" = xyes +then : + printf "%s\n" "#define HAVE_SETEGID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setenv" "ac_cv_func_setenv" +if test "x$ac_cv_func_setenv" = xyes +then : + printf "%s\n" "#define HAVE_SETENV 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "seteuid" "ac_cv_func_seteuid" +if test "x$ac_cv_func_seteuid" = xyes +then : + printf "%s\n" "#define HAVE_SETEUID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setgroupent" "ac_cv_func_setgroupent" +if test "x$ac_cv_func_setgroupent" = xyes +then : + printf "%s\n" "#define HAVE_SETGROUPENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setgroups" "ac_cv_func_setgroups" +if test "x$ac_cv_func_setgroups" = xyes +then : + printf "%s\n" "#define HAVE_SETGROUPS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setlinebuf" "ac_cv_func_setlinebuf" +if test "x$ac_cv_func_setlinebuf" = xyes +then : + printf "%s\n" "#define HAVE_SETLINEBUF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setlogin" "ac_cv_func_setlogin" +if test "x$ac_cv_func_setlogin" = xyes +then : + printf "%s\n" "#define HAVE_SETLOGIN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setpassent" "ac_cv_func_setpassent" +if test "x$ac_cv_func_setpassent" = xyes +then : + printf "%s\n" "#define HAVE_SETPASSENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setpcred" "ac_cv_func_setpcred" +if test "x$ac_cv_func_setpcred" = xyes +then : + printf "%s\n" "#define HAVE_SETPCRED 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setproctitle" "ac_cv_func_setproctitle" +if test "x$ac_cv_func_setproctitle" = xyes +then : + printf "%s\n" "#define HAVE_SETPROCTITLE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setregid" "ac_cv_func_setregid" +if test "x$ac_cv_func_setregid" = xyes +then : + printf "%s\n" "#define HAVE_SETREGID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setreuid" "ac_cv_func_setreuid" +if test "x$ac_cv_func_setreuid" = xyes +then : + printf "%s\n" "#define HAVE_SETREUID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setrlimit" "ac_cv_func_setrlimit" +if test "x$ac_cv_func_setrlimit" = xyes +then : + printf "%s\n" "#define HAVE_SETRLIMIT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setsid" "ac_cv_func_setsid" +if test "x$ac_cv_func_setsid" = xyes +then : + printf "%s\n" "#define HAVE_SETSID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setvbuf" "ac_cv_func_setvbuf" +if test "x$ac_cv_func_setvbuf" = xyes +then : + printf "%s\n" "#define HAVE_SETVBUF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "sigaction" "ac_cv_func_sigaction" +if test "x$ac_cv_func_sigaction" = xyes +then : + printf "%s\n" "#define HAVE_SIGACTION 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "sigvec" "ac_cv_func_sigvec" +if test "x$ac_cv_func_sigvec" = xyes +then : + printf "%s\n" "#define HAVE_SIGVEC 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "snprintf" "ac_cv_func_snprintf" +if test "x$ac_cv_func_snprintf" = xyes +then : + printf "%s\n" "#define HAVE_SNPRINTF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "socketpair" "ac_cv_func_socketpair" +if test "x$ac_cv_func_socketpair" = xyes +then : + printf "%s\n" "#define HAVE_SOCKETPAIR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "statfs" "ac_cv_func_statfs" +if test "x$ac_cv_func_statfs" = xyes +then : + printf "%s\n" "#define HAVE_STATFS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "statvfs" "ac_cv_func_statvfs" +if test "x$ac_cv_func_statvfs" = xyes +then : + printf "%s\n" "#define HAVE_STATVFS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strcasestr" "ac_cv_func_strcasestr" +if test "x$ac_cv_func_strcasestr" = xyes +then : + printf "%s\n" "#define HAVE_STRCASESTR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strdup" "ac_cv_func_strdup" +if test "x$ac_cv_func_strdup" = xyes +then : + printf "%s\n" "#define HAVE_STRDUP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strerror" "ac_cv_func_strerror" +if test "x$ac_cv_func_strerror" = xyes +then : + printf "%s\n" "#define HAVE_STRERROR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strlcat" "ac_cv_func_strlcat" +if test "x$ac_cv_func_strlcat" = xyes +then : + printf "%s\n" "#define HAVE_STRLCAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strlcpy" "ac_cv_func_strlcpy" +if test "x$ac_cv_func_strlcpy" = xyes +then : + printf "%s\n" "#define HAVE_STRLCPY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strmode" "ac_cv_func_strmode" +if test "x$ac_cv_func_strmode" = xyes +then : + printf "%s\n" "#define HAVE_STRMODE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strndup" "ac_cv_func_strndup" +if test "x$ac_cv_func_strndup" = xyes +then : + printf "%s\n" "#define HAVE_STRNDUP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strnlen" "ac_cv_func_strnlen" +if test "x$ac_cv_func_strnlen" = xyes +then : + printf "%s\n" "#define HAVE_STRNLEN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strnvis" "ac_cv_func_strnvis" +if test "x$ac_cv_func_strnvis" = xyes +then : + printf "%s\n" "#define HAVE_STRNVIS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strptime" "ac_cv_func_strptime" +if test "x$ac_cv_func_strptime" = xyes +then : + printf "%s\n" "#define HAVE_STRPTIME 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strsignal" "ac_cv_func_strsignal" +if test "x$ac_cv_func_strsignal" = xyes +then : + printf "%s\n" "#define HAVE_STRSIGNAL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strtonum" "ac_cv_func_strtonum" +if test "x$ac_cv_func_strtonum" = xyes +then : + printf "%s\n" "#define HAVE_STRTONUM 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strtoll" "ac_cv_func_strtoll" +if test "x$ac_cv_func_strtoll" = xyes +then : + printf "%s\n" "#define HAVE_STRTOLL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strtoul" "ac_cv_func_strtoul" +if test "x$ac_cv_func_strtoul" = xyes +then : + printf "%s\n" "#define HAVE_STRTOUL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "strtoull" "ac_cv_func_strtoull" +if test "x$ac_cv_func_strtoull" = xyes +then : + printf "%s\n" "#define HAVE_STRTOULL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "sysconf" "ac_cv_func_sysconf" +if test "x$ac_cv_func_sysconf" = xyes +then : + printf "%s\n" "#define HAVE_SYSCONF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "tcgetpgrp" "ac_cv_func_tcgetpgrp" +if test "x$ac_cv_func_tcgetpgrp" = xyes +then : + printf "%s\n" "#define HAVE_TCGETPGRP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "timegm" "ac_cv_func_timegm" +if test "x$ac_cv_func_timegm" = xyes +then : + printf "%s\n" "#define HAVE_TIMEGM 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "timingsafe_bcmp" "ac_cv_func_timingsafe_bcmp" +if test "x$ac_cv_func_timingsafe_bcmp" = xyes +then : + printf "%s\n" "#define HAVE_TIMINGSAFE_BCMP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "truncate" "ac_cv_func_truncate" +if test "x$ac_cv_func_truncate" = xyes +then : + printf "%s\n" "#define HAVE_TRUNCATE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "unlinkat" "ac_cv_func_unlinkat" +if test "x$ac_cv_func_unlinkat" = xyes +then : + printf "%s\n" "#define HAVE_UNLINKAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "unsetenv" "ac_cv_func_unsetenv" +if test "x$ac_cv_func_unsetenv" = xyes +then : + printf "%s\n" "#define HAVE_UNSETENV 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "unveil" "ac_cv_func_unveil" +if test "x$ac_cv_func_unveil" = xyes +then : + printf "%s\n" "#define HAVE_UNVEIL 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "updwtmpx" "ac_cv_func_updwtmpx" +if test "x$ac_cv_func_updwtmpx" = xyes +then : + printf "%s\n" "#define HAVE_UPDWTMPX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "utimensat" "ac_cv_func_utimensat" +if test "x$ac_cv_func_utimensat" = xyes +then : + printf "%s\n" "#define HAVE_UTIMENSAT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "user_from_uid" "ac_cv_func_user_from_uid" +if test "x$ac_cv_func_user_from_uid" = xyes +then : + printf "%s\n" "#define HAVE_USER_FROM_UID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "usleep" "ac_cv_func_usleep" +if test "x$ac_cv_func_usleep" = xyes +then : + printf "%s\n" "#define HAVE_USLEEP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "vasprintf" "ac_cv_func_vasprintf" +if test "x$ac_cv_func_vasprintf" = xyes +then : + printf "%s\n" "#define HAVE_VASPRINTF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "vsnprintf" "ac_cv_func_vsnprintf" +if test "x$ac_cv_func_vsnprintf" = xyes +then : + printf "%s\n" "#define HAVE_VSNPRINTF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "waitpid" "ac_cv_func_waitpid" +if test "x$ac_cv_func_waitpid" = xyes +then : + printf "%s\n" "#define HAVE_WAITPID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "warn" "ac_cv_func_warn" +if test "x$ac_cv_func_warn" = xyes +then : + printf "%s\n" "#define HAVE_WARN 1" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether compiler supports __builtin_popcount" >&5 +printf %s "checking whether compiler supports __builtin_popcount... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + +int +main (void) +{ + int x = 123, y; + y = __builtin_popcount(123); + exit(y == 6 ? 0 : -1); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define MISSING_BUILTIN_POPCOUNT 1" >>confdefs.h + + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +ac_fn_check_decl "$LINENO" "bzero" "ac_cv_have_decl_bzero" "$ac_includes_default" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_bzero" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_BZERO $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "memmem" "ac_cv_have_decl_memmem" "$ac_includes_default" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_memmem" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_MEMMEM $ac_have_decl" >>confdefs.h + + +ac_fn_c_check_func "$LINENO" "mblen" "ac_cv_func_mblen" +if test "x$ac_cv_func_mblen" = xyes +then : + printf "%s\n" "#define HAVE_MBLEN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "mbtowc" "ac_cv_func_mbtowc" +if test "x$ac_cv_func_mbtowc" = xyes +then : + printf "%s\n" "#define HAVE_MBTOWC 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "nl_langinfo" "ac_cv_func_nl_langinfo" +if test "x$ac_cv_func_nl_langinfo" = xyes +then : + printf "%s\n" "#define HAVE_NL_LANGINFO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "wcwidth" "ac_cv_func_wcwidth" +if test "x$ac_cv_func_wcwidth" = xyes +then : + printf "%s\n" "#define HAVE_WCWIDTH 1" >>confdefs.h + +fi + + +TEST_SSH_UTF8=${TEST_SSH_UTF8:=yes} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for utf8 locale support" >&5 +printf %s "checking for utf8 locale support... " >&6; } +if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming yes" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + + char *loc = setlocale(LC_CTYPE, "en_US.UTF-8"); + if (loc != NULL) + exit(0); + exit(1); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + TEST_SSH_UTF8=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + return (isblank('a')); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +printf "%s\n" "#define HAVE_ISBLANK 1" >>confdefs.h + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +disable_pkcs11= +# Check whether --enable-pkcs11 was given. +if test ${enable_pkcs11+y} +then : + enableval=$enable_pkcs11; + if test "x$enableval" = "xno" ; then + disable_pkcs11=1 + fi + + +fi + + +disable_sk= +# Check whether --enable-security-key was given. +if test ${enable_security_key+y} +then : + enableval=$enable_security_key; + if test "x$enableval" = "xno" ; then + disable_sk=1 + fi + + +fi + +enable_sk_internal= + +# Check whether --with-security-key-builtin was given. +if test ${with_security_key_builtin+y} +then : + withval=$with_security_key_builtin; enable_sk_internal=$withval + +fi + + +enable_sk_standalone= + +# Check whether --with-security-key-standalone was given. +if test ${with_security_key_standalone+y} +then : + withval=$with_security_key_standalone; enable_sk_standalone=$withval + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5 +printf %s "checking for library containing dlopen... " >&6; } +if test ${ac_cv_search_dlopen+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char dlopen (); +int +main (void) +{ +return dlopen (); + ; + return 0; +} +_ACEOF +for ac_lib in '' dl +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_dlopen=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_dlopen+y} +then : + break +fi +done +if test ${ac_cv_search_dlopen+y} +then : + +else $as_nop + ac_cv_search_dlopen=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dlopen" >&5 +printf "%s\n" "$ac_cv_search_dlopen" >&6; } +ac_res=$ac_cv_search_dlopen +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" +if test "x$ac_cv_func_dlopen" = xyes +then : + printf "%s\n" "#define HAVE_DLOPEN 1" >>confdefs.h + +fi + +ac_fn_check_decl "$LINENO" "RTLD_NOW" "ac_cv_have_decl_RTLD_NOW" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_RTLD_NOW" = xyes +then : + +fi + +# IRIX has a const char return value for gai_strerror() + + for ac_func in gai_strerror +do : + ac_fn_c_check_func "$LINENO" "gai_strerror" "ac_cv_func_gai_strerror" +if test "x$ac_cv_func_gai_strerror" = xyes +then : + printf "%s\n" "#define HAVE_GAI_STRERROR 1" >>confdefs.h + + printf "%s\n" "#define HAVE_GAI_STRERROR 1" >>confdefs.h + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +const char *gai_strerror(int); + +int +main (void) +{ + + char *str; + str = gai_strerror(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + +printf "%s\n" "#define HAVE_CONST_GAI_STRERROR_PROTO 1" >>confdefs.h + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +done + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing nanosleep" >&5 +printf %s "checking for library containing nanosleep... " >&6; } +if test ${ac_cv_search_nanosleep+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char nanosleep (); +int +main (void) +{ +return nanosleep (); + ; + return 0; +} +_ACEOF +for ac_lib in '' rt posix4 +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_nanosleep=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_nanosleep+y} +then : + break +fi +done +if test ${ac_cv_search_nanosleep+y} +then : + +else $as_nop + ac_cv_search_nanosleep=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_nanosleep" >&5 +printf "%s\n" "$ac_cv_search_nanosleep" >&6; } +ac_res=$ac_cv_search_nanosleep +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +printf "%s\n" "#define HAVE_NANOSLEEP 1" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5 +printf %s "checking for library containing clock_gettime... " >&6; } +if test ${ac_cv_search_clock_gettime+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char clock_gettime (); +int +main (void) +{ +return clock_gettime (); + ; + return 0; +} +_ACEOF +for ac_lib in '' rt +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_clock_gettime=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_clock_gettime+y} +then : + break +fi +done +if test ${ac_cv_search_clock_gettime+y} +then : + +else $as_nop + ac_cv_search_clock_gettime=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5 +printf "%s\n" "$ac_cv_search_clock_gettime" >&6; } +ac_res=$ac_cv_search_clock_gettime +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +printf "%s\n" "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h + +fi + + +ac_fn_check_decl "$LINENO" "localtime_r" "ac_cv_have_decl_localtime_r" " #include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_localtime_r" = xyes +then : + +else $as_nop + saved_CPPFLAGS="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS -D_REENTRANT" + unset ac_cv_have_decl_localtime_r + ac_fn_check_decl "$LINENO" "localtime_r" "ac_cv_have_decl_localtime_r" " #include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_localtime_r" = xyes +then : + +else $as_nop + CPPFLAGS="$saved_CPPFLAGS" +fi + +fi + +ac_fn_check_decl "$LINENO" "strsep" "ac_cv_have_decl_strsep" " +#ifdef HAVE_STRING_H +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_strsep" = xyes +then : + ac_fn_c_check_func "$LINENO" "strsep" "ac_cv_func_strsep" +if test "x$ac_cv_func_strsep" = xyes +then : + printf "%s\n" "#define HAVE_STRSEP 1" >>confdefs.h + +fi + +fi + +ac_fn_check_decl "$LINENO" "tcsendbreak" "ac_cv_have_decl_tcsendbreak" "#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_tcsendbreak" = xyes +then : + printf "%s\n" "#define HAVE_TCSENDBREAK 1" >>confdefs.h + +else $as_nop + ac_fn_c_check_func "$LINENO" "tcsendbreak" "ac_cv_func_tcsendbreak" +if test "x$ac_cv_func_tcsendbreak" = xyes +then : + printf "%s\n" "#define HAVE_TCSENDBREAK 1" >>confdefs.h + +fi + +fi + +ac_fn_check_decl "$LINENO" "h_errno" "ac_cv_have_decl_h_errno" "#include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_h_errno" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_H_ERRNO $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "SHUT_RD" "ac_cv_have_decl_SHUT_RD" " +#include +#include +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_SHUT_RD" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_SHUT_RD $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "getpeereid" "ac_cv_have_decl_getpeereid" " +#include +#include +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_getpeereid" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_GETPEEREID $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "O_NONBLOCK" "ac_cv_have_decl_O_NONBLOCK" " +#include +#ifdef HAVE_SYS_STAT_H +# include +#endif +#ifdef HAVE_FCNTL_H +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_O_NONBLOCK" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_O_NONBLOCK $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "ftruncate" "ac_cv_have_decl_ftruncate" " +#include +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_ftruncate" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_FTRUNCATE $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "getentropy" "ac_cv_have_decl_getentropy" " +#include +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_getentropy" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_GETENTROPY $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "readv" "ac_cv_have_decl_readv" " +#include +#include +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_readv" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_READV $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "writev" "ac_cv_have_decl_writev" " +#include +#include +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_writev" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_WRITEV $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "MAXSYMLINKS" "ac_cv_have_decl_MAXSYMLINKS" " +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_MAXSYMLINKS" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_MAXSYMLINKS $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "offsetof" "ac_cv_have_decl_offsetof" " +#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_offsetof" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_OFFSETOF $ac_have_decl" >>confdefs.h + + +ac_fn_check_decl "$LINENO" "INFINITY" "ac_cv_have_decl_INFINITY" "#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_INFINITY" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_INFINITY $ac_have_decl" >>confdefs.h +if test $ac_have_decl = 1 +then : + +else $as_nop + ac_fn_check_decl "$LINENO" "__builtin_inff" "ac_cv_have_decl___builtin_inff" "$ac_includes_default" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl___builtin_inff" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL___BUILTIN_INFF $ac_have_decl" >>confdefs.h + +fi + + +# extra bits for select(2) +ac_fn_check_decl "$LINENO" "howmany" "ac_cv_have_decl_howmany" " +#include +#include +#ifdef HAVE_SYS_SYSMACROS_H +#include +#endif +#ifdef HAVE_SYS_SELECT_H +#include +#endif +#ifdef HAVE_SYS_TIME_H +#include +#endif +#ifdef HAVE_UNISTD_H +#include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_howmany" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_HOWMANY $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "NFDBITS" "ac_cv_have_decl_NFDBITS" " +#include +#include +#ifdef HAVE_SYS_SYSMACROS_H +#include +#endif +#ifdef HAVE_SYS_SELECT_H +#include +#endif +#ifdef HAVE_SYS_TIME_H +#include +#endif +#ifdef HAVE_UNISTD_H +#include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_NFDBITS" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_NFDBITS $ac_have_decl" >>confdefs.h + +ac_fn_c_check_type "$LINENO" "fd_mask" "ac_cv_type_fd_mask" " +#include +#include +#ifdef HAVE_SYS_SELECT_H +#include +#endif +#ifdef HAVE_SYS_TIME_H +#include +#endif +#ifdef HAVE_UNISTD_H +#include +#endif + +" +if test "x$ac_cv_type_fd_mask" = xyes +then : + +printf "%s\n" "#define HAVE_FD_MASK 1" >>confdefs.h + + +fi + + + + for ac_func in setresuid +do : + ac_fn_c_check_func "$LINENO" "setresuid" "ac_cv_func_setresuid" +if test "x$ac_cv_func_setresuid" = xyes +then : + printf "%s\n" "#define HAVE_SETRESUID 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if setresuid seems to work" >&5 +printf %s "checking if setresuid seems to work... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking setresuid" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking setresuid" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + + errno=0; + setresuid(0,0,0); + if (errno==ENOSYS) + exit(1); + else + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + +printf "%s\n" "#define BROKEN_SETRESUID 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not implemented" >&5 +printf "%s\n" "not implemented" >&6; } +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi + +done + + + for ac_func in setresgid +do : + ac_fn_c_check_func "$LINENO" "setresgid" "ac_cv_func_setresgid" +if test "x$ac_cv_func_setresgid" = xyes +then : + printf "%s\n" "#define HAVE_SETRESGID 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if setresgid seems to work" >&5 +printf %s "checking if setresgid seems to work... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking setresuid" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking setresuid" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + + errno=0; + setresgid(0,0,0); + if (errno==ENOSYS) + exit(1); + else + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + +printf "%s\n" "#define BROKEN_SETRESGID 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not implemented" >&5 +printf "%s\n" "not implemented" >&6; } +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi + +done + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for working fflush(NULL)" >&5 +printf %s "checking for working fflush(NULL)... " >&6; } +if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming working" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming working" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ +fflush(NULL); exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define FFLUSH_NULL_BUG 1" >>confdefs.h + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +ac_fn_c_check_func "$LINENO" "gettimeofday" "ac_cv_func_gettimeofday" +if test "x$ac_cv_func_gettimeofday" = xyes +then : + printf "%s\n" "#define HAVE_GETTIMEOFDAY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "time" "ac_cv_func_time" +if test "x$ac_cv_func_time" = xyes +then : + printf "%s\n" "#define HAVE_TIME 1" >>confdefs.h + +fi + +ac_fn_c_check_func "$LINENO" "endutent" "ac_cv_func_endutent" +if test "x$ac_cv_func_endutent" = xyes +then : + printf "%s\n" "#define HAVE_ENDUTENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutent" "ac_cv_func_getutent" +if test "x$ac_cv_func_getutent" = xyes +then : + printf "%s\n" "#define HAVE_GETUTENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutid" "ac_cv_func_getutid" +if test "x$ac_cv_func_getutid" = xyes +then : + printf "%s\n" "#define HAVE_GETUTID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutline" "ac_cv_func_getutline" +if test "x$ac_cv_func_getutline" = xyes +then : + printf "%s\n" "#define HAVE_GETUTLINE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "pututline" "ac_cv_func_pututline" +if test "x$ac_cv_func_pututline" = xyes +then : + printf "%s\n" "#define HAVE_PUTUTLINE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setutent" "ac_cv_func_setutent" +if test "x$ac_cv_func_setutent" = xyes +then : + printf "%s\n" "#define HAVE_SETUTENT 1" >>confdefs.h + +fi + +ac_fn_c_check_func "$LINENO" "utmpname" "ac_cv_func_utmpname" +if test "x$ac_cv_func_utmpname" = xyes +then : + printf "%s\n" "#define HAVE_UTMPNAME 1" >>confdefs.h + +fi + +ac_fn_c_check_func "$LINENO" "endutxent" "ac_cv_func_endutxent" +if test "x$ac_cv_func_endutxent" = xyes +then : + printf "%s\n" "#define HAVE_ENDUTXENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutxent" "ac_cv_func_getutxent" +if test "x$ac_cv_func_getutxent" = xyes +then : + printf "%s\n" "#define HAVE_GETUTXENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutxid" "ac_cv_func_getutxid" +if test "x$ac_cv_func_getutxid" = xyes +then : + printf "%s\n" "#define HAVE_GETUTXID 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutxline" "ac_cv_func_getutxline" +if test "x$ac_cv_func_getutxline" = xyes +then : + printf "%s\n" "#define HAVE_GETUTXLINE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "getutxuser" "ac_cv_func_getutxuser" +if test "x$ac_cv_func_getutxuser" = xyes +then : + printf "%s\n" "#define HAVE_GETUTXUSER 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "pututxline" "ac_cv_func_pututxline" +if test "x$ac_cv_func_pututxline" = xyes +then : + printf "%s\n" "#define HAVE_PUTUTXLINE 1" >>confdefs.h + +fi + +ac_fn_c_check_func "$LINENO" "setutxdb" "ac_cv_func_setutxdb" +if test "x$ac_cv_func_setutxdb" = xyes +then : + printf "%s\n" "#define HAVE_SETUTXDB 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "setutxent" "ac_cv_func_setutxent" +if test "x$ac_cv_func_setutxent" = xyes +then : + printf "%s\n" "#define HAVE_SETUTXENT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "utmpxname" "ac_cv_func_utmpxname" +if test "x$ac_cv_func_utmpxname" = xyes +then : + printf "%s\n" "#define HAVE_UTMPXNAME 1" >>confdefs.h + +fi + +ac_fn_c_check_func "$LINENO" "getlastlogxbyname" "ac_cv_func_getlastlogxbyname" +if test "x$ac_cv_func_getlastlogxbyname" = xyes +then : + printf "%s\n" "#define HAVE_GETLASTLOGXBYNAME 1" >>confdefs.h + +fi + + +ac_fn_c_check_func "$LINENO" "daemon" "ac_cv_func_daemon" +if test "x$ac_cv_func_daemon" = xyes +then : + +printf "%s\n" "#define HAVE_DAEMON 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for daemon in -lbsd" >&5 +printf %s "checking for daemon in -lbsd... " >&6; } +if test ${ac_cv_lib_bsd_daemon+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lbsd $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char daemon (); +int +main (void) +{ +return daemon (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_bsd_daemon=yes +else $as_nop + ac_cv_lib_bsd_daemon=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsd_daemon" >&5 +printf "%s\n" "$ac_cv_lib_bsd_daemon" >&6; } +if test "x$ac_cv_lib_bsd_daemon" = xyes +then : + LIBS="$LIBS -lbsd"; printf "%s\n" "#define HAVE_DAEMON 1" >>confdefs.h + +fi + + +fi + + +ac_fn_c_check_func "$LINENO" "getpagesize" "ac_cv_func_getpagesize" +if test "x$ac_cv_func_getpagesize" = xyes +then : + +printf "%s\n" "#define HAVE_GETPAGESIZE 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for getpagesize in -lucb" >&5 +printf %s "checking for getpagesize in -lucb... " >&6; } +if test ${ac_cv_lib_ucb_getpagesize+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lucb $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char getpagesize (); +int +main (void) +{ +return getpagesize (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_ucb_getpagesize=yes +else $as_nop + ac_cv_lib_ucb_getpagesize=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ucb_getpagesize" >&5 +printf "%s\n" "$ac_cv_lib_ucb_getpagesize" >&6; } +if test "x$ac_cv_lib_ucb_getpagesize" = xyes +then : + LIBS="$LIBS -lucb"; printf "%s\n" "#define HAVE_GETPAGESIZE 1" >>confdefs.h + +fi + + +fi + + +# Check for broken snprintf +if test "x$ac_cv_func_snprintf" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether snprintf correctly terminates long strings" >&5 +printf %s "checking whether snprintf correctly terminates long strings... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + + char b[5]; + snprintf(b,5,"123456789"); + exit(b[4]!='\0'); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define BROKEN_SNPRINTF 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 +printf "%s\n" "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;} + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +if test "x$ac_cv_func_snprintf" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether snprintf understands %zu" >&5 +printf %s "checking whether snprintf understands %zu... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include + +int +main (void) +{ + + size_t a = 1, b = 2; + char z[128]; + snprintf(z, sizeof z, "%zu%zu", a, b); + exit(strcmp(z, "12")); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define BROKEN_SNPRINTF 1" >>confdefs.h + + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +# We depend on vsnprintf returning the right thing on overflow: the +# number of characters it tried to create (as per SUSv3) +if test "x$ac_cv_func_vsnprintf" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether vsnprintf returns correct values on overflow" >&5 +printf %s "checking whether vsnprintf returns correct values on overflow... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working vsnprintf()" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: Assuming working vsnprintf()" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int x_snprintf(char *str, size_t count, const char *fmt, ...) +{ + size_t ret; + va_list ap; + + va_start(ap, fmt); + ret = vsnprintf(str, count, fmt, ap); + va_end(ap); + return ret; +} + +int +main (void) +{ + +char x[1]; +if (x_snprintf(x, 1, "%s %d", "hello", 12345) != 11) + return 1; +if (x_snprintf(NULL, 0, "%s %d", "hello", 12345) != 11) + return 1; +return 0; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define BROKEN_SNPRINTF 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ****** Your vsnprintf() function is broken, complain to your vendor" >&5 +printf "%s\n" "$as_me: WARNING: ****** Your vsnprintf() function is broken, complain to your vendor" >&2;} + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +# On systems where [v]snprintf is broken, but is declared in stdio, +# check that the fmt argument is const char * or just char *. +# This is only useful for when BROKEN_SNPRINTF +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether snprintf can declare const char *fmt" >&5 +printf %s "checking whether snprintf can declare const char *fmt... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifdef _FORTIFY_SOURCE +#undef _FORTIFY_SOURCE +#endif +#include +int snprintf(char *a, size_t b, const char *c, ...) { return 0; } + +int +main (void) +{ + + snprintf(0, 0, 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define SNPRINTF_CONST const" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + printf "%s\n" "#define SNPRINTF_CONST /* not const */" >>confdefs.h + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +# Check for missing getpeereid (or equiv) support +NO_PEERCHECK="" +if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether system supports SO_PEERCRED getsockopt" >&5 +printf %s "checking whether system supports SO_PEERCRED getsockopt... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int +main (void) +{ +int i = SO_PEERCRED; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HAVE_SO_PEERCRED 1" >>confdefs.h + + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + NO_PEERCHECK=1 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +if test ! -z "$check_for_openpty_ctty_bug"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if openpty correctly handles controlling tty" >&5 +printf %s "checking if openpty correctly handles controlling tty... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming yes" >&5 +printf "%s\n" "cross-compiling, assuming yes" >&6; } + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#ifdef HAVE_PTY_H +# include +#endif +#include +#include +#include + +int +main (void) +{ + + pid_t pid; + int fd, ptyfd, ttyfd, status; + + pid = fork(); + if (pid < 0) { /* failed */ + exit(1); + } else if (pid > 0) { /* parent */ + waitpid(pid, &status, 0); + if (WIFEXITED(status)) + exit(WEXITSTATUS(status)); + else + exit(2); + } else { /* child */ + close(0); close(1); close(2); + setsid(); + openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); + fd = open("/dev/tty", O_RDWR | O_NOCTTY); + if (fd >= 0) + exit(3); /* Acquired ctty: broken */ + else + exit(0); /* Did not acquire ctty: OK */ + } + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + printf "%s\n" "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h + + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ + test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo seems to work" >&5 +printf %s "checking if getaddrinfo seems to work... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming yes" >&5 +printf "%s\n" "cross-compiling, assuming yes" >&6; } + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +#include + +#define TEST_PORT "2222" + +int +main (void) +{ + + int err, sock; + struct addrinfo *gai_ai, *ai, hints; + char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_PASSIVE; + + err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); + if (err != 0) { + fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); + exit(1); + } + + for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { + if (ai->ai_family != AF_INET6) + continue; + + err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, + sizeof(ntop), strport, sizeof(strport), + NI_NUMERICHOST|NI_NUMERICSERV); + + if (err != 0) { + if (err == EAI_SYSTEM) + perror("getnameinfo EAI_SYSTEM"); + else + fprintf(stderr, "getnameinfo failed: %s\n", + gai_strerror(err)); + exit(2); + } + + sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if (sock < 0) + perror("socket"); + if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { + if (errno == EBADF) + exit(3); + } + } + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + printf "%s\n" "#define BROKEN_GETADDRINFO 1" >>confdefs.h + + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ + test "x$check_for_aix_broken_getaddrinfo" = "x1"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo seems to work" >&5 +printf %s "checking if getaddrinfo seems to work... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming no" >&5 +printf "%s\n" "cross-compiling, assuming no" >&6; } + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +#include + +#define TEST_PORT "2222" + +int +main (void) +{ + + int err, sock; + struct addrinfo *gai_ai, *ai, hints; + char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_PASSIVE; + + err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); + if (err != 0) { + fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); + exit(1); + } + + for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { + if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) + continue; + + err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, + sizeof(ntop), strport, sizeof(strport), + NI_NUMERICHOST|NI_NUMERICSERV); + + if (ai->ai_family == AF_INET && err != 0) { + perror("getnameinfo"); + exit(2); + } + } + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define AIX_GETNAMEINFO_HACK 1" >>confdefs.h + + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + printf "%s\n" "#define BROKEN_GETADDRINFO 1" >>confdefs.h + + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +if test "x$ac_cv_func_getaddrinfo" = "xyes"; then + ac_fn_check_decl "$LINENO" "AI_NUMERICSERV" "ac_cv_have_decl_AI_NUMERICSERV" "#include + #include + #include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_AI_NUMERICSERV" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_AI_NUMERICSERV $ac_have_decl" >>confdefs.h + +fi + +if test "x$check_for_conflicting_getspnam" = "x1"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for conflicting getspnam in shadow.h" >&5 +printf %s "checking for conflicting getspnam in shadow.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define GETSPNAM_CONFLICTING_DEFS 1" >>confdefs.h + + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +if test "x$ac_cv_func_strnvis" = "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for working strnvis" >&5 +printf %s "checking for working strnvis... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming broken" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming broken" >&2;} + +printf "%s\n" "#define BROKEN_STRNVIS 1" >>confdefs.h + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +static void sighandler(int sig) { _exit(1); } + +int +main (void) +{ + + char dst[16]; + + signal(SIGSEGV, sighandler); + if (strnvis(dst, "src", 4, 0) && strcmp(dst, "src") == 0) + exit(0); + exit(1) + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define BROKEN_STRNVIS 1" >>confdefs.h + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if SA_RESTARTed signals interrupt select()" >&5 +printf %s "checking if SA_RESTARTed signals interrupt select()... " >&6; } +if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming yes" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifdef HAVE_SYS_SELECT +# include +#endif +#include +#include +#include +#include +#include +static void sighandler(int sig) { } + +int +main (void) +{ + + int r; + pid_t pid; + struct sigaction sa; + + sa.sa_handler = sighandler; + sa.sa_flags = SA_RESTART; + (void)sigaction(SIGTERM, &sa, NULL); + if ((pid = fork()) == 0) { /* child */ + pid = getppid(); + sleep(1); + kill(pid, SIGTERM); + sleep(1); + if (getppid() == pid) /* if parent did not exit, shoot it */ + kill(pid, SIGKILL); + exit(0); + } else { /* parent */ + r = select(0, NULL, NULL, NULL, NULL); + } + exit(r == -1 ? 0 : 1); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define NO_SA_RESTART 1" >>confdefs.h + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + + + for ac_func in getpgrp +do : + ac_fn_c_check_func "$LINENO" "getpgrp" "ac_cv_func_getpgrp" +if test "x$ac_cv_func_getpgrp" = xyes +then : + printf "%s\n" "#define HAVE_GETPGRP 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if getpgrp accepts zero args" >&5 +printf %s "checking if getpgrp accepts zero args... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main (void) +{ + getpgrp(); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define GETPGRP_VOID 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define GETPGRP_VOID 0" >>confdefs.h + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi + +done + +# Search for OpenSSL +saved_CPPFLAGS="$CPPFLAGS" +saved_LDFLAGS="$LDFLAGS" +openssl_bin_PATH="$PATH" + +# Check whether --with-ssl-dir was given. +if test ${with_ssl_dir+y} +then : + withval=$with_ssl_dir; + if test "x$openssl" = "xno" ; then + as_fn_error $? "cannot use --with-ssl-dir when OpenSSL disabled" "$LINENO" 5 + fi + if test "x$withval" != "xno" ; then + case "$withval" in + # Relative paths + ./*|../*) withval="`pwd`/$withval" + esac + if test -d "$withval/lib"; then + libcrypto_path="${withval}/lib" + elif test -d "$withval/lib64"; then + libcrypto_path="$withval/lib64" + else + # Built but not installed + libcrypto_path="${withval}" + fi + if test -n "${rpath_opt}"; then + LDFLAGS="-L${libcrypto_path} ${rpath_opt}${libcrypto_path} ${LDFLAGS}" + else + LDFLAGS="-L${libcrypto_path} ${LDFLAGS}" + fi + if test -d "$withval/include"; then + CPPFLAGS="-I${withval}/include ${CPPFLAGS}" + else + CPPFLAGS="-I${withval} ${CPPFLAGS}" + fi + if test -x "${withval}/bin/openssl" && \ + "${withval}/bin/openssl" version >/dev/null 2>&1; then + openssl_bin_PATH="${withval}/bin${PATH_SEPARATOR}${PATH}" + elif test -x "${withval}/apps/openssl" && \ + "${withval}/apps/openssl" version >/dev/null 2>&1; then + openssl_bin_PATH="${withval}/apps${PATH_SEPARATOR}${PATH}" + fi + fi + + +fi + +for ac_prog in openssl +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_openssl_bin+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $openssl_bin in + [\\/]* | ?:[\\/]*) + ac_cv_path_openssl_bin="$openssl_bin" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $openssl_bin_PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_openssl_bin="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +openssl_bin=$ac_cv_path_openssl_bin +if test -n "$openssl_bin"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $openssl_bin" >&5 +printf "%s\n" "$openssl_bin" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + test -n "$openssl_bin" && break +done + +OPENSSL_BIN=${openssl_bin} + + + +# Check whether --with-openssl-header-check was given. +if test ${with_openssl_header_check+y} +then : + withval=$with_openssl_header_check; + if test "x$withval" = "xno" ; then + openssl_check_nonfatal=1 + fi + + +fi + + +openssl_engine=no + +# Check whether --with-ssl-engine was given. +if test ${with_ssl_engine+y} +then : + withval=$with_ssl_engine; + if test "x$withval" != "xno" ; then + if test "x$openssl" = "xno" ; then + as_fn_error $? "cannot use --with-ssl-engine when OpenSSL disabled" "$LINENO" 5 + fi + openssl_engine=yes + fi + + +fi + + +nocrypto_saved_LIBS="$LIBS" +if test "x$openssl" = "xyes" ; then + LIBS="-lcrypto $LIBS" + CHANNELLIBS="-lcrypto $CHANNELLIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char RAND_add (); +int +main (void) +{ +return RAND_add (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +else $as_nop + + # As of early 2026, BoringSSL libcrypto needs -lstdc++ for + # destructors so try that before giving up. + LIBS="$LIBS -lstdc++" + CHANNELLIBS="$CHANNELLIBS -lstdc++" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char RAND_add (); +int +main (void) +{ +return RAND_add (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + +else $as_nop + + as_fn_error $? "*** working libcrypto not found, check config.log" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + ac_fn_c_check_header_compile "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default" +if test "x$ac_cv_header_openssl_opensslv_h" = xyes +then : + +else $as_nop + as_fn_error $? "*** OpenSSL headers missing - please install first or check config.log ***" "$LINENO" 5 +fi + + + # Determine OpenSSL header version + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking OpenSSL header version" >&5 +printf %s "checking OpenSSL header version... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking" >&2;} + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #define DATA "conftest.sslincver" + +int +main (void) +{ + + FILE *fd; + int rc; + + fd = fopen(DATA,"w"); + if(fd == NULL) + exit(1); + + if ((rc = fprintf(fd, "%08lx (%s)\n", + (unsigned long)OPENSSL_VERSION_NUMBER, + OPENSSL_VERSION_TEXT)) < 0) + exit(1); + + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + ssl_header_ver=`cat conftest.sslincver` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ssl_header_ver" >&5 +printf "%s\n" "$ssl_header_ver" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: failed" >&5 +printf "%s\n" "failed" >&6; } + as_fn_error $? "OpenSSL version test program failed." "$LINENO" 5 + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + + # Determining OpenSSL library version is version dependent. + ac_fn_c_check_func "$LINENO" "OpenSSL_version" "ac_cv_func_OpenSSL_version" +if test "x$ac_cv_func_OpenSSL_version" = xyes +then : + printf "%s\n" "#define HAVE_OPENSSL_VERSION 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "OpenSSL_version_num" "ac_cv_func_OpenSSL_version_num" +if test "x$ac_cv_func_OpenSSL_version_num" = xyes +then : + printf "%s\n" "#define HAVE_OPENSSL_VERSION_NUM 1" >>confdefs.h + +fi + + + # Determine OpenSSL library version + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking OpenSSL library version" >&5 +printf %s "checking OpenSSL library version... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking" >&2;} + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #include + #define DATA "conftest.ssllibver" + +int +main (void) +{ + + FILE *f; + /* We need these legacy bits to warn for old libcrypto */ + #ifndef OPENSSL_VERSION + # define OPENSSL_VERSION SSLEAY_VERSION + #endif + #ifndef HAVE_OPENSSL_VERSION + # define OpenSSL_version SSLeay_version + #endif + #ifndef HAVE_OPENSSL_VERSION_NUM + # define OpenSSL_version_num SSLeay + #endif + if ((f = fopen(DATA, "w")) == NULL) + exit(1); + if (fprintf(f, "%08lx (%s)", + (unsigned long)OpenSSL_version_num(), + OpenSSL_version(OPENSSL_VERSION)) < 0) + exit(1); +#ifdef LIBRESSL_VERSION_NUMBER + if (fprintf(f, " libressl-%08lx", LIBRESSL_VERSION_NUMBER) < 0) + exit(1); +#endif + if (fputc('\n', f) == EOF || fclose(f) == EOF) + exit(1); + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + sslver=`cat conftest.ssllibver` + ssl_showver=`echo "$sslver" | sed 's/ libressl-.*//'` + # Check version is supported. + case "$sslver" in + 100*|10100*) # 1.0.x, 1.1.0x + as_fn_error $? "OpenSSL >= 1.1.1 required (have \"$ssl_showver\")" "$LINENO" 5 + ;; + 101*) ;; # 1.1.x + 200*) # LibreSSL + lver=`echo "$sslver" | sed 's/.*libressl-//'` + case "$lver" in + 2*|300*) # 2.x, 3.0.0 + as_fn_error $? "LibreSSL >= 3.1.0 required (have \"$ssl_showver\")" "$LINENO" 5 + ;; + *) ;; # Assume all other versions are good. + esac + ;; + 30*|40*) + # OpenSSL 3 & 4; we use the 1.1x API + # https://openssl.org/policies/general/versioning-policy.html + CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" + ;; + *) + as_fn_error $? "Unknown/unsupported OpenSSL version (\"$ssl_showver\")" "$LINENO" 5 + ;; + esac + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ssl_showver" >&5 +printf "%s\n" "$ssl_showver" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5 +printf "%s\n" "not found" >&6; } + as_fn_error $? "OpenSSL library not found." "$LINENO" 5 + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + + case "$host" in + x86_64-*) + case "$sslver" in + 3000004*) + as_fn_error $? "OpenSSL 3.0.4 has a potential RCE in its RSA implementation (CVE-2022-2274)" "$LINENO" 5 + ;; + esac + esac + + # Sanity check OpenSSL headers + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's headers match the library" >&5 +printf %s "checking whether OpenSSL's headers match the library... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking" >&2;} + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + +int +main (void) +{ + + exit(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + if test "x$openssl_check_nonfatal" = "x"; then + as_fn_error $? "Your OpenSSL headers do not match your + library. Check config.log for details. + If you are sure your installation is consistent, you can disable the check + by running \"./configure --without-openssl-header-check\". + Also see contrib/findssl.sh for help identifying header/library mismatches. + " "$LINENO" 5 + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Your OpenSSL headers do not match your + library. Check config.log for details. + Also see contrib/findssl.sh for help identifying header/library mismatches." >&5 +printf "%s\n" "$as_me: WARNING: Your OpenSSL headers do not match your + library. Check config.log for details. + Also see contrib/findssl.sh for help identifying header/library mismatches." >&2;} + fi + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if programs using OpenSSL functions will link" >&5 +printf %s "checking if programs using OpenSSL functions will link... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + ERR_load_crypto_strings(); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + LIBS="$LIBS -ldl" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if programs using OpenSSL need -ldl" >&5 +printf %s "checking if programs using OpenSSL need -ldl... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + ERR_load_crypto_strings(); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + CHANNELLIBS="$CHANNELLIBS -ldl" + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + ac_fn_c_check_func "$LINENO" "BN_is_prime_ex" "ac_cv_func_BN_is_prime_ex" +if test "x$ac_cv_func_BN_is_prime_ex" = xyes +then : + printf "%s\n" "#define HAVE_BN_IS_PRIME_EX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "DES_crypt" "ac_cv_func_DES_crypt" +if test "x$ac_cv_func_DES_crypt" = xyes +then : + printf "%s\n" "#define HAVE_DES_CRYPT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_DigestSign" "ac_cv_func_EVP_DigestSign" +if test "x$ac_cv_func_EVP_DigestSign" = xyes +then : + printf "%s\n" "#define HAVE_EVP_DIGESTSIGN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_DigestVerify" "ac_cv_func_EVP_DigestVerify" +if test "x$ac_cv_func_EVP_DigestVerify" = xyes +then : + printf "%s\n" "#define HAVE_EVP_DIGESTVERIFY 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_DigestFinal_ex" "ac_cv_func_EVP_DigestFinal_ex" +if test "x$ac_cv_func_EVP_DigestFinal_ex" = xyes +then : + printf "%s\n" "#define HAVE_EVP_DIGESTFINAL_EX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_DigestInit_ex" "ac_cv_func_EVP_DigestInit_ex" +if test "x$ac_cv_func_EVP_DigestInit_ex" = xyes +then : + printf "%s\n" "#define HAVE_EVP_DIGESTINIT_EX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_MD_CTX_cleanup" "ac_cv_func_EVP_MD_CTX_cleanup" +if test "x$ac_cv_func_EVP_MD_CTX_cleanup" = xyes +then : + printf "%s\n" "#define HAVE_EVP_MD_CTX_CLEANUP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_MD_CTX_copy_ex" "ac_cv_func_EVP_MD_CTX_copy_ex" +if test "x$ac_cv_func_EVP_MD_CTX_copy_ex" = xyes +then : + printf "%s\n" "#define HAVE_EVP_MD_CTX_COPY_EX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_MD_CTX_init" "ac_cv_func_EVP_MD_CTX_init" +if test "x$ac_cv_func_EVP_MD_CTX_init" = xyes +then : + printf "%s\n" "#define HAVE_EVP_MD_CTX_INIT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "HMAC_CTX_init" "ac_cv_func_HMAC_CTX_init" +if test "x$ac_cv_func_HMAC_CTX_init" = xyes +then : + printf "%s\n" "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "RSA_generate_key_ex" "ac_cv_func_RSA_generate_key_ex" +if test "x$ac_cv_func_RSA_generate_key_ex" = xyes +then : + printf "%s\n" "#define HAVE_RSA_GENERATE_KEY_EX 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "RSA_get_default_method" "ac_cv_func_RSA_get_default_method" +if test "x$ac_cv_func_RSA_get_default_method" = xyes +then : + printf "%s\n" "#define HAVE_RSA_GET_DEFAULT_METHOD 1" >>confdefs.h + +fi + + + # LibreSSL/OpenSSL API differences + ac_fn_c_check_func "$LINENO" "EC_POINT_get_affine_coordinates" "ac_cv_func_EC_POINT_get_affine_coordinates" +if test "x$ac_cv_func_EC_POINT_get_affine_coordinates" = xyes +then : + printf "%s\n" "#define HAVE_EC_POINT_GET_AFFINE_COORDINATES 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EC_POINT_get_affine_coordinates_GFp" "ac_cv_func_EC_POINT_get_affine_coordinates_GFp" +if test "x$ac_cv_func_EC_POINT_get_affine_coordinates_GFp" = xyes +then : + printf "%s\n" "#define HAVE_EC_POINT_GET_AFFINE_COORDINATES_GFP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EC_POINT_set_affine_coordinates" "ac_cv_func_EC_POINT_set_affine_coordinates" +if test "x$ac_cv_func_EC_POINT_set_affine_coordinates" = xyes +then : + printf "%s\n" "#define HAVE_EC_POINT_SET_AFFINE_COORDINATES 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EC_POINT_set_affine_coordinates_GFp" "ac_cv_func_EC_POINT_set_affine_coordinates_GFp" +if test "x$ac_cv_func_EC_POINT_set_affine_coordinates_GFp" = xyes +then : + printf "%s\n" "#define HAVE_EC_POINT_SET_AFFINE_COORDINATES_GFP 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_CIPHER_CTX_iv" "ac_cv_func_EVP_CIPHER_CTX_iv" +if test "x$ac_cv_func_EVP_CIPHER_CTX_iv" = xyes +then : + printf "%s\n" "#define HAVE_EVP_CIPHER_CTX_IV 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_CIPHER_CTX_iv_noconst" "ac_cv_func_EVP_CIPHER_CTX_iv_noconst" +if test "x$ac_cv_func_EVP_CIPHER_CTX_iv_noconst" = xyes +then : + printf "%s\n" "#define HAVE_EVP_CIPHER_CTX_IV_NOCONST 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_CIPHER_CTX_get_iv" "ac_cv_func_EVP_CIPHER_CTX_get_iv" +if test "x$ac_cv_func_EVP_CIPHER_CTX_get_iv" = xyes +then : + printf "%s\n" "#define HAVE_EVP_CIPHER_CTX_GET_IV 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_CIPHER_CTX_get_updated_iv" "ac_cv_func_EVP_CIPHER_CTX_get_updated_iv" +if test "x$ac_cv_func_EVP_CIPHER_CTX_get_updated_iv" = xyes +then : + printf "%s\n" "#define HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_CIPHER_CTX_set_iv" "ac_cv_func_EVP_CIPHER_CTX_set_iv" +if test "x$ac_cv_func_EVP_CIPHER_CTX_set_iv" = xyes +then : + printf "%s\n" "#define HAVE_EVP_CIPHER_CTX_SET_IV 1" >>confdefs.h + +fi + + + if test "x$openssl_engine" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5 +printf %s "checking for OpenSSL ENGINE support... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + +int +main (void) +{ + + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define USE_OPENSSL_ENGINE 1" >>confdefs.h + + +else $as_nop + as_fn_error $? "OpenSSL ENGINE support not found" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + fi + + # Check for OpenSSL without EVP_aes_{192,256}_cbc + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL lacks support for AES 192/256" >&5 +printf %s "checking whether OpenSSL lacks support for AES 192/256... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + +int +main (void) +{ + + exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define OPENSSL_LOBOTOMISED_AES 1" >>confdefs.h + + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if EVP_DigestUpdate returns an int" >&5 +printf %s "checking if EVP_DigestUpdate returns an int... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + +int +main (void) +{ + + if(EVP_DigestUpdate(NULL, NULL,0)) + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define OPENSSL_EVP_DIGESTUPDATE_VOID 1" >>confdefs.h + + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + # Check for various EVP support in OpenSSL + ac_fn_c_check_func "$LINENO" "EVP_sha256" "ac_cv_func_EVP_sha256" +if test "x$ac_cv_func_EVP_sha256" = xyes +then : + printf "%s\n" "#define HAVE_EVP_SHA256 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_sha384" "ac_cv_func_EVP_sha384" +if test "x$ac_cv_func_EVP_sha384" = xyes +then : + printf "%s\n" "#define HAVE_EVP_SHA384 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_sha512" "ac_cv_func_EVP_sha512" +if test "x$ac_cv_func_EVP_sha512" = xyes +then : + printf "%s\n" "#define HAVE_EVP_SHA512 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "EVP_chacha20" "ac_cv_func_EVP_chacha20" +if test "x$ac_cv_func_EVP_chacha20" = xyes +then : + printf "%s\n" "#define HAVE_EVP_CHACHA20 1" >>confdefs.h + +fi + + + # Check complete ECC support in OpenSSL + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_X9_62_prime256v1" >&5 +printf %s "checking whether OpenSSL has NID_X9_62_prime256v1... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #include + #include + +int +main (void) +{ + + EC_KEY *e = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + const EVP_MD *m = EVP_sha256(); /* We need this too */ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + enable_nistp256=1 +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_secp384r1" >&5 +printf %s "checking whether OpenSSL has NID_secp384r1... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #include + #include + +int +main (void) +{ + + EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp384r1); + const EVP_MD *m = EVP_sha384(); /* We need this too */ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + enable_nistp384=1 +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_secp521r1" >&5 +printf %s "checking whether OpenSSL has NID_secp521r1... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #include + #include + +int +main (void) +{ + + EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); + const EVP_MD *m = EVP_sha512(); /* We need this too */ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if OpenSSL's NID_secp521r1 is functional" >&5 +printf %s "checking if OpenSSL's NID_secp521r1 is functional... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross-compiling: assuming yes" >&5 +printf "%s\n" "$as_me: WARNING: cross-compiling: assuming yes" >&2;} + enable_nistp521=1 + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #include + #include + #include + +int +main (void) +{ + + EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); + const EVP_MD *m = EVP_sha512(); /* We need this too */ + exit(e == NULL || m == NULL); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + enable_nistp521=1 +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + + if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \ + test x$enable_nistp521 = x1; then + +printf "%s\n" "#define OPENSSL_HAS_ECC 1" >>confdefs.h + + ac_fn_c_check_func "$LINENO" "EC_KEY_METHOD_new" "ac_cv_func_EC_KEY_METHOD_new" +if test "x$ac_cv_func_EC_KEY_METHOD_new" = xyes +then : + printf "%s\n" "#define HAVE_EC_KEY_METHOD_NEW 1" >>confdefs.h + +fi + + openssl_ecc=yes + else + openssl_ecc=no + fi + if test x$enable_nistp256 = x1; then + +printf "%s\n" "#define OPENSSL_HAS_NISTP256 1" >>confdefs.h + + else + unsupported_algorithms="$unsupported_algorithms \ + ecdsa-sha2-nistp256 \ + ecdh-sha2-nistp256 \ + ecdsa-sha2-nistp256-cert-v01@openssh.com" + fi + if test x$enable_nistp384 = x1; then + +printf "%s\n" "#define OPENSSL_HAS_NISTP384 1" >>confdefs.h + + else + unsupported_algorithms="$unsupported_algorithms \ + ecdsa-sha2-nistp384 \ + ecdh-sha2-nistp384 \ + ecdsa-sha2-nistp384-cert-v01@openssh.com" + fi + if test x$enable_nistp521 = x1; then + +printf "%s\n" "#define OPENSSL_HAS_NISTP521 1" >>confdefs.h + + else + unsupported_algorithms="$unsupported_algorithms \ + ecdh-sha2-nistp521 \ + ecdsa-sha2-nistp521 \ + ecdsa-sha2-nistp521-cert-v01@openssh.com" + fi + + # Check libcrypto ED25519 support + ac_fn_c_check_func "$LINENO" "EVP_PKEY_get_raw_public_key" "ac_cv_func_EVP_PKEY_get_raw_public_key" +if test "x$ac_cv_func_EVP_PKEY_get_raw_public_key" = xyes +then : + printf "%s\n" "#define HAVE_EVP_PKEY_GET_RAW_PUBLIC_KEY 1" >>confdefs.h + +fi + + ac_fn_c_check_func "$LINENO" "EVP_PKEY_get_raw_private_key" "ac_cv_func_EVP_PKEY_get_raw_private_key" +if test "x$ac_cv_func_EVP_PKEY_get_raw_private_key" = xyes +then : + printf "%s\n" "#define HAVE_EVP_PKEY_GET_RAW_PRIVATE_KEY 1" >>confdefs.h + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has ED25519 support" >&5 +printf %s "checking whether OpenSSL has ED25519 support... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #ifdef OPENSSL_NO_EC + # error "OpenSSL has no EC support." + #endif + +int +main (void) +{ + + unsigned char buf[64]; + memset(buf, 0, sizeof(buf)); + exit(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, NULL, + buf, sizeof(buf)) == NULL); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define OPENSSL_HAS_ED25519 1" >>confdefs.h + + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +fi + +# PKCS11/U2F depend on OpenSSL and dlopen(). +enable_pkcs11=yes +enable_sk=yes + +ac_fn_check_decl "$LINENO" "OPENSSL_IS_AWSLC" "ac_cv_have_decl_OPENSSL_IS_AWSLC" "#include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_OPENSSL_IS_AWSLC" = xyes +then : + enable_pkcs11="disabled; PKCS#11 not supported with AWS-LC" +fi +if test "x$ac_cv_func_dlopen" != "xyes" ; then + enable_pkcs11="disabled; missing dlopen(3)" + enable_sk="disabled; missing dlopen(3)" +fi +if test "x$ac_cv_have_decl_RTLD_NOW" != "xyes" ; then + enable_pkcs11="disabled; missing RTLD_NOW" + enable_sk="disabled; missing RTLD_NOW" +fi +if test ! -z "$disable_pkcs11" ; then + enable_pkcs11="disabled by user" +fi +if test ! -z "$disable_sk" ; then + enable_sk="disabled by user" +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable PKCS11" >&5 +printf %s "checking whether to enable PKCS11... " >&6; } +if test "x$enable_pkcs11" = "xyes" ; then + +printf "%s\n" "#define ENABLE_PKCS11 /**/" >>confdefs.h + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_pkcs11" >&5 +printf "%s\n" "$enable_pkcs11" >&6; } + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable U2F" >&5 +printf %s "checking whether to enable U2F... " >&6; } +if test "x$enable_sk" = "xyes" ; then + +printf "%s\n" "#define ENABLE_SK /**/" >>confdefs.h + + SK_DUMMY_LIBRARY=regress/misc/sk-dummy/sk-dummy.so + +else + # Do not try to build sk-dummy library. + SK_DUMMY_LIBRARY="" + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_sk" >&5 +printf "%s\n" "$enable_sk" >&6; } + +# Now check for built-in security key support. +if test "x$enable_sk" = "xyes" -a "x$enable_sk_internal" != "xno" ; then + use_pkgconfig_for_libfido2= + if test "x$PKGCONFIG" != "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $PKGCONFIG knows about libfido2" >&5 +printf %s "checking if $PKGCONFIG knows about libfido2... " >&6; } + if "$PKGCONFIG" libfido2; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + use_pkgconfig_for_libfido2=yes + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + fi + if test "x$use_pkgconfig_for_libfido2" = "xyes"; then + LIBFIDO2=`$PKGCONFIG --libs libfido2` + CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libfido2`" + else + LIBFIDO2="-lfido2 -lcbor" + fi + OTHERLIBS=`echo $LIBFIDO2 | sed 's/-lfido2//'` + fido2_error= + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fido_init in -lfido2" >&5 +printf %s "checking for fido_init in -lfido2... " >&6; } +if test ${ac_cv_lib_fido2_fido_init+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lfido2 $OTHERLIBS + $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char fido_init (); +int +main (void) +{ +return fido_init (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_fido2_fido_init=yes +else $as_nop + ac_cv_lib_fido2_fido_init=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_fido2_fido_init" >&5 +printf "%s\n" "$ac_cv_lib_fido2_fido_init" >&6; } +if test "x$ac_cv_lib_fido2_fido_init" = xyes +then : + +else $as_nop + fido2_error="missing/unusable libfido2" +fi + + ac_fn_c_check_header_compile "$LINENO" "fido.h" "ac_cv_header_fido_h" "$ac_includes_default" +if test "x$ac_cv_header_fido_h" = xyes +then : + +else $as_nop + fido2_error="missing fido.h from libfido2" +fi + + ac_fn_c_check_header_compile "$LINENO" "fido/credman.h" "ac_cv_header_fido_credman_h" " #include + +" +if test "x$ac_cv_header_fido_credman_h" = xyes +then : + +else $as_nop + fido2_error="missing fido/credman.h from libfido2" +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for usable libfido2 installation" >&5 +printf %s "checking for usable libfido2 installation... " >&6; } + if test ! -z "$fido2_error" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $fido2_error" >&5 +printf "%s\n" "$fido2_error" >&6; } + if test "x$enable_sk_internal" = "xyes" ; then + as_fn_error $? "No usable libfido2 library/headers found" "$LINENO" 5 + fi + LIBFIDO2="" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + + +printf "%s\n" "#define ENABLE_SK_INTERNAL /**/" >>confdefs.h + + enable_sk="built-in" + saved_LIBS="$LIBS" + LIBS="$LIBFIDO2 $LIBS" + ac_fn_c_check_func "$LINENO" "fido_assert_set_clientdata" "ac_cv_func_fido_assert_set_clientdata" +if test "x$ac_cv_func_fido_assert_set_clientdata" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_ASSERT_SET_CLIENTDATA 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_cred_prot" "ac_cv_func_fido_cred_prot" +if test "x$ac_cv_func_fido_cred_prot" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_CRED_PROT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_cred_set_prot" "ac_cv_func_fido_cred_set_prot" +if test "x$ac_cv_func_fido_cred_set_prot" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_CRED_SET_PROT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_cred_set_clientdata" "ac_cv_func_fido_cred_set_clientdata" +if test "x$ac_cv_func_fido_cred_set_clientdata" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_CRED_SET_CLIENTDATA 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_dev_get_touch_begin" "ac_cv_func_fido_dev_get_touch_begin" +if test "x$ac_cv_func_fido_dev_get_touch_begin" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_DEV_GET_TOUCH_BEGIN 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_dev_get_touch_status" "ac_cv_func_fido_dev_get_touch_status" +if test "x$ac_cv_func_fido_dev_get_touch_status" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_DEV_GET_TOUCH_STATUS 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_dev_supports_cred_prot" "ac_cv_func_fido_dev_supports_cred_prot" +if test "x$ac_cv_func_fido_dev_supports_cred_prot" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_DEV_SUPPORTS_CRED_PROT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "fido_dev_is_winhello" "ac_cv_func_fido_dev_is_winhello" +if test "x$ac_cv_func_fido_dev_is_winhello" = xyes +then : + printf "%s\n" "#define HAVE_FIDO_DEV_IS_WINHELLO 1" >>confdefs.h + +fi + + LIBS="$saved_LIBS" + fi +fi + +# Check for standalone SecurityKeyProvider +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to build standalone sk-libfido2" >&5 +printf %s "checking whether to build standalone sk-libfido2... " >&6; } +if test "x$enable_sk_standalone" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + SK_STANDALONE=sk-libfido2$SHLIBEXT + +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + SK_STANDALONE="" + +fi + +ac_fn_c_check_func "$LINENO" "arc4random" "ac_cv_func_arc4random" +if test "x$ac_cv_func_arc4random" = xyes +then : + printf "%s\n" "#define HAVE_ARC4RANDOM 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "arc4random_buf" "ac_cv_func_arc4random_buf" +if test "x$ac_cv_func_arc4random_buf" = xyes +then : + printf "%s\n" "#define HAVE_ARC4RANDOM_BUF 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "arc4random_stir" "ac_cv_func_arc4random_stir" +if test "x$ac_cv_func_arc4random_stir" = xyes +then : + printf "%s\n" "#define HAVE_ARC4RANDOM_STIR 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "arc4random_uniform" "ac_cv_func_arc4random_uniform" +if test "x$ac_cv_func_arc4random_uniform" = xyes +then : + printf "%s\n" "#define HAVE_ARC4RANDOM_UNIFORM 1" >>confdefs.h + +fi + +### Configure cryptographic random number support + +# Check whether OpenSSL seeds itself +if test "x$openssl" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's PRNG is internally seeded" >&5 +printf %s "checking whether OpenSSL's PRNG is internally seeded... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming yes" >&2;} + # This is safe, since we will fatal() at runtime if + # OpenSSL is not seeded correctly. + OPENSSL_SEEDS_ITSELF=yes + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + +int +main (void) +{ + + exit(RAND_status() == 1 ? 0 : 1); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + OPENSSL_SEEDS_ITSELF=yes + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +# PRNGD TCP socket + +# Check whether --with-prngd-port was given. +if test ${with_prngd_port+y} +then : + withval=$with_prngd_port; + case "$withval" in + no) + withval="" + ;; + [0-9]*) + ;; + *) + as_fn_error $? "You must specify a numeric port number for --with-prngd-port" "$LINENO" 5 + ;; + esac + if test ! -z "$withval" ; then + PRNGD_PORT="$withval" + +printf "%s\n" "#define PRNGD_PORT $PRNGD_PORT" >>confdefs.h + + fi + + +fi + + +# PRNGD Unix domain socket + +# Check whether --with-prngd-socket was given. +if test ${with_prngd_socket+y} +then : + withval=$with_prngd_socket; + case "$withval" in + yes) + withval="/var/run/egd-pool" + ;; + no) + withval="" + ;; + /*) + ;; + *) + as_fn_error $? "You must specify an absolute path to the entropy socket" "$LINENO" 5 + ;; + esac + + if test ! -z "$withval" ; then + if test ! -z "$PRNGD_PORT" ; then + as_fn_error $? "You may not specify both a PRNGD/EGD port and socket" "$LINENO" 5 + fi + if test ! -r "$withval" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Entropy socket is not readable" >&5 +printf "%s\n" "$as_me: WARNING: Entropy socket is not readable" >&2;} + fi + PRNGD_SOCKET="$withval" + +printf "%s\n" "#define PRNGD_SOCKET \"$PRNGD_SOCKET\"" >>confdefs.h + + fi + +else $as_nop + + # Check for existing socket only if we don't have a random device already + if test "x$OPENSSL_SEEDS_ITSELF" != "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for PRNGD/EGD socket" >&5 +printf %s "checking for PRNGD/EGD socket... " >&6; } + # Insert other locations here + for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do + if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then + PRNGD_SOCKET="$sock" + printf "%s\n" "#define PRNGD_SOCKET \"$PRNGD_SOCKET\"" >>confdefs.h + + break; + fi + done + if test ! -z "$PRNGD_SOCKET" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PRNGD_SOCKET" >&5 +printf "%s\n" "$PRNGD_SOCKET" >&6; } + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5 +printf "%s\n" "not found" >&6; } + fi + fi + + +fi + + +# Which randomness source do we use? +if test ! -z "$PRNGD_PORT" ; then + RAND_MSG="PRNGd port $PRNGD_PORT" +elif test ! -z "$PRNGD_SOCKET" ; then + RAND_MSG="PRNGd socket $PRNGD_SOCKET" +elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then + +printf "%s\n" "#define OPENSSL_PRNG_ONLY 1" >>confdefs.h + + RAND_MSG="OpenSSL internal ONLY" +elif test "x$openssl" = "xno" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible" >&5 +printf "%s\n" "$as_me: WARNING: OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible" >&2;} +else + as_fn_error $? "OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options" "$LINENO" 5 +fi +LIBS="$nocrypto_saved_LIBS" + +saved_LIBS="$LIBS" +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ia_openinfo in -liaf" >&5 +printf %s "checking for ia_openinfo in -liaf... " >&6; } +if test ${ac_cv_lib_iaf_ia_openinfo+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-liaf $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char ia_openinfo (); +int +main (void) +{ +return ia_openinfo (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_iaf_ia_openinfo=yes +else $as_nop + ac_cv_lib_iaf_ia_openinfo=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_iaf_ia_openinfo" >&5 +printf "%s\n" "$ac_cv_lib_iaf_ia_openinfo" >&6; } +if test "x$ac_cv_lib_iaf_ia_openinfo" = xyes +then : + + LIBS="$LIBS -liaf" + + for ac_func in set_id +do : + ac_fn_c_check_func "$LINENO" "set_id" "ac_cv_func_set_id" +if test "x$ac_cv_func_set_id" = xyes +then : + printf "%s\n" "#define HAVE_SET_ID 1" >>confdefs.h + SSHDLIBS="$SSHDLIBS -liaf" + +printf "%s\n" "#define HAVE_LIBIAF 1" >>confdefs.h + + +fi + +done + +fi + +LIBS="$saved_LIBS" + +# Check for crypt() in libcrypt. If we have it, we only need it for sshd. +saved_LIBS="$LIBS" +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5 +printf %s "checking for crypt in -lcrypt... " >&6; } +if test ${ac_cv_lib_crypt_crypt+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcrypt $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char crypt (); +int +main (void) +{ +return crypt (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_crypt_crypt=yes +else $as_nop + ac_cv_lib_crypt_crypt=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5 +printf "%s\n" "$ac_cv_lib_crypt_crypt" >&6; } +if test "x$ac_cv_lib_crypt_crypt" = xyes +then : + + LIBS="-lcrypt $LIBS" + SSHDLIBS="-lcrypt $SSHDLIBS" + +fi + +ac_fn_c_check_func "$LINENO" "crypt" "ac_cv_func_crypt" +if test "x$ac_cv_func_crypt" = xyes +then : + printf "%s\n" "#define HAVE_CRYPT 1" >>confdefs.h + +fi + +LIBS="$saved_LIBS" + +# Check for PAM libs +PAM_MSG="no" + +# Check whether --with-pam was given. +if test ${with_pam+y} +then : + withval=$with_pam; + if test "x$withval" != "xno" ; then + if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ + test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then + as_fn_error $? "PAM headers not found" "$LINENO" 5 + fi + + saved_LIBS="$LIBS" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +printf %s "checking for dlopen in -ldl... " >&6; } +if test ${ac_cv_lib_dl_dlopen+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char dlopen (); +int +main (void) +{ +return dlopen (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_dl_dlopen=yes +else $as_nop + ac_cv_lib_dl_dlopen=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = xyes +then : + printf "%s\n" "#define HAVE_LIBDL 1" >>confdefs.h + + LIBS="-ldl $LIBS" + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for pam_set_item in -lpam" >&5 +printf %s "checking for pam_set_item in -lpam... " >&6; } +if test ${ac_cv_lib_pam_pam_set_item+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpam $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char pam_set_item (); +int +main (void) +{ +return pam_set_item (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_pam_pam_set_item=yes +else $as_nop + ac_cv_lib_pam_pam_set_item=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pam_pam_set_item" >&5 +printf "%s\n" "$ac_cv_lib_pam_pam_set_item" >&6; } +if test "x$ac_cv_lib_pam_pam_set_item" = xyes +then : + printf "%s\n" "#define HAVE_LIBPAM 1" >>confdefs.h + + LIBS="-lpam $LIBS" + +else $as_nop + as_fn_error $? "*** libpam missing" "$LINENO" 5 +fi + + ac_fn_c_check_func "$LINENO" "pam_getenvlist" "ac_cv_func_pam_getenvlist" +if test "x$ac_cv_func_pam_getenvlist" = xyes +then : + printf "%s\n" "#define HAVE_PAM_GETENVLIST 1" >>confdefs.h + +fi + + ac_fn_c_check_func "$LINENO" "pam_putenv" "ac_cv_func_pam_putenv" +if test "x$ac_cv_func_pam_putenv" = xyes +then : + printf "%s\n" "#define HAVE_PAM_PUTENV 1" >>confdefs.h + +fi + + LIBS="$saved_LIBS" + + PAM_MSG="yes" + + SSHDLIBS="$SSHDLIBS -lpam" + +printf "%s\n" "#define USE_PAM 1" >>confdefs.h + + + if test $ac_cv_lib_dl_dlopen = yes; then + case "$LIBS" in + *-ldl*) + # libdl already in LIBS + ;; + *) + SSHDLIBS="$SSHDLIBS -ldl" + ;; + esac + fi + fi + + +fi + + + +# Check whether --with-pam-service was given. +if test ${with_pam_service+y} +then : + withval=$with_pam_service; + if test "x$withval" != "xno" && \ + test "x$withval" != "xyes" ; then + +printf "%s\n" "#define SSHD_PAM_SERVICE \"$withval\"" >>confdefs.h + + fi + + +fi + + +# Check for older PAM +if test "x$PAM_MSG" = "xyes" ; then + # Check PAM strerror arguments (old PAM) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether pam_strerror takes only one argument" >&5 +printf %s "checking whether pam_strerror takes only one argument... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if defined(HAVE_SECURITY_PAM_APPL_H) +#include +#elif defined (HAVE_PAM_PAM_APPL_H) +#include +#endif + +int +main (void) +{ + +(void)pam_strerror((pam_handle_t *)NULL, -1); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +else $as_nop + + +printf "%s\n" "#define HAVE_OLD_PAM 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + PAM_MSG="yes (old library)" + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +case "$host" in +*-*-cygwin*) + SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER + ;; +*) + SSH_PRIVSEP_USER=sshd + ;; +esac + +# Check whether --with-privsep-user was given. +if test ${with_privsep_user+y} +then : + withval=$with_privsep_user; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + SSH_PRIVSEP_USER=$withval + fi + + +fi + +if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then + +printf "%s\n" "#define SSH_PRIVSEP_USER CYGWIN_SSH_PRIVSEP_USER" >>confdefs.h + +else + +printf "%s\n" "#define SSH_PRIVSEP_USER \"$SSH_PRIVSEP_USER\"" >>confdefs.h + +fi + + +if test "x$have_linux_no_new_privs" = "x1" ; then +ac_fn_check_decl "$LINENO" "SECCOMP_MODE_FILTER" "ac_cv_have_decl_SECCOMP_MODE_FILTER" " + #include + #include + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_SECCOMP_MODE_FILTER" = xyes +then : + have_seccomp_filter=1 +fi +fi +if test "x$have_seccomp_filter" = "x1" ; then +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking kernel for seccomp_filter support" >&5 +printf %s "checking kernel for seccomp_filter support... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + #include + #include + #include + +int +main (void) +{ + int i = $seccomp_audit_arch; + errno = 0; + prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0); + exit(errno == EFAULT ? 0 : 1); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + # Disable seccomp filter as a target + have_seccomp_filter=0 + + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +fi + +ac_fn_c_check_member "$LINENO" "struct pollfd" "fd" "ac_cv_member_struct_pollfd_fd" " +#include +#ifdef HAVE_POLL_H +#include +#endif +#ifdef HAVE_SYS_POLL_H +#include +#endif + +" +if test "x$ac_cv_member_struct_pollfd_fd" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_POLLFD_FD 1" >>confdefs.h + + +fi + + +ac_fn_c_check_type "$LINENO" "nfds_t" "ac_cv_type_nfds_t" " +#include +#ifdef HAVE_POLL_H +#include +#endif +#ifdef HAVE_SYS_POLL_H +#include +#endif + +" +if test "x$ac_cv_type_nfds_t" = xyes +then : + +printf "%s\n" "#define HAVE_NFDS_T 1" >>confdefs.h + + +fi + + +if test "x$ac_cv_type_nfds_t" != "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if poll nfds_t is unsigned long" >&5 +printf %s "checking if poll nfds_t is unsigned long... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef HAVE_POLL_H +#include +#endif +#ifdef HAVE_SYS_POLL_H +#include +#endif + int poll(struct pollfd *, unsigned long, int timeout); + +int +main (void) +{ +return poll(0, 0, 0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define POLL_NFDS_T_ULONG 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +# Decide which sandbox style to use +sandbox_arg="" + +# Check whether --with-sandbox was given. +if test ${with_sandbox+y} +then : + withval=$with_sandbox; + if test "x$withval" = "xyes" ; then + sandbox_arg="" + else + sandbox_arg="$withval" + fi + + +fi + + +if test "x$sandbox_arg" != "xno"; then +# POSIX specifies that poll() "shall fail with EINVAL if the nfds argument +# is greater than OPEN_MAX". On some platforms that includes implementions +# of select in userspace on top of poll() so check both work with rlimit +# NOFILES so check that both work before enabling the rlimit sandbox. + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if select and/or poll works with descriptor rlimit" >&5 +printf %s "checking if select and/or poll works with descriptor rlimit... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming no" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming no" >&2;} + select_works_with_rlimit=no + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef HAVE_SYS_TIME_H +# include +#endif +#include +#ifdef HAVE_SYS_SELECT_H +# include +#endif +#ifdef HAVE_POLL_H +# include +#elif HAVE_SYS_POLL_H +# include +#endif +#include +#include +#include + +int +main (void) +{ + + struct rlimit rl_zero; + int fd, r; + fd_set fds; + struct timeval tv; +#ifdef HAVE_POLL + struct pollfd pfd; +#endif + + fd = open("/dev/null", O_RDONLY); + FD_ZERO(&fds); + FD_SET(fd, &fds); + rl_zero.rlim_cur = rl_zero.rlim_max = 0; + setrlimit(RLIMIT_FSIZE, &rl_zero); + setrlimit(RLIMIT_NOFILE, &rl_zero); + tv.tv_sec = 1; + tv.tv_usec = 0; + r = select(fd+1, &fds, NULL, NULL, &tv); + if (r == -1) + exit(1); +#ifdef HAVE_POLL + pfd.fd = fd; + pfd.events = POLLIN; + r = poll(&pfd, 1, 1); + if (r == -1) + exit(2); +#endif + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + select_works_with_rlimit=yes +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + select_works_with_rlimit=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if setrlimit(RLIMIT_NOFILE,{0,0}) works" >&5 +printf %s "checking if setrlimit(RLIMIT_NOFILE,{0,0}) works... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming yes" >&2;} + rlimit_nofile_zero_works=yes + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef HAVE_SYS_TIME_H +# include +#endif +#include +#include +#include + +int +main (void) +{ + + struct rlimit rl_zero; + int r; + + rl_zero.rlim_cur = rl_zero.rlim_max = 0; + r = setrlimit(RLIMIT_NOFILE, &rl_zero); + exit (r == -1 ? 1 : 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + rlimit_nofile_zero_works=yes +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + rlimit_nofile_zero_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if setrlimit RLIMIT_FSIZE works" >&5 +printf %s "checking if setrlimit RLIMIT_FSIZE works... " >&6; } + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: assuming yes" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + + struct rlimit rl_zero; + + rl_zero.rlim_cur = rl_zero.rlim_max = 0; + exit(setrlimit(RLIMIT_FSIZE, &rl_zero) != 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +printf "%s\n" "#define SANDBOX_SKIP_RLIMIT_FSIZE 1" >>confdefs.h + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +if test "x$sandbox_arg" = "xdarwin" || \ + ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ + test "x$ac_cv_header_sandbox_h" = "xyes") ; then + test "x$ac_cv_func_sandbox_init" != "xyes" -o \ + "x$ac_cv_header_sandbox_h" != "xyes" && \ + as_fn_error $? "Darwin seatbelt sandbox requires sandbox.h and sandbox_init function" "$LINENO" 5 + SANDBOX_STYLE="darwin" + +printf "%s\n" "#define SANDBOX_DARWIN 1" >>confdefs.h + +elif test "x$sandbox_arg" = "xseccomp_filter" || \ + ( test -z "$sandbox_arg" && \ + test "x$have_seccomp_filter" = "x1" && \ + test "x$ac_cv_header_elf_h" = "xyes" && \ + test "x$ac_cv_header_linux_audit_h" = "xyes" && \ + test "x$ac_cv_header_linux_filter_h" = "xyes" && \ + test "x$seccomp_audit_arch" != "x" && \ + test "x$have_linux_no_new_privs" = "x1" && \ + test "x$ac_cv_func_prctl" = "xyes" ) ; then + test "x$seccomp_audit_arch" = "x" && \ + as_fn_error $? "seccomp_filter sandbox not supported on $host" "$LINENO" 5 + test "x$have_linux_no_new_privs" != "x1" && \ + as_fn_error $? "seccomp_filter sandbox requires PR_SET_NO_NEW_PRIVS" "$LINENO" 5 + test "x$have_seccomp_filter" != "x1" && \ + as_fn_error $? "seccomp_filter sandbox requires seccomp headers" "$LINENO" 5 + test "x$ac_cv_func_prctl" != "xyes" && \ + as_fn_error $? "seccomp_filter sandbox requires prctl function" "$LINENO" 5 + SANDBOX_STYLE="seccomp_filter" + +printf "%s\n" "#define SANDBOX_SECCOMP_FILTER 1" >>confdefs.h + +elif test "x$sandbox_arg" = "xcapsicum" || \ + ( test -z "$sandbox_arg" && \ + test "x$disable_capsicum" != "xyes" && \ + test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \ + test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then + test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \ + as_fn_error $? "capsicum sandbox requires sys/capsicum.h header" "$LINENO" 5 + test "x$ac_cv_func_cap_rights_limit" != "xyes" && \ + as_fn_error $? "capsicum sandbox requires cap_rights_limit function" "$LINENO" 5 + SANDBOX_STYLE="capsicum" + +printf "%s\n" "#define SANDBOX_CAPSICUM 1" >>confdefs.h + +elif test "x$sandbox_arg" = "xrlimit" || \ + ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" && \ + test "x$select_works_with_rlimit" = "xyes" && \ + test "x$rlimit_nofile_zero_works" = "xyes" ) ; then + test "x$ac_cv_func_setrlimit" != "xyes" && \ + as_fn_error $? "rlimit sandbox requires setrlimit function" "$LINENO" 5 + test "x$select_works_with_rlimit" != "xyes" && \ + as_fn_error $? "rlimit sandbox requires select to work with rlimit" "$LINENO" 5 + SANDBOX_STYLE="rlimit" + +printf "%s\n" "#define SANDBOX_RLIMIT 1" >>confdefs.h + +elif test "x$sandbox_arg" = "xsolaris" || \ + ( test -z "$sandbox_arg" && test "x$SOLARIS_PRIVS" = "xyes" ) ; then + SANDBOX_STYLE="solaris" + +printf "%s\n" "#define SANDBOX_SOLARIS 1" >>confdefs.h + +elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ + test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then + SANDBOX_STYLE="none" + +printf "%s\n" "#define SANDBOX_NULL 1" >>confdefs.h + +else + as_fn_error $? "unsupported --with-sandbox" "$LINENO" 5 +fi + +# Cheap hack to ensure NEWS-OS libraries are arranged right. +if test ! -z "$SONY" ; then + LIBS="$LIBS -liberty"; +fi + +# Check for long long datatypes +ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default" +if test "x$ac_cv_type_long_long" = xyes +then : + +printf "%s\n" "#define HAVE_LONG_LONG 1" >>confdefs.h + + +fi +ac_fn_c_check_type "$LINENO" "unsigned long long" "ac_cv_type_unsigned_long_long" "$ac_includes_default" +if test "x$ac_cv_type_unsigned_long_long" = xyes +then : + +printf "%s\n" "#define HAVE_UNSIGNED_LONG_LONG 1" >>confdefs.h + + +fi +ac_fn_c_check_type "$LINENO" "long double" "ac_cv_type_long_double" "$ac_includes_default" +if test "x$ac_cv_type_long_double" = xyes +then : + +printf "%s\n" "#define HAVE_LONG_DOUBLE 1" >>confdefs.h + + +fi + + +# Check datatype sizes +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking size of short int" >&5 +printf %s "checking size of short int... " >&6; } +if test ${ac_cv_sizeof_short_int+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (short int))" "ac_cv_sizeof_short_int" "$ac_includes_default" +then : + +else $as_nop + if test "$ac_cv_type_short_int" = yes; then + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (short int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_short_int=0 + fi +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_short_int" >&5 +printf "%s\n" "$ac_cv_sizeof_short_int" >&6; } + + + +printf "%s\n" "#define SIZEOF_SHORT_INT $ac_cv_sizeof_short_int" >>confdefs.h + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking size of int" >&5 +printf %s "checking size of int... " >&6; } +if test ${ac_cv_sizeof_int+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (int))" "ac_cv_sizeof_int" "$ac_includes_default" +then : + +else $as_nop + if test "$ac_cv_type_int" = yes; then + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_int=0 + fi +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_int" >&5 +printf "%s\n" "$ac_cv_sizeof_int" >&6; } + + + +printf "%s\n" "#define SIZEOF_INT $ac_cv_sizeof_int" >>confdefs.h + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking size of long int" >&5 +printf %s "checking size of long int... " >&6; } +if test ${ac_cv_sizeof_long_int+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long int))" "ac_cv_sizeof_long_int" "$ac_includes_default" +then : + +else $as_nop + if test "$ac_cv_type_long_int" = yes; then + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (long int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_long_int=0 + fi +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_int" >&5 +printf "%s\n" "$ac_cv_sizeof_long_int" >&6; } + + + +printf "%s\n" "#define SIZEOF_LONG_INT $ac_cv_sizeof_long_int" >>confdefs.h + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking size of long long int" >&5 +printf %s "checking size of long long int... " >&6; } +if test ${ac_cv_sizeof_long_long_int+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long int))" "ac_cv_sizeof_long_long_int" "$ac_includes_default" +then : + +else $as_nop + if test "$ac_cv_type_long_long_int" = yes; then + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (long long int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_long_long_int=0 + fi +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long_int" >&5 +printf "%s\n" "$ac_cv_sizeof_long_long_int" >&6; } + + + +printf "%s\n" "#define SIZEOF_LONG_LONG_INT $ac_cv_sizeof_long_long_int" >>confdefs.h + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking size of time_t" >&5 +printf %s "checking size of time_t... " >&6; } +if test ${ac_cv_sizeof_time_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (time_t))" "ac_cv_sizeof_time_t" " + #include + #ifdef HAVE_SYS_TIME_H + # include + #endif + #ifdef HAVE_TIME_H + # include + #endif + + +" +then : + +else $as_nop + if test "$ac_cv_type_time_t" = yes; then + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (time_t) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_time_t=0 + fi +fi + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_time_t" >&5 +printf "%s\n" "$ac_cv_sizeof_time_t" >&6; } + + + +printf "%s\n" "#define SIZEOF_TIME_T $ac_cv_sizeof_time_t" >>confdefs.h + + + +# Sanity check long long for some platforms (AIX) +if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then + ac_cv_sizeof_long_long_int=0 +fi + +# compute LLONG_MIN and LLONG_MAX if we don't know them. +if test -z "$have_llong_max" && test -z "$have_long_long_max"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for max value of long long" >&5 +printf %s "checking for max value of long long... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking" >&2;} + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +/* Why is this so damn hard? */ +#ifdef __GNUC__ +# undef __GNUC__ +#endif +#define __USE_ISOC99 +#include +#define DATA "conftest.llminmax" +#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) + +/* + * printf in libc on some platforms (eg old Tru64) does not understand %lld so + * we do this the hard way. + */ +static int +fprint_ll(FILE *f, long long n) +{ + unsigned int i; + int l[sizeof(long long) * 8]; + + if (n < 0) + if (fprintf(f, "-") < 0) + return -1; + for (i = 0; n != 0; i++) { + l[i] = my_abs(n % 10); + n /= 10; + } + do { + if (fprintf(f, "%d", l[--i]) < 0) + return -1; + } while (i != 0); + if (fprintf(f, " ") < 0) + return -1; + return 0; +} + +int +main (void) +{ + + FILE *f; + long long i, llmin, llmax = 0; + + if((f = fopen(DATA,"w")) == NULL) + exit(1); + +#if defined(LLONG_MIN) && defined(LLONG_MAX) + fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); + llmin = LLONG_MIN; + llmax = LLONG_MAX; +#else + fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); + /* This will work on one's complement and two's complement */ + for (i = 1; i > llmax; i <<= 1, i++) + llmax = i; + llmin = llmax + 1LL; /* wrap */ +#endif + + /* Sanity check */ + if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax + || llmax - 1 > llmax || llmin == llmax || llmin == 0 + || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { + fprintf(f, "unknown unknown\n"); + exit(2); + } + + if (fprint_ll(f, llmin) < 0) + exit(3); + if (fprint_ll(f, llmax) < 0) + exit(4); + if (fclose(f) < 0) + exit(5); + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + llong_min=`$AWK '{print $1}' conftest.llminmax` + llong_max=`$AWK '{print $2}' conftest.llminmax` + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $llong_max" >&5 +printf "%s\n" "$llong_max" >&6; } + +printf "%s\n" "#define LLONG_MAX ${llong_max}LL" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for min value of long long" >&5 +printf %s "checking for min value of long long... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $llong_min" >&5 +printf "%s\n" "$llong_min" >&6; } + +printf "%s\n" "#define LLONG_MIN ${llong_min}LL" >>confdefs.h + + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: not found" >&5 +printf "%s\n" "not found" >&6; } + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + +ac_fn_check_decl "$LINENO" "UINT32_MAX" "ac_cv_have_decl_UINT32_MAX" " +#ifdef HAVE_SYS_LIMITS_H +# include +#endif +#ifdef HAVE_LIMITS_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_UINT32_MAX" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_UINT32_MAX $ac_have_decl" >>confdefs.h + + +# More checks for data types +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for u_int type" >&5 +printf %s "checking for u_int type... " >&6; } +if test ${ac_cv_have_u_int+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + u_int a; a = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_u_int="yes" +else $as_nop + ac_cv_have_u_int="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_int" >&5 +printf "%s\n" "$ac_cv_have_u_int" >&6; } +if test "x$ac_cv_have_u_int" = "xyes" ; then + +printf "%s\n" "#define HAVE_U_INT 1" >>confdefs.h + + have_u_int=1 +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for intXX_t types" >&5 +printf %s "checking for intXX_t types... " >&6; } +if test ${ac_cv_have_intxx_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + int8_t a; int16_t b; int32_t c; a = b = c = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_intxx_t="yes" +else $as_nop + ac_cv_have_intxx_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_intxx_t" >&5 +printf "%s\n" "$ac_cv_have_intxx_t" >&6; } +if test "x$ac_cv_have_intxx_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_INTXX_T 1" >>confdefs.h + + have_intxx_t=1 +fi + +if (test -z "$have_intxx_t" && \ + test "x$ac_cv_header_stdint_h" = "xyes") +then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for intXX_t types in stdint.h" >&5 +printf %s "checking for intXX_t types in stdint.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + int8_t a; int16_t b; int32_t c; a = b = c = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + printf "%s\n" "#define HAVE_INTXX_T 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for int64_t type" >&5 +printf %s "checking for int64_t type... " >&6; } +if test ${ac_cv_have_int64_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef HAVE_STDINT_H +# include +#endif +#include +#ifdef HAVE_SYS_BITYPES_H +# include +#endif + +int +main (void) +{ + +int64_t a; a = 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_int64_t="yes" +else $as_nop + ac_cv_have_int64_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_int64_t" >&5 +printf "%s\n" "$ac_cv_have_int64_t" >&6; } +if test "x$ac_cv_have_int64_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_INT64_T 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for u_intXX_t types" >&5 +printf %s "checking for u_intXX_t types... " >&6; } +if test ${ac_cv_have_u_intxx_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_u_intxx_t="yes" +else $as_nop + ac_cv_have_u_intxx_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_intxx_t" >&5 +printf "%s\n" "$ac_cv_have_u_intxx_t" >&6; } +if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_U_INTXX_T 1" >>confdefs.h + + have_u_intxx_t=1 +fi + +if test -z "$have_u_intxx_t" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for u_intXX_t types in sys/socket.h" >&5 +printf %s "checking for u_intXX_t types in sys/socket.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + printf "%s\n" "#define HAVE_U_INTXX_T 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for u_int64_t types" >&5 +printf %s "checking for u_int64_t types... " >&6; } +if test ${ac_cv_have_u_int64_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + u_int64_t a; a = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_u_int64_t="yes" +else $as_nop + ac_cv_have_u_int64_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_int64_t" >&5 +printf "%s\n" "$ac_cv_have_u_int64_t" >&6; } +if test "x$ac_cv_have_u_int64_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_U_INT64_T 1" >>confdefs.h + + have_u_int64_t=1 +fi + +if (test -z "$have_u_int64_t" && \ + test "x$ac_cv_header_sys_bitypes_h" = "xyes") +then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for u_int64_t type in sys/bitypes.h" >&5 +printf %s "checking for u_int64_t type in sys/bitypes.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + u_int64_t a; a = 1 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + printf "%s\n" "#define HAVE_U_INT64_T 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +if test -z "$have_u_intxx_t" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types" >&5 +printf %s "checking for uintXX_t types... " >&6; } +if test ${ac_cv_have_uintxx_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include + +int +main (void) +{ + + uint8_t a; + uint16_t b; + uint32_t c; + a = b = c = 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_uintxx_t="yes" +else $as_nop + ac_cv_have_uintxx_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_uintxx_t" >&5 +printf "%s\n" "$ac_cv_have_uintxx_t" >&6; } + if test "x$ac_cv_have_uintxx_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_UINTXX_T 1" >>confdefs.h + + fi +fi + +if (test -z "$have_uintxx_t" && \ + test "x$ac_cv_header_stdint_h" = "xyes") +then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types in stdint.h" >&5 +printf %s "checking for uintXX_t types in stdint.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + printf "%s\n" "#define HAVE_UINTXX_T 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +if (test -z "$have_uintxx_t" && \ + test "x$ac_cv_header_inttypes_h" = "xyes") +then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types in inttypes.h" >&5 +printf %s "checking for uintXX_t types in inttypes.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + printf "%s\n" "#define HAVE_UINTXX_T 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ + test "x$ac_cv_header_sys_bitypes_h" = "xyes") +then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5 +printf %s "checking for intXX_t and u_intXX_t types in sys/bitypes.h... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include + +int +main (void) +{ + + int8_t a; int16_t b; int32_t c; + u_int8_t e; u_int16_t f; u_int32_t g; + a = b = c = e = f = g = 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + printf "%s\n" "#define HAVE_U_INTXX_T 1" >>confdefs.h + + printf "%s\n" "#define HAVE_INTXX_T 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for u_char" >&5 +printf %s "checking for u_char... " >&6; } +if test ${ac_cv_have_u_char+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + u_char foo; foo = 125; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_u_char="yes" +else $as_nop + ac_cv_have_u_char="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_char" >&5 +printf "%s\n" "$ac_cv_have_u_char" >&6; } +if test "x$ac_cv_have_u_char" = "xyes" ; then + +printf "%s\n" "#define HAVE_U_CHAR 1" >>confdefs.h + +fi + +ac_fn_c_check_type "$LINENO" "intmax_t" "ac_cv_type_intmax_t" " +#include +#ifdef HAVE_STDINT_H +# include +#endif + +" +if test "x$ac_cv_type_intmax_t" = xyes +then : + +printf "%s\n" "#define HAVE_INTMAX_T 1" >>confdefs.h + + +fi +ac_fn_c_check_type "$LINENO" "uintmax_t" "ac_cv_type_uintmax_t" " +#include +#ifdef HAVE_STDINT_H +# include +#endif + +" +if test "x$ac_cv_type_uintmax_t" = xyes +then : + +printf "%s\n" "#define HAVE_UINTMAX_T 1" >>confdefs.h + + +fi + + + + ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "#include +#include +" +if test "x$ac_cv_type_socklen_t" = xyes +then : + +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for socklen_t equivalent" >&5 +printf %s "checking for socklen_t equivalent... " >&6; } + if test ${curl_cv_socklen_t_equiv+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + # Systems have either "struct sockaddr *" or + # "void *" as the second argument to getpeername + curl_cv_socklen_t_equiv= + for arg2 in "struct sockaddr" void; do + for t in int size_t unsigned long "unsigned long"; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + + #include + #include + int getpeername (int, $arg2 *, $t *); + +int +main (void) +{ + + $t len; + getpeername(0,0,&len); + + ; + return 0; +} + +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + + curl_cv_socklen_t_equiv="$t" + break + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + done + done + + if test "x$curl_cv_socklen_t_equiv" = x; then + as_fn_error $? "Cannot find a type to use in place of socklen_t" "$LINENO" 5 + fi + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $curl_cv_socklen_t_equiv" >&5 +printf "%s\n" "$curl_cv_socklen_t_equiv" >&6; } + +printf "%s\n" "#define socklen_t $curl_cv_socklen_t_equiv" >>confdefs.h + +fi + + + +ac_fn_c_check_type "$LINENO" "sig_atomic_t" "ac_cv_type_sig_atomic_t" "#include +" +if test "x$ac_cv_type_sig_atomic_t" = xyes +then : + +printf "%s\n" "#define HAVE_SIG_ATOMIC_T 1" >>confdefs.h + + +fi +ac_fn_c_check_type "$LINENO" "sighandler_t" "ac_cv_type_sighandler_t" "#include +" +if test "x$ac_cv_type_sighandler_t" = xyes +then : + +printf "%s\n" "#define HAVE_SIGHANDLER_T 1" >>confdefs.h + + +fi + +ac_fn_c_check_type "$LINENO" "fsblkcnt_t" "ac_cv_type_fsblkcnt_t" " +#include +#ifdef HAVE_SYS_BITYPES_H +#include +#endif +#ifdef HAVE_SYS_STATFS_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif + +" +if test "x$ac_cv_type_fsblkcnt_t" = xyes +then : + +printf "%s\n" "#define HAVE_FSBLKCNT_T 1" >>confdefs.h + + +fi +ac_fn_c_check_type "$LINENO" "fsfilcnt_t" "ac_cv_type_fsfilcnt_t" " +#include +#ifdef HAVE_SYS_BITYPES_H +#include +#endif +#ifdef HAVE_SYS_STATFS_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif + +" +if test "x$ac_cv_type_fsfilcnt_t" = xyes +then : + +printf "%s\n" "#define HAVE_FSFILCNT_T 1" >>confdefs.h + + +fi + + +ac_fn_c_check_member "$LINENO" "struct statfs" "f_files" "ac_cv_member_struct_statfs_f_files" " +#include +#include +#ifdef HAVE_SYS_BITYPES_H +#include +#endif +#ifdef HAVE_SYS_STATFS_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif +#ifdef HAVE_SYS_VFS_H +#include +#endif +#ifdef HAVE_SYS_MOUNT_H +#include +#endif + +" +if test "x$ac_cv_member_struct_statfs_f_files" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_STATFS_F_FILES 1" >>confdefs.h + + +fi +ac_fn_c_check_member "$LINENO" "struct statfs" "f_flags" "ac_cv_member_struct_statfs_f_flags" " +#include +#include +#ifdef HAVE_SYS_BITYPES_H +#include +#endif +#ifdef HAVE_SYS_STATFS_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif +#ifdef HAVE_SYS_VFS_H +#include +#endif +#ifdef HAVE_SYS_MOUNT_H +#include +#endif + +" +if test "x$ac_cv_member_struct_statfs_f_flags" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_STATFS_F_FLAGS 1" >>confdefs.h + + +fi + + + +ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "#include +#include +" +if test "x$ac_cv_type_in_addr_t" = xyes +then : + +printf "%s\n" "#define HAVE_IN_ADDR_T 1" >>confdefs.h + + +fi +ac_fn_c_check_type "$LINENO" "in_port_t" "ac_cv_type_in_port_t" "#include +#include +" +if test "x$ac_cv_type_in_port_t" = xyes +then : + +printf "%s\n" "#define HAVE_IN_PORT_T 1" >>confdefs.h + + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for size_t" >&5 +printf %s "checking for size_t... " >&6; } +if test ${ac_cv_have_size_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + size_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_size_t="yes" +else $as_nop + ac_cv_have_size_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_size_t" >&5 +printf "%s\n" "$ac_cv_have_size_t" >&6; } +if test "x$ac_cv_have_size_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_SIZE_T 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ssize_t" >&5 +printf %s "checking for ssize_t... " >&6; } +if test ${ac_cv_have_ssize_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + ssize_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_ssize_t="yes" +else $as_nop + ac_cv_have_ssize_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_ssize_t" >&5 +printf "%s\n" "$ac_cv_have_ssize_t" >&6; } +if test "x$ac_cv_have_ssize_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_SSIZE_T 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for clock_t" >&5 +printf %s "checking for clock_t... " >&6; } +if test ${ac_cv_have_clock_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + clock_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_clock_t="yes" +else $as_nop + ac_cv_have_clock_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_clock_t" >&5 +printf "%s\n" "$ac_cv_have_clock_t" >&6; } +if test "x$ac_cv_have_clock_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_CLOCK_T 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for sa_family_t" >&5 +printf %s "checking for sa_family_t... " >&6; } +if test ${ac_cv_have_sa_family_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + sa_family_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_sa_family_t="yes" +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + sa_family_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_sa_family_t="yes" +else $as_nop + ac_cv_have_sa_family_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_sa_family_t" >&5 +printf "%s\n" "$ac_cv_have_sa_family_t" >&6; } +if test "x$ac_cv_have_sa_family_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_SA_FAMILY_T 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for pid_t" >&5 +printf %s "checking for pid_t... " >&6; } +if test ${ac_cv_have_pid_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + pid_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_pid_t="yes" +else $as_nop + ac_cv_have_pid_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_pid_t" >&5 +printf "%s\n" "$ac_cv_have_pid_t" >&6; } +if test "x$ac_cv_have_pid_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_PID_T 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for mode_t" >&5 +printf %s "checking for mode_t... " >&6; } +if test ${ac_cv_have_mode_t+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + mode_t foo; foo = 1235; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_mode_t="yes" +else $as_nop + ac_cv_have_mode_t="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_mode_t" >&5 +printf "%s\n" "$ac_cv_have_mode_t" >&6; } +if test "x$ac_cv_have_mode_t" = "xyes" ; then + +printf "%s\n" "#define HAVE_MODE_T 1" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_storage" >&5 +printf %s "checking for struct sockaddr_storage... " >&6; } +if test ${ac_cv_have_struct_sockaddr_storage+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + struct sockaddr_storage s; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_struct_sockaddr_storage="yes" +else $as_nop + ac_cv_have_struct_sockaddr_storage="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_sockaddr_storage" >&5 +printf "%s\n" "$ac_cv_have_struct_sockaddr_storage" >&6; } +if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then + +printf "%s\n" "#define HAVE_STRUCT_SOCKADDR_STORAGE 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_in6" >&5 +printf %s "checking for struct sockaddr_in6... " >&6; } +if test ${ac_cv_have_struct_sockaddr_in6+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + struct sockaddr_in6 s; s.sin6_family = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_struct_sockaddr_in6="yes" +else $as_nop + ac_cv_have_struct_sockaddr_in6="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_sockaddr_in6" >&5 +printf "%s\n" "$ac_cv_have_struct_sockaddr_in6" >&6; } +if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then + +printf "%s\n" "#define HAVE_STRUCT_SOCKADDR_IN6 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for struct in6_addr" >&5 +printf %s "checking for struct in6_addr... " >&6; } +if test ${ac_cv_have_struct_in6_addr+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + struct in6_addr s; s.s6_addr[0] = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_struct_in6_addr="yes" +else $as_nop + ac_cv_have_struct_in6_addr="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_in6_addr" >&5 +printf "%s\n" "$ac_cv_have_struct_in6_addr" >&6; } +if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then + +printf "%s\n" "#define HAVE_STRUCT_IN6_ADDR 1" >>confdefs.h + + + ac_fn_c_check_member "$LINENO" "struct sockaddr_in6" "sin6_scope_id" "ac_cv_member_struct_sockaddr_in6_sin6_scope_id" " +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#include + +" +if test "x$ac_cv_member_struct_sockaddr_in6_sin6_scope_id" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID 1" >>confdefs.h + + +fi + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for struct addrinfo" >&5 +printf %s "checking for struct addrinfo... " >&6; } +if test ${ac_cv_have_struct_addrinfo+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include + +int +main (void) +{ + struct addrinfo s; s.ai_flags = AI_PASSIVE; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_struct_addrinfo="yes" +else $as_nop + ac_cv_have_struct_addrinfo="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_addrinfo" >&5 +printf "%s\n" "$ac_cv_have_struct_addrinfo" >&6; } +if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then + +printf "%s\n" "#define HAVE_STRUCT_ADDRINFO 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for struct timeval" >&5 +printf %s "checking for struct timeval... " >&6; } +if test ${ac_cv_have_struct_timeval+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + struct timeval tv; tv.tv_sec = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_struct_timeval="yes" +else $as_nop + ac_cv_have_struct_timeval="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_timeval" >&5 +printf "%s\n" "$ac_cv_have_struct_timeval" >&6; } +if test "x$ac_cv_have_struct_timeval" = "xyes" ; then + +printf "%s\n" "#define HAVE_STRUCT_TIMEVAL 1" >>confdefs.h + + have_struct_timeval=1 +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for struct timespec" >&5 +printf %s "checking for struct timespec... " >&6; } +if test ${ac_cv_have_struct_timespec+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #ifdef HAVE_SYS_TIME_H + # include + #endif + #ifdef HAVE_TIME_H + # include + #endif + +int +main (void) +{ + struct timespec ts; ts.tv_sec = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_struct_timespec="yes" +else $as_nop + ac_cv_have_struct_timespec="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_timespec" >&5 +printf "%s\n" "$ac_cv_have_struct_timespec" >&6; } +if test "x$ac_cv_have_struct_timespec" = "xyes" ; then + +printf "%s\n" "#define HAVE_STRUCT_TIMESPEC 1" >>confdefs.h + + have_struct_timespec=1 +fi + +# We need int64_t or else certain parts of the compile will fail. +if test "x$ac_cv_have_int64_t" = "xno" && \ + test "x$ac_cv_sizeof_long_int" != "x8" && \ + test "x$ac_cv_sizeof_long_long_int" = "x0" ; then + echo "OpenSSH requires int64_t support. Contact your vendor or install" + echo "an alternative compiler (I.E., GCC) before continuing." + echo "" + exit 1; +else + if test "$cross_compiling" = yes +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#ifdef HAVE_SNPRINTF +int main(void) +{ + char buf[50]; + char expected_out[50]; + int mazsize = 50 ; +#if (SIZEOF_LONG_INT == 8) + long int num = 0x7fffffffffffffff; +#else + long long num = 0x7fffffffffffffffll; +#endif + strcpy(expected_out, "9223372036854775807"); +#if (SIZEOF_LONG_INT == 8) + snprintf(buf, mazsize, "%ld", num); +#else + snprintf(buf, mazsize, "%lld", num); +#endif + if(strcmp(buf, expected_out) != 0) + exit(1); + exit(0); +} +#else +int main(void) { exit(0); } +#endif + +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + true +else $as_nop + printf "%s\n" "#define BROKEN_SNPRINTF 1" >>confdefs.h + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi + + +# look for field 'ut_host' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_host field in utmp.h" >&5 +printf %s "checking for ut_host field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_host" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_HOST_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_host' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_host field in utmpx.h" >&5 +printf %s "checking for ut_host field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_host" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_HOST_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'syslen' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"syslen + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for syslen field in utmpx.h" >&5 +printf %s "checking for syslen field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "syslen" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_SYSLEN_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_pid' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_pid + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_pid field in utmp.h" >&5 +printf %s "checking for ut_pid field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_pid" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_PID_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_type' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_type field in utmp.h" >&5 +printf %s "checking for ut_type field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_type" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_TYPE_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_type' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_type field in utmpx.h" >&5 +printf %s "checking for ut_type field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_type" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_TYPE_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_tv' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_tv field in utmp.h" >&5 +printf %s "checking for ut_tv field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_tv" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_TV_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_id' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_id field in utmp.h" >&5 +printf %s "checking for ut_id field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_id" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_ID_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_id' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_id field in utmpx.h" >&5 +printf %s "checking for ut_id field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_id" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_ID_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_addr' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_addr field in utmp.h" >&5 +printf %s "checking for ut_addr field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_addr" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_ADDR_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_addr' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_addr field in utmpx.h" >&5 +printf %s "checking for ut_addr field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_addr" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_ADDR_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_addr_v6' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_addr_v6 field in utmp.h" >&5 +printf %s "checking for ut_addr_v6 field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_addr_v6" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_ADDR_V6_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_addr_v6' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_addr_v6 field in utmpx.h" >&5 +printf %s "checking for ut_addr_v6 field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_addr_v6" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_ADDR_V6_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_exit' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_exit + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_exit field in utmp.h" >&5 +printf %s "checking for ut_exit field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_exit" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_EXIT_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_time' in header 'utmp.h' + ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_time field in utmp.h" >&5 +printf %s "checking for ut_time field in utmp.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_time" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_TIME_IN_UTMP 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_time' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_time field in utmpx.h" >&5 +printf %s "checking for ut_time field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_time" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_TIME_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_tv' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_tv field in utmpx.h" >&5 +printf %s "checking for ut_tv field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_tv" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_TV_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +# look for field 'ut_ss' in header 'utmpx.h' + ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` + ossh_varname="ossh_cv_$ossh_safe""_has_"ut_ss + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ut_ss field in utmpx.h" >&5 +printf %s "checking for ut_ss field in utmpx.h... " >&6; } + if eval test \${$ossh_varname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "ut_ss" >/dev/null 2>&1 +then : + eval "$ossh_varname=yes" +else $as_nop + eval "$ossh_varname=no" +fi +rm -rf conftest* + +fi + + ossh_result=`eval 'echo $'"$ossh_varname"` + if test -n "`echo $ossh_varname`"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 +printf "%s\n" "$ossh_result" >&6; } + if test "x$ossh_result" = "xyes"; then + +printf "%s\n" "#define HAVE_SS_IN_UTMPX 1" >>confdefs.h + + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + +ac_fn_c_check_member "$LINENO" "struct stat" "st_blksize" "ac_cv_member_struct_stat_st_blksize" "$ac_includes_default" +if test "x$ac_cv_member_struct_stat_st_blksize" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_STAT_ST_BLKSIZE 1" >>confdefs.h + + +fi + +ac_fn_c_check_member "$LINENO" "struct stat" "st_mtim" "ac_cv_member_struct_stat_st_mtim" "$ac_includes_default" +if test "x$ac_cv_member_struct_stat_st_mtim" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_STAT_ST_MTIM 1" >>confdefs.h + + +fi + +ac_fn_c_check_member "$LINENO" "struct stat" "st_mtime" "ac_cv_member_struct_stat_st_mtime" "$ac_includes_default" +if test "x$ac_cv_member_struct_stat_st_mtime" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_STAT_ST_MTIME 1" >>confdefs.h + + +fi + +ac_fn_c_check_member "$LINENO" "struct passwd" "pw_gecos" "ac_cv_member_struct_passwd_pw_gecos" " +#include +#include + +" +if test "x$ac_cv_member_struct_passwd_pw_gecos" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_PASSWD_PW_GECOS 1" >>confdefs.h + + +fi +ac_fn_c_check_member "$LINENO" "struct passwd" "pw_class" "ac_cv_member_struct_passwd_pw_class" " +#include +#include + +" +if test "x$ac_cv_member_struct_passwd_pw_class" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_PASSWD_PW_CLASS 1" >>confdefs.h + + +fi +ac_fn_c_check_member "$LINENO" "struct passwd" "pw_change" "ac_cv_member_struct_passwd_pw_change" " +#include +#include + +" +if test "x$ac_cv_member_struct_passwd_pw_change" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_PASSWD_PW_CHANGE 1" >>confdefs.h + + +fi +ac_fn_c_check_member "$LINENO" "struct passwd" "pw_expire" "ac_cv_member_struct_passwd_pw_expire" " +#include +#include + +" +if test "x$ac_cv_member_struct_passwd_pw_expire" = xyes +then : + +printf "%s\n" "#define HAVE_STRUCT_PASSWD_PW_EXPIRE 1" >>confdefs.h + + +fi + + +ac_fn_c_check_member "$LINENO" "struct __res_state" "retrans" "ac_cv_member_struct___res_state_retrans" " +#include +#if HAVE_SYS_TYPES_H +# include +#endif +#include +#include +#include + +" +if test "x$ac_cv_member_struct___res_state_retrans" = xyes +then : + +else $as_nop + +printf "%s\n" "#define __res_state state" >>confdefs.h + +fi + + +ac_fn_c_check_member "$LINENO" "struct sockaddr_in" "sin_len" "ac_cv_member_struct_sockaddr_in_sin_len" " +#include +#include +#include + + +" +if test "x$ac_cv_member_struct_sockaddr_in_sin_len" = xyes +then : + +printf "%s\n" "#define SOCK_HAS_LEN 1" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ss_family field in struct sockaddr_storage" >&5 +printf %s "checking for ss_family field in struct sockaddr_storage... " >&6; } +if test ${ac_cv_have_ss_family_in_struct_ss+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + struct sockaddr_storage s; s.ss_family = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_ss_family_in_struct_ss="yes" +else $as_nop + ac_cv_have_ss_family_in_struct_ss="no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_ss_family_in_struct_ss" >&5 +printf "%s\n" "$ac_cv_have_ss_family_in_struct_ss" >&6; } +if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then + +printf "%s\n" "#define HAVE_SS_FAMILY_IN_SS 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for __ss_family field in struct sockaddr_storage" >&5 +printf %s "checking for __ss_family field in struct sockaddr_storage... " >&6; } +if test ${ac_cv_have___ss_family_in_struct_ss+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + struct sockaddr_storage s; s.__ss_family = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have___ss_family_in_struct_ss="yes" +else $as_nop + ac_cv_have___ss_family_in_struct_ss="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have___ss_family_in_struct_ss" >&5 +printf "%s\n" "$ac_cv_have___ss_family_in_struct_ss" >&6; } +if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then + +printf "%s\n" "#define HAVE___SS_FAMILY_IN_SS 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for msg_accrights field in struct msghdr" >&5 +printf %s "checking for msg_accrights field in struct msghdr... " >&6; } +if test ${ac_cv_have_accrights_in_msghdr+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include + +int +main (void) +{ + +#ifdef msg_accrights +#error "msg_accrights is a macro" +exit(1); +#endif +struct msghdr m; +m.msg_accrights = 0; +exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_accrights_in_msghdr="yes" +else $as_nop + ac_cv_have_accrights_in_msghdr="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_accrights_in_msghdr" >&5 +printf "%s\n" "$ac_cv_have_accrights_in_msghdr" >&6; } +if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then + +printf "%s\n" "#define HAVE_ACCRIGHTS_IN_MSGHDR 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if struct statvfs.f_fsid is integral type" >&5 +printf %s "checking if struct statvfs.f_fsid is integral type... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_SYS_TIME_H +# include +#endif +#ifdef HAVE_SYS_MOUNT_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif + +int +main (void) +{ + struct statvfs s; s.f_fsid = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if fsid_t has member val" >&5 +printf %s "checking if fsid_t has member val... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + fsid_t t; t.val[0] = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define FSID_HAS_VAL 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if f_fsid has member __val" >&5 +printf %s "checking if f_fsid has member __val... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main (void) +{ + fsid_t t; t.__val[0] = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define FSID_HAS___VAL 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for msg_control field in struct msghdr" >&5 +printf %s "checking for msg_control field in struct msghdr... " >&6; } +if test ${ac_cv_have_control_in_msghdr+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include + +int +main (void) +{ + +#ifdef msg_control +#error "msg_control is a macro" +exit(1); +#endif +struct msghdr m; +m.msg_control = 0; +exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + ac_cv_have_control_in_msghdr="yes" +else $as_nop + ac_cv_have_control_in_msghdr="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_control_in_msghdr" >&5 +printf "%s\n" "$ac_cv_have_control_in_msghdr" >&6; } +if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then + +printf "%s\n" "#define HAVE_CONTROL_IN_MSGHDR 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if libc defines __progname" >&5 +printf %s "checking if libc defines __progname... " >&6; } +if test ${ac_cv_libc_defines___progname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + extern char *__progname; printf("%s", __progname); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_libc_defines___progname="yes" +else $as_nop + ac_cv_libc_defines___progname="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines___progname" >&5 +printf "%s\n" "$ac_cv_libc_defines___progname" >&6; } +if test "x$ac_cv_libc_defines___progname" = "xyes" ; then + +printf "%s\n" "#define HAVE___PROGNAME 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC implements __FUNCTION__" >&5 +printf %s "checking whether $CC implements __FUNCTION__... " >&6; } +if test ${ac_cv_cc_implements___FUNCTION__+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + printf("%s", __FUNCTION__); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_cc_implements___FUNCTION__="yes" +else $as_nop + ac_cv_cc_implements___FUNCTION__="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cc_implements___FUNCTION__" >&5 +printf "%s\n" "$ac_cv_cc_implements___FUNCTION__" >&6; } +if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then + +printf "%s\n" "#define HAVE___FUNCTION__ 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC implements __func__" >&5 +printf %s "checking whether $CC implements __func__... " >&6; } +if test ${ac_cv_cc_implements___func__+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + printf("%s", __func__); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_cc_implements___func__="yes" +else $as_nop + ac_cv_cc_implements___func__="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cc_implements___func__" >&5 +printf "%s\n" "$ac_cv_cc_implements___func__" >&6; } +if test "x$ac_cv_cc_implements___func__" = "xyes" ; then + +printf "%s\n" "#define HAVE___func__ 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether va_copy exists" >&5 +printf %s "checking whether va_copy exists... " >&6; } +if test ${ac_cv_have_va_copy+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +va_list x,y; + +int +main (void) +{ + va_copy(x,y); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_have_va_copy="yes" +else $as_nop + ac_cv_have_va_copy="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_va_copy" >&5 +printf "%s\n" "$ac_cv_have_va_copy" >&6; } +if test "x$ac_cv_have_va_copy" = "xyes" ; then + +printf "%s\n" "#define HAVE_VA_COPY 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether __va_copy exists" >&5 +printf %s "checking whether __va_copy exists... " >&6; } +if test ${ac_cv_have___va_copy+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +va_list x,y; + +int +main (void) +{ + __va_copy(x,y); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_have___va_copy="yes" +else $as_nop + ac_cv_have___va_copy="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have___va_copy" >&5 +printf "%s\n" "$ac_cv_have___va_copy" >&6; } +if test "x$ac_cv_have___va_copy" = "xyes" ; then + +printf "%s\n" "#define HAVE___VA_COPY 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether getopt has optreset support" >&5 +printf %s "checking whether getopt has optreset support... " >&6; } +if test ${ac_cv_have_getopt_optreset+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + extern int optreset; optreset = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_have_getopt_optreset="yes" +else $as_nop + ac_cv_have_getopt_optreset="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_getopt_optreset" >&5 +printf "%s\n" "$ac_cv_have_getopt_optreset" >&6; } +if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then + +printf "%s\n" "#define HAVE_GETOPT_OPTRESET 1" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if libc defines sys_errlist" >&5 +printf %s "checking if libc defines sys_errlist... " >&6; } +if test ${ac_cv_libc_defines_sys_errlist+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_libc_defines_sys_errlist="yes" +else $as_nop + ac_cv_libc_defines_sys_errlist="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines_sys_errlist" >&5 +printf "%s\n" "$ac_cv_libc_defines_sys_errlist" >&6; } +if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then + +printf "%s\n" "#define HAVE_SYS_ERRLIST 1" >>confdefs.h + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if libc defines sys_nerr" >&5 +printf %s "checking if libc defines sys_nerr... " >&6; } +if test ${ac_cv_libc_defines_sys_nerr+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main (void) +{ + extern int sys_nerr; printf("%i", sys_nerr); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_libc_defines_sys_nerr="yes" +else $as_nop + ac_cv_libc_defines_sys_nerr="no" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines_sys_nerr" >&5 +printf "%s\n" "$ac_cv_libc_defines_sys_nerr" >&6; } +if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then + +printf "%s\n" "#define HAVE_SYS_NERR 1" >>confdefs.h + +fi + +# Check libraries needed by DNS fingerprint support +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing getrrsetbyname" >&5 +printf %s "checking for library containing getrrsetbyname... " >&6; } +if test ${ac_cv_search_getrrsetbyname+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char getrrsetbyname (); +int +main (void) +{ +return getrrsetbyname (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_getrrsetbyname=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_getrrsetbyname+y} +then : + break +fi +done +if test ${ac_cv_search_getrrsetbyname+y} +then : + +else $as_nop + ac_cv_search_getrrsetbyname=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_getrrsetbyname" >&5 +printf "%s\n" "$ac_cv_search_getrrsetbyname" >&6; } +ac_res=$ac_cv_search_getrrsetbyname +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +printf "%s\n" "#define HAVE_GETRRSETBYNAME 1" >>confdefs.h + +else $as_nop + + # Needed by our getrrsetbyname() + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing res_query" >&5 +printf %s "checking for library containing res_query... " >&6; } +if test ${ac_cv_search_res_query+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char res_query (); +int +main (void) +{ +return res_query (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_res_query=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_res_query+y} +then : + break +fi +done +if test ${ac_cv_search_res_query+y} +then : + +else $as_nop + ac_cv_search_res_query=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_res_query" >&5 +printf "%s\n" "$ac_cv_search_res_query" >&6; } +ac_res=$ac_cv_search_res_query +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing dn_expand" >&5 +printf %s "checking for library containing dn_expand... " >&6; } +if test ${ac_cv_search_dn_expand+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char dn_expand (); +int +main (void) +{ +return dn_expand (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_dn_expand=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_dn_expand+y} +then : + break +fi +done +if test ${ac_cv_search_dn_expand+y} +then : + +else $as_nop + ac_cv_search_dn_expand=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dn_expand" >&5 +printf "%s\n" "$ac_cv_search_dn_expand" >&6; } +ac_res=$ac_cv_search_dn_expand +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if res_query will link" >&5 +printf %s "checking if res_query will link... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include + +int +main (void) +{ + + res_query (0, 0, 0, 0, 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + saved_LIBS="$LIBS" + LIBS="$LIBS -lresolv" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5 +printf %s "checking for res_query in -lresolv... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include + +int +main (void) +{ + + res_query (0, 0, 0, 0, 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + LIBS="$saved_LIBS" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + ac_fn_c_check_func "$LINENO" "_getshort" "ac_cv_func__getshort" +if test "x$ac_cv_func__getshort" = xyes +then : + printf "%s\n" "#define HAVE__GETSHORT 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "_getlong" "ac_cv_func__getlong" +if test "x$ac_cv_func__getlong" = xyes +then : + printf "%s\n" "#define HAVE__GETLONG 1" >>confdefs.h + +fi + + ac_fn_check_decl "$LINENO" "_getshort" "ac_cv_have_decl__getshort" "#include + #include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl__getshort" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL__GETSHORT $ac_have_decl" >>confdefs.h +ac_fn_check_decl "$LINENO" "_getlong" "ac_cv_have_decl__getlong" "#include + #include +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl__getlong" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL__GETLONG $ac_have_decl" >>confdefs.h + + ac_fn_c_check_member "$LINENO" "HEADER" "ad" "ac_cv_member_HEADER_ad" "#include +" +if test "x$ac_cv_member_HEADER_ad" = xyes +then : + +printf "%s\n" "#define HAVE_HEADER_AD 1" >>confdefs.h + +fi + + +fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if struct __res_state _res is an extern" >&5 +printf %s "checking if struct __res_state _res is an extern... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if HAVE_SYS_TYPES_H +# include +#endif +#include +#include +#include +extern struct __res_state _res; + +int +main (void) +{ + +struct __res_state *volatile p = &_res; /* force resolution of _res */ +return 0; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HAVE__RES_EXTERN 1" >>confdefs.h + + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + +# Check whether user wants SELinux support +SELINUX_MSG="no" +LIBSELINUX="" + +# Check whether --with-selinux was given. +if test ${with_selinux+y} +then : + withval=$with_selinux; if test "x$withval" != "xno" ; then + save_LIBS="$LIBS" + +printf "%s\n" "#define WITH_SELINUX 1" >>confdefs.h + + SELINUX_MSG="yes" + ac_fn_c_check_header_compile "$LINENO" "selinux/selinux.h" "ac_cv_header_selinux_selinux_h" "$ac_includes_default" +if test "x$ac_cv_header_selinux_selinux_h" = xyes +then : + +else $as_nop + as_fn_error $? "SELinux support requires selinux.h header" "$LINENO" 5 +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for setexeccon in -lselinux" >&5 +printf %s "checking for setexeccon in -lselinux... " >&6; } +if test ${ac_cv_lib_selinux_setexeccon+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lselinux $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char setexeccon (); +int +main (void) +{ +return setexeccon (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_selinux_setexeccon=yes +else $as_nop + ac_cv_lib_selinux_setexeccon=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_setexeccon" >&5 +printf "%s\n" "$ac_cv_lib_selinux_setexeccon" >&6; } +if test "x$ac_cv_lib_selinux_setexeccon" = xyes +then : + LIBSELINUX="-lselinux" + LIBS="$LIBS -lselinux" + +else $as_nop + as_fn_error $? "SELinux support requires libselinux library" "$LINENO" 5 +fi + + ac_fn_c_check_func "$LINENO" "getseuserbyname" "ac_cv_func_getseuserbyname" +if test "x$ac_cv_func_getseuserbyname" = xyes +then : + printf "%s\n" "#define HAVE_GETSEUSERBYNAME 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "get_default_context_with_level" "ac_cv_func_get_default_context_with_level" +if test "x$ac_cv_func_get_default_context_with_level" = xyes +then : + printf "%s\n" "#define HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL 1" >>confdefs.h + +fi + + LIBS="$save_LIBS $LIBSELINUX" + fi + +fi + + + +# Check whether user wants Kerberos 5 support +KRB5_MSG="no" + +# Check whether --with-kerberos5 was given. +if test ${with_kerberos5+y} +then : + withval=$with_kerberos5; if test "x$withval" != "xno" ; then + if test "x$withval" = "xyes" ; then + KRB5ROOT="/usr/local" + else + KRB5ROOT=${withval} + fi + + +printf "%s\n" "#define KRB5 1" >>confdefs.h + + KRB5_MSG="yes" + + use_pkgconfig_for_krb5= + if test "x$PKGCONFIG" != "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if $PKGCONFIG knows about kerberos5" >&5 +printf %s "checking if $PKGCONFIG knows about kerberos5... " >&6; } + if "$PKGCONFIG" krb5; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + use_pkgconfig_for_krb5=yes + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + fi + if test "x$use_pkgconfig_for_krb5" = "xyes"; then + K5CFLAGS=`$PKGCONFIG --cflags krb5` + K5LIBS=`$PKGCONFIG --libs krb5` + CPPFLAGS="$CPPFLAGS $K5CFLAGS" + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gssapi support" >&5 +printf %s "checking for gssapi support... " >&6; } + if "$PKGCONFIG" krb5-gssapi; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define GSSAPI 1" >>confdefs.h + + GSSCFLAGS="`$PKGCONFIG --cflags krb5-gssapi`" + GSSLIBS="`$PKGCONFIG --libs krb5-gssapi`" + CPPFLAGS="$CPPFLAGS $GSSCFLAGS" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5 +printf %s "checking whether we are using Heimdal... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include + +int +main (void) +{ + char *tmp = heimdal_version; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HEIMDAL 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + else + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}krb5-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}krb5-config; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_KRB5CONF+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $KRB5CONF in + [\\/]* | ?:[\\/]*) + ac_cv_path_KRB5CONF="$KRB5CONF" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_dummy="$KRB5ROOT/bin:$PATH" +for as_dir in $as_dummy +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_KRB5CONF="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +KRB5CONF=$ac_cv_path_KRB5CONF +if test -n "$KRB5CONF"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $KRB5CONF" >&5 +printf "%s\n" "$KRB5CONF" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_KRB5CONF"; then + ac_pt_KRB5CONF=$KRB5CONF + # Extract the first word of "krb5-config", so it can be a program name with args. +set dummy krb5-config; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_ac_pt_KRB5CONF+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $ac_pt_KRB5CONF in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_KRB5CONF="$ac_pt_KRB5CONF" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_dummy="$KRB5ROOT/bin:$PATH" +for as_dir in $as_dummy +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_ac_pt_KRB5CONF="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_KRB5CONF=$ac_cv_path_ac_pt_KRB5CONF +if test -n "$ac_pt_KRB5CONF"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_pt_KRB5CONF" >&5 +printf "%s\n" "$ac_pt_KRB5CONF" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_pt_KRB5CONF" = x; then + KRB5CONF="$KRB5ROOT/bin/krb5-config" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + KRB5CONF=$ac_pt_KRB5CONF + fi +else + KRB5CONF="$ac_cv_path_KRB5CONF" +fi + + if test -x $KRB5CONF ; then + K5CFLAGS="`$KRB5CONF --cflags`" + K5LIBS="`$KRB5CONF --libs`" + CPPFLAGS="$CPPFLAGS $K5CFLAGS" + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gssapi support" >&5 +printf %s "checking for gssapi support... " >&6; } + if $KRB5CONF | grep gssapi >/dev/null ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define GSSAPI 1" >>confdefs.h + + GSSCFLAGS="`$KRB5CONF --cflags gssapi`" + GSSLIBS="`$KRB5CONF --libs gssapi`" + CPPFLAGS="$CPPFLAGS $GSSCFLAGS" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5 +printf %s "checking whether we are using Heimdal... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include + +int +main (void) +{ + char *tmp = heimdal_version; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HEIMDAL 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + else + CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" + LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5 +printf %s "checking whether we are using Heimdal... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include + +int +main (void) +{ + char *tmp = heimdal_version; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + printf "%s\n" "#define HEIMDAL 1" >>confdefs.h + + K5LIBS="-lkrb5" + K5LIBS="$K5LIBS -lcom_err -lasn1" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for net_write in -lroken" >&5 +printf %s "checking for net_write in -lroken... " >&6; } +if test ${ac_cv_lib_roken_net_write+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lroken $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char net_write (); +int +main (void) +{ +return net_write (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_roken_net_write=yes +else $as_nop + ac_cv_lib_roken_net_write=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_roken_net_write" >&5 +printf "%s\n" "$ac_cv_lib_roken_net_write" >&6; } +if test "x$ac_cv_lib_roken_net_write" = xyes +then : + K5LIBS="$K5LIBS -lroken" +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for des_cbc_encrypt in -ldes" >&5 +printf %s "checking for des_cbc_encrypt in -ldes... " >&6; } +if test ${ac_cv_lib_des_des_cbc_encrypt+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldes $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char des_cbc_encrypt (); +int +main (void) +{ +return des_cbc_encrypt (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_des_des_cbc_encrypt=yes +else $as_nop + ac_cv_lib_des_des_cbc_encrypt=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_des_des_cbc_encrypt" >&5 +printf "%s\n" "$ac_cv_lib_des_des_cbc_encrypt" >&6; } +if test "x$ac_cv_lib_des_des_cbc_encrypt" = xyes +then : + K5LIBS="$K5LIBS -ldes" +fi + + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + K5LIBS="-lkrb5 -lk5crypto -lcom_err" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing dn_expand" >&5 +printf %s "checking for library containing dn_expand... " >&6; } +if test ${ac_cv_search_dn_expand+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char dn_expand (); +int +main (void) +{ +return dn_expand (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_dn_expand=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_dn_expand+y} +then : + break +fi +done +if test ${ac_cv_search_dn_expand+y} +then : + +else $as_nop + ac_cv_search_dn_expand=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dn_expand" >&5 +printf "%s\n" "$ac_cv_search_dn_expand" >&6; } +ac_res=$ac_cv_search_dn_expand +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgssapi_krb5" >&5 +printf %s "checking for gss_init_sec_context in -lgssapi_krb5... " >&6; } +if test ${ac_cv_lib_gssapi_krb5_gss_init_sec_context+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lgssapi_krb5 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char gss_init_sec_context (); +int +main (void) +{ +return gss_init_sec_context (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_gssapi_krb5_gss_init_sec_context=yes +else $as_nop + ac_cv_lib_gssapi_krb5_gss_init_sec_context=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&5 +printf "%s\n" "$ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&6; } +if test "x$ac_cv_lib_gssapi_krb5_gss_init_sec_context" = xyes +then : + printf "%s\n" "#define GSSAPI 1" >>confdefs.h + + GSSLIBS="-lgssapi_krb5" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgssapi" >&5 +printf %s "checking for gss_init_sec_context in -lgssapi... " >&6; } +if test ${ac_cv_lib_gssapi_gss_init_sec_context+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lgssapi $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char gss_init_sec_context (); +int +main (void) +{ +return gss_init_sec_context (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_gssapi_gss_init_sec_context=yes +else $as_nop + ac_cv_lib_gssapi_gss_init_sec_context=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gssapi_gss_init_sec_context" >&5 +printf "%s\n" "$ac_cv_lib_gssapi_gss_init_sec_context" >&6; } +if test "x$ac_cv_lib_gssapi_gss_init_sec_context" = xyes +then : + printf "%s\n" "#define GSSAPI 1" >>confdefs.h + + GSSLIBS="-lgssapi" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgss" >&5 +printf %s "checking for gss_init_sec_context in -lgss... " >&6; } +if test ${ac_cv_lib_gss_gss_init_sec_context+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_check_lib_save_LIBS=$LIBS +LIBS="-lgss $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char gss_init_sec_context (); +int +main (void) +{ +return gss_init_sec_context (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_lib_gss_gss_init_sec_context=yes +else $as_nop + ac_cv_lib_gss_gss_init_sec_context=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gss_gss_init_sec_context" >&5 +printf "%s\n" "$ac_cv_lib_gss_gss_init_sec_context" >&6; } +if test "x$ac_cv_lib_gss_gss_init_sec_context" = xyes +then : + printf "%s\n" "#define GSSAPI 1" >>confdefs.h + + GSSLIBS="-lgss" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find any suitable gss-api library - build may fail" >&5 +printf "%s\n" "$as_me: WARNING: Cannot find any suitable gss-api library - build may fail" >&2;} +fi + + +fi + + +fi + + + ac_fn_c_check_header_compile "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_h" = xyes +then : + +else $as_nop + unset ac_cv_header_gssapi_h + CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" + for ac_header in gssapi.h +do : + ac_fn_c_check_header_compile "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_H 1" >>confdefs.h + +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find any suitable gss-api header - build may fail" >&5 +printf "%s\n" "$as_me: WARNING: Cannot find any suitable gss-api header - build may fail" >&2;} + +fi + +done + + +fi + + + oldCPP="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" + ac_fn_c_check_header_compile "$LINENO" "gssapi_krb5.h" "ac_cv_header_gssapi_krb5_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_krb5_h" = xyes +then : + +else $as_nop + CPPFLAGS="$oldCPP" +fi + + + fi + fi + if test -n "${rpath_opt}" ; then + LDFLAGS="$LDFLAGS ${rpath_opt}${KRB5ROOT}/lib" + fi + if test ! -z "$blibpath" ; then + blibpath="$blibpath:${KRB5ROOT}/lib" + fi + + ac_fn_c_check_header_compile "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "gssapi/gssapi.h" "ac_cv_header_gssapi_gssapi_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_gssapi_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_GSSAPI_H 1" >>confdefs.h + +fi + + ac_fn_c_check_header_compile "$LINENO" "gssapi_krb5.h" "ac_cv_header_gssapi_krb5_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_krb5_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_KRB5_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "gssapi/gssapi_krb5.h" "ac_cv_header_gssapi_gssapi_krb5_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_gssapi_krb5_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_GSSAPI_KRB5_H 1" >>confdefs.h + +fi + + ac_fn_c_check_header_compile "$LINENO" "gssapi_generic.h" "ac_cv_header_gssapi_generic_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_generic_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_GENERIC_H 1" >>confdefs.h + +fi +ac_fn_c_check_header_compile "$LINENO" "gssapi/gssapi_generic.h" "ac_cv_header_gssapi_gssapi_generic_h" "$ac_includes_default" +if test "x$ac_cv_header_gssapi_gssapi_generic_h" = xyes +then : + printf "%s\n" "#define HAVE_GSSAPI_GSSAPI_GENERIC_H 1" >>confdefs.h + +fi + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for library containing k_hasafs" >&5 +printf %s "checking for library containing k_hasafs... " >&6; } +if test ${ac_cv_search_k_hasafs+y} +then : + printf %s "(cached) " >&6 +else $as_nop + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +char k_hasafs (); +int +main (void) +{ +return k_hasafs (); + ; + return 0; +} +_ACEOF +for ac_lib in '' kafs +do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO" +then : + ac_cv_search_k_hasafs=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext + if test ${ac_cv_search_k_hasafs+y} +then : + break +fi +done +if test ${ac_cv_search_k_hasafs+y} +then : + +else $as_nop + ac_cv_search_k_hasafs=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_k_hasafs" >&5 +printf "%s\n" "$ac_cv_search_k_hasafs" >&6; } +ac_res=$ac_cv_search_k_hasafs +if test "$ac_res" != no +then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +printf "%s\n" "#define USE_AFS 1" >>confdefs.h + +fi + + + ac_fn_check_decl "$LINENO" "GSS_C_NT_HOSTBASED_SERVICE" "ac_cv_have_decl_GSS_C_NT_HOSTBASED_SERVICE" " +#ifdef HAVE_GSSAPI_H +# include +#elif defined(HAVE_GSSAPI_GSSAPI_H) +# include +#endif + +#ifdef HAVE_GSSAPI_GENERIC_H +# include +#elif defined(HAVE_GSSAPI_GSSAPI_GENERIC_H) +# include +#endif + +" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_GSS_C_NT_HOSTBASED_SERVICE" = xyes +then : + ac_have_decl=1 +else $as_nop + ac_have_decl=0 +fi +printf "%s\n" "#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE $ac_have_decl" >>confdefs.h + + saved_LIBS="$LIBS" + LIBS="$LIBS $K5LIBS" + ac_fn_c_check_func "$LINENO" "krb5_cc_new_unique" "ac_cv_func_krb5_cc_new_unique" +if test "x$ac_cv_func_krb5_cc_new_unique" = xyes +then : + printf "%s\n" "#define HAVE_KRB5_CC_NEW_UNIQUE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "krb5_get_error_message" "ac_cv_func_krb5_get_error_message" +if test "x$ac_cv_func_krb5_get_error_message" = xyes +then : + printf "%s\n" "#define HAVE_KRB5_GET_ERROR_MESSAGE 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "krb5_free_error_message" "ac_cv_func_krb5_free_error_message" +if test "x$ac_cv_func_krb5_free_error_message" = xyes +then : + printf "%s\n" "#define HAVE_KRB5_FREE_ERROR_MESSAGE 1" >>confdefs.h + +fi + + LIBS="$saved_LIBS" + + fi + + +fi + + + + + +# Looking for programs, paths and files + +PRIVSEP_PATH=/var/empty + +# Check whether --with-privsep-path was given. +if test ${with_privsep_path+y} +then : + withval=$with_privsep_path; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + PRIVSEP_PATH=$withval + fi + + +fi + + + + +# Check whether --with-xauth was given. +if test ${with_xauth+y} +then : + withval=$with_xauth; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + xauth_path=$withval + fi + +else $as_nop + + TestPath="$PATH" + TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" + TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" + TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" + TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" + # Extract the first word of "xauth", so it can be a program name with args. +set dummy xauth; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_xauth_path+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $xauth_path in + [\\/]* | ?:[\\/]*) + ac_cv_path_xauth_path="$xauth_path" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $TestPath +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_xauth_path="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +xauth_path=$ac_cv_path_xauth_path +if test -n "$xauth_path"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $xauth_path" >&5 +printf "%s\n" "$xauth_path" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then + xauth_path="/usr/openwin/bin/xauth" + fi + + +fi + + +STRIP_OPT=-s +# Check whether --enable-strip was given. +if test ${enable_strip+y} +then : + enableval=$enable_strip; + if test "x$enableval" = "xno" ; then + STRIP_OPT= + fi + + +fi + + + +if test -z "$xauth_path" ; then + XAUTH_PATH="undefined" + +else + +printf "%s\n" "#define XAUTH_PATH \"$xauth_path\"" >>confdefs.h + + XAUTH_PATH=$xauth_path + +fi + +# Check for mail directory + +# Check whether --with-maildir was given. +if test ${with_maildir+y} +then : + withval=$with_maildir; + if test "X$withval" != X && test "x$withval" != xno && \ + test "x${withval}" != xyes; then + +printf "%s\n" "#define MAIL_DIRECTORY \"$withval\"" >>confdefs.h + + fi + +else $as_nop + + if test "X$maildir" != "X"; then + printf "%s\n" "#define MAIL_DIRECTORY \"$maildir\"" >>confdefs.h + + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking Discovering system mail directory" >&5 +printf %s "checking Discovering system mail directory... " >&6; } + if test "$cross_compiling" = yes +then : + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: use --with-maildir=/path/to/mail" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: use --with-maildir=/path/to/mail" >&2;} + + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#ifdef HAVE_PATHS_H +#include +#endif +#ifdef HAVE_MAILLOCK_H +#include +#endif +#define DATA "conftest.maildir" + +int +main (void) +{ + + FILE *fd; + int rc; + + fd = fopen(DATA,"w"); + if(fd == NULL) + exit(1); + +#if defined (_PATH_MAILDIR) + if ((rc = fprintf(fd ,"_PATH_MAILDIR:%s\n", _PATH_MAILDIR)) <0) + exit(1); +#elif defined (MAILDIR) + if ((rc = fprintf(fd ,"MAILDIR:%s\n", MAILDIR)) <0) + exit(1); +#elif defined (_PATH_MAIL) + if ((rc = fprintf(fd ,"_PATH_MAIL:%s\n", _PATH_MAIL)) <0) + exit(1); +#else + exit (2); +#endif + + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + + maildir_what=`awk -F: '{print $1}' conftest.maildir` + maildir=`awk -F: '{print $2}' conftest.maildir \ + | sed 's|/$||'` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: Using: $maildir from $maildir_what" >&5 +printf "%s\n" "Using: $maildir from $maildir_what" >&6; } + if test "x$maildir_what" != "x_PATH_MAILDIR"; then + printf "%s\n" "#define MAIL_DIRECTORY \"$maildir\"" >>confdefs.h + + fi + +else $as_nop + + if test "X$ac_status" = "X2";then +# our test program didn't find it. Default to /var/spool/mail + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: Using: default value of /var/spool/mail" >&5 +printf "%s\n" "Using: default value of /var/spool/mail" >&6; } + printf "%s\n" "#define MAIL_DIRECTORY \"/var/spool/mail\"" >>confdefs.h + + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: *** not found ***" >&5 +printf "%s\n" "*** not found ***" >&6; } + fi + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + fi + + +fi + # maildir + +if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Disabling /dev/ptmx test" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: Disabling /dev/ptmx test" >&2;} + disable_ptmx_check=yes +fi +if test -z "$no_dev_ptmx" ; then + if test "x$disable_ptmx_check" != "xyes" ; then + as_ac_File=`printf "%s\n" "ac_cv_file_"/dev/ptmx"" | $as_tr_sh` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for \"/dev/ptmx\"" >&5 +printf %s "checking for \"/dev/ptmx\"... " >&6; } +if eval test \${$as_ac_File+y} +then : + printf %s "(cached) " >&6 +else $as_nop + test "$cross_compiling" = yes && + as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5 +if test -r ""/dev/ptmx""; then + eval "$as_ac_File=yes" +else + eval "$as_ac_File=no" +fi +fi +eval ac_res=\$$as_ac_File + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +if eval test \"x\$"$as_ac_File"\" = x"yes" +then : + + +printf "%s\n" "#define HAVE_DEV_PTMX 1" >>confdefs.h + + have_dev_ptmx=1 + + +fi + + fi +fi + +if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then + as_ac_File=`printf "%s\n" "ac_cv_file_"/dev/ptc"" | $as_tr_sh` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for \"/dev/ptc\"" >&5 +printf %s "checking for \"/dev/ptc\"... " >&6; } +if eval test \${$as_ac_File+y} +then : + printf %s "(cached) " >&6 +else $as_nop + test "$cross_compiling" = yes && + as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5 +if test -r ""/dev/ptc""; then + eval "$as_ac_File=yes" +else + eval "$as_ac_File=no" +fi +fi +eval ac_res=\$$as_ac_File + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +if eval test \"x\$"$as_ac_File"\" = x"yes" +then : + + +printf "%s\n" "#define HAVE_DEV_PTS_AND_PTC 1" >>confdefs.h + + have_dev_ptc=1 + + +fi + +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Disabling /dev/ptc test" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: Disabling /dev/ptc test" >&2;} +fi + +# Options from here on. Some of these are preset by platform above + +# Check whether --with-mantype was given. +if test ${with_mantype+y} +then : + withval=$with_mantype; + case "$withval" in + man|cat|doc) + MANTYPE=$withval + ;; + *) + as_fn_error $? "invalid man type: $withval" "$LINENO" 5 + ;; + esac + + +fi + +if test -z "$MANTYPE"; then + if ${MANDOC} ${srcdir}/ssh.1 >/dev/null 2>&1; then + MANTYPE=doc + elif ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then + MANTYPE=doc + elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then + MANTYPE=man + else + MANTYPE=cat + fi +fi + +if test "$MANTYPE" = "doc"; then + mansubdir=man; +else + mansubdir=$MANTYPE; +fi + + +# Whether to disable shadow password support + +# Check whether --with-shadow was given. +if test ${with_shadow+y} +then : + withval=$with_shadow; + if test "x$withval" = "xno" ; then + printf "%s\n" "#define DISABLE_SHADOW 1" >>confdefs.h + + disable_shadow=yes + fi + + +fi + + +if test -z "$disable_shadow" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the systems has expire shadow information" >&5 +printf %s "checking if the systems has expire shadow information... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +struct spwd sp; + +int +main (void) +{ + sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + sp_expire_available=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + + if test "x$sp_expire_available" = "xyes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define HAS_SHADOW_EXPIRE 1" >>confdefs.h + + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi +fi + +# Use ip address instead of hostname in $DISPLAY +if test ! -z "$IPADDR_IN_DISPLAY" ; then + DISPLAY_HACK_MSG="yes" + +printf "%s\n" "#define IPADDR_IN_DISPLAY 1" >>confdefs.h + +else + DISPLAY_HACK_MSG="no" + +# Check whether --with-ipaddr-display was given. +if test ${with_ipaddr_display+y} +then : + withval=$with_ipaddr_display; + if test "x$withval" != "xno" ; then + printf "%s\n" "#define IPADDR_IN_DISPLAY 1" >>confdefs.h + + DISPLAY_HACK_MSG="yes" + fi + + +fi + +fi + +# check for /etc/default/login and use it if present. +# Check whether --enable-etc-default-login was given. +if test ${enable_etc_default_login+y} +then : + enableval=$enable_etc_default_login; if test "x$enableval" = "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: /etc/default/login handling disabled" >&5 +printf "%s\n" "$as_me: /etc/default/login handling disabled" >&6;} + etc_default_login=no + else + etc_default_login=yes + fi +else $as_nop + if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; + then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking /etc/default/login" >&5 +printf "%s\n" "$as_me: WARNING: cross compiling: not checking /etc/default/login" >&2;} + etc_default_login=no + else + etc_default_login=yes + fi + +fi + + +if test "x$etc_default_login" != "xno"; then + as_ac_File=`printf "%s\n" "ac_cv_file_"/etc/default/login"" | $as_tr_sh` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for \"/etc/default/login\"" >&5 +printf %s "checking for \"/etc/default/login\"... " >&6; } +if eval test \${$as_ac_File+y} +then : + printf %s "(cached) " >&6 +else $as_nop + test "$cross_compiling" = yes && + as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5 +if test -r ""/etc/default/login""; then + eval "$as_ac_File=yes" +else + eval "$as_ac_File=no" +fi +fi +eval ac_res=\$$as_ac_File + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +if eval test \"x\$"$as_ac_File"\" = x"yes" +then : + external_path_file=/etc/default/login +fi + + if test "x$external_path_file" = "x/etc/default/login"; then + +printf "%s\n" "#define HAVE_ETC_DEFAULT_LOGIN 1" >>confdefs.h + + fi +fi + +if test $ac_cv_func_login_getcapbool = "yes" && \ + test $ac_cv_header_login_cap_h = "yes" ; then + external_path_file=/etc/login.conf +fi + +# Whether to mess with the default path +SERVER_PATH_MSG="(default)" + +# Check whether --with-default-path was given. +if test ${with_default_path+y} +then : + withval=$with_default_path; + if test "x$external_path_file" = "x/etc/login.conf" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: +--with-default-path=PATH has no effect on this system. +Edit /etc/login.conf instead." >&5 +printf "%s\n" "$as_me: WARNING: +--with-default-path=PATH has no effect on this system. +Edit /etc/login.conf instead." >&2;} + elif test "x$withval" != "xno" ; then + if test ! -z "$external_path_file" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: +--with-default-path=PATH will only be used if PATH is not defined in +$external_path_file ." >&5 +printf "%s\n" "$as_me: WARNING: +--with-default-path=PATH will only be used if PATH is not defined in +$external_path_file ." >&2;} + fi + user_path="$withval" + SERVER_PATH_MSG="$withval" + fi + +else $as_nop + if test "x$external_path_file" = "x/etc/login.conf" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Make sure the path to scp is in /etc/login.conf" >&5 +printf "%s\n" "$as_me: WARNING: Make sure the path to scp is in /etc/login.conf" >&2;} + else + if test ! -z "$external_path_file" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: +If PATH is defined in $external_path_file, ensure the path to scp is included, +otherwise scp will not work." >&5 +printf "%s\n" "$as_me: WARNING: +If PATH is defined in $external_path_file, ensure the path to scp is included, +otherwise scp will not work." >&2;} + fi + if test "$cross_compiling" = yes +then : + user_path="/usr/bin:/bin:/usr/sbin:/sbin" + +else $as_nop + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* find out what STDPATH is */ +#include +#include +#ifdef HAVE_PATHS_H +# include +#endif +#ifndef _PATH_STDPATH +# ifdef _PATH_USERPATH /* Irix */ +# define _PATH_STDPATH _PATH_USERPATH +# else +# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" +# endif +#endif +#include +#include +#include +#define DATA "conftest.stdpath" + +int +main (void) +{ + + FILE *fd; + int rc; + + fd = fopen(DATA,"w"); + if(fd == NULL) + exit(1); + + if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) + exit(1); + + exit(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO" +then : + user_path=`cat conftest.stdpath` +else $as_nop + user_path="/usr/bin:/bin:/usr/sbin:/sbin" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +# make sure $bindir is in USER_PATH so scp will work + t_bindir="${bindir}" + while echo "${t_bindir}" | egrep '\$\{|NONE/' >/dev/null 2>&1; do + t_bindir=`eval echo ${t_bindir}` + case $t_bindir in + NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; + esac + case $t_bindir in + NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; + esac + done + echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 + if test $? -ne 0 ; then + echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 + if test $? -ne 0 ; then + user_path=$user_path:$t_bindir + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: Adding $t_bindir to USER_PATH so scp will work" >&5 +printf "%s\n" "Adding $t_bindir to USER_PATH so scp will work" >&6; } + fi + fi + fi + +fi + +if test "x$external_path_file" != "x/etc/login.conf" ; then + +printf "%s\n" "#define USER_PATH \"$user_path\"" >>confdefs.h + + +fi + +# Set superuser path separately to user path + +# Check whether --with-superuser-path was given. +if test ${with_superuser_path+y} +then : + withval=$with_superuser_path; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + +printf "%s\n" "#define SUPERUSER_PATH \"$withval\"" >>confdefs.h + + superuser_path=$withval + fi + + +fi + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5 +printf %s "checking if we need to convert IPv4 in IPv6-mapped addresses... " >&6; } +IPV4_IN6_HACK_MSG="no" + +# Check whether --with-4in6 was given. +if test ${with_4in6+y} +then : + withval=$with_4in6; + if test "x$withval" != "xno" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + +printf "%s\n" "#define IPV4_IN_IPV6 1" >>confdefs.h + + IPV4_IN6_HACK_MSG="yes" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + +else $as_nop + + if test "x$inet6_default_4in6" = "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes (default)" >&5 +printf "%s\n" "yes (default)" >&6; } + printf "%s\n" "#define IPV4_IN_IPV6 1" >>confdefs.h + + IPV4_IN6_HACK_MSG="yes" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no (default)" >&5 +printf "%s\n" "no (default)" >&6; } + fi + + +fi + + +# Whether to enable BSD auth support +BSD_AUTH_MSG=no + +# Check whether --with-bsd-auth was given. +if test ${with_bsd_auth+y} +then : + withval=$with_bsd_auth; + if test "x$withval" != "xno" ; then + +printf "%s\n" "#define BSD_AUTH 1" >>confdefs.h + + BSD_AUTH_MSG=yes + fi + + +fi + + +# Where to place sshd.pid +piddir=/var/run +# make sure the directory exists +if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in + NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac +fi + + +# Check whether --with-pid-dir was given. +if test ${with_pid_dir+y} +then : + withval=$with_pid_dir; + if test -n "$withval" && test "x$withval" != "xno" && \ + test "x${withval}" != "xyes"; then + piddir=$withval + if test ! -d $piddir ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ** no $piddir directory on this system **" >&5 +printf "%s\n" "$as_me: WARNING: ** no $piddir directory on this system **" >&2;} + fi + fi + + +fi + + + +printf "%s\n" "#define _PATH_SSH_PIDDIR \"$piddir\"" >>confdefs.h + + + + +# Check whether --enable-fd-passing was given. +if test ${enable_fd_passing+y} +then : + enableval=$enable_fd_passing; + if test "x$enableval" = "xno" ; then + printf "%s\n" "#define DISABLE_FD_PASSING 1" >>confdefs.h + + fi + + +fi + + +# Check whether --enable-lastlog was given. +if test ${enable_lastlog+y} +then : + enableval=$enable_lastlog; + if test "x$enableval" = "xno" ; then + printf "%s\n" "#define DISABLE_LASTLOG 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-utmp was given. +if test ${enable_utmp+y} +then : + enableval=$enable_utmp; + if test "x$enableval" = "xno" ; then + printf "%s\n" "#define DISABLE_UTMP 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-utmpx was given. +if test ${enable_utmpx+y} +then : + enableval=$enable_utmpx; + if test "x$enableval" = "xno" ; then + +printf "%s\n" "#define DISABLE_UTMPX 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-wtmp was given. +if test ${enable_wtmp+y} +then : + enableval=$enable_wtmp; + if test "x$enableval" = "xno" ; then + printf "%s\n" "#define DISABLE_WTMP 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-wtmpx was given. +if test ${enable_wtmpx+y} +then : + enableval=$enable_wtmpx; + if test "x$enableval" = "xno" ; then + +printf "%s\n" "#define DISABLE_WTMPX 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-libutil was given. +if test ${enable_libutil+y} +then : + enableval=$enable_libutil; + if test "x$enableval" = "xno" ; then + printf "%s\n" "#define DISABLE_LOGIN 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-pututline was given. +if test ${enable_pututline+y} +then : + enableval=$enable_pututline; + if test "x$enableval" = "xno" ; then + +printf "%s\n" "#define DISABLE_PUTUTLINE 1" >>confdefs.h + + fi + + +fi + +# Check whether --enable-pututxline was given. +if test ${enable_pututxline+y} +then : + enableval=$enable_pututxline; + if test "x$enableval" = "xno" ; then + +printf "%s\n" "#define DISABLE_PUTUTXLINE 1" >>confdefs.h + + fi + + +fi + + +# Check whether --with-lastlog was given. +if test ${with_lastlog+y} +then : + withval=$with_lastlog; + if test "x$withval" = "xno" ; then + printf "%s\n" "#define DISABLE_LASTLOG 1" >>confdefs.h + + elif test -n "$withval" && test "x${withval}" != "xyes"; then + conf_lastlog_location=$withval + fi + + +fi + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if your system defines LASTLOG_FILE" >&5 +printf %s "checking if your system defines LASTLOG_FILE... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_LASTLOG_H +# include +#endif +#ifdef HAVE_PATHS_H +# include +#endif +#ifdef HAVE_LOGIN_H +# include +#endif + +int +main (void) +{ + char *lastlog = LASTLOG_FILE; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if your system defines _PATH_LASTLOG" >&5 +printf %s "checking if your system defines _PATH_LASTLOG... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_LASTLOG_H +# include +#endif +#ifdef HAVE_PATHS_H +# include +#endif + +int +main (void) +{ + char *lastlog = _PATH_LASTLOG; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + system_lastlog_path=no + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + +if test -z "$conf_lastlog_location"; then + if test x"$system_lastlog_path" = x"no" ; then + for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do + if (test -d "$f" || test -f "$f") ; then + conf_lastlog_location=$f + fi + done + if test -z "$conf_lastlog_location"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: ** Cannot find lastlog **" >&5 +printf "%s\n" "$as_me: WARNING: ** Cannot find lastlog **" >&2;} + fi + fi +fi + +if test -n "$conf_lastlog_location"; then + +printf "%s\n" "#define CONF_LASTLOG_FILE \"$conf_lastlog_location\"" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if your system defines UTMP_FILE" >&5 +printf %s "checking if your system defines UTMP_FILE... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_PATHS_H +# include +#endif + +int +main (void) +{ + char *utmp = UTMP_FILE; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + system_utmp_path=no + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +if test -z "$conf_utmp_location"; then + if test x"$system_utmp_path" = x"no" ; then + for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do + if test -f $f ; then + conf_utmp_location=$f + fi + done + if test -z "$conf_utmp_location"; then + printf "%s\n" "#define DISABLE_UTMP 1" >>confdefs.h + + fi + fi +fi +if test -n "$conf_utmp_location"; then + +printf "%s\n" "#define CONF_UTMP_FILE \"$conf_utmp_location\"" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if your system defines WTMP_FILE" >&5 +printf %s "checking if your system defines WTMP_FILE... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_PATHS_H +# include +#endif + +int +main (void) +{ + char *wtmp = WTMP_FILE; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + system_wtmp_path=no + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +if test -z "$conf_wtmp_location"; then + if test x"$system_wtmp_path" = x"no" ; then + for f in /usr/adm/wtmp /var/log/wtmp; do + if test -f $f ; then + conf_wtmp_location=$f + fi + done + if test -z "$conf_wtmp_location"; then + printf "%s\n" "#define DISABLE_WTMP 1" >>confdefs.h + + fi + fi +fi +if test -n "$conf_wtmp_location"; then + +printf "%s\n" "#define CONF_WTMP_FILE \"$conf_wtmp_location\"" >>confdefs.h + +fi + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if your system defines WTMPX_FILE" >&5 +printf %s "checking if your system defines WTMPX_FILE... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef HAVE_UTMPX_H +#include +#endif +#ifdef HAVE_PATHS_H +# include +#endif + +int +main (void) +{ + char *wtmpx = WTMPX_FILE; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + system_wtmpx_path=no + +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +if test -z "$conf_wtmpx_location"; then + if test x"$system_wtmpx_path" = x"no" ; then + printf "%s\n" "#define DISABLE_WTMPX 1" >>confdefs.h + + fi +else + +printf "%s\n" "#define CONF_WTMPX_FILE \"$conf_wtmpx_location\"" >>confdefs.h + +fi + + +if test ! -z "$blibpath" ; then + LDFLAGS="$LDFLAGS $blibflags$blibpath" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5 +printf "%s\n" "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;} +fi + +ac_fn_c_check_member "$LINENO" "struct lastlog" "ll_line" "ac_cv_member_struct_lastlog_ll_line" " +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_UTMP_H +#include +#endif +#ifdef HAVE_UTMPX_H +#include +#endif +#ifdef HAVE_LASTLOG_H +#include +#endif + +" +if test "x$ac_cv_member_struct_lastlog_ll_line" = xyes +then : + +else $as_nop + + if test x$SKIP_DISABLE_LASTLOG_DEFINE != "xyes" ; then + printf "%s\n" "#define DISABLE_LASTLOG 1" >>confdefs.h + + fi + +fi + + +ac_fn_c_check_member "$LINENO" "struct utmp" "ut_line" "ac_cv_member_struct_utmp_ut_line" " +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_UTMP_H +#include +#endif +#ifdef HAVE_UTMPX_H +#include +#endif +#ifdef HAVE_LASTLOG_H +#include +#endif + +" +if test "x$ac_cv_member_struct_utmp_ut_line" = xyes +then : + +else $as_nop + + printf "%s\n" "#define DISABLE_UTMP 1" >>confdefs.h + + printf "%s\n" "#define DISABLE_WTMP 1" >>confdefs.h + + +fi + + +CFLAGS="$CFLAGS $werror_flags" + +if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then + TEST_SSH_IPV6=no +else + TEST_SSH_IPV6=yes +fi +ac_fn_check_decl "$LINENO" "BROKEN_GETADDRINFO" "ac_cv_have_decl_BROKEN_GETADDRINFO" "$ac_includes_default" "$ac_c_undeclared_builtin_options" "CFLAGS" +if test "x$ac_cv_have_decl_BROKEN_GETADDRINFO" = xyes +then : + TEST_SSH_IPV6=no +fi +TEST_SSH_IPV6=$TEST_SSH_IPV6 + +TEST_SSH_UTF8=$TEST_SSH_UTF8 + +TEST_MALLOC_OPTIONS=$TEST_MALLOC_OPTIONS + +UNSUPPORTED_ALGORITHMS=$unsupported_algorithms + +DEPEND=$(cat $srcdir/.depend) + + +# Binaries for interop tests. +# Extract the first word of "plink", so it can be a program name with args. +set dummy plink; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_PLINK+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $PLINK in + [\\/]* | ?:[\\/]*) + ac_cv_path_PLINK="$PLINK" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_PLINK="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PLINK=$ac_cv_path_PLINK +if test -n "$PLINK"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PLINK" >&5 +printf "%s\n" "$PLINK" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "puttygen", so it can be a program name with args. +set dummy puttygen; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_PUTTYGEN+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $PUTTYGEN in + [\\/]* | ?:[\\/]*) + ac_cv_path_PUTTYGEN="$PUTTYGEN" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_PUTTYGEN="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PUTTYGEN=$ac_cv_path_PUTTYGEN +if test -n "$PUTTYGEN"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PUTTYGEN" >&5 +printf "%s\n" "$PUTTYGEN" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "conch", so it can be a program name with args. +set dummy conch; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_CONCH+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $CONCH in + [\\/]* | ?:[\\/]*) + ac_cv_path_CONCH="$CONCH" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_CONCH="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +CONCH=$ac_cv_path_CONCH +if test -n "$CONCH"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CONCH" >&5 +printf "%s\n" "$CONCH" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "dropbear", so it can be a program name with args. +set dummy dropbear; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_DROPBEAR+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $DROPBEAR in + [\\/]* | ?:[\\/]*) + ac_cv_path_DROPBEAR="$DROPBEAR" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_DROPBEAR="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +DROPBEAR=$ac_cv_path_DROPBEAR +if test -n "$DROPBEAR"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DROPBEAR" >&5 +printf "%s\n" "$DROPBEAR" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "dbclient", so it can be a program name with args. +set dummy dbclient; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_DBCLIENT+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $DBCLIENT in + [\\/]* | ?:[\\/]*) + ac_cv_path_DBCLIENT="$DBCLIENT" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_DBCLIENT="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +DBCLIENT=$ac_cv_path_DBCLIENT +if test -n "$DBCLIENT"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DBCLIENT" >&5 +printf "%s\n" "$DBCLIENT" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "dropbearkey", so it can be a program name with args. +set dummy dropbearkey; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_DROPBEARKEY+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $DROPBEARKEY in + [\\/]* | ?:[\\/]*) + ac_cv_path_DROPBEARKEY="$DROPBEARKEY" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_DROPBEARKEY="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +DROPBEARKEY=$ac_cv_path_DROPBEARKEY +if test -n "$DROPBEARKEY"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DROPBEARKEY" >&5 +printf "%s\n" "$DROPBEARKEY" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "dropbearconvert", so it can be a program name with args. +set dummy dropbearconvert; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_DROPBEARCONVERT+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $DROPBEARCONVERT in + [\\/]* | ?:[\\/]*) + ac_cv_path_DROPBEARCONVERT="$DROPBEARCONVERT" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_DROPBEARCONVERT="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +DROPBEARCONVERT=$ac_cv_path_DROPBEARCONVERT +if test -n "$DROPBEARCONVERT"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DROPBEARCONVERT" >&5 +printf "%s\n" "$DROPBEARCONVERT" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +# Extract the first word of "tmux", so it can be a program name with args. +set dummy tmux; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_path_TMUX+y} +then : + printf %s "(cached) " >&6 +else $as_nop + case $TMUX in + [\\/]* | ?:[\\/]*) + ac_cv_path_TMUX="$TMUX" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_path_TMUX="$as_dir$ac_word$ac_exec_ext" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +TMUX=$ac_cv_path_TMUX +if test -n "$TMUX"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TMUX" >&5 +printf "%s\n" "$TMUX" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + + +CFLAGS="${CFLAGS} ${CFLAGS_AFTER}" +LDFLAGS="${LDFLAGS} ${LDFLAGS_AFTER}" + +# Make a copy of CFLAGS/LDFLAGS without PIE options. +LDFLAGS_NOPIE=`echo "$LDFLAGS" | sed 's/^-pie //;s/ -pie//g'` +CFLAGS_NOPIE=`echo "$CFLAGS" | sed 's/^-fPIE //;s/ -fPIE//g'` + + + + + +ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openssh.xml openbsd-compat/Makefile openbsd-compat/regress/Makefile survey.sh" + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test ${\1+y} || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + if test "x$cache_file" != "x/dev/null"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +printf "%s\n" "$as_me: updating cache $cache_file" >&6;} + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +printf "%s\n" "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +DEFS=-DHAVE_CONFIG_H + +ac_libobjs= +ac_ltlibobjs= +U= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`printf "%s\n" "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + + + +: "${CONFIG_STATUS=./config.status}" +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +printf "%s\n" "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +as_nop=: +if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else $as_nop + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + + +# Reset variables that may have inherited troublesome values from +# the environment. + +# IFS needs to be set, to space, tab, and newline, in precisely that order. +# (If _AS_PATH_WALK were called with IFS unset, it would have the +# side effect of setting IFS to empty, thus disabling word splitting.) +# Quoting is to prevent editors from complaining about space-tab. +as_nl=' +' +export as_nl +IFS=" "" $as_nl" + +PS1='$ ' +PS2='> ' +PS4='+ ' + +# Ensure predictable behavior from utilities with locale-dependent output. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# We cannot yet rely on "unset" to work, but we need these variables +# to be unset--not just set to an empty or harmless value--now, to +# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct +# also avoids known problems related to "unset" and subshell syntax +# in other old shells (e.g. bash 2.01 and pdksh 5.2.14). +for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH +do eval test \${$as_var+y} \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done + +# Ensure that fds 0, 1, and 2 are open. +if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi +if (exec 3>&2) ; then :; else exec 2>/dev/null; fi + +# The user is always right. +if ${PATH_SEPARATOR+false} :; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + test -r "$as_dir$0" && as_myself=$as_dir$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + printf "%s\n" "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null +then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else $as_nop + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null +then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else $as_nop + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +printf "%s\n" X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + +# Determine whether it's possible to make 'echo' print without a newline. +# These variables are no longer used directly by Autoconf, but are AC_SUBSTed +# for compatibility with existing Makefiles. +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +# For backward compatibility with old third-party macros, we provide +# the shell variables $as_echo and $as_echo_n. New code should use +# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. +as_echo='printf %s\n' +as_echo_n='printf %s' + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +printf "%s\n" X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by OpenSSH $as_me Portable, which was +generated by GNU Autoconf 2.71. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + +case $ac_config_headers in *" +"*) set x $ac_config_headers; shift; ac_config_headers=$*;; +esac + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. +config_files="$ac_config_files" +config_headers="$ac_config_headers" + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE + +Configuration files: +$config_files + +Configuration headers: +$config_headers + +Report bugs to ." + +_ACEOF +ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"` +ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\''/g"` +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config='$ac_cs_config_escaped' +ac_cs_version="\\ +OpenSSH config.status Portable +configured by $0, generated by GNU Autoconf 2.71, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2021 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +INSTALL='$INSTALL' +MKDIR_P='$MKDIR_P' +AWK='$AWK' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=?*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + printf "%s\n" "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + printf "%s\n" "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; + --header | --heade | --head | --hea ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_HEADERS " '$ac_optarg'" + ac_need_defaults=false;; + --he | --h) + # Conflict between --help and --header + as_fn_error $? "ambiguous option: \`$1' +Try \`$0 --help' for more information.";; + --help | --hel | -h ) + printf "%s\n" "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \printf "%s\n" "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + printf "%s\n" "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; + "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "buildpkg.sh") CONFIG_FILES="$CONFIG_FILES buildpkg.sh" ;; + "opensshd.init") CONFIG_FILES="$CONFIG_FILES opensshd.init" ;; + "openssh.xml") CONFIG_FILES="$CONFIG_FILES openssh.xml" ;; + "openbsd-compat/Makefile") CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;; + "openbsd-compat/regress/Makefile") CONFIG_FILES="$CONFIG_FILES openbsd-compat/regress/Makefile" ;; + "survey.sh") CONFIG_FILES="$CONFIG_FILES survey.sh" ;; + + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + esac +done + + +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test ${CONFIG_FILES+y} || CONFIG_FILES=$config_files + test ${CONFIG_HEADERS+y} || CONFIG_HEADERS=$config_headers +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= ac_tmp= + trap 'exit_status=$? + : "${ac_tmp:=$tmp}" + { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 +ac_tmp=$tmp + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + +# Set up the scripts for CONFIG_HEADERS section. +# No need to generate them if there are no CONFIG_HEADERS. +# This happens for instance with `./config.status Makefile'. +if test -n "$CONFIG_HEADERS"; then +cat >"$ac_tmp/defines.awk" <<\_ACAWK || +BEGIN { +_ACEOF + +# Transform confdefs.h into an awk script `defines.awk', embedded as +# here-document in config.status, that substitutes the proper values into +# config.h.in to produce config.h. + +# Create a delimiter string that does not exist in confdefs.h, to ease +# handling of long lines. +ac_delim='%!_!# ' +for ac_last_try in false false :; do + ac_tt=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_tt"; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done + +# For the awk script, D is an array of macro values keyed by name, +# likewise P contains macro parameters if any. Preserve backslash +# newline sequences. + +ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +sed -n ' +s/.\{148\}/&'"$ac_delim"'/g +t rset +:rset +s/^[ ]*#[ ]*define[ ][ ]*/ / +t def +d +:def +s/\\$// +t bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3"/p +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p +d +:bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3\\\\\\n"\\/p +t cont +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p +t cont +d +:cont +n +s/.\{148\}/&'"$ac_delim"'/g +t clear +:clear +s/\\$// +t bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/"/p +d +:bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p +b cont +' >$CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + for (key in D) D_is_set[key] = 1 + FS = "" +} +/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { + line = \$ 0 + split(line, arg, " ") + if (arg[1] == "#") { + defundef = arg[2] + mac1 = arg[3] + } else { + defundef = substr(arg[1], 2) + mac1 = arg[2] + } + split(mac1, mac2, "(") #) + macro = mac2[1] + prefix = substr(line, 1, index(line, defundef) - 1) + if (D_is_set[macro]) { + # Preserve the white space surrounding the "#". + print prefix "define", macro P[macro] D[macro] + next + } else { + # Replace #undef with comments. This is necessary, for example, + # in the case of _POSIX_SOURCE, which is predefined and required + # on some systems where configure will not decide to define it. + if (defundef == "undef") { + print "/*", prefix defundef, macro, "*/" + next + } + } +} +{ print } +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 +fi # test -n "$CONFIG_HEADERS" + + +eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS " +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$ac_tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + esac + case $ac_f in *\'*) ac_f=`printf "%s\n" "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + printf "%s\n" "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +printf "%s\n" "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`printf "%s\n" "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$ac_tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +printf "%s\n" X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + + case $INSTALL in + [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; + *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; + esac + ac_MKDIR_P=$MKDIR_P + case $MKDIR_P in + [\\/$]* | ?:[\\/]* ) ;; + */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; + esac +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +printf "%s\n" "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +s&@INSTALL@&$ac_INSTALL&;t t +s&@MKDIR_P@&$ac_MKDIR_P&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ + >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ + "$ac_tmp/out"`; test -z "$ac_out"; } && + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +printf "%s\n" "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$ac_tmp/stdin" + case $ac_file in + -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; + *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + ;; + :H) + # + # CONFIG_HEADER + # + if test x"$ac_file" != x-; then + { + printf "%s\n" "/* $configure_input */" >&1 \ + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" + } >"$ac_tmp/config.h" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +printf "%s\n" "$as_me: $ac_file is unchanged" >&6;} + else + rm -f "$ac_file" + mv "$ac_tmp/config.h" "$ac_file" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + fi + else + printf "%s\n" "/* $configure_input */" >&1 \ + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error $? "could not create -" "$LINENO" 5 + fi + ;; + + + esac + +done # for ac_tag + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit 1 +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + + +# Print summary of options + +# Someone please show me a better way :) +A=`eval echo ${prefix}` ; A=`eval echo ${A}` +B=`eval echo ${bindir}` ; B=`eval echo ${B}` +C=`eval echo ${sbindir}` ; C=`eval echo ${C}` +D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` +E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` +F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` +G=`eval echo ${piddir}` ; G=`eval echo ${G}` +H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` +I=`eval echo ${user_path}` ; I=`eval echo ${I}` +J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` + +echo "" +echo "OpenSSH has been configured with the following options:" +echo " User binaries: $B" +echo " System binaries: $C" +echo " Configuration files: $D" +echo " Askpass program: $E" +echo " Manual pages: $F" +echo " PID file: $G" +echo " Privilege separation chroot path: $H" +if test "x$external_path_file" = "x/etc/login.conf" ; then +echo " At runtime, sshd will use the path defined in $external_path_file" +echo " Make sure the path to scp is present, otherwise scp will not work" +else +echo " sshd default user PATH: $I" + if test ! -z "$external_path_file"; then +echo " (If PATH is set in $external_path_file it will be used instead. If" +echo " used, ensure the path to scp is present, otherwise scp will not work.)" + fi +fi +if test ! -z "$superuser_path" ; then +echo " sshd superuser user PATH: $J" +fi +echo " Manpage format: $MANTYPE" +echo " PAM support: $PAM_MSG" +echo " OSF SIA support: $SIA_MSG" +echo " KerberosV support: $KRB5_MSG" +echo " SELinux support: $SELINUX_MSG" +echo " libedit support: $LIBEDIT_MSG" +echo " libldns support: $LDNS_MSG" +echo " Solaris process contract support: $SPC_MSG" +echo " Solaris project support: $SP_MSG" +echo " Solaris privilege support: $SPP_MSG" +echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" +echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" +echo " BSD Auth support: $BSD_AUTH_MSG" +echo " Random number source: $RAND_MSG" +echo " Privsep sandbox style: $SANDBOX_STYLE" +echo " PKCS#11 support: $enable_pkcs11" +echo " U2F/FIDO support: $enable_sk" + +echo "" + +echo " Host: ${host}" +echo " Compiler: ${CC}" +echo " Compiler flags: ${CFLAGS}" +echo "Preprocessor flags: ${CPPFLAGS}" +echo " Linker flags: ${LDFLAGS}" +echo " Libraries: ${LIBS}" +if test ! -z "${CHANNELLIBS}"; then +echo " +for channels: ${CHANNELLIBS}" +fi +if test ! -z "${LIBFIDO2}"; then +echo " +for FIDO2: ${LIBFIDO2}" +fi +if test ! -z "${SSHDLIBS}"; then +echo " +for sshd: ${SSHDLIBS}" +fi + +echo "" + +if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then + echo "SVR4 style packages are supported with \"make package\"" + echo "" +fi + +if test "x$PAM_MSG" = "xyes" ; then + echo "PAM is enabled. You may need to install a PAM control file " + echo "for sshd, otherwise password authentication may fail. " + echo "Example PAM control files can be found in the contrib/ " + echo "subdirectory" + echo "" +fi + +if test ! -z "$NO_PEERCHECK" ; then + echo "WARNING: the operating system that you are using does not" + echo "appear to support getpeereid(), getpeerucred() or the" + echo "SO_PEERCRED getsockopt() option. These facilities are used to" + echo "enforce security checks to prevent unauthorised connections to" + echo "ssh-agent. Their absence increases the risk that a malicious" + echo "user can connect to your agent." + echo "" +fi + +if test "$AUDIT_MODULE" = "bsm" ; then + echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." + echo "See the Solaris section in README.platform for details." +fi diff --git a/moduli.0 b/moduli.0 new file mode 100644 index 000000000000..3c3c81b4a628 --- /dev/null +++ b/moduli.0 @@ -0,0 +1,74 @@ +MODULI(5) File Formats Manual MODULI(5) + +NAME + moduli M-bM-^@M-^S Diffie-Hellman moduli + +DESCRIPTION + The /etc/moduli file contains prime numbers and generators for use by + sshd(8) in the Diffie-Hellman Group Exchange key exchange method. + + New moduli may be generated with ssh-keygen(1) using a two-step process. + An initial candidate generation pass, using ssh-keygen -M generate, + calculates numbers that are likely to be useful. A second primality + testing pass, using ssh-keygen -M screen, provides a high degree of + assurance that the numbers are prime and are safe for use in Diffie- + Hellman operations by sshd(8). This moduli format is used as the output + from each pass. + + The file consists of newline-separated records, one per modulus, + containing seven space-separated fields. These fields are as follows: + + timestamp The time that the modulus was last processed as + YYYYMMDDHHMMSS. + + type Decimal number specifying the internal structure of + the prime modulus. Supported types are: + + 0 Unknown, not tested. + 2 "Safe" prime; (p-1)/2 is also prime. + 4 Sophie Germain; 2p+1 is also prime. + + Moduli candidates initially produced by ssh-keygen(1) + are Sophie Germain primes (type 4). Further primality + testing with ssh-keygen(1) produces safe prime moduli + (type 2) that are ready for use in sshd(8). Other + types are not used by OpenSSH. + + tests Decimal number indicating the type of primality tests + that the number has been subjected to represented as a + bitmask of the following values: + + 0x00 Not tested. + 0x01 Composite number M-bM-^@M-^S not prime. + 0x02 Sieve of Eratosthenes. + 0x04 Probabilistic Miller-Rabin primality tests. + + The ssh-keygen(1) moduli candidate generation uses the + Sieve of Eratosthenes (flag 0x02). Subsequent + ssh-keygen(1) primality tests are Miller-Rabin tests + (flag 0x04). + + trials Decimal number indicating the number of primality + trials that have been performed on the modulus. + + size Decimal number indicating the size of the prime in + bits. + + generator The recommended generator for use with this modulus + (hexadecimal). + + modulus The modulus itself in hexadecimal. + + When performing Diffie-Hellman Group Exchange, sshd(8) first estimates + the size of the modulus required to produce enough Diffie-Hellman output + to sufficiently key the selected symmetric cipher. sshd(8) then randomly + selects a modulus from /etc/moduli that best meets the size requirement. + +SEE ALSO + ssh-keygen(1), sshd(8) + +STANDARDS + M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for + the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006. + +OpenBSD 7.8 April 16, 2022 MODULI(5) diff --git a/scp.0 b/scp.0 new file mode 100644 index 000000000000..d59fe31ccec2 --- /dev/null +++ b/scp.0 @@ -0,0 +1,273 @@ +SCP(1) General Commands Manual SCP(1) + +NAME + scp M-bM-^@M-^S OpenSSH secure file copy + +SYNOPSIS + scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config] + [-i identity_file] [-J destination] [-l limit] [-o ssh_option] + [-P port] [-S program] [-X sftp_option] source ... target + +DESCRIPTION + scp copies files between hosts on a network. + + scp uses the SFTP protocol over an ssh(1) connection for data transfer, + and uses the same authentication and provides the same security as a + login session. + + scp will ask for passwords or passphrases if they are needed for + authentication. + + The source and target may be specified as a local pathname, a remote host + with optional path in the form [user@]host:[path], or a URI in the form + scp://[user@]host[:port][/path]. Local file names can be made explicit + using absolute or relative pathnames to avoid scp treating file names + containing M-bM-^@M-^X:M-bM-^@M-^Y as host specifiers. + + When copying between two remote hosts, if the URI format is used, a port + cannot be specified on the target if the -R option is used. + + The options are as follows: + + -3 Copies between two remote hosts are transferred through the local + host. This mode is the default, but see also the -R option for + copying data directly between two remote hosts. Note that when + using the legacy SCP protocol (via the -O flag), this option + selects batch mode for the second host as scp cannot ask for + passwords or passphrases for both hosts. + + -4 Forces scp to use IPv4 addresses only. + + -6 Forces scp to use IPv6 addresses only. + + -A Allows forwarding of ssh-agent(1) to the remote system. The + default is not to forward an authentication agent. + + -B Selects batch mode (prevents asking for passwords or + passphrases). + + -C Compression enable. Passes the -C flag to ssh(1) to enable + compression. + + -c cipher + Selects the cipher to use for encrypting the data transfer. This + option is directly passed to ssh(1). + + -D sftp_server_path + Connect directly to a local SFTP server program rather than a + remote one via ssh(1). This option may be useful in debugging + the client and server. + + -F ssh_config + Specifies an alternative per-user configuration file for ssh. + This option is directly passed to ssh(1). + + -i identity_file + Selects the file from which the identity (private key) for public + key authentication is read. This option is directly passed to + ssh(1). + + -J destination + Connect to the target host by first making an scp connection to + the jump host described by destination and then establishing a + TCP forwarding to the ultimate destination from there. Multiple + jump hops may be specified separated by comma characters. This + is a shortcut to specify a ProxyJump configuration directive. + This option is directly passed to ssh(1). + + -l limit + Limits the used bandwidth, specified in Kbit/s. + + -O Use the legacy SCP protocol for file transfers instead of the + SFTP protocol. Forcing the use of the SCP protocol may be + necessary for servers that do not implement SFTP, for backwards- + compatibility for particular filename wildcard patterns and for + expanding paths with a M-bM-^@M-^X~M-bM-^@M-^Y prefix for older SFTP servers. + + -o ssh_option + Can be used to pass options to ssh in the format used in + ssh_config(5). This is useful for specifying options for which + there is no separate scp command-line flag. For full details of + the options listed below, and their possible values, see + ssh_config(5). + + AddKeysToAgent + AddressFamily + BatchMode + BindAddress + BindInterface + CASignatureAlgorithms + CanonicalDomains + CanonicalizeFallbackLocal + CanonicalizeHostname + CanonicalizeMaxDots + CanonicalizePermittedCNAMEs + CertificateFile + ChannelTimeout + CheckHostIP + Ciphers + ClearAllForwardings + Compression + ConnectTimeout + ConnectionAttempts + ControlMaster + ControlPath + ControlPersist + DynamicForward + EnableEscapeCommandline + EnableSSHKeysign + EscapeChar + ExitOnForwardFailure + FingerprintHash + ForkAfterAuthentication + ForwardAgent + ForwardX11 + ForwardX11Timeout + ForwardX11Trusted + GSSAPIAuthentication + GSSAPIDelegateCredentials + GatewayPorts + GlobalKnownHostsFile + HashKnownHosts + Host + HostKeyAlgorithms + HostKeyAlias + HostbasedAcceptedAlgorithms + HostbasedAuthentication + Hostname + IPQoS + IdentitiesOnly + IdentityAgent + IdentityFile + IgnoreUnknown + Include + KbdInteractiveAuthentication + KbdInteractiveDevices + KexAlgorithms + KnownHostsCommand + LocalCommand + LocalForward + LogLevel + LogVerbose + MACs + NoHostAuthenticationForLocalhost + NumberOfPasswordPrompts + ObscureKeystrokeTiming + PKCS11Provider + PasswordAuthentication + PermitLocalCommand + PermitRemoteOpen + Port + PreferredAuthentications + ProxyCommand + ProxyJump + ProxyUseFdpass + PubkeyAcceptedAlgorithms + PubkeyAuthentication + RekeyLimit + RemoteCommand + RemoteForward + RequestTTY + RequiredRSASize + RevokedHostKeys + SecurityKeyProvider + SendEnv + ServerAliveCountMax + ServerAliveInterval + SessionType + SetEnv + StdinNull + StreamLocalBindMask + StreamLocalBindUnlink + StrictHostKeyChecking + SyslogFacility + TCPKeepAlive + Tag + Tunnel + TunnelDevice + UpdateHostKeys + User + UserKnownHostsFile + VerifyHostKeyDNS + VisualHostKey + XAuthLocation + + -P port + Specifies the port to connect to on the remote host. Note that + this option is written with a capital M-bM-^@M-^XPM-bM-^@M-^Y, because -p is already + reserved for preserving the times and mode bits of the file. + + -p Preserves modification times, access times, and file mode bits + from the source file. + + -q Quiet mode: disables the progress meter as well as warning and + diagnostic messages from ssh(1). + + -R Copies between two remote hosts are transferred through the local + host by default. This option instead copies between two remote + hosts by connecting to the origin host and executing scp there. + This requires that scp running on the origin host can + authenticate to the destination host without requiring a + password. + + -r Recursively copy entire directories. Note that scp follows + symbolic links encountered in the tree traversal. + + -S program + Name of program to use for the encrypted connection. The program + must understand ssh(1) options. + + -T Disable strict filename checking. By default when copying files + from a remote host to a local directory scp checks that the + received filenames match those requested on the command-line to + prevent the remote end from sending unexpected or unwanted files. + Because of differences in how various operating systems and + shells interpret filename wildcards, these checks may cause + wanted files to be rejected. This option disables these checks + at the expense of fully trusting that the server will not send + unexpected filenames. + + -v Verbose mode. Causes scp and ssh(1) to print debugging messages + about their progress. This is helpful in debugging connection, + authentication, and configuration problems. + + -X sftp_option + Specify an option that controls aspects of SFTP protocol + behaviour. The valid options are: + + nrequests=value + Controls how many concurrent SFTP read or write requests + may be in progress at any point in time during a download + or upload. By default 64 requests may be active + concurrently. + + buffer=value + Controls the maximum buffer size for a single SFTP + read/write operation used during download or upload. By + default a 32KB buffer is used. + +EXIT STATUS + The scp utility exitsM-BM- 0 on success, andM-BM- >0 if an error occurs. + +SEE ALSO + sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5), + sftp-server(8), sshd(8) + +HISTORY + scp is based on the rcp program in BSD source code from the Regents of + the University of California. + + Since OpenSSH 9.0, scp has used the SFTP protocol for transfers by + default. + +AUTHORS + Timo Rinne + Tatu Ylonen + +CAVEATS + The legacy SCP protocol (selected by the -O flag) requires execution of + the remote user's shell to perform glob(3) pattern matching. This + requires careful quoting of any characters that have special meaning to + the remote shell, such as quote characters. + +OpenBSD 7.8 October 4, 2025 SCP(1) diff --git a/sftp-server.0 b/sftp-server.0 new file mode 100644 index 000000000000..91e0cc497c1e --- /dev/null +++ b/sftp-server.0 @@ -0,0 +1,98 @@ +SFTP-SERVER(8) System Manager's Manual SFTP-SERVER(8) + +NAME + sftp-server M-bM-^@M-^S OpenSSH SFTP server subsystem + +SYNOPSIS + sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] + [-P denied_requests] [-p allowed_requests] [-u umask] + sftp-server -Q protocol_feature + +DESCRIPTION + sftp-server is a program that speaks the server side of SFTP protocol to + stdout and expects client requests from stdin. sftp-server is not + intended to be called directly, but from sshd(8) using the Subsystem + option. + + Command-line flags to sftp-server should be specified in the Subsystem + declaration. See sshd_config(5) for more information. + + Valid options are: + + -d start_directory + Specifies an alternate starting directory for users. The + pathname may contain the following tokens that are expanded at + runtime: %% is replaced by a literal '%', %d is replaced by the + home directory of the user being authenticated, and %u is + replaced by the username of that user. The default is to use the + user's home directory. This option is useful in conjunction with + the sshd_config(5) ChrootDirectory option. + + -e Causes sftp-server to print logging information to stderr instead + of syslog for debugging. + + -f log_facility + Specifies the facility code that is used when logging messages + from sftp-server. The possible values are: DAEMON, USER, AUTH, + LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. + The default is AUTH. + + -h Displays sftp-server usage information. + + -l log_level + Specifies which messages will be logged by sftp-server. The + possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, + DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions + that sftp-server performs on behalf of the client. DEBUG and + DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher + levels of debugging output. The default is ERROR. + + -P denied_requests + Specifies a comma-separated list of SFTP protocol requests that + are banned by the server. sftp-server will reply to any denied + request with a failure. The -Q flag can be used to determine the + supported request types. If both denied and allowed lists are + specified, then the denied list is applied before the allowed + list. + + -p allowed_requests + Specifies a comma-separated list of SFTP protocol requests that + are permitted by the server. All request types that are not on + the allowed list will be logged and replied to with a failure + message. + + Care must be taken when using this feature to ensure that + requests made implicitly by SFTP clients are permitted. + + -Q protocol_feature + Queries protocol features supported by sftp-server. At present + the only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be + used to deny or allow specific requests (flags -P and -p + respectively). + + -R Places this instance of sftp-server into a read-only mode. + Attempts to open files for writing, as well as other operations + that change the state of the filesystem, will be denied. + + -u umask + Sets an explicit umask(2) to be applied to newly-created files + and directories, instead of the user's default mask. + + On some systems, sftp-server must be able to access /dev/log for logging + to work, and use of sftp-server in a chroot configuration therefore + requires that syslogd(8) establish a logging socket inside the chroot + directory. + +SEE ALSO + sftp(1), ssh(1), sshd_config(5), sshd(8) + + T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- + filexfer-02.txt, October 2001, work in progress material. + +HISTORY + sftp-server first appeared in OpenBSD 2.8. + +AUTHORS + Markus Friedl + +OpenBSD 7.8 July 27, 2021 SFTP-SERVER(8) diff --git a/sftp.0 b/sftp.0 new file mode 100644 index 000000000000..a0e20e30cce0 --- /dev/null +++ b/sftp.0 @@ -0,0 +1,477 @@ +SFTP(1) General Commands Manual SFTP(1) + +NAME + sftp M-bM-^@M-^S OpenSSH secure file transfer + +SYNOPSIS + sftp [-46AaCfNpqrv] [-B buffer_size] [-b batchfile] [-c cipher] + [-D sftp_server_command] [-F ssh_config] [-i identity_file] + [-J destination] [-l limit] [-o ssh_option] [-P port] + [-R num_requests] [-S program] [-s subsystem | sftp_server] + [-X sftp_option] destination + +DESCRIPTION + sftp is a file transfer program, similar to ftp(1), which performs all + operations over an encrypted ssh(1) transport. It may also use many + features of ssh, such as public key authentication and compression. + + The destination may be specified either as [user@]host[:path] or as a URI + in the form sftp://[user@]host[:port][/path]. + + If the destination includes a path and it is not a directory, sftp will + retrieve files automatically if a non-interactive authentication method + is used; otherwise it will do so after successful interactive + authentication. + + If no path is specified, or if the path is a directory, sftp will log in + to the specified host and enter interactive command mode, changing to the + remote directory if one was specified. An optional trailing slash can be + used to force the path to be interpreted as a directory. + + Since the destination formats use colon characters to delimit host names + from path names or port numbers, IPv6 addresses must be enclosed in + square brackets to avoid ambiguity. + + The options are as follows: + + -4 Forces sftp to use IPv4 addresses only. + + -6 Forces sftp to use IPv6 addresses only. + + -A Allows forwarding of ssh-agent(1) to the remote system. The + default is not to forward an authentication agent. + + -a Attempt to continue interrupted transfers rather than overwriting + existing partial or complete copies of files. If the partial + contents differ from those being transferred, then the resultant + file is likely to be corrupt. + + -B buffer_size + Specify the size of the buffer that sftp uses when transferring + files. Larger buffers require fewer round trips at the cost of + higher memory consumption. The default is 32768 bytes. + + -b batchfile + Batch mode reads a series of commands from an input batchfile + instead of stdin. Since it lacks user interaction, it should be + used in conjunction with non-interactive authentication to + obviate the need to enter a password at connection time (see + sshd(8) and ssh-keygen(1) for details). + + A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input. sftp + will abort if any of the following commands fail: get, put, + reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, copy, cp, + chmod, chown, chgrp, lpwd, df, symlink, and lmkdir. + + Termination on error can be suppressed on a command by command + basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example, + -rm /tmp/blah*). Echo of the command may be suppressed by + prefixing the command with a M-bM-^@M-^X@M-bM-^@M-^Y character. These two prefixes + may be combined in any order, for example -@ls /bsd. + + -C Enables compression (via ssh's -C flag). + + -c cipher + Selects the cipher to use for encrypting the data transfers. + This option is directly passed to ssh(1). + + -D sftp_server_command + Connect directly to a local sftp server (rather than via ssh(1)). + A command and arguments may be specified, for example + "/path/sftp-server -el debug3". This option may be useful in + debugging the client and server. + + -F ssh_config + Specifies an alternative per-user configuration file for ssh(1). + This option is directly passed to ssh(1). + + -f Requests that files be flushed to disk immediately after + transfer. When uploading files, this feature is only enabled if + the server implements the "fsync@openssh.com" extension. + + -i identity_file + Selects the file from which the identity (private key) for public + key authentication is read. This option is directly passed to + ssh(1). + + -J destination + Connect to the target host by first making an sftp connection to + the jump host described by destination and then establishing a + TCP forwarding to the ultimate destination from there. Multiple + jump hops may be specified separated by comma characters. This + is a shortcut to specify a ProxyJump configuration directive. + This option is directly passed to ssh(1). + + -l limit + Limits the used bandwidth, specified in Kbit/s. + + -N Disables quiet mode, e.g. to override the implicit quiet mode set + by the -b flag. + + -o ssh_option + Can be used to pass options to ssh in the format used in + ssh_config(5). This is useful for specifying options for which + there is no separate sftp command-line flag. For example, to + specify an alternate port use: sftp -oPort=24. For full details + of the options listed below, and their possible values, see + ssh_config(5). + + AddKeysToAgent + AddressFamily + BatchMode + BindAddress + BindInterface + CASignatureAlgorithms + CanonicalDomains + CanonicalizeFallbackLocal + CanonicalizeHostname + CanonicalizeMaxDots + CanonicalizePermittedCNAMEs + CertificateFile + ChannelTimeout + CheckHostIP + Ciphers + ClearAllForwardings + Compression + ConnectTimeout + ConnectionAttempts + ControlMaster + ControlPath + ControlPersist + DynamicForward + EnableEscapeCommandline + EnableSSHKeysign + EscapeChar + ExitOnForwardFailure + FingerprintHash + ForkAfterAuthentication + ForwardAgent + ForwardX11 + ForwardX11Timeout + ForwardX11Trusted + GSSAPIAuthentication + GSSAPIDelegateCredentials + GatewayPorts + GlobalKnownHostsFile + HashKnownHosts + Host + HostKeyAlgorithms + HostKeyAlias + HostbasedAcceptedAlgorithms + HostbasedAuthentication + Hostname + IPQoS + IdentitiesOnly + IdentityAgent + IdentityFile + IgnoreUnknown + Include + KbdInteractiveAuthentication + KbdInteractiveDevices + KexAlgorithms + KnownHostsCommand + LocalCommand + LocalForward + LogLevel + LogVerbose + MACs + NoHostAuthenticationForLocalhost + NumberOfPasswordPrompts + ObscureKeystrokeTiming + PKCS11Provider + PasswordAuthentication + PermitLocalCommand + PermitRemoteOpen + Port + PreferredAuthentications + ProxyCommand + ProxyJump + ProxyUseFdpass + PubkeyAcceptedAlgorithms + PubkeyAuthentication + RekeyLimit + RemoteCommand + RemoteForward + RequestTTY + RequiredRSASize + RevokedHostKeys + SecurityKeyProvider + SendEnv + ServerAliveCountMax + ServerAliveInterval + SessionType + SetEnv + StdinNull + StreamLocalBindMask + StreamLocalBindUnlink + StrictHostKeyChecking + SyslogFacility + TCPKeepAlive + Tag + Tunnel + TunnelDevice + UpdateHostKeys + User + UserKnownHostsFile + VerifyHostKeyDNS + VisualHostKey + XAuthLocation + + -P port + Specifies the port to connect to on the remote host. + + -p Preserves modification times, access times, and modes from the + original files transferred. + + -q Quiet mode: disables the progress meter as well as warning and + diagnostic messages from ssh(1). + + -R num_requests + Specify how many requests may be outstanding at any one time. + Increasing this may slightly improve file transfer speed but will + increase memory usage. The default is 64 outstanding requests. + + -r Recursively copy entire directories when uploading and + downloading. Note that sftp does not follow symbolic links + encountered in the tree traversal. + + -S program + Name of the program to use for the encrypted connection. The + program must understand ssh(1) options. + + -s subsystem | sftp_server + Specifies the SSH2 subsystem or the path for an sftp server on + the remote host. A path is useful when the remote sshd(8) does + not have an sftp subsystem configured. + + -v Raise logging level. This option is also passed to ssh. + + -X sftp_option + Specify an option that controls aspects of SFTP protocol + behaviour. The valid options are: + + nrequests=value + Controls how many concurrent SFTP read or write requests + may be in progress at any point in time during a download + or upload. By default 64 requests may be active + concurrently. + + buffer=value + Controls the maximum buffer size for a single SFTP + read/write operation used during download or upload. By + default a 32KB buffer is used. + +INTERACTIVE COMMANDS + Once in interactive mode, sftp understands a set of commands similar to + those of ftp(1). Commands are case insensitive. Pathnames that contain + spaces must be enclosed in quotes. Any special characters contained + within pathnames that are recognized by glob(3) must be escaped with + backslashes (M-bM-^@M-^X\M-bM-^@M-^Y). + + bye Quit sftp. + + cd [path] + Change remote directory to path. If path is not specified, then + change directory to the one the session started in. + + chgrp [-h] grp path + Change group of file path to grp. path may contain glob(7) + characters and may match multiple files. grp must be a numeric + GID. + + If the -h flag is specified, then symlinks will not be followed. + Note that this is only supported by servers that implement the + "lsetstat@openssh.com" extension. + + chmod [-h] mode path + Change permissions of file path to mode. path may contain + glob(7) characters and may match multiple files. + + If the -h flag is specified, then symlinks will not be followed. + Note that this is only supported by servers that implement the + "lsetstat@openssh.com" extension. + + chown [-h] own path + Change owner of file path to own. path may contain glob(7) + characters and may match multiple files. own must be a numeric + UID. + + If the -h flag is specified, then symlinks will not be followed. + Note that this is only supported by servers that implement the + "lsetstat@openssh.com" extension. + + copy oldpath newpath + Copy remote file from oldpath to newpath. + + Note that this is only supported by servers that implement the + "copy-data" extension. + + cp oldpath newpath + Alias to copy command. + + df [-hi] [path] + Display usage information for the filesystem holding the current + directory (or path if specified). If the -h flag is specified, + the capacity information will be displayed using "human-readable" + suffixes. The -i flag requests display of inode information in + addition to capacity information. This command is only supported + on servers that implement the M-bM-^@M-^\statvfs@openssh.comM-bM-^@M-^] extension. + + exit Quit sftp. + + get [-afpR] remote-path [local-path] + Retrieve the remote-path and store it on the local machine. If + the local path name is not specified, it is given the same name + it has on the remote machine. remote-path may contain glob(7) + characters and may match multiple files. If it does and + local-path is specified, then local-path must specify a + directory. + + If the -a flag is specified, then attempt to resume partial + transfers of existing files. Note that resumption assumes that + any partial copy of the local file matches the remote copy. If + the remote file contents differ from the partial local copy then + the resultant file is likely to be corrupt. + + If the -f flag is specified, then fsync(2) will be called after + the file transfer has completed to flush the file to disk. + + If the -p flag is specified, then full file permissions and + access times are copied too. + + If the -R flag is specified then directories will be copied + recursively. Note that sftp does not follow symbolic links when + performing recursive transfers. + + help Display help text. + + lcd [path] + Change local directory to path. If path is not specified, then + change directory to the local user's home directory. + + lls [ls-options [path]] + Display local directory listing of either path or current + directory if path is not specified. ls-options may contain any + flags supported by the local system's ls(1) command. path may + contain glob(7) characters and may match multiple files. + + lmkdir path + Create local directory specified by path. + + ln [-s] oldpath newpath + Create a link from oldpath to newpath. If the -s flag is + specified the created link is a symbolic link, otherwise it is a + hard link. + + lpwd Print local working directory. + + ls [-1afhlnrSt] [path] + Display a remote directory listing of either path or the current + directory if path is not specified. path may contain glob(7) + characters and may match multiple files. + + The following flags are recognized and alter the behaviour of ls + accordingly: + + -1 Produce single columnar output. + + -a List files beginning with a dot (M-bM-^@M-^X.M-bM-^@M-^Y). + + -f Do not sort the listing. The default sort order is + lexicographical. + + -h When used with a long format option, use unit suffixes: + Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte, + and Exabyte in order to reduce the number of digits to + four or fewer using powers of 2 for sizes (K=1024, + M=1048576, etc.). + + -l Display additional details including permissions and + ownership information. + + -n Produce a long listing with user and group information + presented numerically. + + -r Reverse the sort order of the listing. + + -S Sort the listing by file size. + + -t Sort the listing by last modification time. + + lumask umask + Set local umask to umask. + + mkdir path + Create remote directory specified by path. + + progress + Toggle display of progress meter. + + put [-afpR] local-path [remote-path] + Upload local-path and store it on the remote machine. If the + remote path name is not specified, it is given the same name it + has on the local machine. local-path may contain glob(7) + characters and may match multiple files. If it does and + remote-path is specified, then remote-path must specify a + directory. + + If the -a flag is specified, then attempt to resume partial + transfers of existing files. Note that resumption assumes that + any partial copy of the remote file matches the local copy. If + the local file contents differ from the remote local copy then + the resultant file is likely to be corrupt. + + If the -f flag is specified, then a request will be sent to the + server to call fsync(2) after the file has been transferred. + Note that this is only supported by servers that implement the + "fsync@openssh.com" extension. + + If the -p flag is specified, then full file permissions and + access times are copied too. + + If the -R flag is specified then directories will be copied + recursively. Note that sftp does not follow symbolic links when + performing recursive transfers. + + pwd Display remote working directory. + + quit Quit sftp. + + reget [-fpR] remote-path [local-path] + Resume download of remote-path. Equivalent to get with the -a + flag set. + + reput [-fpR] local-path [remote-path] + Resume upload of local-path. Equivalent to put with the -a flag + set. + + rename oldpath newpath + Rename remote file from oldpath to newpath. + + rm path + Delete remote file specified by path. + + rmdir path + Remove remote directory specified by path. + + symlink oldpath newpath + Create a symbolic link from oldpath to newpath. + + version + Display the sftp protocol version. + + !command + Execute command in local shell. + + ! Escape to local shell. + + ? Synonym for help. + +SEE ALSO + ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5), + glob(7), sftp-server(8), sshd(8) + + T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- + filexfer-00.txt, January 2001, work in progress material. + +OpenBSD 7.8 December 6, 2024 SFTP(1) diff --git a/ssh-add.0 b/ssh-add.0 new file mode 100644 index 000000000000..dfdf71fb55cb --- /dev/null +++ b/ssh-add.0 @@ -0,0 +1,219 @@ +SSH-ADD(1) General Commands Manual SSH-ADD(1) + +NAME + ssh-add M-bM-^@M-^S adds private key identities to the OpenSSH authentication agent + +SYNOPSIS + ssh-add [-CcDdKkLlNqvXx] [-E fingerprint_hash] [-H hostkey_file] + [-h destination_constraint] [-S provider] [-t life] [file ...] + ssh-add -s pkcs11 [-Cv] [certificate ...] + ssh-add -e pkcs11 + ssh-add -T pubkey ... + ssh-add -Q + +DESCRIPTION + ssh-add adds private key identities to the authentication agent, + ssh-agent(1). When run without arguments, it adds the files + ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519 and + ~/.ssh/id_ed25519_sk. After loading a private key, ssh-add will try to + load corresponding certificate information from the filename obtained by + appending -cert.pub to the name of the private key file. Alternative + file names can be given on the command line. + + If any file requires a passphrase, ssh-add asks for the passphrase from + the user. The passphrase is read from the user's tty. ssh-add retries + the last passphrase if multiple identity files are given. + + The authentication agent must be running and the SSH_AUTH_SOCK + environment variable must contain the name of its socket for ssh-add to + work. + + The options are as follows: + + -C When loading keys into or deleting keys from the agent, process + certificates only and skip plain keys. + + -c Indicates that added identities should be subject to confirmation + before being used for authentication. Confirmation is performed + by ssh-askpass(1). Successful confirmation is signaled by a zero + exit status from ssh-askpass(1), rather than text entered into + the requester. + + -D Deletes all identities from the agent. + + -d Instead of adding identities, removes identities from the agent. + If ssh-add has been run without arguments, the keys for the + default identities and their corresponding certificates will be + removed. Otherwise, the argument list will be interpreted as a + list of paths to public key files to specify keys and + certificates to be removed from the agent. If no public key is + found at a given path, ssh-add will append .pub and retry. If + the argument list consists of M-bM-^@M-^\-M-bM-^@M-^] then ssh-add will read public + keys to be removed from standard input. + + -E fingerprint_hash + Specifies the hash algorithm used when displaying key + fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The + default is M-bM-^@M-^\sha256M-bM-^@M-^]. + + -e pkcs11 + Remove keys provided by the PKCS#11 shared library pkcs11. + + -H hostkey_file + Specifies a known hosts file to look up hostkeys when using + destination-constrained keys via the -h flag. This option may be + specified multiple times to allow multiple files to be searched. + If no files are specified, ssh-add will use the default + ssh_config(5) known hosts files: ~/.ssh/known_hosts, + ~/.ssh/known_hosts2, /etc/ssh/ssh_known_hosts, and + /etc/ssh/ssh_known_hosts2. + + -h destination_constraint + When adding keys, constrain them to be usable only through + specific hosts or to specific destinations. + + Destination constraints of the form M-bM-^@M-^X[user@]dest-hostnameM-bM-^@M-^Y permit + use of the key only from the origin host (the one running + ssh-agent(1)) to the listed destination host, with optional user + name. + + Constraints of the form M-bM-^@M-^Xsrc-hostname>[user@]dst-hostnameM-bM-^@M-^Y allow + a key available on a forwarded ssh-agent(1) to be used through a + particular host (as specified by M-bM-^@M-^Xsrc-hostnameM-bM-^@M-^Y) to authenticate + to a further host, specified by M-bM-^@M-^Xdst-hostnameM-bM-^@M-^Y. + + Multiple destination constraints may be added when loading keys. + When attempting authentication with a key that has destination + constraints, the whole connection path, including ssh-agent(1) + forwarding, is tested against those constraints and each hop must + be permitted for the attempt to succeed. For example, if key is + forwarded to a remote host, M-bM-^@M-^Xhost-bM-bM-^@M-^Y, and is attempting + authentication to another host, M-bM-^@M-^Xhost-cM-bM-^@M-^Y, then the operation will + be successful only if M-bM-^@M-^Xhost-bM-bM-^@M-^Y was permitted from the origin host + and the subsequent M-bM-^@M-^Xhost-b>host-cM-bM-^@M-^Y hop is also permitted by + destination constraints. + + Hosts are identified by their host keys, and are looked up from + known hosts files by ssh-add. Wildcards patterns may be used for + hostnames and certificate host keys are supported. By default, + keys added by ssh-add are not destination constrained. + + Destination constraints were added in OpenSSH release 8.9. + Support in both the remote SSH client and server is required when + using destination-constrained keys over a forwarded ssh-agent(1) + channel. + + It is also important to note that destination constraints can + only be enforced by ssh-agent(1) when a key is used, or when it + is forwarded by a cooperating ssh(1). Specifically, it does not + prevent an attacker with access to a remote SSH_AUTH_SOCK from + forwarding it again and using it on a different host (but only to + a permitted destination). + + -K Load resident keys from a FIDO authenticator. + + -k When loading keys into or deleting keys from the agent, process + plain private keys only and skip certificates. + + -L Lists public key parameters of all identities currently + represented by the agent. + + -l Lists fingerprints of all identities currently represented by the + agent. + + -N When adding certificates, by default ssh-add will request that + the agent automatically delete the certificate shortly after the + certificate's expiry date. This flag suppresses this behaviour + and does not specify a lifetime for certificates added to an + agent. + + -Q Query the agent for the list of protocol extensions it supports. + Note: not all agents support this query. + + -q Be quiet after a successful operation. + + -S provider + Specifies a path to a library that will be used when adding FIDO + authenticator-hosted keys, overriding the default of using the + internal USB HID support. + + -s pkcs11 + Add keys provided by the PKCS#11 shared library pkcs11. + Certificate files may optionally be listed as command-line + arguments. If these are present, then they will be loaded into + the agent using any corresponding private keys loaded from the + PKCS#11 token. + + -T pubkey ... + Tests whether the private keys that correspond to the specified + pubkey files are usable by performing sign and verify operations + on each. + + -t life + Set a maximum lifetime when adding identities to an agent. The + lifetime may be specified in seconds or in a time format + specified in sshd_config(5). + + -v Verbose mode. Causes ssh-add to print debugging messages about + its progress. This is helpful in debugging problems. Multiple + -v options increase the verbosity. The maximum is 3. + + -X Unlock the agent. + + -x Lock the agent with a password. + +ENVIRONMENT + DISPLAY, SSH_ASKPASS and SSH_ASKPASS_REQUIRE + If ssh-add needs a passphrase, it will read the passphrase from + the current terminal if it was run from a terminal. If ssh-add + does not have a terminal associated with it but DISPLAY and + SSH_ASKPASS are set, it will execute the program specified by + SSH_ASKPASS (by default M-bM-^@M-^\ssh-askpassM-bM-^@M-^]) and open an X11 window to + read the passphrase. This is particularly useful when calling + ssh-add from a .xsession or related script. + + SSH_ASKPASS_REQUIRE allows further control over the use of an + askpass program. If this variable is set to M-bM-^@M-^\neverM-bM-^@M-^] then ssh-add + will never attempt to use one. If it is set to M-bM-^@M-^\preferM-bM-^@M-^], then + ssh-add will prefer to use the askpass program instead of the TTY + when requesting passwords. Finally, if the variable is set to + M-bM-^@M-^\forceM-bM-^@M-^], then the askpass program will be used for all passphrase + input regardless of whether DISPLAY is set. + + SSH_AUTH_SOCK + Identifies the path of a Unix-domain socket used to communicate + with the agent. + + SSH_SK_PROVIDER + Specifies a path to a library that will be used when loading any + FIDO authenticator-hosted keys, overriding the default of using + the built-in USB HID support. + +FILES + ~/.ssh/id_ecdsa + ~/.ssh/id_ecdsa_sk + ~/.ssh/id_ed25519 + ~/.ssh/id_ed25519_sk + ~/.ssh/id_rsa + Contains the ECDSA, authenticator-hosted ECDSA, Ed25519, + authenticator-hosted Ed25519 or RSA authentication identity of + the user. + + Identity files should not be readable by anyone but the user. Note that + ssh-add ignores identity files if they are accessible by others. + +EXIT STATUS + Exit status is 0 on success, 1 if the specified command fails, and 2 if + ssh-add is unable to contact the authentication agent. + +SEE ALSO + ssh(1), ssh-agent(1), ssh-askpass(1), ssh-keygen(1), sshd(8) + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. + +OpenBSD 7.8 March 5, 2026 SSH-ADD(1) diff --git a/ssh-agent.0 b/ssh-agent.0 new file mode 100644 index 000000000000..9abedc210d0f --- /dev/null +++ b/ssh-agent.0 @@ -0,0 +1,177 @@ +SSH-AGENT(1) General Commands Manual SSH-AGENT(1) + +NAME + ssh-agent M-bM-^@M-^S OpenSSH authentication agent + +SYNOPSIS + ssh-agent [-c | -s] [-DdTU] [-a bind_address] [-E fingerprint_hash] + [-O option] [-P allowed_providers] [-t life] + ssh-agent [-TU] [-a bind_address] [-E fingerprint_hash] [-O option] + [-P allowed_providers] [-t life] command [arg ...] + ssh-agent [-c | -s] -k + ssh-agent -u + +DESCRIPTION + ssh-agent is a program to hold private keys used for public key + authentication. Through use of environment variables the agent can be + located and automatically used for authentication when logging in to + other machines using ssh(1). + + The options are as follows: + + -a bind_address + Bind the agent to the Unix-domain socket bind_address. The + default is to create a socket at a random path matching + $HOME/.ssh/agent/s.*. + + -c Generate C-shell commands on standard output. This is the + default if SHELL looks like it's a csh style of shell. + + -D Foreground mode. When this option is specified, ssh-agent will + not fork. + + -d Debug mode. When this option is specified, ssh-agent will not + fork and will write debug information to standard error. + + -E fingerprint_hash + Specifies the hash algorithm used when displaying key + fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The + default is M-bM-^@M-^\sha256M-bM-^@M-^]. + + -k Kill the current agent (given by the SSH_AGENT_PID environment + variable). + + -O option + Specify an option when starting ssh-agent. The supported options + are: allow-remote-pkcs11, no-restrict-websafe and websafe-allow. + + The allow-remote-pkcs11 option allows clients of a forwarded + ssh-agent to load PKCS#11 or FIDO provider libraries. By default + only local clients may perform this operation. Note that + signalling that an ssh-agent client is remote is performed by + ssh(1), and use of other tools to forward access to the agent + socket may circumvent this restriction. + + The no-restrict-websafe option instructs ssh-agent to permit + signatures using FIDO keys that might be web authentication + requests. By default, ssh-agent refuses signature requests for + FIDO keys where the key application string does not start with + M-bM-^@M-^\ssh:M-bM-^@M-^] and when the data to be signed does not appear to be an + ssh(1) user authentication request or an ssh-keygen(1) signature. + The default behaviour prevents forwarded access to a FIDO key + from also implicitly forwarding the ability to authenticate to + websites. + + Alternately the websafe-allow option allows specifying a pattern- + list of key application strings to replace the default + application allow-list, for example: + M-bM-^@M-^\websafe-allow=ssh:*,example.org,*.example.comM-bM-^@M-^] + + See PATTERNS in ssh_config(5) for a description of pattern-list + syntax. + + -P allowed_providers + Specify a pattern-list of acceptable paths for PKCS#11 provider + and FIDO authenticator middleware shared libraries that may be + used with the -S or -s options to ssh-add(1). Libraries that do + not match the pattern list will be refused. The default list is + M-bM-^@M-^\/usr/lib*/*,/usr/local/lib*/*M-bM-^@M-^]. + + See PATTERNS in ssh_config(5) for a description of pattern-list + syntax. + + -s Generate Bourne shell commands on standard output. This is the + default if SHELL does not look like it's a csh style of shell. + + -T Bind the agent socket in a randomised subdirectory of the form + $TMPDIR/ssh-XXXXXXXXXX/agent., instead of the default + behaviour of using a randomised name matching + $HOME/.ssh/agent/s.*. + + -t life + Set a default value for the maximum lifetime of identities added + to the agent. The lifetime may be specified in seconds or in a + time format specified in sshd_config(5). A lifetime specified + for an identity with ssh-add(1) overrides this value. Without + this option the default maximum lifetime is forever. + + -U Instructs ssh-agent not to clean up stale agent sockets under + $HOME/.ssh/agent/. + + -u Instructs ssh-agent to only clean up stale agent sockets under + $HOME/.ssh/agent/ and then exit immediately. If this option is + given twice, ssh-agent will delete stale agent sockets regardless + of the host name that created them. + + command [arg ...] + If a command (and optional arguments) is given, this is executed + as a subprocess of the agent. The agent exits automatically when + the command given on the command line terminates. + + There are three main ways to get an agent set up. The first is at the + start of an X session, where all other windows or programs are started as + children of the ssh-agent program. The agent starts a command under + which its environment variables are exported, for example ssh-agent xterm + &. When the command terminates, so does the agent. + + The second method is used for a login session. When ssh-agent is + started, it prints the shell commands required to set its environment + variables, which in turn can be evaluated in the calling shell, for + example eval `ssh-agent -s`. + + In both of these cases, ssh(1) looks at these environment variables and + uses them to establish a connection to the agent. + + The third way to run ssh-agent is via socket activation from a + supervising process, such as systemd. In this mode, the supervising + process creates the listening socket and is responsible for starting + ssh-agent as needed, and also for communicating the location of the + socket listener to other programs in the user's session. Socket + activation is used when ssh-agent is started with either of the -d or -D + flags, no socket listening address specified by the -a flag, and both the + LISTEN_FDS and LISTEN_PID environment variables correctly supplied by the + supervising process. + + The agent initially does not have any private keys. Keys are added using + ssh-add(1) or by ssh(1) when AddKeysToAgent is set in ssh_config(5). + Multiple identities may be stored in ssh-agent concurrently and ssh(1) + will automatically use them if present. ssh-add(1) is also used to + remove keys from ssh-agent and to query the keys that are held in one. + + Connections to ssh-agent may be forwarded from further remote hosts using + the -A option to ssh(1) (but see the caveats documented therein), + avoiding the need for authentication data to be stored on other machines. + Authentication passphrases and private keys never go over the network: + the connection to the agent is forwarded over SSH remote connections and + the result is returned to the requester, allowing the user access to + their identities anywhere in the network in a secure fashion. + + ssh-agent will delete all keys it has loaded upon receiving SIGUSR1. + +ENVIRONMENT + SSH_AGENT_PID When ssh-agent starts, it stores the name of the agent's + process ID (PID) in this variable. + + SSH_AUTH_SOCK When ssh-agent starts, it creates a Unix-domain socket and + stores its pathname in this variable. It is accessible + only to the current user, but is easily abused by root or + another instance of the same user. + +FILES + $HOME/.ssh/agent/s.* + Unix-domain sockets used to contain the connection to the + authentication agent. These sockets should only be readable by + the owner. The sockets should get automatically removed when the + agent exits. + +SEE ALSO + ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5), sshd(8) + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. + +OpenBSD 7.8 October 4, 2025 SSH-AGENT(1) diff --git a/ssh-keygen.0 b/ssh-keygen.0 new file mode 100644 index 000000000000..1c1ca7793669 --- /dev/null +++ b/ssh-keygen.0 @@ -0,0 +1,911 @@ +SSH-KEYGEN(1) General Commands Manual SSH-KEYGEN(1) + +NAME + ssh-keygen M-bM-^@M-^S OpenSSH authentication key utility + +SYNOPSIS + ssh-keygen [-q] [-a rounds] [-b bits] [-C comment] [-f output_keyfile] + [-m format] [-N new_passphrase] [-O option] + [-t ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa] + [-w provider] [-Z cipher] + ssh-keygen -p [-a rounds] [-f keyfile] [-m format] [-N new_passphrase] + [-P old_passphrase] [-Z cipher] + ssh-keygen -i [-f input_keyfile] [-m key_format] + ssh-keygen -e [-f input_keyfile] [-m key_format] + ssh-keygen -y [-f input_keyfile] + ssh-keygen -c [-a rounds] [-C comment] [-f keyfile] [-P passphrase] + ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile] + ssh-keygen -B [-f input_keyfile] + ssh-keygen -D pkcs11 + ssh-keygen -F hostname [-lv] [-f known_hosts_file] + ssh-keygen -H [-f known_hosts_file] + ssh-keygen -K [-a rounds] [-w provider] + ssh-keygen -R hostname [-f known_hosts_file] + ssh-keygen -r hostname [-g] [-f input_keyfile] + ssh-keygen -M generate [-O option] output_file + ssh-keygen -M screen [-f input_file] [-O option] output_file + ssh-keygen -I certificate_identity -s ca_key [-hU] [-D pkcs11_provider] + [-n principals] [-O option] [-V validity_interval] + [-z serial_number] file ... + ssh-keygen -L [-f input_keyfile] + ssh-keygen -A [-a rounds] [-f prefix_path] + ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] + file ... + ssh-keygen -Q [-l] -f krl_file file ... + ssh-keygen -Y find-principals [-O option] -s signature_file + -f allowed_signers_file + ssh-keygen -Y match-principals -I signer_identity -f allowed_signers_file + ssh-keygen -Y check-novalidate [-O option] -n namespace -s signature_file + ssh-keygen -Y sign [-O option] -f key_file -n namespace file ... + ssh-keygen -Y verify [-O option] -f allowed_signers_file + -I signer_identity -n namespace -s signature_file + [-r revocation_file] + +DESCRIPTION + ssh-keygen generates, manages and converts authentication keys for + ssh(1). ssh-keygen can create keys for use by SSH protocol version 2. + + The type of key to be generated is specified with the -t option. If + invoked without any arguments, ssh-keygen will generate an Ed25519 key. + + ssh-keygen is also used to generate groups for use in Diffie-Hellman + group exchange (DH-GEX). See the MODULI GENERATION section for details. + + Finally, ssh-keygen can be used to generate and update Key Revocation + Lists, and to test whether given keys have been revoked by one. See the + KEY REVOCATION LISTS section for details. + + Normally each user wishing to use SSH with public key authentication runs + this once to create the authentication key in ~/.ssh/id_ecdsa, + ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519, ~/.ssh/id_ed25519_sk or + ~/.ssh/id_rsa. Additionally, the system administrator may use this to + generate host keys, as seen in /etc/rc. + + Normally this program generates the key and asks for a file in which to + store the private key. The public key is stored in a file with the same + name but M-bM-^@M-^\.pubM-bM-^@M-^] appended. The program also asks for a passphrase. The + passphrase may be empty to indicate no passphrase (host keys must have an + empty passphrase), or it may be a string of arbitrary length. A + passphrase is similar to a password, except it can be a phrase with a + series of words, punctuation, numbers, whitespace, or any string of + characters you want. Good passphrases are 10-30 characters long, are not + simple sentences or otherwise easily guessable (English prose has only + 1-2 bits of entropy per character, and provides very bad passphrases), + and contain a mix of upper and lowercase letters, numbers, and non- + alphanumeric characters. The passphrase can be changed later by using + the -p option. + + There is no way to recover a lost passphrase. If the passphrase is lost + or forgotten, a new key must be generated and the corresponding public + key copied to other machines. + + ssh-keygen will by default write keys in an OpenSSH-specific format. + This format is preferred as it offers better protection for keys at rest + as well as allowing storage of key comments within the private key file + itself. The key comment may be useful to help identify the key. The + comment is initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be + changed using the -c option. + + It is still possible for ssh-keygen to write the previously-used PEM + format private keys using the -m flag. This may be used when generating + new keys, and existing new-format keys may be converted using this option + in conjunction with the -p (change passphrase) flag. + + After a key is generated, ssh-keygen will ask where the keys should be + placed to be activated. + + The options are as follows: + + -A Generate host keys of all default key types (rsa, ecdsa, and + ed25519) if they do not already exist. The host keys are + generated with the default key file path, an empty passphrase, + default bits for the key type, and default comment. If -f has + also been specified, its argument is used as a prefix to the + default path for the resulting host key files. This is used by + /etc/rc to generate new host keys. + + -a rounds + When saving a private key, this option specifies the number of + KDF (key derivation function, currently bcrypt_pbkdf(3)) rounds + used. Higher numbers result in slower passphrase verification + and increased resistance to brute-force password cracking (should + the keys be stolen). The default is 16 rounds. + + -B Show the bubblebabble digest of specified private or public key + file. + + -b bits + Specifies the number of bits in the key to create. For RSA keys, + the minimum size is 1024 bits and the default is 3072 bits. + Generally, 3072 bits is considered sufficient. For ECDSA keys, + the -b flag determines the key length by selecting from one of + three elliptic curve sizes: 256, 384 or 521 bits. Attempting to + use bit lengths other than these three values for ECDSA keys will + fail. ECDSA-SK, Ed25519 and Ed25519-SK keys have a fixed length + and the -b flag will be ignored. + + -C comment + Provides a new comment. + + -c Requests changing the comment in the private and public key + files. The program will prompt for the file containing the + private keys, for the passphrase if the key has one, and for the + new comment. + + -D pkcs11 + Download the public keys provided by the PKCS#11 shared library + pkcs11. When used in combination with -s, this option indicates + that a CA key resides in a PKCS#11 token (see the CERTIFICATES + section for details). + + -E fingerprint_hash + Specifies the hash algorithm used when displaying key + fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The + default is M-bM-^@M-^\sha256M-bM-^@M-^]. + + -e This option will read a private or public OpenSSH key file and + print to stdout a public key in one of the formats specified by + the -m option. The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. This + option allows exporting OpenSSH keys for use by other programs, + including several commercial SSH implementations. + + -F hostname | [hostname]:port + Search for the specified hostname (with optional port number) in + a known_hosts file, listing any occurrences found. This option + is useful to find hashed host names or addresses and may also be + used in conjunction with the -H option to print found keys in a + hashed format. + + -f filename + Specifies the filename of the key file. + + -g Use generic DNS format when printing fingerprint resource records + using the -r command. + + -H Hash a known_hosts file. This replaces all hostnames and + addresses with hashed representations within the specified file; + the original content is moved to a file with a .old suffix. + These hashes may be used normally by ssh and sshd, but they do + not reveal identifying information should the file's contents be + disclosed. This option will not modify existing hashed hostnames + and is therefore safe to use on files that mix hashed and non- + hashed names. + + -h When signing a key, create a host certificate instead of a user + certificate. See the CERTIFICATES section for details. + + -I certificate_identity + Specify the key identity when signing a public key. See the + CERTIFICATES section for details. + + -i This option will read an unencrypted private (or public) key file + in the format specified by the -m option and print an OpenSSH + compatible private (or public) key to stdout. This option allows + importing keys from other software, including several commercial + SSH implementations. The default import format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. + + -K Download resident keys from a FIDO authenticator. Public and + private key files will be written to the current directory for + each downloaded key. If multiple FIDO authenticators are + attached, keys will be downloaded from the first touched + authenticator. See the FIDO AUTHENTICATOR section for more + information. + + -k Generate a KRL file. In this mode, ssh-keygen will generate a + KRL file at the location specified via the -f flag that revokes + every key or certificate presented on the command line. + Keys/certificates to be revoked may be specified by public key + file or using the format described in the KEY REVOCATION LISTS + section. + + -L Prints the contents of one or more certificates. + + -l Show fingerprint of specified public key file. ssh-keygen will + try to find the matching public key file and prints its + fingerprint. If combined with -v, a visual ASCII art + representation of the key is supplied with the fingerprint. + + -M generate + Generate candidate Diffie-Hellman Group Exchange (DH-GEX) + parameters for eventual use by the + M-bM-^@M-^Xdiffie-hellman-group-exchange-*M-bM-^@M-^Y key exchange methods. The + numbers generated by this operation must be further screened + before use. See the MODULI GENERATION section for more + information. + + -M screen + Screen candidate parameters for Diffie-Hellman Group Exchange. + This will accept a list of candidate numbers and test that they + are safe (Sophie Germain) primes with acceptable group + generators. The results of this operation may be added to the + /etc/moduli file. See the MODULI GENERATION section for more + information. + + -m key_format + Specify a key format for key generation, the -i (import), -e + (export) conversion options, and the -p change passphrase + operation. The latter may be used to convert between OpenSSH + private key and PEM private key formats. The supported key + formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^] (RFC 4716/SSH2 public or private key), + M-bM-^@M-^\PKCS8M-bM-^@M-^] (PKCS8 public or private key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key). + By default OpenSSH will write newly-generated private keys in its + own format, but when converting public keys for export the + default format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. Setting a format of M-bM-^@M-^\PEMM-bM-^@M-^] when + generating or updating a supported private key type will cause + the key to be stored in the legacy PEM private key format. + + -N new_passphrase + Provides the new passphrase. + + -n principals + Specify one or more principals (user or host names) to be + included in a certificate when signing a key. Multiple + principals may be specified, separated by commas. See the + CERTIFICATES section for details. + + -O option + Specify a key/value option. These are specific to the operation + that ssh-keygen has been requested to perform. + + When signing certificates, one of the options listed in the + CERTIFICATES section may be specified here. + + When performing moduli generation or screening, one of the + options listed in the MODULI GENERATION section may be specified. + + When generating FIDO authenticator-backed keys, the options + listed in the FIDO AUTHENTICATOR section may be specified. + + When performing signature-related options using the -Y flag, the + following options are accepted: + + hashalg=algorithm + Selects the hash algorithm to use for hashing the message + to be signed. Valid algorithms are M-bM-^@M-^\sha256M-bM-^@M-^] and + M-bM-^@M-^\sha512.M-bM-^@M-^] The default is M-bM-^@M-^\sha512.M-bM-^@M-^] + + print-pubkey + Print the full public key to standard output after + signature verification. + + verify-time=timestamp + Specifies a time to use when validating signatures + instead of the current time. The time may be specified + as a date or time in the YYYYMMDD[Z] or in + YYYYMMDDHHMM[SS][Z] formats. Dates and times will be + interpreted in the current system time zone unless + suffixed with a Z character, which causes them to be + interpreted in the UTC time zone. + + When generating SSHFP DNS records from public keys using the -r + flag, the following options are accepted: + + hashalg=algorithm + Selects a hash algorithm to use when printing SSHFP + records using the -D flag. Valid algorithms are M-bM-^@M-^\sha1M-bM-^@M-^] + and M-bM-^@M-^\sha256M-bM-^@M-^]. The default is to print both. + + The -O option may be specified multiple times. + + -P passphrase + Provides the (old) passphrase. + + -p Requests changing the passphrase of a private key file instead of + creating a new private key. The program will prompt for the file + containing the private key, for the old passphrase, and twice for + the new passphrase. + + -Q Test whether keys have been revoked in a KRL. If the -l option + is also specified then the contents of the KRL will be printed. + + -q Silence ssh-keygen. + + -R hostname | [hostname]:port + Removes all keys belonging to the specified hostname (with + optional port number) from a known_hosts file. This option is + useful to delete hashed hosts (see the -H option above). + + -r hostname + Print the SSHFP fingerprint resource record named hostname for + the specified public key file. + + -s ca_key + Certify (sign) a public key using the specified CA key. See the + CERTIFICATES section for details. + + When generating a KRL, -s specifies a path to a CA public key + file used to revoke certificates directly by key ID or serial + number. See the KEY REVOCATION LISTS section for details. + + -t ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa + Specifies the type of key to create. The possible values are + M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ecdsa-skM-bM-^@M-^], M-bM-^@M-^\ed25519 (the default),M-bM-^@M-^] M-bM-^@M-^\ed25519-skM-bM-^@M-^], or + M-bM-^@M-^\rsaM-bM-^@M-^]. + + This flag may also be used to specify the desired signature type + when signing certificates using an RSA CA key. The available RSA + signature variants are M-bM-^@M-^\ssh-rsaM-bM-^@M-^] (SHA1 signatures, not + recommended), M-bM-^@M-^\rsa-sha2-256M-bM-^@M-^], and M-bM-^@M-^\rsa-sha2-512M-bM-^@M-^] (the default for + RSA keys). + + -U When used in combination with -s or -Y sign, this option + indicates that a CA key resides in an ssh-agent(1). See the + CERTIFICATES section for more information. + + -u Update a KRL. When specified with -k, keys listed via the + command line are added to the existing KRL rather than a new KRL + being created. + + -V validity_interval + Specify a validity interval when signing a certificate. A + validity interval may consist of a single time, indicating that + the certificate is valid beginning now and expiring at that time, + or may consist of two times separated by a colon to indicate an + explicit time interval. + + The start time may be specified as: + M-bM-^@M-M-bM-^@M-" The string M-bM-^@M-^\alwaysM-bM-^@M-^] to indicate the certificate has no + specified start time. + M-bM-^@M-M-bM-^@M-" A date or time in the system time zone formatted as YYYYMMDD + or YYYYMMDDHHMM[SS]. + M-bM-^@M-M-bM-^@M-" A date or time in the UTC time zone as YYYYMMDDZ or + YYYYMMDDHHMM[SS]Z. + M-bM-^@M-M-bM-^@M-" A relative time before the current system time consisting of + a minus sign followed by an interval in the format described + in the TIME FORMATS section of sshd_config(5). + M-bM-^@M-M-bM-^@M-" A raw seconds since epoch (Jan 1 1970 00:00:00 UTC) as a + hexadecimal number beginning with M-bM-^@M-^\0xM-bM-^@M-^]. + + The end time may be specified similarly to the start time: + M-bM-^@M-M-bM-^@M-" The string M-bM-^@M-^\foreverM-bM-^@M-^] to indicate the certificate has no + specified end time. + M-bM-^@M-M-bM-^@M-" A date or time in the system time zone formatted as YYYYMMDD + or YYYYMMDDHHMM[SS]. + M-bM-^@M-M-bM-^@M-" A date or time in the UTC time zone as YYYYMMDDZ or + YYYYMMDDHHMM[SS]Z. + M-bM-^@M-M-bM-^@M-" A relative time after the current system time consisting of a + plus sign followed by an interval in the format described in + the TIME FORMATS section of sshd_config(5). + M-bM-^@M-M-bM-^@M-" A raw seconds since epoch (Jan 1 1970 00:00:00 UTC) as a + hexadecimal number beginning with M-bM-^@M-^\0xM-bM-^@M-^]. + + For example: + + +52w1d Valid from now to 52 weeks and one day from now. + + -4w:+4w + Valid from four weeks ago to four weeks from now. + + 20100101123000:20110101123000 + Valid from 12:30 PM, January 1st, 2010 to 12:30 PM, + January 1st, 2011. + + 20100101123000Z:20110101123000Z + Similar, but interpreted in the UTC time zone rather than + the system time zone. + + -1d:20110101 + Valid from yesterday to midnight, January 1st, 2011. + + 0x1:0x2000000000 + Valid from roughly early 1970 to May 2033. + + -1m:forever + Valid from one minute ago and never expiring. + + -v Verbose mode. Causes ssh-keygen to print debugging messages + about its progress. This is helpful for debugging moduli + generation. Multiple -v options increase the verbosity. The + maximum is 3. + + -w provider + Specifies a path to a library that will be used when creating + FIDO authenticator-hosted keys, overriding the default of using + the internal USB HID support. + + -Y find-principals + Find the principal(s) associated with the public key of a + signature, provided using the -s flag in an authorized signers + file provided using the -f flag. The format of the allowed + signers file is documented in the ALLOWED SIGNERS section below. + If one or more matching principals are found, they are returned + on standard output. + + -Y match-principals + Find principal matching the principal name provided using the -I + flag in the authorized signers file specified using the -f flag. + If one or more matching principals are found, they are returned + on standard output. + + -Y check-novalidate + Checks that a signature generated using ssh-keygen -Y sign has a + valid structure. This does not validate if a signature comes + from an authorized signer. When testing a signature, ssh-keygen + accepts a message on standard input and a signature namespace + using -n. A file containing the corresponding signature must + also be supplied using the -s flag. Successful testing of the + signature is signalled by ssh-keygen returning a zero exit + status. + + -Y sign + Cryptographically sign a file or some data using an SSH key. + When signing, ssh-keygen accepts zero or more files to sign on + the command-line - if no files are specified then ssh-keygen will + sign data presented on standard input. Signatures are written to + the path of the input file with M-bM-^@M-^\.sigM-bM-^@M-^] appended, or to standard + output if the message to be signed was read from standard input. + + The key used for signing is specified using the -f option and may + refer to either a private key, or a public key with the private + half available via ssh-agent(1). An additional signature + namespace, used to prevent signature confusion across different + domains of use (e.g. file signing vs email signing) must be + provided via the -n flag. Namespaces are arbitrary strings, and + may include: M-bM-^@M-^\fileM-bM-^@M-^] for file signing, M-bM-^@M-^\emailM-bM-^@M-^] for email signing. + For custom uses, it is recommended to use names following a + NAMESPACE@YOUR.DOMAIN pattern to generate unambiguous namespaces. + + -Y verify + Request to verify a signature generated using ssh-keygen -Y sign + as described above. When verifying a signature, ssh-keygen + accepts a message on standard input and a signature namespace + using -n. A file containing the corresponding signature must + also be supplied using the -s flag, along with the identity of + the signer using -I and a list of allowed signers via the -f + flag. The format of the allowed signers file is documented in + the ALLOWED SIGNERS section below. A file containing revoked + keys can be passed using the -r flag. The revocation file may be + a KRL or a one-per-line list of public keys. Successful + verification by an authorized signer is signalled by ssh-keygen + returning a zero exit status. + + -y This option will read a private OpenSSH format file and print an + OpenSSH public key to stdout. + + -Z cipher + Specifies the cipher to use for encryption when writing an + OpenSSH-format private key file. The list of available ciphers + may be obtained using "ssh -Q cipher". The default is + M-bM-^@M-^\aes256-ctrM-bM-^@M-^]. + + -z serial_number + Specifies a serial number to be embedded in the certificate to + distinguish this certificate from others from the same CA. If + the serial_number is prefixed with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + serial number will be incremented for each certificate signed on + a single command-line. The default serial number is zero. + + When generating a KRL, the -z flag is used to specify a KRL + version number. + +MODULI GENERATION + ssh-keygen may be used to generate groups for the Diffie-Hellman Group + Exchange (DH-GEX) protocol. Generating these groups is a two-step + process: first, candidate primes are generated using a fast, but memory + intensive process. These candidate primes are then tested for + suitability (a CPU-intensive process). + + Generation of primes is performed using the -M generate option. The + desired length of the primes may be specified by the -O bits option. For + example: + + # ssh-keygen -M generate -O bits=2048 moduli-2048.candidates + + By default, the search for primes begins at a random point in the desired + length range. This may be overridden using the -O start option, which + specifies a different start point (in hex). + + Once a set of candidates have been generated, they must be screened for + suitability. This may be performed using the -M screen option. In this + mode ssh-keygen will read candidates from standard input (or a file + specified using the -f option). For example: + + # ssh-keygen -M screen -f moduli-2048.candidates moduli-2048 + + By default, each candidate will be subjected to 100 primality tests. + This may be overridden using the -O prime-tests option. The DH generator + value will be chosen automatically for the prime under consideration. If + a specific generator is desired, it may be requested using the -O + generator option. Valid generator values are 2, 3, and 5. + + Screened DH groups may be installed in /etc/moduli. It is important that + this file contains moduli of a range of bit lengths. + + A number of options are available for moduli generation and screening via + the -O flag: + + lines=number + Exit after screening the specified number of lines while + performing DH candidate screening. + + start-line=line-number + Start screening at the specified line number while performing DH + candidate screening. + + checkpoint=filename + Write the last line processed to the specified file while + performing DH candidate screening. This will be used to skip + lines in the input file that have already been processed if the + job is restarted. + + start=hex-value + Specify start point (in hex) when generating candidate moduli for + DH-GEX. + + generator=value + Specify desired generator (in decimal) when testing candidate + moduli for DH-GEX. + +CERTIFICATES + ssh-keygen supports signing of keys to produce certificates that may be + used for user or host authentication. Certificates consist of a public + key, some identity information, zero or more principal (user or host) + names and a set of options that are signed by a Certification Authority + (CA) key. Clients or servers may then trust only the CA key and verify + its signature on a certificate rather than trusting many user/host keys. + Note that OpenSSH certificates are a different, and much simpler, format + to the X.509 certificates used in ssl(8). + + ssh-keygen supports two types of certificates: user and host. User + certificates authenticate users to servers, whereas host certificates + authenticate server hosts to users. To generate a user certificate: + + $ ssh-keygen -s /path/to/ca_key -I id -n user \ + M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- /path/to/user_key.pub + + The resultant certificate will be placed in /path/to/user_key-cert.pub. + The argument to -I is a key identifier that will be used in logs and may + be used to revoke keys. The argument to -n is one or more (comma- + separated) principals, typically usernames, that the certificate + represents. A host certificate requires the -h option: + + $ ssh-keygen -s /path/to/ca_key -I id -h -n foo.example.org \ + M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- /path/to/host_key.pub + + For host certificates, the principals specified using the -n argument are + hostnames and may contain wildcard characters. + + The host certificate will be output to /path/to/host_key-cert.pub. + + It is possible to sign using a CA key stored in a PKCS#11 token by + providing the token library using -D and identifying the CA key by + providing its public half as an argument to -s: + + $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I id -n user \ + M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- user_key.pub + + Similarly, it is possible for the CA key to be hosted in an ssh-agent(1). + This is indicated by the -U flag and, again, the CA key must be + identified by its public half. + + $ ssh-keygen -Us ca_key.pub -I id -n user user_key.pub + + In all cases, key_id is a "key identifier" that is logged by the server + when the certificate is used for authentication. + + Certificates are limited to be valid for a set of principal (user/host) + names. To generate a certificate for a specified set of principals: + + $ ssh-keygen -s ca_key -I id -n user1,user2 user_key.pub + $ ssh-keygen -s ca_key -I id -h -n host.domain host_key.pub + + Additional limitations on the validity and use of user certificates may + be specified through certificate options. A certificate option may + disable features of the SSH session, may be valid only when presented + from particular source addresses or may force the use of a specific + command. + + The options that are valid for user certificates are: + + clear Clear all enabled permissions. This is useful for clearing the + default set of permissions so permissions may be added + individually. + + critical:name[=contents] + extension:name[=contents] + Includes an arbitrary certificate critical option or extension. + The specified name should include a domain suffix, e.g. + M-bM-^@M-^\name@example.comM-bM-^@M-^]. If contents is specified then it is included + as the contents of the extension/option encoded as a string, + otherwise the extension/option is created with no contents + (usually indicating a flag). Extensions may be ignored by a + client or server that does not recognise them, whereas unknown + critical options will cause the certificate to be refused. + + force-command=command + Forces the execution of command instead of any shell or command + specified by the user when the certificate is used for + authentication. + + no-agent-forwarding + Disable ssh-agent(1) forwarding (permitted by default). + + no-port-forwarding + Disable port forwarding (permitted by default). + + no-pty Disable PTY allocation (permitted by default). + + no-user-rc + Disable execution of ~/.ssh/rc by sshd(8) (permitted by default). + + no-x11-forwarding + Disable X11 forwarding (permitted by default). + + permit-agent-forwarding + Allows ssh-agent(1) forwarding. + + permit-port-forwarding + Allows port forwarding. + + permit-pty + Allows PTY allocation. + + permit-user-rc + Allows execution of ~/.ssh/rc by sshd(8). + + permit-X11-forwarding + Allows X11 forwarding. + + no-touch-required + Do not require signatures made using this key include + demonstration of user presence (e.g. by having the user touch the + authenticator). This option only makes sense for the FIDO + authenticator algorithms ecdsa-sk and ed25519-sk. + + source-address=address_list + Restrict the source addresses from which the certificate is + considered valid. The address_list is a comma-separated list of + one or more address/netmask pairs in CIDR format. + + verify-required + Require signatures made using this key indicate that the user was + first verified, e.g. by PIN or on-token biometrics. This option + only makes sense for the FIDO authenticator algorithms ecdsa-sk + and ed25519-sk. + + At present, no standard options are valid for host keys. + + Finally, certificates may be defined with a validity lifetime. The -V + option allows specification of certificate start and end times. A + certificate that is presented at a time outside this range will not be + considered valid. By default, certificates are valid from the Unix Epoch + to the distant future. + + For certificates to be used for user or host authentication, the CA + public key must be trusted by sshd(8) or ssh(1). Refer to those manual + pages for details. + +FIDO AUTHENTICATOR + ssh-keygen is able to generate FIDO authenticator-backed keys, after + which they may be used much like any other key type supported by OpenSSH, + so long as the hardware authenticator is attached when the keys are used. + FIDO authenticators generally require the user to explicitly authorise + operations by touching or tapping them. FIDO keys consist of two parts: + a key handle part stored in the private key file on disk, and a per- + device private key that is unique to each FIDO authenticator and that + cannot be exported from the authenticator hardware. These are combined + by the hardware at authentication time to derive the real key that is + used to sign authentication challenges. Supported key types are ecdsa-sk + and ed25519-sk. + + The options that are valid for FIDO keys are: + + application + Override the default FIDO application/origin string of M-bM-^@M-^\ssh:M-bM-^@M-^]. + This may be useful when generating host or domain-specific + resident keys. The specified application string must begin with + M-bM-^@M-^\ssh:M-bM-^@M-^]. + + challenge=path + Specifies a path to a challenge string that will be passed to the + FIDO authenticator during key generation. The challenge string + may be used as part of an out-of-band protocol for key enrollment + (a random challenge is used by default). + + device Explicitly specify a fido(4) device to use, rather than letting + the authenticator middleware select one. + + no-touch-required + Indicate that the generated private key should not require touch + events (user presence) when making signatures. Note that sshd(8) + will refuse such signatures by default, unless overridden via an + authorized_keys option. + + resident + Indicate that the key handle should be stored on the FIDO + authenticator itself. This makes it easier to use the + authenticator on multiple computers. Resident keys may be + supported on FIDO2 authenticators and typically require that a + PIN be set on the authenticator prior to generation. Resident + keys may be loaded off the authenticator using ssh-add(1). + Storing both parts of a key on a FIDO authenticator increases the + likelihood of an attacker being able to use a stolen + authenticator device. + + user A username to be associated with a resident key, overriding the + empty default username. Specifying a username may be useful when + generating multiple resident keys for the same application name. + + verify-required + Indicate that this private key should require user verification + for each signature. Not all FIDO authenticators support this + option. Currently PIN authentication is the only supported + verification method, but other methods may be supported in the + future. + + write-attestation=path + May be used at key generation time to record the attestation data + returned from FIDO authenticators during key generation. This + information is potentially sensitive. By default, this + information is discarded. + +KEY REVOCATION LISTS + ssh-keygen is able to manage OpenSSH format Key Revocation Lists (KRLs). + These binary files specify keys or certificates to be revoked using a + compact format, taking as little as one bit per certificate if they are + being revoked by serial number. + + KRLs may be generated using the -k flag. This option reads one or more + files from the command line and generates a new KRL. The files may + either contain a KRL specification (see below) or public keys, listed one + per line. Plain public keys are revoked by listing their hash or + contents in the KRL and certificates revoked by serial number or key ID + (if the serial is zero or not available). + + Revoking keys using a KRL specification offers explicit control over the + types of record used to revoke keys and may be used to directly revoke + certificates by serial number or key ID without having the complete + original certificate on hand. A KRL specification consists of lines + containing one of the following directives followed by a colon and some + directive-specific information. + + serial: serial_number[-serial_number] + Revokes a certificate with the specified serial number. Serial + numbers are 64-bit values, not including zero and may be + expressed in decimal, hex or octal. If two serial numbers are + specified separated by a hyphen, then the range of serial numbers + including and between each is revoked. The CA key must have been + specified on the ssh-keygen command line using the -s option. + + id: key_id + Revokes a certificate with the specified key ID string. The CA + key must have been specified on the ssh-keygen command line using + the -s option. + + key: public_key + Revokes the specified key. If a certificate is listed, then it + is revoked as a plain public key. + + sha1: public_key + Revokes the specified key by including its SHA1 hash in the KRL. + + sha256: public_key + Revokes the specified key by including its SHA256 hash in the + KRL. KRLs that revoke keys by SHA256 hash are not supported by + OpenSSH versions prior to 7.9. + + hash: fingerprint + Revokes a key using a fingerprint hash, as obtained from an + sshd(8) authentication log message or the ssh-keygen -l flag. + Only SHA256 fingerprints are supported here and resultant KRLs + are not supported by OpenSSH versions prior to 7.9. + + KRLs may be updated using the -u flag in addition to -k. When this + option is specified, keys listed via the command line are merged into the + KRL, adding to those already there. + + It is also possible, given a KRL, to test whether it revokes a particular + key (or keys). The -Q flag will query an existing KRL, testing each key + specified on the command line. If any key listed on the command line has + been revoked (or an error encountered) then ssh-keygen will exit with a + non-zero exit status. A zero exit status will only be returned if no key + was revoked. + +ALLOWED SIGNERS + When verifying signatures, ssh-keygen uses a simple list of identities + and keys to determine whether a signature comes from an authorized + source. This "allowed signers" file uses a format patterned after the + AUTHORIZED_KEYS FILE FORMAT described in sshd(8). Each line of the file + contains the following space-separated fields: principals, options, + keytype, base64-encoded key. Empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y + are ignored as comments. + + The principals field is a pattern-list (see PATTERNS in ssh_config(5)) + consisting of one or more comma-separated USER@DOMAIN identity patterns + that are accepted for signing. When verifying, the identity presented + via the -I option must match a principals pattern in order for the + corresponding key to be considered acceptable for verification. + + The options (if present) consist of comma-separated option + specifications. No spaces are permitted, except within double quotes. + The following option specifications are supported (note that option + keywords are case-insensitive): + + cert-authority + Indicates that this key is accepted as a certificate authority + (CA) and that certificates signed by this CA may be accepted for + verification. + + namespaces=namespace-list + Specifies a pattern-list of namespaces that are accepted for this + key. If this option is present, the signature namespace embedded + in the signature object and presented on the verification + command-line must match the specified list before the key will be + considered acceptable. + + valid-after=timestamp + Indicates that the key is valid for use at or after the specified + timestamp, which may be a date or time in the YYYYMMDD[Z] or + YYYYMMDDHHMM[SS][Z] formats. Dates and times will be interpreted + in the current system time zone unless suffixed with a Z + character, which causes them to be interpreted in the UTC time + zone. + + valid-before=timestamp + Indicates that the key is valid for use at or before the + specified timestamp. + + When verifying signatures made by certificates, the expected principal + name must match both the principals pattern in the allowed signers file + and the principals embedded in the certificate itself. + + An example allowed signers file: + + # Comments allowed at start of line + user1@example.com,user2@example.com ssh-rsa AAAAX1... + # A certificate authority, trusted for all principals in a domain. + *@example.com cert-authority ssh-ed25519 AAAB4... + # A key that is accepted only for file signing. + user2@example.com namespaces="file" ssh-ed25519 AAA41... + +ENVIRONMENT + SSH_SK_PROVIDER + Specifies a path to a library that will be used when loading any + FIDO authenticator-hosted keys, overriding the default of using + the built-in USB HID support. + +FILES + ~/.ssh/id_ecdsa + ~/.ssh/id_ecdsa_sk + ~/.ssh/id_ed25519 + ~/.ssh/id_ed25519_sk + ~/.ssh/id_rsa + Contains the ECDSA, authenticator-hosted ECDSA, Ed25519, + authenticator-hosted Ed25519 or RSA authentication identity of + the user. This file should not be readable by anyone but the + user. It is possible to specify a passphrase when generating the + key; that passphrase will be used to encrypt the private part of + this file using 128-bit AES. This file is not automatically + accessed by ssh-keygen but it is offered as the default file for + the private key. ssh(1) will read this file when a login attempt + is made. + + ~/.ssh/id_ecdsa.pub + ~/.ssh/id_ecdsa_sk.pub + ~/.ssh/id_ed25519.pub + ~/.ssh/id_ed25519_sk.pub + ~/.ssh/id_rsa.pub + Contains the ECDSA, authenticator-hosted ECDSA, Ed25519, + authenticator-hosted Ed25519 or RSA public key for + authentication. The contents of this file should be added to + ~/.ssh/authorized_keys on all machines where the user wishes to + log in using public key authentication. There is no need to keep + the contents of this file secret. + + /etc/moduli + Contains Diffie-Hellman groups used for DH-GEX. The file format + is described in moduli(5). + +SEE ALSO + ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8) + + The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006. + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. + +OpenBSD 7.8 December 22, 2025 SSH-KEYGEN(1) diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 new file mode 100644 index 000000000000..beb5c32d296d --- /dev/null +++ b/ssh-keyscan.0 @@ -0,0 +1,123 @@ +SSH-KEYSCAN(1) General Commands Manual SSH-KEYSCAN(1) + +NAME + ssh-keyscan M-bM-^@M-^S gather SSH public keys from servers + +SYNOPSIS + ssh-keyscan [-46cDHqv] [-f file] [-O option] [-p port] [-T timeout] + [-t type] [host | addrlist namelist] + +DESCRIPTION + ssh-keyscan is a utility for gathering the public SSH host keys of a + number of hosts. It was designed to aid in building and verifying + ssh_known_hosts files, the format of which is documented in sshd(8). + ssh-keyscan provides a minimal interface suitable for use by shell and + perl scripts. + + ssh-keyscan uses non-blocking socket I/O to contact as many hosts as + possible in parallel, so it is very efficient. The keys from a domain of + 1,000 hosts can be collected in tens of seconds, even when some of those + hosts are down or do not run sshd(8). For scanning, one does not need + login access to the machines that are being scanned, nor does the + scanning process involve any encryption. + + Hosts to be scanned may be specified by hostname, address or by CIDR + network range (e.g. 192.168.16/28). If a network range is specified, + then all addresses in that range will be scanned. + + The options are as follows: + + -4 Force ssh-keyscan to use IPv4 addresses only. + + -6 Force ssh-keyscan to use IPv6 addresses only. + + -c Request certificates from target hosts instead of plain keys. + + -D Print keys found as SSHFP DNS records. The default is to print + keys in a format usable as an ssh(1) known_hosts file. + + -f file + Read hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from file, one per line. + If M-bM-^@M-^X-M-bM-^@M-^Y is supplied instead of a filename, ssh-keyscan will read + from the standard input. Names read from a file must start with + an address, hostname or CIDR network range to be scanned. + Addresses and hostnames may optionally be followed by comma- + separated name or address aliases that will be copied to the + output. For example: + + 192.168.11.0/24 + 10.20.1.1 + happy.example.org + 10.0.0.1,sad.example.org + + -H Hash all hostnames and addresses in the output. Hashed names may + be used normally by ssh(1) and sshd(8), but they do not reveal + identifying information should the file's contents be disclosed. + + -O option + Specify a key/value option. At present, only a single option is + supported: + + hashalg=algorithm + Selects a hash algorithm to use when printing SSHFP + records using the -D flag. Valid algorithms are M-bM-^@M-^\sha1M-bM-^@M-^] + and M-bM-^@M-^\sha256M-bM-^@M-^]. The default is to print both. + + -p port + Connect to port on the remote host. + + -q Quiet mode: do not print server host name and banners in + comments. + + -T timeout + Set the timeout for connection attempts. If timeout seconds have + elapsed since a connection was initiated to a host or since the + last time anything was read from that host, the connection is + closed and the host in question considered unavailable. The + default is 5 seconds. + + -t type + Specify the type of the key to fetch from the scanned hosts. The + possible values are M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], M-bM-^@M-^\ecdsa-skM-bM-^@M-^], M-bM-^@M-^\ed25519-skM-bM-^@M-^], + or M-bM-^@M-^\rsaM-bM-^@M-^]. Multiple values may be specified by separating them + with commas. The default is to fetch all the above key types. + + -v Verbose mode: print debugging messages about progress. + + If an ssh_known_hosts file is constructed using ssh-keyscan without + verifying the keys, users will be vulnerable to man in the middle + attacks. On the other hand, if the security model allows such a risk, + ssh-keyscan can help in the detection of tampered keyfiles or man in the + middle attacks which have begun after the ssh_known_hosts file was + created. + +FILES + /etc/ssh/ssh_known_hosts + +EXAMPLES + Print the RSA host key for machine hostname: + + $ ssh-keyscan -t rsa hostname + + Search a network range, printing all supported key types: + + $ ssh-keyscan 192.168.0.64/25 + + Find all hosts from the file ssh_hosts which have new or different keys + from those in the sorted file ssh_known_hosts: + + $ ssh-keyscan -t rsa,ecdsa,ed25519 -f ssh_hosts | \ + sort -u - ssh_known_hosts | diff ssh_known_hosts - + +SEE ALSO + ssh(1), sshd(8) + + Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints, RFC + 4255, 2006. + +AUTHORS + David Mazieres wrote the initial version, and Wayne + Davison added support for protocol version + 2. + +OpenBSD 7.8 October 4, 2025 SSH-KEYSCAN(1) diff --git a/ssh-keysign.0 b/ssh-keysign.0 new file mode 100644 index 000000000000..569f85964b5f --- /dev/null +++ b/ssh-keysign.0 @@ -0,0 +1,50 @@ +SSH-KEYSIGN(8) System Manager's Manual SSH-KEYSIGN(8) + +NAME + ssh-keysign M-bM-^@M-^S OpenSSH helper for host-based authentication + +SYNOPSIS + ssh-keysign + +DESCRIPTION + ssh-keysign is used by ssh(1) to access the local host keys and generate + the digital signature required during host-based authentication. + + ssh-keysign is disabled by default and can only be enabled in the global + client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign + to M-bM-^@M-^\yesM-bM-^@M-^]. + + ssh-keysign is not intended to be invoked by the user, but from ssh(1). + See ssh(1) and sshd(8) for more information about host-based + authentication. + +FILES + /etc/ssh/ssh_config + Controls whether ssh-keysign is enabled. + + /etc/ssh/ssh_host_ecdsa_key + /etc/ssh/ssh_host_ed25519_key + /etc/ssh/ssh_host_rsa_key + These files contain the private parts of the host keys used to + generate the digital signature. They should be owned by root, + readable only by root, and not accessible to others. Since they + are readable only by root, ssh-keysign must be set-uid root if + host-based authentication is used. + + /etc/ssh/ssh_host_ecdsa_key-cert.pub + /etc/ssh/ssh_host_ed25519_key-cert.pub + /etc/ssh/ssh_host_rsa_key-cert.pub + If these files exist, they are assumed to contain public + certificate information corresponding with the private keys + above. + +SEE ALSO + ssh(1), ssh-keygen(1), ssh_config(5), sshd(8) + +HISTORY + ssh-keysign first appeared in OpenBSD 3.2. + +AUTHORS + Markus Friedl + +OpenBSD 7.8 June 17, 2024 SSH-KEYSIGN(8) diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0 new file mode 100644 index 000000000000..ccb05e283196 --- /dev/null +++ b/ssh-pkcs11-helper.0 @@ -0,0 +1,35 @@ +SSH-PKCS11-HELPER(8) System Manager's Manual SSH-PKCS11-HELPER(8) + +NAME + ssh-pkcs11-helper M-bM-^@M-^S OpenSSH helper for PKCS#11 support + +SYNOPSIS + ssh-pkcs11-helper [-v] + +DESCRIPTION + ssh-pkcs11-helper is used by ssh(1), ssh-agent(1), and ssh-keygen(1) to + access keys provided by a PKCS#11 token. + + ssh-pkcs11-helper is not intended to be invoked directly by the user. + + A single option is supported: + + -v Verbose mode. Causes ssh-pkcs11-helper to print debugging + messages about its progress. This is helpful in debugging + problems. Multiple -v options increase the verbosity. The + maximum is 3. + + Note that ssh(1), ssh-agent(1), and ssh-keygen(1) will + automatically pass the -v flag to ssh-pkcs11-helper when they + have themselves been placed in debug mode. + +SEE ALSO + ssh(1), ssh-agent(1), ssh-keygen(1) + +HISTORY + ssh-pkcs11-helper first appeared in OpenBSD 4.7. + +AUTHORS + Markus Friedl + +OpenBSD 7.8 April 29, 2022 SSH-PKCS11-HELPER(8) diff --git a/ssh-sk-helper.0 b/ssh-sk-helper.0 new file mode 100644 index 000000000000..886eac9dec5f --- /dev/null +++ b/ssh-sk-helper.0 @@ -0,0 +1,34 @@ +SSH-SK-HELPER(8) System Manager's Manual SSH-SK-HELPER(8) + +NAME + ssh-sk-helper M-bM-^@M-^S OpenSSH helper for FIDO authenticator support + +SYNOPSIS + ssh-sk-helper [-v] + +DESCRIPTION + ssh-sk-helper is used by ssh(1), ssh-agent(1), and ssh-keygen(1) to + access keys provided by a FIDO authenticator. + + ssh-sk-helper is not intended to be invoked directly by the user. + + A single option is supported: + + -v Verbose mode. Causes ssh-sk-helper to print debugging messages + about its progress. This is helpful in debugging problems. + Multiple -v options increase the verbosity. The maximum is 3. + + Note that ssh(1), ssh-agent(1), and ssh-keygen(1) will + automatically pass the -v flag to ssh-sk-helper when they have + themselves been placed in debug mode. + +SEE ALSO + ssh(1), ssh-agent(1), ssh-keygen(1) + +HISTORY + ssh-sk-helper first appeared in OpenBSD 6.7. + +AUTHORS + Damien Miller + +OpenBSD 7.8 April 29, 2022 SSH-SK-HELPER(8) diff --git a/ssh.0 b/ssh.0 new file mode 100644 index 000000000000..04e0e1c793de --- /dev/null +++ b/ssh.0 @@ -0,0 +1,1033 @@ +SSH(1) General Commands Manual SSH(1) + +NAME + ssh M-bM-^@M-^S OpenSSH remote login client + +SYNOPSIS + ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b bind_address] + [-c cipher_spec] [-D [bind_address:]port] [-E log_file] + [-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file] + [-J destination] [-L address] [-l login_name] [-m mac_spec] + [-O ctl_cmd] [-o option] [-P tag] [-p port] [-R address] + [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] destination + [command [argument ...]] + ssh [-Q query_option] + +DESCRIPTION + ssh (SSH client) is a program for logging into a remote machine and for + executing commands on a remote machine. It is intended to provide secure + encrypted communications between two untrusted hosts over an insecure + network. X11 connections, arbitrary TCP ports and Unix-domain sockets + can also be forwarded over the secure channel. + + ssh connects and logs into the specified destination, which may be + specified as either [user@]hostname or a URI of the form + ssh://[user@]hostname[:port]. The user must prove their identity to the + remote machine using one of several methods (see below). + + If a command is specified, it will be executed on the remote host instead + of a login shell. A complete command line may be specified as command, + or it may have additional arguments. If supplied, the arguments will be + appended to the command, separated by spaces, before it is sent to the + server to be executed. + + The options are as follows: + + -4 Forces ssh to use IPv4 addresses only. + + -6 Forces ssh to use IPv6 addresses only. + + -A Enables forwarding of connections from an authentication agent + such as ssh-agent(1). This can also be specified on a per-host + basis in a configuration file. + + Agent forwarding should be enabled with caution. Users with the + ability to bypass file permissions on the remote host (for the + agent's Unix-domain socket) can access the local agent through + the forwarded connection. An attacker cannot obtain key material + from the agent, however they can perform operations on the keys + that enable them to authenticate using the identities loaded into + the agent. A safer alternative may be to use a jump host (see + -J). + + -a Disables forwarding of the authentication agent connection. + + -B bind_interface + Bind to the address of bind_interface before attempting to + connect to the destination host. This is only useful on systems + with more than one address. + + -b bind_address + Use bind_address on the local machine as the source address of + the connection. Only useful on systems with more than one + address. + + -C Requests compression of all data (including stdin, stdout, + stderr, and data for forwarded X11, TCP and Unix-domain + connections). The compression algorithm is the same used by + gzip(1). Compression is desirable on modem lines and other slow + connections, but will only slow down things on fast networks. + The default value can be set on a host-by-host basis in the + configuration files; see the Compression option in ssh_config(5). + + -c cipher_spec + Selects the cipher specification for encrypting the session. + cipher_spec is a comma-separated list of ciphers listed in order + of preference. See the Ciphers keyword in ssh_config(5) for more + information. + + -D [bind_address:]port + Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] application-level port forwarding. + This works by allocating a socket to listen to port on the local + side, optionally bound to the specified bind_address. Whenever a + connection is made to this port, the connection is forwarded over + the secure channel, and the application protocol is then used to + determine where to connect to from the remote machine. Currently + the SOCKS4 and SOCKS5 protocols are supported, and ssh will act + as a SOCKS server. Only root can forward privileged ports. + Dynamic port forwardings can also be specified in the + configuration file. + + IPv6 addresses can be specified by enclosing the address in + square brackets. Only the superuser can forward privileged + ports. By default, the local port is bound in accordance with + the GatewayPorts setting. However, an explicit bind_address may + be used to bind the connection to a specific address. The + bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be + bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates + that the port should be available from all interfaces. + + -E log_file + Append debug logs to log_file instead of standard error. + + -e escape_char + Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y). + The escape character is only recognized at the beginning of a + line. The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the + connection; followed by control-Z suspends the connection; and + followed by itself sends the escape character once. Setting the + character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session + fully transparent. + + -F configfile + Specifies an alternative per-user configuration file. If a + configuration file is given on the command line, the system-wide + configuration file (/etc/ssh/ssh_config) will be ignored. The + default for the per-user configuration file is ~/.ssh/config. If + set to M-bM-^@M-^\noneM-bM-^@M-^], no configuration files will be read. + + -f Requests ssh to go to background just before command execution. + This is useful if ssh is going to ask for passwords or + passphrases, but the user wants it in the background. This + implies -n. The recommended way to start X11 programs at a + remote site is with something like ssh -f host xterm. + + If the ExitOnForwardFailure configuration option is set to M-bM-^@M-^\yesM-bM-^@M-^], + then a client started with -f will wait for all remote port + forwards to be successfully established before placing itself in + the background. Refer to the description of + ForkAfterAuthentication in ssh_config(5) for details. + + -G Causes ssh to print its configuration after evaluating Host and + Match blocks and exit. + + -g Allows remote hosts to connect to local forwarded ports. If used + on a multiplexed connection, then this option must be specified + on the master process. + + -I pkcs11 + Specify the PKCS#11 shared library ssh should use to communicate + with a PKCS#11 token providing keys for user authentication. + + -i identity_file + Selects a file from which the identity (private key) for public + key authentication is read. You can also specify a public key + file to use the corresponding private key that is loaded in + ssh-agent(1) when the private key file is not present locally. + The default is ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, + ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519 and ~/.ssh/id_ed25519_sk. + Identity files may also be specified on a per-host basis in the + configuration file. It is possible to have multiple -i options + (and multiple identities specified in configuration files). If + no certificates have been explicitly specified by the + CertificateFile directive, ssh will also try to load certificate + information from the filename obtained by appending -cert.pub to + identity filenames. + + -J destination + Connect to the target host by first making an ssh connection to + the jump host described by destination and then establishing a + TCP forwarding to the ultimate destination from there. Multiple + jump hops may be specified separated by comma characters. IPv6 + addresses can be specified by enclosing the address in square + brackets. This is a shortcut to specify a ProxyJump + configuration directive. Note that configuration directives + supplied on the command-line generally apply to the destination + host and not any specified jump hosts. Use ~/.ssh/config to + specify configuration for jump hosts. + + -K Enables GSSAPI-based authentication and forwarding (delegation) + of GSSAPI credentials to the server. + + -k Disables forwarding (delegation) of GSSAPI credentials to the + server. + + -L [bind_address:]port:host:hostport + -L [bind_address:]port:remote_socket + -L local_socket:host:hostport + -L local_socket:remote_socket + Specifies that connections to the given TCP port or Unix socket + on the local (client) host are to be forwarded to the given host + and port, or Unix socket, on the remote side. This works by + allocating a socket to listen to either a TCP port on the local + side, optionally bound to the specified bind_address, or to a + Unix socket. Whenever a connection is made to the local port or + socket, the connection is forwarded over the secure channel, and + a connection is made to either host port hostport, or the Unix + socket remote_socket, from the remote machine. + + Port forwardings can also be specified in the configuration file. + Only the superuser can forward privileged ports. IPv6 addresses + can be specified by enclosing the address in square brackets. + + By default, the local port is bound in accordance with the + GatewayPorts setting. However, an explicit bind_address may be + used to bind the connection to a specific address. The + bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be + bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates + that the port should be available from all interfaces. + + -l login_name + Specifies the user to log in as on the remote machine. This also + may be specified on a per-host basis in the configuration file. + + -M Places the ssh client into M-bM-^@M-^\masterM-bM-^@M-^] mode for connection sharing. + Multiple -M options places ssh into M-bM-^@M-^\masterM-bM-^@M-^] mode but with + confirmation required using ssh-askpass(1) before each operation + that changes the multiplexing state (e.g. opening a new session). + Refer to the description of ControlMaster in ssh_config(5) for + details. + + -m mac_spec + A comma-separated list of MAC (message authentication code) + algorithms, specified in order of preference. See the MACs + keyword in ssh_config(5) for more information. + + -N Do not execute a remote command. This is useful for just + forwarding ports. Refer to the description of SessionType in + ssh_config(5) for details. + + -n Redirects stdin from /dev/null (actually, prevents reading from + stdin). This must be used when ssh is run in the background. A + common trick is to use this to run X11 programs on a remote + machine. For example, ssh -n shadows.cs.hut.fi emacs & will + start an emacs on shadows.cs.hut.fi, and the X11 connection will + be automatically forwarded over an encrypted channel. The ssh + program will be put in the background. (This does not work if + ssh needs to ask for a password or passphrase; see also the -f + option.) Refer to the description of StdinNull in ssh_config(5) + for details. + + -O ctl_cmd + Control an active connection multiplexing master process. When + the -O option is specified, the ctl_cmd argument is interpreted + and passed to the master process. Valid commands are: M-bM-^@M-^\checkM-bM-^@M-^] + (check that the master process is running), M-bM-^@M-^\conninfoM-bM-^@M-^] (report + information about the master connection), M-bM-^@M-^\channelsM-bM-^@M-^] (report + information about open channels), M-bM-^@M-^\forwardM-bM-^@M-^] (request forwardings + without command execution), M-bM-^@M-^\cancelM-bM-^@M-^] (cancel forwardings), + M-bM-^@M-^\proxyM-bM-^@M-^] (connect to a running multiplexing master in proxy mode), + M-bM-^@M-^\exitM-bM-^@M-^] (request the master to exit), and M-bM-^@M-^\stopM-bM-^@M-^] (request the + master to stop accepting further multiplexing requests). + + -o option + Can be used to give options in the format used in the + configuration file. This is useful for specifying options for + which there is no separate command-line flag. For full details + of the options listed below, and their possible values, see + ssh_config(5). + + AddKeysToAgent + AddressFamily + BatchMode + BindAddress + BindInterface + CASignatureAlgorithms + CanonicalDomains + CanonicalizeFallbackLocal + CanonicalizeHostname + CanonicalizeMaxDots + CanonicalizePermittedCNAMEs + CertificateFile + ChannelTimeout + CheckHostIP + Ciphers + ClearAllForwardings + Compression + ConnectTimeout + ConnectionAttempts + ControlMaster + ControlPath + ControlPersist + DynamicForward + EnableEscapeCommandline + EnableSSHKeysign + EscapeChar + ExitOnForwardFailure + FingerprintHash + ForkAfterAuthentication + ForwardAgent + ForwardX11 + ForwardX11Timeout + ForwardX11Trusted + GSSAPIAuthentication + GSSAPIDelegateCredentials + GatewayPorts + GlobalKnownHostsFile + HashKnownHosts + Host + HostKeyAlgorithms + HostKeyAlias + HostbasedAcceptedAlgorithms + HostbasedAuthentication + Hostname + IPQoS + IdentitiesOnly + IdentityAgent + IdentityFile + IgnoreUnknown + Include + KbdInteractiveAuthentication + KbdInteractiveDevices + KexAlgorithms + KnownHostsCommand + LocalCommand + LocalForward + LogLevel + LogVerbose + MACs + NoHostAuthenticationForLocalhost + NumberOfPasswordPrompts + ObscureKeystrokeTiming + PKCS11Provider + PasswordAuthentication + PermitLocalCommand + PermitRemoteOpen + Port + PreferredAuthentications + ProxyCommand + ProxyJump + ProxyUseFdpass + PubkeyAcceptedAlgorithms + PubkeyAuthentication + RekeyLimit + RemoteCommand + RemoteForward + RequestTTY + RequiredRSASize + RevokedHostKeys + SecurityKeyProvider + SendEnv + ServerAliveCountMax + ServerAliveInterval + SessionType + SetEnv + StdinNull + StreamLocalBindMask + StreamLocalBindUnlink + StrictHostKeyChecking + SyslogFacility + TCPKeepAlive + Tag + Tunnel + TunnelDevice + UpdateHostKeys + User + UserKnownHostsFile + VerifyHostKeyDNS + VisualHostKey + XAuthLocation + + -P tag Specify a tag name that may be used to select configuration in + ssh_config(5). Refer to the Tag and Match keywords in + ssh_config(5) for more information. + -p port + Port to connect to on the remote host. This can be specified on + a per-host basis in the configuration file. + + -Q query_option + Queries for the algorithms supported by one of the following + features: cipher (supported symmetric ciphers), cipher-auth + (supported symmetric ciphers that support authenticated + encryption), help (supported query terms for use with the -Q + flag), mac (supported message integrity codes), kex (key exchange + algorithms), key (key types), key-ca-sign (valid CA signature + algorithms for certificates), key-cert (certificate key types), + key-plain (non-certificate key types), key-sig (all key types and + signature algorithms), protocol-version (supported SSH protocol + versions), and sig (supported signature algorithms). + Alternatively, any keyword from ssh_config(5) or sshd_config(5) + that takes an algorithm list may be used as an alias for the + corresponding query_option. + + -q Quiet mode. Causes most warning and diagnostic messages to be + suppressed. + + -R [bind_address:]port:host:hostport + -R [bind_address:]port:local_socket + -R remote_socket:host:hostport + -R remote_socket:local_socket + -R [bind_address:]port + Specifies that connections to the given TCP port or Unix socket + on the remote (server) host are to be forwarded to the local + side. + + This works by allocating a socket to listen to either a TCP port + or to a Unix socket on the remote side. Whenever a connection is + made to this port or Unix socket, the connection is forwarded + over the secure channel, and a connection is made from the local + machine to either an explicit destination specified by host port + hostport, or local_socket, or, if no explicit destination was + specified, ssh will act as a SOCKS 4/5 proxy and forward + connections to the destinations requested by the remote SOCKS + client. + + Port forwardings can also be specified in the configuration file. + Privileged ports can be forwarded only when logging in as root on + the remote machine. IPv6 addresses can be specified by enclosing + the address in square brackets. + + By default, TCP listening sockets on the server will be bound to + the loopback interface only. This may be overridden by + specifying a bind_address. An empty bind_address, or the address + M-bM-^@M-^X*M-bM-^@M-^Y, indicates that the remote socket should listen on all + interfaces. Specifying a remote bind_address will only succeed + if the server's GatewayPorts option is enabled (see + sshd_config(5)). + + If the port argument is M-bM-^@M-^X0M-bM-^@M-^Y, the listen port will be dynamically + allocated on the server and reported to the client at run time. + When used together with -O forward, the allocated port will be + printed to the standard output. + + -S ctl_path + Specifies the location of a control socket for connection + sharing, or the string M-bM-^@M-^\noneM-bM-^@M-^] to disable connection sharing. + Refer to the description of ControlPath and ControlMaster in + ssh_config(5) for details. + + -s May be used to request invocation of a subsystem on the remote + system. Subsystems facilitate the use of SSH as a secure + transport for other applications (e.g. sftp(1)). The subsystem + is specified as the remote command. Refer to the description of + SessionType in ssh_config(5) for details. + + -T Disable pseudo-terminal allocation. + + -t Force pseudo-terminal allocation. This can be used to execute + arbitrary screen-based programs on a remote machine, which can be + very useful, e.g. when implementing menu services. Multiple -t + options force tty allocation, even if ssh has no local tty. + + -V Display the version number and exit. + + -v Verbose mode. Causes ssh to print debugging messages about its + progress. This is helpful in debugging connection, + authentication, and configuration problems. Multiple -v options + increase the verbosity. The maximum is 3. + + -W host:port + Requests that standard input and output on the client be + forwarded to host on port over the secure channel. Implies -N, + -T, ExitOnForwardFailure and ClearAllForwardings, though these + can be overridden in the configuration file or using -o command + line options. + + -w local_tun[:remote_tun] + Requests tunnel device forwarding with the specified tun(4) + devices between the client (local_tun) and the server + (remote_tun). + + The devices may be specified by numerical ID or the keyword + M-bM-^@M-^\anyM-bM-^@M-^], which uses the next available tunnel device. If + remote_tun is not specified, it defaults to M-bM-^@M-^\anyM-bM-^@M-^]. See also the + Tunnel and TunnelDevice directives in ssh_config(5). + + If the Tunnel directive is unset, it will be set to the default + tunnel mode, which is M-bM-^@M-^\point-to-pointM-bM-^@M-^]. If a different Tunnel + forwarding mode it desired, then it should be specified before + -w. + + -X Enables X11 forwarding. This can also be specified on a per-host + basis in a configuration file. + + X11 forwarding should be enabled with caution. Users with the + ability to bypass file permissions on the remote host (for the + user's X authorization database) can access the local X11 display + through the forwarded connection. An attacker may then be able + to perform activities such as keystroke monitoring. + + For this reason, X11 forwarding is subjected to X11 SECURITY + extension restrictions by default. Refer to the ssh -Y option + and the ForwardX11Trusted directive in ssh_config(5) for more + information. + + -x Disables X11 forwarding. + + -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not + subjected to the X11 SECURITY extension controls. + + -y Send log information using the syslog(3) system module. By + default this information is sent to stderr. + + ssh may additionally obtain configuration data from a per-user + configuration file and a system-wide configuration file. The file format + and configuration options are described in ssh_config(5). + +AUTHENTICATION + The OpenSSH SSH client supports SSH protocol 2. + + The methods available for authentication are: GSSAPI-based + authentication, host-based authentication, public key authentication, + keyboard-interactive authentication, and password authentication. + Authentication methods are tried in the order specified above, though + PreferredAuthentications can be used to change the default order. + + Host-based authentication works as follows: If the machine the user logs + in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote + machine, the user is non-root and the user names are the same on both + sides, or if the files ~/.rhosts or ~/.shosts exist in the user's home + directory on the remote machine and contain a line containing the name of + the client machine and the name of the user on that machine, the user is + considered for login. Additionally, the server must be able to verify + the client's host key (see the description of /etc/ssh/ssh_known_hosts + and ~/.ssh/known_hosts, below) for login to be permitted. This + authentication method closes security holes due to IP spoofing, DNS + spoofing, and routing spoofing. [Note to the administrator: + /etc/hosts.equiv, ~/.rhosts, and the rlogin/rsh protocol in general, are + inherently insecure and should be disabled if security is desired.] + + Public key authentication works as follows: The scheme is based on + public-key cryptography, using cryptosystems where encryption and + decryption are done using separate keys, and it is unfeasible to derive + the decryption key from the encryption key. The idea is that each user + creates a public/private key pair for authentication purposes. The + server knows the public key, and only the user knows the private key. + ssh implements public key authentication protocol automatically, using + one of the ECDSA, Ed25519 or RSA algorithms. + + The file ~/.ssh/authorized_keys lists the public keys that are permitted + for logging in. When the user logs in, the ssh program tells the server + which key pair it would like to use for authentication. The client + proves that it has access to the private key and the server checks that + the corresponding public key is authorized to accept the account. + + The server may inform the client of errors that prevented public key + authentication from succeeding after authentication completes using a + different method. These may be viewed by increasing the LogLevel to + DEBUG or higher (e.g. by using the -v flag). + + The user creates their key pair by running ssh-keygen(1). This stores + the private key in ~/.ssh/id_ecdsa (ECDSA), ~/.ssh/id_ecdsa_sk + (authenticator-hosted ECDSA), ~/.ssh/id_ed25519 (Ed25519), + ~/.ssh/id_ed25519_sk (authenticator-hosted Ed25519), or ~/.ssh/id_rsa + (RSA) and stores the public key in ~/.ssh/id_ecdsa.pub (ECDSA), + ~/.ssh/id_ecdsa_sk.pub (authenticator-hosted ECDSA), + ~/.ssh/id_ed25519.pub (Ed25519), ~/.ssh/id_ed25519_sk.pub (authenticator- + hosted Ed25519), or ~/.ssh/id_rsa.pub (RSA) in the user's home directory. + The user should then copy the public key to ~/.ssh/authorized_keys in + their home directory on the remote machine. The authorized_keys file + corresponds to the conventional ~/.rhosts file, and has one key per line, + though the lines can be very long. After this, the user can log in + without giving the password. + + A variation on public key authentication is available in the form of + certificate authentication: instead of a set of public/private keys, + signed certificates are used. This has the advantage that a single + trusted certification authority can be used in place of many + public/private keys. See the CERTIFICATES section of ssh-keygen(1) for + more information. + + The most convenient way to use public key or certificate authentication + may be with an authentication agent. See ssh-agent(1) and (optionally) + the AddKeysToAgent directive in ssh_config(5) for more information. + + Keyboard-interactive authentication works as follows: The server sends an + arbitrary "challenge" text and prompts for a response, possibly multiple + times. Examples of keyboard-interactive authentication include BSD + Authentication (see login.conf(5)) and PAM (some non-OpenBSD systems). + + Finally, if other authentication methods fail, ssh prompts the user for a + password. The password is sent to the remote host for checking; however, + since all communications are encrypted, the password cannot be seen by + someone listening on the network. + + ssh automatically maintains and checks a database containing + identification for all hosts it has ever been used with. Host keys are + stored in ~/.ssh/known_hosts in the user's home directory. Additionally, + the file /etc/ssh/ssh_known_hosts is automatically checked for known + hosts. Any new hosts are automatically added to the user's file. If a + host's identification ever changes, ssh warns about this and disables + password authentication to prevent server spoofing or man-in-the-middle + attacks, which could otherwise be used to circumvent the encryption. The + StrictHostKeyChecking option can be used to control logins to machines + whose host key is not known or has changed. + + When the user's identity has been accepted by the server, the server + either executes the given command in a non-interactive session or, if no + command has been specified, logs into the machine and gives the user a + normal shell as an interactive session. All communication with the + remote command or shell will be automatically encrypted. + + If an interactive session is requested, ssh by default will only request + a pseudo-terminal (pty) for interactive sessions when the client has one. + The flags -T and -t can be used to override this behaviour. + + If a pseudo-terminal has been allocated, the user may use the escape + characters noted below. + + If no pseudo-terminal has been allocated, the session is transparent and + can be used to reliably transfer binary data. On most systems, setting + the escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent + even if a tty is used. + + The session terminates when the command or shell on the remote machine + exits and all X11 and TCP connections have been closed. + +ESCAPE CHARACTERS + When a pseudo-terminal has been requested, ssh supports a number of + functions through the use of an escape character. + + A single tilde character can be sent as ~~ or by following the tilde by a + character other than those described below. The escape character must + always follow a newline to be interpreted as special. The escape + character can be changed in configuration files using the EscapeChar + configuration directive or on the command line by the -e option. + + The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are: + + ~. Disconnect. + + ~^Z Background ssh. + + ~# List forwarded connections. + + ~& Background ssh at logout when waiting for forwarded connection / + X11 sessions to terminate. + + ~? Display a list of escape characters. + + ~B Send a BREAK to the remote system (only useful if the peer + supports it). + + ~C Open command line. Currently this allows the addition of port + forwardings using the -L, -R and -D options (see above). It also + allows the cancellation of existing port-forwardings with + -KL[bind_address:]port for local, -KR[bind_address:]port for + remote and -KD[bind_address:]port for dynamic port-forwardings. + !command allows the user to execute a local command if the + PermitLocalCommand option is enabled in ssh_config(5). Basic + help is available, using the -h option. + + ~I Show information about the current SSH connection. + + ~R Request rekeying of the connection (only useful if the peer + supports it). + + ~V Decrease the verbosity (LogLevel) when errors are being written + to stderr. + + ~v Increase the verbosity (LogLevel) when errors are being written + to stderr. + +TCP FORWARDING + Forwarding of arbitrary TCP connections over a secure channel can be + specified either on the command line or in a configuration file. One + possible application of TCP forwarding is a secure connection to a mail + server; another is going through firewalls. + + In the example below, we look at encrypting communication for an IRC + client, even though the IRC server it connects to does not directly + support encrypted communication. This works as follows: the user + connects to the remote host using ssh, specifying the ports to be used to + forward the connection. After that it is possible to start the program + locally, and ssh will encrypt and forward the connection to the remote + server. + + The following example tunnels an IRC session from the client to an IRC + server at M-bM-^@M-^\server.example.comM-bM-^@M-^], joining channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname + M-bM-^@M-^\pinkyM-bM-^@M-^], using the standard IRC port, 6667: + + $ ssh -f -L 6667:localhost:6667 server.example.com sleep 10 + $ irc -c '#users' pinky IRC/127.0.0.1 + + The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is + specified to allow an amount of time (10 seconds, in the example) to + start the program which is going to use the tunnel. If no connections + are made within the time specified, ssh will exit. + +X11 FORWARDING + If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the + -X, -x, and -Y options above) and the user is using X11 (the DISPLAY + environment variable is set), the connection to the X11 display is + automatically forwarded to the remote side in such a way that any X11 + programs started from the shell (or command) will go through the + encrypted channel, and the connection to the real X server will be made + from the local machine. The user should not manually set DISPLAY. + Forwarding of X11 connections can be configured on the command line or in + configuration files. + + The DISPLAY value set by ssh will point to the server machine, but with a + display number greater than zero. This is normal, and happens because + ssh creates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the + connections over the encrypted channel. + + ssh will also automatically set up Xauthority data on the server machine. + For this purpose, it will generate a random authorization cookie, store + it in Xauthority on the server, and verify that any forwarded connections + carry this cookie and replace it by the real cookie when the connection + is opened. The real authentication cookie is never sent to the server + machine (and no cookies are sent in the plain). + + If the ForwardAgent variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of + the -A and -a options above) and the user is using an authentication + agent, the connection to the agent is automatically forwarded to the + remote side. + +VERIFYING HOST KEYS + When connecting to a server for the first time, a fingerprint of the + server's public key is presented to the user (unless the option + StrictHostKeyChecking has been disabled). Fingerprints can be determined + using ssh-keygen(1): + + $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key + + If the fingerprint is already known, it can be matched and the key can be + accepted or rejected. If only legacy (MD5) fingerprints for the server + are available, the ssh-keygen(1) -E option may be used to downgrade the + fingerprint algorithm to match. + + Because of the difficulty of comparing host keys just by looking at + fingerprint strings, there is also support to compare host keys visually, + using random art. By setting the VisualHostKey option to M-bM-^@M-^\yesM-bM-^@M-^], a small + ASCII graphic gets displayed on every login to a server, no matter if the + session itself is interactive or not. By learning the pattern a known + server produces, a user can easily find out that the host key has changed + when a completely different pattern is displayed. Because these patterns + are not unambiguous however, a pattern that looks similar to the pattern + remembered only gives a good probability that the host key is the same, + not guaranteed proof. + + To get a listing of the fingerprints along with their random art for all + known hosts, the following command line can be used: + + $ ssh-keygen -lv -f ~/.ssh/known_hosts + + If the fingerprint is unknown, an alternative method of verification is + available: SSH fingerprints verified by DNS. An additional resource + record (RR), SSHFP, is added to a zonefile and the connecting client is + able to match the fingerprint with that of the key presented. + + In this example, we are connecting a client to a server, + M-bM-^@M-^\host.example.comM-bM-^@M-^]. The SSHFP resource records should first be added to + the zonefile for host.example.com: + + $ ssh-keygen -r host.example.com. + + The output lines will have to be added to the zonefile. To check that + the zone is answering fingerprint queries: + + $ dig -t SSHFP host.example.com + + Finally the client connects: + + $ ssh -o "VerifyHostKeyDNS ask" host.example.com + [...] + Matching host key fingerprint found in DNS. + Are you sure you want to continue connecting (yes/no)? + + See the VerifyHostKeyDNS option in ssh_config(5) for more information. + +SSH-BASED VIRTUAL PRIVATE NETWORKS + ssh contains support for Virtual Private Network (VPN) tunnelling using + the tun(4) network pseudo-device, allowing two networks to be joined + securely. The sshd_config(5) configuration option PermitTunnel controls + whether the server supports this, and at what level (layer 2 or 3 + traffic). + + The following example would connect client network 10.0.50.0/24 with + remote network 10.0.99.0/24 using a point-to-point connection from + 10.1.1.1 to 10.1.1.2, provided that the SSH server running on the gateway + to the remote network, at 192.168.1.15, allows it. + + On the client: + + # ssh -f -w 0:1 192.168.1.15 true + # ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252 + # route add 10.0.99.0/24 10.1.1.2 + + On the server: + + # ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252 + # route add 10.0.50.0/24 10.1.1.1 + + Client access may be more finely tuned via the /root/.ssh/authorized_keys + file (see below) and the PermitRootLogin server option. The following + entry would permit connections on tun(4) device 1 from user M-bM-^@M-^\janeM-bM-^@M-^] and on + tun device 2 from user M-bM-^@M-^\johnM-bM-^@M-^], if PermitRootLogin is set to + M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^]: + + tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane + tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john + + Since an SSH-based setup entails a fair amount of overhead, it may be + more suited to temporary setups, such as for wireless VPNs. More + permanent VPNs are better provided by tools such as ipsecctl(8) and + isakmpd(8). + +ENVIRONMENT + ssh will normally set the following environment variables: + + DISPLAY The DISPLAY variable indicates the location of the + X11 server. It is automatically set by ssh to + point to a value of the form M-bM-^@M-^\hostname:nM-bM-^@M-^], where + M-bM-^@M-^\hostnameM-bM-^@M-^] indicates the host where the shell runs, + and M-bM-^@M-^XnM-bM-^@M-^Y is an integer M-bM-^IM-% 1. ssh uses this special + value to forward X11 connections over the secure + channel. The user should normally not set DISPLAY + explicitly, as that will render the X11 connection + insecure (and will require the user to manually + copy any required authorization cookies). + + HOME Set to the path of the user's home directory. + + LOGNAME Synonym for USER; set for compatibility with + systems that use this variable. + + MAIL Set to the path of the user's mailbox. + + PATH Set to the default PATH, as specified when + compiling ssh. + + SSH_ASKPASS If ssh needs a passphrase, it will read the + passphrase from the current terminal if it was run + from a terminal. If ssh does not have a terminal + associated with it but DISPLAY and SSH_ASKPASS are + set, it will execute the program specified by + SSH_ASKPASS and open an X11 window to read the + passphrase. This is particularly useful when + calling ssh from a .xsession or related script. + (Note that on some machines it may be necessary to + redirect the input from /dev/null to make this + work.) + + SSH_ASKPASS_REQUIRE Allows further control over the use of an askpass + program. If this variable is set to M-bM-^@M-^\neverM-bM-^@M-^] then + ssh will never attempt to use one. If it is set to + M-bM-^@M-^\preferM-bM-^@M-^], then ssh will prefer to use the askpass + program instead of the TTY when requesting + passwords. Finally, if the variable is set to + M-bM-^@M-^\forceM-bM-^@M-^], then the askpass program will be used for + all passphrase input regardless of whether DISPLAY + is set. + + SSH_AUTH_SOCK Identifies the path of a Unix-domain socket used to + communicate with the agent. + + SSH_CONNECTION Identifies the client and server ends of the + connection. The variable contains four space- + separated values: client IP address, client port + number, server IP address, and server port number. + + SSH_ORIGINAL_COMMAND This variable contains the original command line if + a forced command is executed. It can be used to + extract the original arguments. + + SSH_TTY This is set to the name of the tty (path to the + device) associated with the current shell or + command. If the current session has no tty, this + variable is not set. + + SSH_TUNNEL Optionally set by sshd(8) to contain the interface + names assigned if tunnel forwarding was requested + by the client. + + SSH_USER_AUTH Optionally set by sshd(8), this variable may + contain a pathname to a file that lists the + authentication methods successfully used when the + session was established, including any public keys + that were used. + + TZ This variable is set to indicate the present time + zone if it was set when the daemon was started + (i.e. the daemon passes the value on to new + connections). + + USER Set to the name of the user logging in. + + Additionally, ssh reads ~/.ssh/environment, and adds lines of the format + M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and users are + allowed to change their environment. For more information, see the + PermitUserEnvironment option in sshd_config(5). + +FILES + ~/.rhosts + This file is used for host-based authentication (see above). On + some machines this file may need to be world-readable if the + user's home directory is on an NFS partition, because sshd(8) + reads it as root. Additionally, this file must be owned by the + user, and must not have write permissions for anyone else. The + recommended permission for most machines is read/write for the + user, and not accessible by others. + + ~/.shosts + This file is used in exactly the same way as .rhosts, but allows + host-based authentication without permitting login with + rlogin/rsh. + + ~/.ssh/ + This directory is the default location for all user-specific + configuration and authentication information. There is no + general requirement to keep the entire contents of this directory + secret, but the recommended permissions are read/write/execute + for the user, and not accessible by others. + + ~/.ssh/authorized_keys + Lists the public keys (ECDSA, Ed25519, RSA) that can be used for + logging in as this user. The format of this file is described in + the sshd(8) manual page. This file is not highly sensitive, but + the recommended permissions are read/write for the user, and not + accessible by others. + + ~/.ssh/config + This is the per-user configuration file. The file format and + configuration options are described in ssh_config(5). Because of + the potential for abuse, this file must have strict permissions: + read/write for the user, and not writable by others. + + ~/.ssh/environment + Contains additional definitions for environment variables; see + ENVIRONMENT, above. + + ~/.ssh/id_ecdsa + ~/.ssh/id_ecdsa_sk + ~/.ssh/id_ed25519 + ~/.ssh/id_ed25519_sk + ~/.ssh/id_rsa + Contains the private key for authentication. These files contain + sensitive data and should be readable by the user but not + accessible by others (read/write/execute). ssh will simply + ignore a private key file if it is accessible by others. It is + possible to specify a passphrase when generating the key which + will be used to encrypt the sensitive part of this file using + AES-128. + + ~/.ssh/id_ecdsa.pub + ~/.ssh/id_ecdsa_sk.pub + ~/.ssh/id_ed25519.pub + ~/.ssh/id_ed25519_sk.pub + ~/.ssh/id_rsa.pub + Contains the public key for authentication. These files are not + sensitive and can (but need not) be readable by anyone. + + ~/.ssh/known_hosts + Contains a list of host keys for all hosts the user has logged + into that are not already in the systemwide list of known host + keys. See sshd(8) for further details of the format of this + file. + + ~/.ssh/rc + Commands in this file are executed by ssh when the user logs in, + just before the user's shell (or command) is started. See the + sshd(8) manual page for more information. + + /etc/hosts.equiv + This file is for host-based authentication (see above). It + should only be writable by root. + + /etc/shosts.equiv + This file is used in exactly the same way as hosts.equiv, but + allows host-based authentication without permitting login with + rlogin/rsh. + + /etc/ssh/ssh_config + Systemwide configuration file. The file format and configuration + options are described in ssh_config(5). + + /etc/ssh/ssh_host_ecdsa_key + /etc/ssh/ssh_host_ed25519_key + /etc/ssh/ssh_host_rsa_key + These files contain the private parts of the host keys and are + used for host-based authentication. + + /etc/ssh/ssh_known_hosts + Systemwide list of known host keys. This file should be prepared + by the system administrator to contain the public host keys of + all machines in the organization. It should be world-readable. + See sshd(8) for further details of the format of this file. + + /etc/ssh/sshrc + Commands in this file are executed by ssh when the user logs in, + just before the user's shell (or command) is started. See the + sshd(8) manual page for more information. + +EXIT STATUS + ssh exits with the exit status of the remote command or with 255 if an + error occurred. + +SEE ALSO + scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh-keyscan(1), + tun(4), ssh_config(5), ssh-keysign(8), sshd(8) + +STANDARDS + S. Lehtinen and C. Lonvick, The Secure Shell (SSH) Protocol Assigned + Numbers, RFC 4250, January 2006. + + T. Ylonen and C. Lonvick, The Secure Shell (SSH) Protocol Architecture, + RFC 4251, January 2006. + + T. Ylonen and C. Lonvick, The Secure Shell (SSH) Authentication Protocol, + RFC 4252, January 2006. + + T. Ylonen and C. Lonvick, The Secure Shell (SSH) Transport Layer + Protocol, RFC 4253, January 2006. + + T. Ylonen and C. Lonvick, The Secure Shell (SSH) Connection Protocol, RFC + 4254, January 2006. + + J. Schlyter and W. Griffin, Using DNS to Securely Publish Secure Shell + (SSH) Key Fingerprints, RFC 4255, January 2006. + + F. Cusack and M. Forssen, Generic Message Exchange Authentication for the + Secure Shell Protocol (SSH), RFC 4256, January 2006. + + J. Galbraith and P. Remaker, The Secure Shell (SSH) Session Channel Break + Extension, RFC 4335, January 2006. + + M. Bellare, T. Kohno, and C. Namprempre, The Secure Shell (SSH) Transport + Layer Encryption Modes, RFC 4344, January 2006. + + B. Harris, Improved Arcfour Modes for the Secure Shell (SSH) Transport + Layer Protocol, RFC 4345, January 2006. + + M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for + the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006. + + J. Galbraith and R. Thayer, The Secure Shell (SSH) Public Key File + Format, RFC 4716, November 2006. + + D. Stebila and J. Green, Elliptic Curve Algorithm Integration in the + Secure Shell Transport Layer, RFC 5656, December 2009. + + A. Perrig and D. Song, Hash Visualization: a New Technique to improve + Real-World Security, 1999, International Workshop on Cryptographic + Techniques and E-Commerce (CrypTEC '99). + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. + +OpenBSD 7.8 December 22, 2025 SSH(1) diff --git a/ssh_config.0 b/ssh_config.0 new file mode 100644 index 000000000000..1c9273f9b804 --- /dev/null +++ b/ssh_config.0 @@ -0,0 +1,1502 @@ +SSH_CONFIG(5) File Formats Manual SSH_CONFIG(5) + +NAME + ssh_config M-bM-^@M-^S OpenSSH client configuration file + +DESCRIPTION + ssh(1) obtains configuration data from the following sources in the + following order: + + 1. command-line options + 2. user's configuration file (~/.ssh/config) + 3. system-wide configuration file (/etc/ssh/ssh_config) + + Unless noted otherwise, for each parameter, the first obtained value will + be used. The configuration files contain sections separated by Host + specifications, and that section is only applied for hosts that match one + of the patterns given in the specification. The matched host name is + usually the one given on the command line (see the CanonicalizeHostname + option for exceptions). + + Since the first obtained value for each parameter is used, more host- + specific declarations should be given near the beginning of the file, and + general defaults at the end. + + The file contains keyword-argument pairs, one per line. Lines starting + with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are interpreted as comments. Arguments may + optionally be enclosed in double quotes (") in order to represent + arguments containing spaces. Configuration options may be separated by + whitespace or optional whitespace and exactly one M-bM-^@M-^X=M-bM-^@M-^Y; the latter format + is useful to avoid the need to quote whitespace when specifying + configuration options using the ssh, scp, and sftp -o option. + + The possible keywords and their meanings are as follows (note that + keywords are case-insensitive and arguments are case-sensitive): + + Host Restricts the following declarations (up to the next Host or + Match keyword) to be only for those hosts that match one of the + patterns given after the keyword. If more than one pattern is + provided, they should be separated by whitespace. A single M-bM-^@M-^X*M-bM-^@M-^Y + as a pattern can be used to provide global defaults for all + hosts. The host is usually the hostname argument given on the + command line (see the CanonicalizeHostname keyword for + exceptions). + + A pattern entry may be negated by prefixing it with an + exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y). If a negated entry is matched, then the + Host entry is ignored, regardless of whether any other patterns + on the line match. Negated matches are therefore useful to + provide exceptions for wildcard matches. + + See PATTERNS for more information on patterns. + + Match Restricts the following declarations (up to the next Host or + Match keyword) to be used only when the conditions following the + Match keyword are satisfied. Match conditions are specified + using one or more criteria or the single token all which always + matches. The available criteria keywords are: canonical, final, + exec, localnetwork, host, originalhost, tagged, command, user, + localuser, and version. The all criteria must appear alone or + immediately after canonical or final. Other criteria may be + combined arbitrarily. All criteria but all, canonical, and final + require an argument. Criteria may be negated by prepending an + exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y). + + The canonical keyword matches only when the configuration file is + being re-parsed after hostname canonicalization (see the + CanonicalizeHostname option). This may be useful to specify + conditions that work with canonical host names only. + + The final keyword requests that the configuration be re-parsed + (regardless of whether CanonicalizeHostname is enabled), and + matches only during this final pass. If CanonicalizeHostname is + enabled, then canonical and final match during the same pass. + + The exec keyword executes the specified command under the user's + shell. If the command returns a zero exit status then the + condition is considered true. Commands containing whitespace + characters must be quoted. Arguments to exec accept the tokens + described in the TOKENS section. + + The localnetwork keyword matches the addresses of active local + network interfaces against the supplied list of networks in CIDR + format. This may be convenient for varying the effective + configuration on devices that roam between networks. Note that + network address is not a trustworthy criteria in many situations + (e.g. when the network is automatically configured using DHCP) + and so caution should be applied if using it to control security- + sensitive configuration. + + The other keywords' criteria must be single entries or comma- + separated lists and may use the wildcard and negation operators + described in the PATTERNS section. + + The criteria for the host keyword are matched against the target + hostname, after any substitution by the Hostname or + CanonicalizeHostname options. The originalhost keyword matches + against the hostname as it was specified on the command-line. + + The tagged keyword matches a tag name specified by a prior Tag + directive or on the ssh(1) command-line using the -P flag. The + command keyword matches the remote command that has been + requested, or the subsystem name that is being invoked (e.g. + "sftp" for an SFTP session). The empty string will match the + case where a command or tag has not been specified, i.e. M-bM-^@M-^XMatch + tag ""M-bM-^@M-^Y. The version keyword matches against the version string + of ssh(1), for example M-bM-^@M-^\OpenSSH_10.0M-bM-^@M-^]. + + The user keyword matches against the target username on the + remote host. The localuser keyword matches against the name of + the local user running ssh(1) (this keyword may be useful in + system-wide ssh_config files). + + Finally, the sessiontype keyword matches the requested session + type, which may be one of shell for interactive sessions, exec + for command execution sessions, subsystem for subsystem + invocations such as sftp(1), or none for transport-only sessions, + such as when ssh(1) is started with the -N flag. + + AddKeysToAgent + Specifies whether keys should be automatically added to a running + ssh-agent(1). If this option is set to yes and a key is loaded + from a file, the key and its passphrase are added to the agent + with the default lifetime, as if by ssh-add(1). If this option + is set to ask, ssh(1) will require confirmation using the + SSH_ASKPASS program before adding a key (see ssh-add(1) for + details). If this option is set to confirm, each use of the key + must be confirmed, as if the -c option was specified to + ssh-add(1). If this option is set to no, no keys are added to + the agent. Alternately, this option may be specified as a time + interval using the format described in the TIME FORMATS section + of sshd_config(5) to specify the key's lifetime in ssh-agent(1), + after which it will automatically be removed. The argument must + be no (the default), yes, confirm (optionally followed by a time + interval), ask or a time interval. + + AddressFamily + Specifies which address family to use when connecting. Valid + arguments are any (the default), inet (use IPv4 only), or inet6 + (use IPv6 only). + + BatchMode + If set to yes, user interaction such as password prompts and host + key confirmation requests will be disabled. This option is + useful in scripts and other batch jobs where no user is present + to interact with ssh(1). The argument must be yes or no (the + default). + + BindAddress + Use the specified address on the local machine as the source + address of the connection. Only useful on systems with more than + one address. + + BindInterface + Use the address of the specified interface on the local machine + as the source address of the connection. + + CanonicalDomains + When CanonicalizeHostname is enabled, this option specifies the + list of domain suffixes in which to search for the specified + destination host. + + CanonicalizeFallbackLocal + Specifies whether to fail with an error when hostname + canonicalization fails. The default, yes, will attempt to look + up the unqualified hostname using the system resolver's search + rules. A value of no will cause ssh(1) to fail instantly if + CanonicalizeHostname is enabled and the target hostname cannot be + found in any of the domains specified by CanonicalDomains. + + CanonicalizeHostname + Controls whether explicit hostname canonicalization is performed. + The default, no, is not to perform any name rewriting and let the + system resolver handle all hostname lookups. If set to yes then, + for connections that do not use a ProxyCommand or ProxyJump, + ssh(1) will attempt to canonicalize the hostname specified on the + command line using the CanonicalDomains suffixes and + CanonicalizePermittedCNAMEs rules. If CanonicalizeHostname is + set to always, then canonicalization is applied to proxied + connections too. + + If this option is enabled, then the configuration files are + processed again using the new target name to pick up any new + configuration in matching Host and Match stanzas. A value of + none disables the use of a ProxyJump host. + + CanonicalizeMaxDots + Specifies the maximum number of dot characters in a hostname + before canonicalization is disabled. The default, 1, allows a + single dot (i.e. hostname.subdomain). + + CanonicalizePermittedCNAMEs + Specifies rules to determine whether CNAMEs should be followed + when canonicalizing hostnames. The rules consist of one or more + arguments of source_domain_list:target_domain_list, where + source_domain_list is a pattern-list of domains that may follow + CNAMEs in canonicalization, and target_domain_list is a pattern- + list of domains that they may resolve to. + + For example, "*.a.example.com:*.b.example.com,*.c.example.com" + will allow hostnames matching "*.a.example.com" to be + canonicalized to names in the "*.b.example.com" or + "*.c.example.com" domains. + + A single argument of "none" causes no CNAMEs to be considered for + canonicalization. This is the default behaviour. + + CASignatureAlgorithms + Specifies which algorithms are allowed for signing of + certificates by certificate authorities (CAs). The default is: + + ssh-ed25519,ecdsa-sha2-nistp256, + ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + If the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified algorithms will be appended to the default set instead + of replacing them. If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y + character, then the specified algorithms (including wildcards) + will be removed from the default set instead of replacing them. + + ssh(1) will not accept host certificates signed using algorithms + other than those specified. + + CertificateFile + Specifies a file from which the user's certificate is read. A + corresponding private key must be provided separately in order to + use this certificate either from an IdentityFile directive or -i + flag to ssh(1), via ssh-agent(1), or via a PKCS11Provider or + SecurityKeyProvider. + + Arguments to CertificateFile may use the tilde syntax to refer to + a user's home directory, the tokens described in the TOKENS + section and environment variables as described in the ENVIRONMENT + VARIABLES section. + + It is possible to have multiple certificate files specified in + configuration files; these certificates will be tried in + sequence. Multiple CertificateFile directives will add to the + list of certificates used for authentication. + + ChannelTimeout + Specifies whether and how quickly ssh(1) should close inactive + channels. Timeouts are specified as one or more M-bM-^@M-^\type=intervalM-bM-^@M-^] + pairs separated by whitespace, where the M-bM-^@M-^\typeM-bM-^@M-^] must be the + special keyword M-bM-^@M-^\globalM-bM-^@M-^] or a channel type name from the list + below, optionally containing wildcard characters. + + The timeout value M-bM-^@M-^\intervalM-bM-^@M-^] is specified in seconds or may use + any of the units documented in the TIME FORMATS section. For + example, M-bM-^@M-^\session=5mM-bM-^@M-^] would cause interactive sessions to + terminate after five minutes of inactivity. Specifying a zero + value disables the inactivity timeout. + + The special timeout M-bM-^@M-^\globalM-bM-^@M-^] applies to all active channels, + taken together. Traffic on any active channel will reset the + timeout, but when the timeout expires then all open channels will + be closed. Note that this global timeout is not matched by + wildcards and must be specified explicitly. + + The available channel type names include: + + agent-connection + Open connections to ssh-agent(1). + + direct-tcpip, direct-streamlocal@openssh.com + Open TCP or Unix socket (respectively) connections that + have been established from an ssh(1) local forwarding, + i.e. LocalForward or DynamicForward. + + forwarded-tcpip, forwarded-streamlocal@openssh.com + Open TCP or Unix socket (respectively) connections that + have been established to an sshd(8) listening on behalf + of an ssh(1) remote forwarding, i.e. RemoteForward. + + session + The interactive main session, including shell session, + command execution, scp(1), sftp(1), etc. + + tun-connection + Open TunnelForward connections. + + x11-connection + Open X11 forwarding sessions. + + Note that in all the above cases, terminating an inactive session + does not guarantee to remove all resources associated with the + session, e.g. shell processes or X11 clients relating to the + session may continue to execute. + + Moreover, terminating an inactive channel or session does not + necessarily close the SSH connection, nor does it prevent a + client from requesting another channel of the same type. In + particular, expiring an inactive forwarding session does not + prevent another identical forwarding from being subsequently + created. + + The default is not to expire channels of any type for inactivity. + + CheckHostIP + If set to yes, ssh(1) will additionally check the host IP address + in the known_hosts file. This allows it to detect if a host key + changed due to DNS spoofing and will add addresses of destination + hosts to ~/.ssh/known_hosts in the process, regardless of the + setting of StrictHostKeyChecking. If the option is set to no + (the default), the check will not be executed. + + Ciphers + Specifies the ciphers allowed and their order of preference. + Multiple ciphers must be comma-separated. If the specified list + begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified ciphers will be + appended to the default set instead of replacing them. If the + specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified + ciphers (including wildcards) will be removed from the default + set instead of replacing them. If the specified list begins with + a M-bM-^@M-^X^M-bM-^@M-^Y character, then the specified ciphers will be placed at the + head of the default set. + + The supported ciphers are: + + 3des-cbc + aes128-cbc + aes192-cbc + aes256-cbc + aes128-ctr + aes192-ctr + aes256-ctr + aes128-gcm@openssh.com + aes256-gcm@openssh.com + chacha20-poly1305@openssh.com + + The default is: + + chacha20-poly1305@openssh.com, + aes128-gcm@openssh.com,aes256-gcm@openssh.com, + aes128-ctr,aes192-ctr,aes256-ctr + + The list of available ciphers may also be obtained using "ssh -Q + cipher". + + ClearAllForwardings + Specifies that all local, remote, and dynamic port forwardings + specified in the configuration files or on the command line be + cleared. This option is primarily useful when used from the + ssh(1) command line to clear port forwardings set in + configuration files, and is automatically set by scp(1) and + sftp(1). The argument must be yes or no (the default). + + Compression + Specifies whether to use compression. The argument must be yes + or no (the default). + + ConnectionAttempts + Specifies the number of tries (one per second) to make before + exiting. The argument must be an integer. This may be useful in + scripts if the connection sometimes fails. The default is 1. + + ConnectTimeout + Specifies the timeout (in seconds) used when connecting to the + SSH server, instead of using the default system TCP timeout. + This timeout is applied both to establishing the connection and + to performing the initial SSH protocol handshake and key + exchange. + + ControlMaster + Enables the sharing of multiple sessions over a single network + connection. When set to yes, ssh(1) will listen for connections + on a control socket specified using the ControlPath argument. + Additional sessions can connect to this socket using the same + ControlPath with ControlMaster set to no (the default). These + sessions will try to reuse the master instance's network + connection rather than initiating new ones, but will fall back to + connecting normally if the control socket does not exist, or is + not listening. + + Setting this to ask will cause ssh(1) to listen for control + connections, but require confirmation using ssh-askpass(1). If + the ControlPath cannot be opened, ssh(1) will continue without + connecting to a master instance. + + X11 and ssh-agent(1) forwarding is supported over these + multiplexed connections, however the display and agent forwarded + will be the one belonging to the master connection i.e. it is not + possible to forward multiple displays or agents. + + Two additional options allow for opportunistic multiplexing: try + to use a master connection but fall back to creating a new one if + one does not already exist. These options are: auto and autoask. + The latter requires confirmation like the ask option. + + ControlPath + Specify the path to the control socket used for connection + sharing as described in the ControlMaster section above or the + string none to disable connection sharing. Arguments to + ControlPath may use the tilde syntax to refer to a user's home + directory, the tokens described in the TOKENS section and + environment variables as described in the ENVIRONMENT VARIABLES + section. It is recommended that any ControlPath used for + opportunistic connection sharing include at least %h, %p, and %r + (or alternatively %C) and be placed in a directory that is not + writable by other users. This ensures that shared connections + are uniquely identified. + + ControlPersist + When used in conjunction with ControlMaster, specifies that the + master connection should remain open in the background (waiting + for future client connections) after the initial client + connection has been closed. If set to no (the default), then the + master connection will not be placed into the background, and + will close as soon as the initial client connection is closed. + If set to yes or 0, then the master connection will remain in the + background indefinitely (until killed or closed via a mechanism + such as the "ssh -O exit"). If set to a time in seconds, or a + time in any of the formats documented in sshd_config(5), then the + backgrounded master connection will automatically terminate after + it has remained idle (with no client connections) for the + specified time. + + DynamicForward + Specifies that a TCP port on the local machine be forwarded over + the secure channel, and the application protocol is then used to + determine where to connect to from the remote machine. + + The argument must be [bind_address:]port. IPv6 addresses can be + specified by enclosing addresses in square brackets. By default, + the local port is bound in accordance with the GatewayPorts + setting. However, an explicit bind_address may be used to bind + the connection to a specific address. The bind_address of + localhost indicates that the listening port be bound for local + use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port + should be available from all interfaces. + + Currently the SOCKS4 and SOCKS5 protocols are supported, and + ssh(1) will act as a SOCKS server. Multiple forwardings may be + specified, and additional forwardings can be given on the command + line. Only the superuser can forward privileged ports. + + EnableEscapeCommandline + Enables the command line option in the EscapeChar menu for + interactive sessions (default M-bM-^@M-^X~CM-bM-^@M-^Y). By default, the command + line is disabled. + + EnableSSHKeysign + Setting this option to yes in the global client configuration + file /etc/ssh/ssh_config enables the use of the helper program + ssh-keysign(8) during HostbasedAuthentication. The argument must + be yes or no (the default). This option should be placed in the + non-hostspecific section. See ssh-keysign(8) for more + information. + + EscapeChar + Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y). The escape character + can also be set on the command line. The argument should be a + single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or none to disable + the escape character entirely (making the connection transparent + for binary data). + + ExitOnForwardFailure + Specifies whether ssh(1) should terminate the connection if it + cannot set up all requested dynamic, tunnel, local, and remote + port forwardings, (e.g. if either end is unable to bind and + listen on a specified port). Note that ExitOnForwardFailure does + not apply to connections made over port forwardings and will not, + for example, cause ssh(1) to exit if TCP connections to the + ultimate forwarding destination fail. The argument must be yes + or no (the default). + + FingerprintHash + Specifies the hash algorithm used when displaying key + fingerprints. Valid options are: md5 and sha256 (the default). + + ForkAfterAuthentication + Requests ssh to go to background just before command execution. + This is useful if ssh is going to ask for passwords or + passphrases, but the user wants it in the background. This + implies the StdinNull configuration option being set to M-bM-^@M-^\yesM-bM-^@M-^]. + The recommended way to start X11 programs at a remote site is + with something like ssh -f host xterm, which is the same as ssh + host xterm if the ForkAfterAuthentication configuration option is + set to M-bM-^@M-^\yesM-bM-^@M-^]. + + If the ExitOnForwardFailure configuration option is set to M-bM-^@M-^\yesM-bM-^@M-^], + then a client started with the ForkAfterAuthentication + configuration option being set to M-bM-^@M-^\yesM-bM-^@M-^] will wait for all remote + port forwards to be successfully established before placing + itself in the background. The argument to this keyword must be + yes (same as the -f option) or no (the default). + + ForwardAgent + Specifies whether the connection to the authentication agent (if + any) will be forwarded to the remote machine. The argument may + be yes, no (the default), an explicit path to an agent socket or + the name of an environment variable (beginning with M-bM-^@M-^X$M-bM-^@M-^Y) in which + to find the path. + + Agent forwarding should be enabled with caution. Users with the + ability to bypass file permissions on the remote host (for the + agent's Unix-domain socket) can access the local agent through + the forwarded connection. An attacker cannot obtain key material + from the agent, however they can perform operations on the keys + that enable them to authenticate using the identities loaded into + the agent. + + ForwardX11 + Specifies whether X11 connections will be automatically + redirected over the secure channel and DISPLAY set. The argument + must be yes or no (the default). + + X11 forwarding should be enabled with caution. Users with the + ability to bypass file permissions on the remote host (for the + user's X11 authorization database) can access the local X11 + display through the forwarded connection. An attacker may then + be able to perform activities such as keystroke monitoring if the + ForwardX11Trusted option is also enabled. + + ForwardX11Timeout + Specify a timeout for untrusted X11 forwarding using the format + described in the TIME FORMATS section of sshd_config(5). X11 + connections received by ssh(1) after this time will be refused. + Setting ForwardX11Timeout to zero will disable the timeout and + permit X11 forwarding for the life of the connection. The + default is to disable untrusted X11 forwarding after twenty + minutes has elapsed. + + ForwardX11Trusted + If this option is set to yes, remote X11 clients will have full + access to the original X11 display. + + If this option is set to no (the default), remote X11 clients + will be considered untrusted and prevented from stealing or + tampering with data belonging to trusted X11 clients. + Furthermore, the xauth(1) token used for the session will be set + to expire after 20 minutes. Remote clients will be refused + access after this time. + + See the X11 SECURITY extension specification for full details on + the restrictions imposed on untrusted clients. + + GatewayPorts + Specifies whether remote hosts are allowed to connect to local + forwarded ports. By default, ssh(1) binds local port forwardings + to the loopback address. This prevents other remote hosts from + connecting to forwarded ports. GatewayPorts can be used to + specify that ssh should bind local port forwardings to the + wildcard address, thus allowing remote hosts to connect to + forwarded ports. The argument must be yes or no (the default). + + GlobalKnownHostsFile + Specifies one or more files to use for the global host key + database, separated by whitespace. The default is + /etc/ssh/ssh_known_hosts, /etc/ssh/ssh_known_hosts2. + + GSSAPIAuthentication + Specifies whether user authentication based on GSSAPI is allowed. + The default is no. + + GSSAPIDelegateCredentials + Forward (delegate) credentials to the server. The default is no. + + HashKnownHosts + Indicates that ssh(1) should hash host names and addresses when + they are added to ~/.ssh/known_hosts. These hashed names may be + used normally by ssh(1) and sshd(8), but they do not visually + reveal identifying information if the file's contents are + disclosed. The default is no. Note that existing names and + addresses in known hosts files will not be converted + automatically, but may be manually hashed using ssh-keygen(1). + + HostbasedAcceptedAlgorithms + Specifies the signature algorithms that will be used for + hostbased authentication as a comma-separated list of patterns. + Alternately if the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified signature algorithms will be appended to the + default set instead of replacing them. If the specified list + begins with a M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified signature + algorithms (including wildcards) will be removed from the default + set instead of replacing them. If the specified list begins with + a M-bM-^@M-^X^M-bM-^@M-^Y character, then the specified signature algorithms will be + placed at the head of the default set. The default for this + option is: + + ssh-ed25519-cert-v01@openssh.com, + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + sk-ssh-ed25519-cert-v01@openssh.com, + sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com, + rsa-sha2-256-cert-v01@openssh.com, + ssh-ed25519, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + The -Q option of ssh(1) may be used to list supported signature + algorithms. This was formerly named HostbasedKeyTypes. + + HostbasedAuthentication + Specifies whether to try rhosts based authentication with public + key authentication. The argument must be yes or no (the + default). + + HostKeyAlgorithms + Specifies the host key signature algorithms that the client wants + to use in order of preference. Alternately if the specified list + begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified signature + algorithms will be appended to the default set instead of + replacing them. If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y + character, then the specified signature algorithms (including + wildcards) will be removed from the default set instead of + replacing them. If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y + character, then the specified signature algorithms will be placed + at the head of the default set. The default for this option is: + + ssh-ed25519-cert-v01@openssh.com, + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + sk-ssh-ed25519-cert-v01@openssh.com, + sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com, + rsa-sha2-256-cert-v01@openssh.com, + ssh-ed25519, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ecdsa-sha2-nistp256@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256@openssh.com + sk-ssh-ed25519@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + If hostkeys are known for the destination host then this default + is modified to prefer their algorithms. + + The list of available signature algorithms may also be obtained + using "ssh -Q HostKeyAlgorithms". + + HostKeyAlias + Specifies an alias that should be used instead of the real host + name when looking up or saving the host key in the host key + database files and when validating host certificates. This + option is useful for tunneling SSH connections or for multiple + servers running on a single host. + + Hostname + Specifies the real host name to log into. This can be used to + specify nicknames or abbreviations for hosts. Arguments to + Hostname accept the tokens described in the TOKENS section. + Numeric IP addresses are also permitted (both on the command line + and in Hostname specifications). The default is the name given + on the command line. + + IdentitiesOnly + Specifies that ssh(1) should only use the configured + authentication identity and certificate files (either the default + files, or those explicitly configured in the ssh_config files or + passed on the ssh(1) command-line), even if ssh-agent(1) or a + PKCS11Provider or SecurityKeyProvider offers more identities. + The argument to this keyword must be yes or no (the default). + This option is intended for situations where ssh-agent offers + many different identities. + + IdentityAgent + Specifies the Unix-domain socket used to communicate with the + authentication agent. + + This option overrides the SSH_AUTH_SOCK environment variable and + can be used to select a specific agent. Setting the socket name + to none disables the use of an authentication agent. If the + string "SSH_AUTH_SOCK" is specified, the location of the socket + will be read from the SSH_AUTH_SOCK environment variable. + Otherwise if the specified value begins with a M-bM-^@M-^X$M-bM-^@M-^Y character, + then it will be treated as an environment variable containing the + location of the socket. + + Arguments to IdentityAgent may use the tilde syntax to refer to a + user's home directory, the tokens described in the TOKENS section + and environment variables as described in the ENVIRONMENT + VARIABLES section. + + IdentityFile + Specifies a file from which the user's ECDSA, authenticator- + hosted ECDSA, Ed25519, authenticator-hosted Ed25519 or RSA + authentication identity is read. You can also specify a public + key file to use the corresponding private key that is loaded in + ssh-agent(1) when the private key file is not present locally. + The default is ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, + ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519 and ~/.ssh/id_ed25519_sk. + Additionally, any identities represented by the authentication + agent will be used for authentication unless IdentitiesOnly is + set. If no certificates have been explicitly specified by + CertificateFile, ssh(1) will try to load certificate information + from the filename obtained by appending -cert.pub to the path of + a specified IdentityFile. + + Arguments to IdentityFile may use the tilde syntax to refer to a + user's home directory or the tokens described in the TOKENS + section. Alternately an argument of none may be used to indicate + no identity files should be loaded. + + It is possible to have multiple identity files specified in + configuration files; all these identities will be tried in + sequence. Multiple IdentityFile directives will add to the list + of identities tried (this behaviour differs from that of other + configuration directives). + + IdentityFile may be used in conjunction with IdentitiesOnly to + select which identities in an agent are offered during + authentication. IdentityFile may also be used in conjunction + with CertificateFile in order to provide any certificate also + needed for authentication with the identity. + + IgnoreUnknown + Specifies a pattern-list of unknown options to be ignored if they + are encountered in configuration parsing. This may be used to + suppress errors if ssh_config contains options that are + unrecognised by ssh(1). It is recommended that IgnoreUnknown be + listed early in the configuration file as it will not be applied + to unknown options that appear before it. + + Include + Include the specified configuration file(s). Multiple pathnames + may be specified and each pathname may contain glob(7) wildcards, + tokens as described in the TOKENS section, environment variables + as described in the ENVIRONMENT VARIABLES section and, for user + configurations, shell-like M-bM-^@M-^X~M-bM-^@M-^Y references to user home + directories. Wildcards will be expanded and processed in lexical + order. Files without absolute paths are assumed to be in ~/.ssh + if included in a user configuration file or /etc/ssh if included + from the system configuration file. Include directive may appear + inside a Match or Host block to perform conditional inclusion. + + IPQoS Specifies the Differentiated Services Field Codepoint (DSCP) + value for connections. Accepted values are af11, af12, af13, + af21, af22, af23, af31, af32, af33, af41, af42, af43, cs0, cs1, + cs2, cs3, cs4, cs5, cs6, cs7, ef, le, a numeric value, or none to + use the operating system default. This option may take one or + two arguments, separated by whitespace. If one argument is + specified, it is used as the packet class unconditionally. If + two values are specified, the first is automatically selected for + interactive sessions and the second for non-interactive sessions. + The default is ef (Expedited Forwarding) for interactive sessions + and none (the operating system default) for non-interactive + sessions. + + KbdInteractiveAuthentication + Specifies whether to use keyboard-interactive authentication. + The argument to this keyword must be yes (the default) or no. + ChallengeResponseAuthentication is a deprecated alias for this. + + KbdInteractiveDevices + Specifies the list of methods to use in keyboard-interactive + authentication. Multiple method names must be comma-separated. + The default is to use the server specified list. The methods + available vary depending on what the server supports. For an + OpenSSH server, it may be zero or more of: bsdauth and pam. + + KexAlgorithms + Specifies the permitted KEX (Key Exchange) algorithms that will + be used and their preference order. The selected algorithm will + be the first algorithm in this list that the server also + supports. Multiple algorithms must be comma-separated. + + If the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified algorithms will be appended to the default set instead + of replacing them. If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y + character, then the specified algorithms (including wildcards) + will be removed from the default set instead of replacing them. + If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y character, then the + specified algorithms will be placed at the head of the default + set. + + The default is: + + mlkem768x25519-sha256, + sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, + curve25519-sha256,curve25519-sha256@libssh.org, + ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, + diffie-hellman-group-exchange-sha256, + diffie-hellman-group16-sha512, + diffie-hellman-group18-sha512, + diffie-hellman-group14-sha256 + + The list of supported key exchange algorithms may also be + obtained using "ssh -Q kex". + + KnownHostsCommand + Specifies a command to use to obtain a list of host keys, in + addition to those listed in UserKnownHostsFile and + GlobalKnownHostsFile. This command is executed after the files + have been read. It may write host key lines to standard output + in identical format to the usual files (described in the + VERIFYING HOST KEYS section in ssh(1)). Arguments to + KnownHostsCommand accept the tokens described in the TOKENS + section. The command may be invoked multiple times per + connection: once when preparing the preference list of host key + algorithms to use, again to obtain the host key for the requested + host name and, if CheckHostIP is enabled, one more time to obtain + the host key matching the server's address. If the command exits + abnormally or returns a non-zero exit status then the connection + is terminated. + + LocalCommand + Specifies a command to execute on the local machine after + successfully connecting to the server. The command string + extends to the end of the line, and is executed with the user's + shell. Arguments to LocalCommand accept the tokens described in + the TOKENS section. + + The command is run synchronously and does not have access to the + session of the ssh(1) that spawned it. It should not be used for + interactive commands. + + This directive is ignored unless PermitLocalCommand has been + enabled. + + LocalForward + Specifies that a TCP port or Unix-domain socket on the local + machine be forwarded over the secure channel to the specified + host and port (or Unix-domain socket) from the remote machine. + For a TCP port, the first argument must be [bind_address:]port or + a Unix domain socket path. The second argument is the + destination and may be host:hostport or a Unix domain socket path + if the remote host supports it. + + IPv6 addresses can be specified by enclosing addresses in square + brackets. + + If either argument contains a '/' in it, that argument will be + interpreted as a Unix-domain socket (on the corresponding host) + rather than a TCP port. + + Multiple forwardings may be specified, and additional forwardings + can be given on the command line. Only the superuser can forward + privileged ports. By default, the local port is bound in + accordance with the GatewayPorts setting. However, an explicit + bind_address may be used to bind the connection to a specific + address. The bind_address of localhost indicates that the + listening port be bound for local use only, while an empty + address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port should be available from + all interfaces. Unix domain socket paths may use the tokens + described in the TOKENS section and environment variables as + described in the ENVIRONMENT VARIABLES section. + + LogLevel + Gives the verbosity level that is used when logging messages from + ssh(1). The possible values are: QUIET, FATAL, ERROR, INFO, + VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. + DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify + higher levels of verbose output. + + LogVerbose + Specify one or more overrides to LogLevel. An override consists + of one or more pattern lists that matches the source file, + function and line number to force detailed logging for. For + example, an override pattern of: + + kex.c:*:1000,*:kex_exchange_identification():*,packet.c:* + + would enable detailed logging for line 1000 of kex.c, everything + in the kex_exchange_identification() function, and all code in + the packet.c file. This option is intended for debugging and no + overrides are enabled by default. + + MACs Specifies the MAC (message authentication code) algorithms in + order of preference. The MAC algorithm is used for data + integrity protection. Multiple algorithms must be comma- + separated. If the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified algorithms will be appended to the default set + instead of replacing them. If the specified list begins with a + M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified algorithms (including + wildcards) will be removed from the default set instead of + replacing them. If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y + character, then the specified algorithms will be placed at the + head of the default set. + + The algorithms that contain "-etm" calculate the MAC after + encryption (encrypt-then-mac). These are considered safer and + their use recommended. + + The default is: + + umac-64-etm@openssh.com,umac-128-etm@openssh.com, + hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, + hmac-sha1-etm@openssh.com, + umac-64@openssh.com,umac-128@openssh.com, + hmac-sha2-256,hmac-sha2-512,hmac-sha1 + + The list of available MAC algorithms may also be obtained using + "ssh -Q mac". + + NoHostAuthenticationForLocalhost + Disable host authentication for localhost (loopback addresses). + The argument to this keyword must be yes or no (the default). + + NumberOfPasswordPrompts + Specifies the number of password prompts before giving up. The + argument to this keyword must be an integer. The default is 3. + + ObscureKeystrokeTiming + Specifies whether ssh(1) should try to obscure inter-keystroke + timings from passive observers of network traffic. If enabled, + then for interactive sessions, ssh(1) will send keystrokes at + fixed intervals of a few tens of milliseconds and will send fake + keystroke packets for some time after typing ceases. The + argument to this keyword must be yes, no or an interval specifier + of the form interval:milliseconds (e.g. interval:80 for 80 + milliseconds). The default is to obscure keystrokes using a 20ms + packet interval. Note that smaller intervals will result in + higher fake keystroke packet rates. + + PasswordAuthentication + Specifies whether to use password authentication. The argument + to this keyword must be yes (the default) or no. + + PermitLocalCommand + Allow local command execution via the LocalCommand option or + using the !command escape sequence in ssh(1). The argument must + be yes or no (the default). + + PermitRemoteOpen + Specifies the destinations to which remote TCP port forwarding is + permitted when RemoteForward is used as a SOCKS proxy. The + forwarding specification must be one of the following forms: + + PermitRemoteOpen host:port + PermitRemoteOpen IPv4_addr:port + PermitRemoteOpen [IPv6_addr]:port + + Multiple forwards may be specified by separating them with + whitespace. An argument of any can be used to remove all + restrictions and permit any forwarding requests. An argument of + none can be used to prohibit all forwarding requests. The + wildcard M-bM-^@M-^X*M-bM-^@M-^Y can be used for host or port to allow all hosts or + ports respectively. Otherwise, no pattern matching or address + lookups are performed on supplied names. + + PKCS11Provider + Specifies which PKCS#11 provider to use or none to indicate that + no provider should be used (the default). The argument to this + keyword is a path to the PKCS#11 shared library ssh(1) should use + to communicate with a PKCS#11 token providing keys for user + authentication. + + Port Specifies the port number to connect on the remote host. The + default is 22. + + PreferredAuthentications + Specifies the order in which the client should try authentication + methods. This allows a client to prefer one method (e.g. + keyboard-interactive) over another method (e.g. password). The + default is: + + gssapi-with-mic,hostbased,publickey, + keyboard-interactive,password + + ProxyCommand + Specifies the command to use to connect to the server. The + command string extends to the end of the line, and is executed + using the user's shell M-bM-^@M-^XexecM-bM-^@M-^Y directive to avoid a lingering + shell process. + + Arguments to ProxyCommand accept the tokens described in the + TOKENS section. The command can be basically anything, and + should read from its standard input and write to its standard + output. It should eventually connect an sshd(8) server running + on some machine, or execute sshd -i somewhere. Host key + management will be done using the Hostname of the host being + connected (defaulting to the name typed by the user). Setting + the command to none disables this option entirely. Note that + CheckHostIP is not available for connects with a proxy command. + + This directive is useful in conjunction with nc(1) and its proxy + support. For example, the following directive would connect via + an HTTP proxy at 192.0.2.0: + + ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p + + ProxyJump + Specifies one or more jump proxies as either [user@]host[:port] + or an ssh URI. Multiple proxies may be separated by comma + characters and will be visited sequentially. Setting this option + will cause ssh(1) to connect to the target host by first making + an ssh(1) connection to the specified ProxyJump host and then + establishing a TCP forwarding to the ultimate target from there. + Setting the host to none disables this option entirely. + + Note that this option will compete with the ProxyCommand option - + whichever is specified first will prevent later instances of the + other from taking effect. + + Note also that the configuration for the destination host (either + supplied via the command-line or the configuration file) is not + generally applied to jump hosts. ~/.ssh/config should be used if + specific configuration is required for jump hosts. + + ProxyUseFdpass + Specifies that ProxyCommand will pass a connected file descriptor + back to ssh(1) instead of continuing to execute and pass data. + The default is no. + + PubkeyAcceptedAlgorithms + Specifies the signature algorithms that will be used for public + key authentication as a comma-separated list of patterns. If the + specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the algorithms + after it will be appended to the default instead of replacing it. + If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y character, then the + specified algorithms (including wildcards) will be removed from + the default set instead of replacing them. If the specified list + begins with a M-bM-^@M-^X^M-bM-^@M-^Y character, then the specified algorithms will + be placed at the head of the default set. The default for this + option is: + + ssh-ed25519-cert-v01@openssh.com, + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + sk-ssh-ed25519-cert-v01@openssh.com, + sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com, + rsa-sha2-256-cert-v01@openssh.com, + ssh-ed25519, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + The list of available signature algorithms may also be obtained + using "ssh -Q PubkeyAcceptedAlgorithms". + + PubkeyAuthentication + Specifies whether to try public key authentication. The argument + to this keyword must be yes (the default), no, unbound or + host-bound. The final two options enable public key + authentication while respectively disabling or enabling the + OpenSSH host-bound authentication protocol extension required for + restricted ssh-agent(1) forwarding. + + RefuseConnection + Allows a connection to be refused by the configuration file. If + this option is specified, then ssh(1) will terminate immediately + before attempting to connect to the remote host, display an error + message that contains the argument to this keyword and return a + non-zero exit status. This option may be useful to express + reminders or warnings to the user via ssh_config. + + RekeyLimit + Specifies the maximum amount of data that may be transmitted or + received before the session key is renegotiated, optionally + followed by a maximum amount of time that may pass before the + session key is renegotiated. The first argument is specified in + bytes and may have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate + Kilobytes, Megabytes, or Gigabytes, respectively. The default is + between M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher. The optional + second value is specified in seconds and may use any of the units + documented in the TIME FORMATS section of sshd_config(5). The + default value for RekeyLimit is default none, which means that + rekeying is performed after the cipher's default amount of data + has been sent or received and no time based rekeying is done. + + RemoteCommand + Specifies a command to execute on the remote machine after + successfully connecting to the server. The command string + extends to the end of the line, and is executed with the user's + shell. Arguments to RemoteCommand accept the tokens described in + the TOKENS section. + + RemoteForward + Specifies that a TCP port or Unix-domain socket on the remote + machine be forwarded over the secure channel. The remote port + may either be forwarded to a specified host and port or Unix- + domain socket from the local machine, or may act as a SOCKS 4/5 + proxy that allows a remote client to connect to arbitrary + destinations from the local machine. The first argument is the + listening specification and may be [bind_address:]port or, if the + remote host supports it, a Unix domain socket path. If + forwarding to a specific destination then the second argument + must be host:hostport or a Unix domain socket path, otherwise if + no destination argument is specified then the remote forwarding + will be established as a SOCKS proxy. When acting as a SOCKS + proxy, the destination of the connection can be restricted by + PermitRemoteOpen. + + IPv6 addresses can be specified by enclosing addresses in square + brackets. + + If either argument contains a '/' in it, that argument will be + interpreted as a Unix-domain socket (on the corresponding host) + rather than a TCP port. + + Multiple forwardings may be specified, and additional forwardings + can be given on the command line. Privileged ports can be + forwarded only when logging in as root on the remote machine. + Unix domain socket paths may use the tokens described in the + TOKENS section and environment variables as described in the + ENVIRONMENT VARIABLES section. + + If the port argument is 0, the listen port will be dynamically + allocated on the server and reported to the client at run time. + + If the bind_address is not specified, the default is to only bind + to loopback addresses. If the bind_address is M-bM-^@M-^X*M-bM-^@M-^Y or an empty + string, then the forwarding is requested to listen on all + interfaces. Specifying a remote bind_address will only succeed + if the server's GatewayPorts option is enabled (see + sshd_config(5)). + + RequestTTY + Specifies whether to request a pseudo-tty for the session. The + argument may be one of: no (never request a TTY), yes (always + request a TTY when standard input is a TTY), force (always + request a TTY) or auto (request a TTY when opening a login + session). This option mirrors the -t and -T flags for ssh(1). + + RequiredRSASize + Specifies the minimum RSA key size (in bits) that ssh(1) will + accept. User authentication keys smaller than this limit will be + ignored. Servers that present host keys smaller than this limit + will cause the connection to be terminated. The default is 1024 + bits. Note that this limit may only be raised from the default. + + RevokedHostKeys + Specifies revoked host public keys. Keys listed in this file + will be refused for host authentication. Note that if this file + does not exist or is not readable, then host authentication will + be refused for all hosts. Keys may be specified as a text file, + listing one public key per line, or as an OpenSSH Key Revocation + List (KRL) as generated by ssh-keygen(1). For more information + on KRLs, see the KEY REVOCATION LISTS section in ssh-keygen(1). + Arguments to RevokedHostKeys may use the tilde syntax to refer to + a user's home directory, the tokens described in the TOKENS + section and environment variables as described in the ENVIRONMENT + VARIABLES section. + + SecurityKeyProvider + Specifies a path to a library that will be used when loading any + FIDO authenticator-hosted keys, overriding the default of using + the built-in USB HID support. + + If the specified value begins with a M-bM-^@M-^X$M-bM-^@M-^Y character, then it will + be treated as an environment variable containing the path to the + library. + + SendEnv + Specifies what variables from the local environ(7) should be sent + to the server. The server must also support it, and the server + must be configured to accept these environment variables. Note + that the TERM environment variable is always sent whenever a + pseudo-terminal is requested as it is required by the protocol. + Refer to AcceptEnv in sshd_config(5) for how to configure the + server. Variables are specified by name, which may contain + wildcard characters. Multiple environment variables may be + separated by whitespace or spread across multiple SendEnv + directives. + + See PATTERNS for more information on patterns. + + It is possible to clear previously set SendEnv variable names by + prefixing patterns with -. The default is not to send any + environment variables. + + ServerAliveCountMax + Sets the number of server alive messages (see below) which may be + sent without ssh(1) receiving any messages back from the server. + If this threshold is reached while server alive messages are + being sent, ssh will disconnect from the server, terminating the + session. It is important to note that the use of server alive + messages is very different from TCPKeepAlive (below). The server + alive messages are sent through the encrypted channel and + therefore will not be spoofable. The TCP keepalive option + enabled by TCPKeepAlive is spoofable. The server alive mechanism + is valuable when the client or server depend on knowing when a + connection has become unresponsive. + + The default value is 3. If, for example, ServerAliveInterval + (see below) is set to 15 and ServerAliveCountMax is left at the + default, if the server becomes unresponsive, ssh will disconnect + after approximately 45 seconds. + + ServerAliveInterval + Sets a timeout interval in seconds after which if no data has + been received from the server, ssh(1) will send a message through + the encrypted channel to request a response from the server. The + default is 0, indicating that these messages will not be sent to + the server. + + SessionType + May be used to either request invocation of a subsystem on the + remote system, or to prevent the execution of a remote command at + all. The latter is useful for just forwarding ports. The + argument to this keyword must be none (same as the -N option), + subsystem (same as the -s option) or default (shell or command + execution). + + SetEnv Directly specify one or more environment variables and their + contents to be sent to the server in the form M-bM-^@M-^\NAME=VALUEM-bM-^@M-^]. + Similarly to SendEnv, with the exception of the TERM variable, + the server must be prepared to accept the environment variable. + + The M-bM-^@M-^\VALUEM-bM-^@M-^] may use the tokens described in the TOKENS section + and environment variables as described in the ENVIRONMENT + VARIABLES section. + + StdinNull + Redirects stdin from /dev/null (actually, prevents reading from + stdin). Either this or the equivalent -n option must be used + when ssh is run in the background. The argument to this keyword + must be yes (same as the -n option) or no (the default). + + StreamLocalBindMask + Sets the octal file creation mode mask (umask) used when creating + a Unix-domain socket file for local or remote port forwarding. + This option is only used for port forwarding to a Unix-domain + socket file. + + The default value is 0177, which creates a Unix-domain socket + file that is readable and writable only by the owner. Note that + not all operating systems honor the file mode on Unix-domain + socket files. + + StreamLocalBindUnlink + Specifies whether to remove an existing Unix-domain socket file + for local or remote port forwarding before creating a new one. + If the socket file already exists and StreamLocalBindUnlink is + not enabled, ssh will be unable to forward the port to the Unix- + domain socket file. This option is only used for port forwarding + to a Unix-domain socket file. + + The argument must be yes or no (the default). + + StrictHostKeyChecking + If this flag is set to yes, ssh(1) will never automatically add + host keys to the ~/.ssh/known_hosts file, and refuses to connect + to hosts whose host key has changed. This provides maximum + protection against man-in-the-middle (MITM) attacks, though it + can be annoying when the /etc/ssh/ssh_known_hosts file is poorly + maintained or when connections to new hosts are frequently made. + This option forces the user to manually add all new hosts. + + If this flag is set to accept-new then ssh will automatically add + new host keys to the user's known_hosts file, but will not permit + connections to hosts with changed host keys. If this flag is set + to no or off, ssh will automatically add new host keys to the + user known hosts files and allow connections to hosts with + changed hostkeys to proceed, subject to some restrictions. If + this flag is set to ask (the default), new host keys will be + added to the user known host files only after the user has + confirmed that is what they really want to do, and ssh will + refuse to connect to hosts whose host key has changed. The host + keys of known hosts will be verified automatically in all cases. + + SyslogFacility + Gives the facility code that is used when logging messages from + ssh(1). The possible values are: DAEMON, USER, AUTH, LOCAL0, + LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The + default is USER. + + TCPKeepAlive + Specifies whether the system should send TCP keepalive messages + to the other side. If they are sent, death of the connection or + crash of one of the machines will be properly noticed. However, + this means that connections will die if the route is down + temporarily, and some people find it annoying. + + The default is yes (to send TCP keepalive messages), and the + client will notice if the network goes down or the remote host + dies. This is important in scripts, and many users want it too. + + To disable TCP keepalive messages, the value should be set to no. + See also ServerAliveInterval for protocol-level keepalives. + + Tag Specify a configuration tag name that may be later used by a + Match directive to select a block of configuration. + + Tunnel Request tun(4) device forwarding between the client and the + server. The argument must be yes, point-to-point (layer 3), + ethernet (layer 2), or no (the default). Specifying yes requests + the default tunnel mode, which is point-to-point. + + TunnelDevice + Specifies the tun(4) devices to open on the client (local_tun) + and the server (remote_tun). + + The argument must be local_tun[:remote_tun]. The devices may be + specified by numerical ID or the keyword any, which uses the next + available tunnel device. If remote_tun is not specified, it + defaults to any. The default is any:any. + + UpdateHostKeys + Specifies whether ssh(1) should accept notifications of + additional hostkeys from the server sent after authentication has + completed and add them to UserKnownHostsFile. The argument must + be yes, no or ask. This option allows learning alternate + hostkeys for a server and supports graceful key rotation by + allowing a server to send replacement public keys before old ones + are removed. + + Additional hostkeys are only accepted if the key used to + authenticate the host was already trusted or explicitly accepted + by the user, the host was authenticated via UserKnownHostsFile + (i.e. not GlobalKnownHostsFile) and the host was authenticated + using a plain key and not a certificate. + + UpdateHostKeys is enabled by default if the user has not + overridden the default UserKnownHostsFile setting and has not + enabled VerifyHostKeyDNS, otherwise UpdateHostKeys will be set to + no. + + If UpdateHostKeys is set to ask, then the user is asked to + confirm the modifications to the known_hosts file. Confirmation + is currently incompatible with ControlPersist, and will be + disabled if it is enabled. + + Presently, only sshd(8) from OpenSSH 6.8 and greater support the + "hostkeys@openssh.com" protocol extension used to inform the + client of all the server's hostkeys. + + User Specifies the user to log in as. This can be useful when a + different user name is used on different machines. This saves + the trouble of having to remember to give the user name on the + command line. Arguments to User may use the tokens described in + the TOKENS section (with the exception of %r and %C) and + environment variables as described in the ENVIRONMENT VARIABLES + section. + + UserKnownHostsFile + Specifies one or more files to use for the user host key + database, separated by whitespace. Each filename may use tilde + notation to refer to the user's home directory, the tokens + described in the TOKENS section and environment variables as + described in the ENVIRONMENT VARIABLES section. A value of none + causes ssh(1) to ignore any user-specific known hosts files. The + default is ~/.ssh/known_hosts, ~/.ssh/known_hosts2. + + VerifyHostKeyDNS + Specifies whether to verify the remote key using DNS and SSHFP + resource records. If this option is set to yes, the client will + implicitly trust keys that match a secure fingerprint from DNS. + Insecure fingerprints will be handled as if this option was set + to ask. If this option is set to ask, information on fingerprint + match will be displayed, but the user will still need to confirm + new host keys according to the StrictHostKeyChecking option. The + default is no. + + See also VERIFYING HOST KEYS in ssh(1). + + VersionAddendum + Optionally specifies additional text to append to the SSH + protocol banner sent by the client upon connection. The default + is none. + + VisualHostKey + If this flag is set to yes, an ASCII art representation of the + remote host key fingerprint is printed in addition to the + fingerprint string at login and for unknown host keys. If this + flag is set to no (the default), no fingerprint strings are + printed at login and only the fingerprint string will be printed + for unknown host keys. + + WarnWeakCrypto + controls whether the user is warned when the cryptographic + algorithms negotiated for the connection are weak or otherwise + recommended against. Warnings may be disabled by turning off a + specific warning or by disabling all warnings. Warnings about + connections that don't use a post-quantum key exchange may be + disabled using the no-pq-kex flag. no will disable all warnings. + The default, equivalent to yes, is to enable all warnings. + + XAuthLocation + Specifies the full pathname of the xauth(1) program. The default + is /usr/X11R6/bin/xauth. + +PATTERNS + A pattern consists of zero or more non-whitespace characters, M-bM-^@M-^X*M-bM-^@M-^Y (a + wildcard that matches zero or more characters), or M-bM-^@M-^X?M-bM-^@M-^Y (a wildcard that + matches exactly one character). For example, to specify a set of + declarations for any host in the ".co.uk" set of domains, the following + pattern could be used: + + Host *.co.uk + + The following pattern would match any host in the 192.168.0.[0-9] network + range: + + Host 192.168.0.? + + A pattern-list is a comma-separated list of patterns. Patterns within + pattern-lists may be negated by preceding them with an exclamation mark + (M-bM-^@M-^X!M-bM-^@M-^Y). For example, to allow a key to be used from anywhere within an + organization except from the "dialup" pool, the following entry (in + authorized_keys) could be used: + + from="!*.dialup.example.com,*.example.com" + + Note that a negated match will never produce a positive result by itself. + For example, attempting to match "host3" against the following pattern- + list will fail: + + from="!host1,!host2" + + The solution here is to include a term that will yield a positive match, + such as a wildcard: + + from="!host1,!host2,*" + +TOKENS + Arguments to some keywords can make use of tokens, which are expanded at + runtime. Tokens are expanded without quoting or escaping of shell + characters. It is the user's responsibility to ensure they are safe in + the context of their use. + + The supported tokens in ssh_config are: + + %% A literal M-bM-^@M-^X%M-bM-^@M-^Y. + %C Hash of %l%h%p%r%j. + %d Local user's home directory. + %f The fingerprint of the server's host key. + %H The known_hosts hostname or address that is being searched + for. + %h The remote hostname. + %I A string describing the reason for a KnownHostsCommand + execution: either ADDRESS when looking up a host by address + (only when CheckHostIP is enabled), HOSTNAME when searching + by hostname, or ORDER when preparing the host key algorithm + preference list to use for the destination host. + %i The local user ID. + %j The contents of the ProxyJump option, or the empty string if + this option is unset. + %K The base64 encoded host key. + %k The host key alias if specified, otherwise the original + remote hostname given on the command line. + %L The local hostname. + %l The local hostname, including the domain name. + %n The original remote hostname, as given on the command line. + %p The remote port. + %r The remote username. + %T The local tun(4) or tap(4) network interface assigned if + tunnel forwarding was requested, or "NONE" otherwise. + %t The type of the server host key, e.g. ssh-ed25519. + %u The local username. + + CertificateFile, ControlPath, IdentityAgent, IdentityFile, Include, + KnownHostsCommand, LocalForward, Match exec, RemoteCommand, + RemoteForward, RevokedHostKeys, UserKnownHostsFile and VersionAddendum + accept the tokens %%, %C, %d, %h, %i, %j, %k, %L, %l, %n, %p, %r, and %u. + + KnownHostsCommand additionally accepts the tokens %f, %H, %I, %K and %t. + + Hostname accepts the tokens %% and %h. + + LocalCommand accepts all tokens. + + ProxyCommand and ProxyJump accept the tokens %%, %h, %n, %p, and %r. + + Note that some of these directives build commands for execution via the + shell. Because ssh(1) performs no filtering or escaping of characters + that have special meaning in shell commands (e.g. quotes), it is the + user's responsibility to ensure that the arguments passed to ssh(1) do + not contain such characters and that tokens are appropriately quoted when + used. + +ENVIRONMENT VARIABLES + Arguments to some keywords can be expanded at runtime from environment + variables on the client by enclosing them in ${}, for example + ${HOME}/.ssh would refer to the user's .ssh directory. If a specified + environment variable does not exist then an error will be returned and + the setting for that keyword will be ignored. + + The keywords CertificateFile, ControlPath, IdentityAgent, IdentityFile, + Include, KnownHostsCommand, and UserKnownHostsFile support environment + variables. The keywords LocalForward and RemoteForward support + environment variables only for Unix domain socket paths. + +FILES + ~/.ssh/config + This is the per-user configuration file. The format of this file + is described above. This file is used by the SSH client. + Because of the potential for abuse, this file must have strict + permissions: read/write for the user, and not writable by others. + + /etc/ssh/ssh_config + Systemwide configuration file. This file provides defaults for + those values that are not specified in the user's configuration + file, and for those users who do not have a configuration file. + This file must be world-readable. + +SEE ALSO + ssh(1) + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. + +OpenBSD 7.8 March 23, 2026 SSH_CONFIG(5) diff --git a/sshd.0 b/sshd.0 new file mode 100644 index 000000000000..890adcb3395e --- /dev/null +++ b/sshd.0 @@ -0,0 +1,687 @@ +SSHD(8) System Manager's Manual SSHD(8) + +NAME + sshd M-bM-^@M-^S OpenSSH daemon + +SYNOPSIS + sshd [-46DdeGiqTtV] [-C connection_spec] [-c host_certificate_file] + [-E log_file] [-f config_file] [-g login_grace_time] + [-h host_key_file] [-o option] [-p port] [-u len] + +DESCRIPTION + sshd (OpenSSH Daemon) is the daemon program for ssh(1). It provides + secure encrypted communications between two untrusted hosts over an + insecure network. + + sshd listens for connections from clients. It is normally started at + boot from /etc/rc. It forks a new daemon for each incoming connection. + The forked daemons handle key exchange, encryption, authentication, + command execution, and data exchange. + + sshd can be configured using command-line options or a configuration file + (by default sshd_config(5)); command-line options override values + specified in the configuration file. sshd rereads its configuration file + when it receives a hangup signal, SIGHUP, by executing itself with the + name and options it was started with, e.g. /usr/sbin/sshd. + + The options are as follows: + + -4 Forces sshd to use IPv4 addresses only. + + -6 Forces sshd to use IPv6 addresses only. + + -C connection_spec + Specify the connection parameters to use for the -T extended test + mode. If provided, any Match directives in the configuration + file that would apply are applied before the configuration is + written to standard output. The connection parameters are + supplied as keyword=value pairs and may be supplied in any order, + either with multiple -C options or as a comma-separated list. + The keywords are M-bM-^@M-^\addrM-bM-^@M-^], M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and + M-bM-^@M-^\rdomainM-bM-^@M-^] and correspond to source address, user, resolved source + host name, local address, local port number and routing domain + respectively. Additionally the M-bM-^@M-^\invalid-userM-bM-^@M-^] flag (which does + not take a value argument) may be specified to simulate a + connection from an unrecognised username. + + -c host_certificate_file + Specifies a path to a certificate file to identify sshd during + key exchange. The certificate file must match a host key file + specified using the -h option or the HostKey configuration + directive. + + -D When this option is specified, sshd will not detach and does not + become a daemon. This allows easy monitoring of sshd. + + -d Debug mode. The server sends verbose debug output to standard + error, and does not put itself in the background. The server + also will not fork(2) and will only process one connection. This + option is only intended for debugging for the server. Multiple + -d options increase the debugging level. Maximum is 3. + + -E log_file + Append debug logs to log_file instead of the system log. + + -e Write debug logs to standard error instead of the system log. + + -f config_file + Specifies the name of the configuration file. The default is + /etc/ssh/sshd_config. sshd refuses to start if there is no + configuration file. + + -G Parse and print configuration file. Check the validity of the + configuration file, output the effective configuration to stdout + and then exit. Optionally, Match rules may be applied by + specifying the connection parameters using one or more -C + options. + + -g login_grace_time + Gives the grace time for clients to authenticate themselves + (default 120 seconds). If the client fails to authenticate the + user within this many seconds, the server disconnects and exits. + A value of zero indicates no limit. + + -h host_key_file + Specifies a file from which a host key is read. This option must + be given if sshd is not run as root (as the normal host key files + are normally not readable by anyone but root). The default is + /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key and + /etc/ssh/ssh_host_rsa_key. It is possible to have multiple host + key files for the different host key algorithms. + + -i Specifies that sshd is being run from inetd(8). + + -o option + Can be used to give options in the format used in the + configuration file. This is useful for specifying options for + which there is no separate command-line flag. For full details + of the options, and their values, see sshd_config(5). + + -p port + Specifies the port on which the server listens for connections + (default 22). Multiple port options are permitted. Ports + specified in the configuration file with the Port option are + ignored when a command-line port is specified. Ports specified + using the ListenAddress option override command-line ports. + + -q Quiet mode. Nothing is sent to the system log. Normally the + beginning, authentication, and termination of each connection is + logged. + + -T Extended test mode. Check the validity of the configuration + file, output the effective configuration to stdout and then exit. + Optionally, Match rules may be applied by specifying the + connection parameters using one or more -C options. This is + similar to the -G flag, but it includes the additional testing + performed by the -t flag. + + -t Test mode. Only check the validity of the configuration file and + sanity of the keys. This is useful for updating sshd reliably as + configuration options may change. + + -u len This option is used to specify the size of the field in the utmp + structure that holds the remote host name. If the resolved host + name is longer than len, the dotted decimal value will be used + instead. This allows hosts with very long host names that + overflow this field to still be uniquely identified. Specifying + -u0 indicates that only dotted decimal addresses should be put + into the utmp file. -u0 may also be used to prevent sshd from + making DNS requests unless the authentication mechanism or + configuration requires it. Authentication mechanisms that may + require DNS include HostbasedAuthentication and using a + from="pattern-list" option in a key file. Configuration options + that require DNS include using a USER@HOST pattern in AllowUsers + or DenyUsers. + + -V Display the version number and exit. + +AUTHENTICATION + The OpenSSH SSH daemon supports SSH protocol 2 only. Each host has a + host-specific key, used to identify the host. Whenever a client + connects, the daemon responds with its public host key. The client + compares the host key against its own database to verify that it has not + changed. Forward secrecy is provided through a Diffie-Hellman key + agreement. This key agreement results in a shared session key. The rest + of the session is encrypted using a symmetric cipher. The client selects + the encryption algorithm to use from those offered by the server. + Additionally, session integrity is provided through a cryptographic + message authentication code (MAC). + + Finally, the server and the client enter an authentication dialog. The + client tries to authenticate itself using host-based authentication, + public key authentication, challenge-response authentication, or password + authentication. + + Regardless of the authentication type, the account is checked to ensure + that it is accessible. An account is not accessible if it is locked, + listed in DenyUsers or its group is listed in DenyGroups . The + definition of a locked account is system dependent. Some platforms have + their own account database (eg AIX) and some modify the passwd field ( + M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on + Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most + Linuxes). If there is a requirement to disable password authentication + for the account while allowing still public-key, then the passwd field + should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or M-bM-^@M-^X*NP*M-bM-^@M-^Y ). + + If the client successfully authenticates itself, a dialog for preparing + the session is entered. At this time the client may request things like + allocating a pseudo-tty, forwarding X11 connections, forwarding TCP + connections, or forwarding the authentication agent connection over the + secure channel. + + After this, the client either requests an interactive shell or execution + of a non-interactive command, which sshd will execute via the user's + shell using its -c option. The sides then enter session mode. In this + mode, either side may send data at any time, and such data is forwarded + to/from the shell or command on the server side, and the user terminal in + the client side. + + When the user program terminates and all forwarded X11 and other + connections have been closed, the server sends command exit status to the + client, and both sides exit. + +LOGIN PROCESS + When a user successfully logs in, sshd does the following: + + 1. If the login is on a tty, and no command has been specified, + prints last login time and /etc/motd (unless prevented in the + configuration file or by ~/.hushlogin; see the FILES section). + + 2. If the login is on a tty, records login time. + + 3. Checks /etc/nologin; if it exists, prints contents and quits + (unless root). + + 4. Changes to run with normal user privileges. + + 5. Sets up basic environment. + + 6. Reads the file ~/.ssh/environment, if it exists, and users are + allowed to change their environment. See the + PermitUserEnvironment option in sshd_config(5). + + 7. Changes to user's home directory. + + 8. If ~/.ssh/rc exists and the sshd_config(5) PermitUserRC option + is set, runs it; else if /etc/ssh/sshrc exists, runs it; + otherwise runs xauth(1). The M-bM-^@M-^\rcM-bM-^@M-^] files are given the X11 + authentication protocol and cookie in standard input. See + SSHRC, below. + + 9. Runs user's shell or command. All commands are run under the + user's login shell as specified in the system password + database. + +SSHRC + If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment + files but before starting the user's shell or command. It must not + produce any output on stdout; stderr must be used instead. If X11 + forwarding is in use, it will receive the "proto cookie" pair in its + standard input (and DISPLAY in its environment). The script must call + xauth(1) because sshd will not run xauth automatically to add X11 + cookies. + + The primary purpose of this file is to run any initialization routines + which may be needed before the user's home directory becomes accessible; + AFS is a particular example of such an environment. + + This file will probably contain some initialization code followed by + something similar to: + + if read proto cookie && [ -n "$DISPLAY" ]; then + if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then + # X11UseLocalhost=yes + echo add unix:`echo $DISPLAY | + cut -c11-` $proto $cookie + else + # X11UseLocalhost=no + echo add $DISPLAY $proto $cookie + fi | xauth -q - + fi + + If this file does not exist, /etc/ssh/sshrc is run, and if that does not + exist either, xauth is used to add the cookie. + +AUTHORIZED_KEYS FILE FORMAT + AuthorizedKeysFile specifies the files containing public keys for public + key authentication; if this option is not specified, the default is + ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the + file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are + ignored as comments). Public keys consist of the following space- + separated fields: options, keytype, base64-encoded key, comment. The + options field is optional. The supported key types are: + + sk-ecdsa-sha2-nistp256@openssh.com + ecdsa-sha2-nistp256 + ecdsa-sha2-nistp384 + ecdsa-sha2-nistp521 + sk-ssh-ed25519@openssh.com + ssh-ed25519 + ssh-rsa + + The comment field is not used for anything (but may be convenient for the + user to identify the key). + + Note that lines in this file can be several hundred bytes long (because + of the size of the public key encoding) up to a limit of 8 kilobytes, + which permits RSA keys up to 16 kilobits. You don't want to type them + in; instead, copy the id_ecdsa.pub, id_ecdsa_sk.pub, id_ed25519.pub, + id_ed25519_sk.pub, or the id_rsa.pub file and edit it. + + sshd enforces a minimum RSA key modulus size of 1024 bits. + + The options (if present) consist of comma-separated option + specifications. No spaces are permitted, except within double quotes. + The following option specifications are supported (note that option + keywords are case-insensitive): + + agent-forwarding + Enable authentication agent forwarding previously disabled by the + restrict option. + + cert-authority + Specifies that the listed key is a certification authority (CA) + that is trusted to validate signed certificates for user + authentication. + + Certificates may encode access restrictions similar to these key + options. If both certificate restrictions and key options are + present, the most restrictive union of the two is applied. + + command="command" + Specifies that the command is executed whenever this key is used + for authentication. The command supplied by the user (if any) is + ignored. The command is run on a pty if the client requests a + pty; otherwise it is run without a tty. If an 8-bit clean + channel is required, one must not request a pty or should specify + no-pty. A quote may be included in the command by quoting it + with a backslash. + + This option might be useful to restrict certain public keys to + perform just a specific operation. An example might be a key + that permits remote backups but nothing else. Note that the + client may specify TCP and/or X11 forwarding unless they are + explicitly prohibited, e.g. using the restrict key option. + + The command originally supplied by the client is available in the + SSH_ORIGINAL_COMMAND environment variable. Note that this option + applies to shell, command or subsystem execution. Also note that + this command may be superseded by an sshd_config(5) ForceCommand + directive. + + If a command is specified and a forced-command is embedded in a + certificate used for authentication, then the certificate will be + accepted only if the two commands are identical. + + environment="NAME=value" + Specifies that the string is to be added to the environment when + logging in using this key. Environment variables set this way + override other default environment values. Multiple options of + this type are permitted. Environment processing is disabled by + default and is controlled via the PermitUserEnvironment option. + + expiry-time="timespec" + Specifies a time after which the key will not be accepted. The + time may be specified as a YYYYMMDD[Z] date or a + YYYYMMDDHHMM[SS][Z] time. Dates and times will be interpreted in + the system time zone unless suffixed by a Z character, in which + case they will be interpreted in the UTC time zone. + + from="pattern-list" + Specifies that in addition to public key authentication, either + the canonical name of the remote host or its IP address must be + present in the comma-separated list of patterns. See PATTERNS in + ssh_config(5) for more information on patterns. + + In addition to the wildcard matching that may be applied to + hostnames or addresses, a from stanza may match IP addresses + using CIDR address/masklen notation. + + The purpose of this option is to optionally increase security: + public key authentication by itself does not trust the network or + name servers or anything (but the key); however, if somebody + somehow steals the key, the key permits an intruder to log in + from anywhere in the world. This additional option makes using a + stolen key more difficult (name servers and/or routers would have + to be compromised in addition to just the key). + + no-agent-forwarding + Forbids authentication agent forwarding when this key is used for + authentication. + + no-port-forwarding + Forbids TCP forwarding when this key is used for authentication. + Any port forward requests by the client will return an error. + This might be used, e.g. in connection with the command option. + + no-pty Prevents tty allocation (a request to allocate a pty will fail). + + no-user-rc + Disables execution of ~/.ssh/rc. + + no-X11-forwarding + Forbids X11 forwarding when this key is used for authentication. + Any X11 forward requests by the client will return an error. + + permitlisten="[host:]port" + Limit remote port forwarding with the ssh(1) -R option such that + it may only listen on the specified host (optional) and port. + IPv6 addresses can be specified by enclosing the address in + square brackets. Multiple permitlisten options may be applied + separated by commas. Hostnames may include wildcards as + described in the PATTERNS section in ssh_config(5). A port + specification of * matches any port. Note that the setting of + GatewayPorts may further restrict listen addresses. Note that + ssh(1) will send a hostname of M-bM-^@M-^\localhostM-bM-^@M-^] if a listen host was + not specified when the forwarding was requested, and that this + name is treated differently to the explicit localhost addresses + M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and M-bM-^@M-^\::1M-bM-^@M-^]. + + permitopen="host:port" + Limit local port forwarding with the ssh(1) -L option such that + it may only connect to the specified host and port. IPv6 + addresses can be specified by enclosing the address in square + brackets. Multiple permitopen options may be applied separated + by commas. No pattern matching or name lookup is performed on + the specified hostnames, they must be literal host names and/or + addresses. A port specification of * matches any port. + + port-forwarding + Enable port forwarding previously disabled by the restrict + option. + + principals="principals" + On a cert-authority line, specifies allowed principals for + certificate authentication as a comma-separated list. At least + one name from the list must appear in the certificate's list of + principals for the certificate to be accepted. This option is + ignored for keys that are not marked as trusted certificate + signers using the cert-authority option. + + pty Permits tty allocation previously disabled by the restrict + option. + + no-touch-required + Do not require demonstration of user presence for signatures made + using this key. This option only makes sense for the FIDO + authenticator algorithms ecdsa-sk and ed25519-sk. + + verify-required + Require that signatures made using this key attest that they + verified the user, e.g. via a PIN. This option only makes sense + for the FIDO authenticator algorithms ecdsa-sk and ed25519-sk. + + restrict + Enable all restrictions, i.e. disable port, agent and X11 + forwarding, as well as disabling PTY allocation and execution of + ~/.ssh/rc. If any future restriction capabilities are added to + authorized_keys files, they will be included in this set. + + tunnel="n" + Force a tun(4) device on the server. Without this option, the + next available device will be used if the client requests a + tunnel. + + user-rc + Enables execution of ~/.ssh/rc previously disabled by the + restrict option. + + X11-forwarding + Permits X11 forwarding previously disabled by the restrict + option. + + An example authorized_keys file: + + # Comments are allowed at start of line. Blank lines are allowed. + # Plain key, no restrictions + ssh-rsa ... + # Forced command, disable PTY and all forwarding + restrict,command="dump /home" ssh-rsa ... + # Restriction of ssh -L forwarding destinations + permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-rsa ... + # Restriction of ssh -R forwarding listeners + permitlisten="localhost:8080",permitlisten="[::1]:22000" ssh-rsa ... + # Configuration for tunnel forwarding + tunnel="0",command="sh /etc/netstart tun0" ssh-rsa ... + # Override of restriction to allow PTY allocation + restrict,pty,command="nethack" ssh-rsa ... + # Allow FIDO key without requiring touch + no-touch-required sk-ecdsa-sha2-nistp256@openssh.com ... + # Require user-verification (e.g. PIN or biometric) for FIDO key + verify-required sk-ecdsa-sha2-nistp256@openssh.com ... + # Trust CA key, allow touch-less FIDO if requested in certificate + cert-authority,no-touch-required,principals="user_a" ssh-rsa ... + +SSH_KNOWN_HOSTS FILE FORMAT + The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host + public keys for all known hosts. The global file should be prepared by + the administrator (optional), and the per-user file is maintained + automatically: whenever the user connects to an unknown host, its key is + added to the per-user file. + + Each line in these files contains the following fields: marker + (optional), hostnames, keytype, base64-encoded key, comment. The fields + are separated by spaces. + + The marker is optional, but if it is present then it must be one of + M-bM-^@M-^\@cert-authorityM-bM-^@M-^], to indicate that the line contains a certification + authority (CA) key, or M-bM-^@M-^\@revokedM-bM-^@M-^], to indicate that the key contained on + the line is revoked and must not ever be accepted. Only one marker + should be used on a key line. + + Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as + wildcards); each pattern in turn is matched against the host name. When + sshd is authenticating a client, such as when using + HostbasedAuthentication, this will be the canonical client host name. + When ssh(1) is authenticating a server, this will be the host name given + by the user, the value of the ssh(1) HostkeyAlias if it was specified, or + the canonical server hostname if the ssh(1) CanonicalizeHostname option + was used. + + A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to indicate negation: if the host + name matches a negated pattern, it is not accepted (by that line) even if + it matched another pattern on the line. A hostname or address may + optionally be enclosed within M-bM-^@M-^X[M-bM-^@M-^Y and M-bM-^@M-^X]M-bM-^@M-^Y brackets then followed by M-bM-^@M-^X:M-bM-^@M-^Y + and a non-standard port number. + + Alternately, hostnames may be stored in a hashed form which hides host + names and addresses should the file's contents be disclosed. Hashed + hostnames start with a M-bM-^@M-^X|M-bM-^@M-^Y character. Only one hashed hostname may + appear on a single line and none of the above negation or wildcard + operators may be applied. + + The keytype and base64-encoded key are taken directly from the host key; + they can be obtained, for example, from /etc/ssh/ssh_host_rsa_key.pub. + The optional comment field continues to the end of the line, and is not + used. + + Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. + + When performing host authentication, authentication is accepted if any + matching line has the proper key; either one that matches exactly or, if + the server has presented a certificate for authentication, the key of the + certification authority that signed the certificate. For a key to be + trusted as a certification authority, it must use the M-bM-^@M-^\@cert-authorityM-bM-^@M-^] + marker described above. + + The known hosts file also provides a facility to mark keys as revoked, + for example when it is known that the associated private key has been + stolen. Revoked keys are specified by including the M-bM-^@M-^\@revokedM-bM-^@M-^] marker at + the beginning of the key line, and are never accepted for authentication + or as certification authorities, but instead will produce a warning from + ssh(1) when they are encountered. + + It is permissible (but not recommended) to have several lines or + different host keys for the same names. This will inevitably happen when + short forms of host names from different domains are put in the file. It + is possible that the files contain conflicting information; + authentication is accepted if valid information can be found from either + file. + + Note that the lines in these files are typically hundreds of characters + long, and you definitely don't want to type in the host keys by hand. + Rather, generate them by a script, ssh-keyscan(1) or by taking, for + example, /etc/ssh/ssh_host_rsa_key.pub and adding the host names at the + front. ssh-keygen(1) also offers some basic automated editing for + ~/.ssh/known_hosts including removing hosts matching a host name and + converting all host names to their hashed representations. + + An example ssh_known_hosts file: + + # Comments allowed at start of line + cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....= + # A hashed hostname + |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa + AAAA1234.....= + # A revoked key + @revoked * ssh-rsa AAAAB5W... + # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org + @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... + +FILES + ~/.hushlogin + This file is used to suppress printing the last login time and + /etc/motd, if PrintLastLog and PrintMotd, respectively, are + enabled. It does not suppress printing of the banner specified + by Banner. + + ~/.rhosts + This file is used for host-based authentication (see ssh(1) for + more information). On some machines this file may need to be + world-readable if the user's home directory is on an NFS + partition, because sshd reads it as root. Additionally, this + file must be owned by the user, and must not have write + permissions for anyone else. The recommended permission for most + machines is read/write for the user, and not accessible by + others. + + ~/.shosts + This file is used in exactly the same way as .rhosts, but allows + host-based authentication without permitting login with + rlogin/rsh. + + ~/.ssh/ + This directory is the default location for all user-specific + configuration and authentication information. There is no + general requirement to keep the entire contents of this directory + secret, but the recommended permissions are read/write/execute + for the user, and not accessible by others. + + ~/.ssh/authorized_keys + Lists the public keys (ECDSA, Ed25519, RSA) that can be used for + logging in as this user. The format of this file is described + above. The content of the file is not highly sensitive, but the + recommended permissions are read/write for the user, and not + accessible by others. + + If this file, the ~/.ssh directory, or the user's home directory + are writable by other users, then the file could be modified or + replaced by unauthorized users. In this case, sshd will not + allow it to be used unless the StrictModes option has been set to + M-bM-^@M-^\noM-bM-^@M-^]. + + ~/.ssh/environment + This file is read into the environment at login (if it exists). + It can only contain empty lines, comment lines (that start with + M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file + should be writable only by the user; it need not be readable by + anyone else. Environment processing is disabled by default and + is controlled via the PermitUserEnvironment option. + + ~/.ssh/known_hosts + Contains a list of host keys for all hosts the user has logged + into that are not already in the systemwide list of known host + keys. The format of this file is described above. This file + should be writable only by root/the owner and can, but need not + be, world-readable. + + ~/.ssh/rc + Contains initialization routines to be run before the user's home + directory becomes accessible. This file should be writable only + by the user, and need not be readable by anyone else. + + /etc/hosts.equiv + This file is for host-based authentication (see ssh(1)). It + should only be writable by root. + + /etc/moduli + Contains Diffie-Hellman groups used for the "Diffie-Hellman Group + Exchange" key exchange method. The file format is described in + moduli(5). If no usable groups are found in this file then fixed + internal groups will be used. + + /etc/motd + See motd(5). + + /etc/nologin + If this file exists, sshd refuses to let anyone except root log + in. The contents of the file are displayed to anyone trying to + log in, and non-root connections are refused. The file should be + world-readable. + + /etc/shosts.equiv + This file is used in exactly the same way as hosts.equiv, but + allows host-based authentication without permitting login with + rlogin/rsh. + + /etc/ssh/ssh_host_ecdsa_key + /etc/ssh/ssh_host_ed25519_key + /etc/ssh/ssh_host_rsa_key + These files contain the private parts of the host keys. These + files should only be owned by root, readable only by root, and + not accessible to others. Note that sshd does not start if these + files are group/world-accessible. + + /etc/ssh/ssh_host_ecdsa_key.pub + /etc/ssh/ssh_host_ed25519_key.pub + /etc/ssh/ssh_host_rsa_key.pub + These files contain the public parts of the host keys. These + files should be world-readable but writable only by root. Their + contents should match the respective private parts. These files + are not really used for anything; they are provided for the + convenience of the user so their contents can be copied to known + hosts files. These files are created using ssh-keygen(1). + + /etc/ssh/ssh_known_hosts + Systemwide list of known host keys. This file should be prepared + by the system administrator to contain the public host keys of + all machines in the organization. The format of this file is + described above. This file should be writable only by root/the + owner and should be world-readable. + + /etc/ssh/sshd_config + Contains configuration data for sshd. The file format and + configuration options are described in sshd_config(5). + + /etc/ssh/sshrc + Similar to ~/.ssh/rc, it can be used to specify machine-specific + login-time initializations globally. This file should be + writable only by root, and should be world-readable. + + /var/empty + chroot(2) directory used by sshd during privilege separation in + the pre-authentication phase. The directory should not contain + any files and must be owned by root and not group or world- + writable. + + /var/run/sshd.pid + Contains the process ID of the sshd listening for connections (if + there are several daemons running concurrently for different + ports, this contains the process ID of the one started last). + The content of this file is not sensitive; it can be world- + readable. + +SEE ALSO + scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), + ssh-keyscan(1), chroot(2), login.conf(5), moduli(5), sshd_config(5), + inetd(8), sftp-server(8) + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support + for privilege separation. + +OpenBSD 7.8 October 4, 2025 SSHD(8) diff --git a/sshd_config.0 b/sshd_config.0 new file mode 100644 index 000000000000..770ec742e42b --- /dev/null +++ b/sshd_config.0 @@ -0,0 +1,1451 @@ +SSHD_CONFIG(5) File Formats Manual SSHD_CONFIG(5) + +NAME + sshd_config M-bM-^@M-^S OpenSSH daemon configuration file + +DESCRIPTION + sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file + specified with -f on the command line). The file contains keyword- + argument pairs, one per line. Unless noted otherwise, for each keyword, + the first obtained value will be used. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty + lines are interpreted as comments. Arguments may optionally be enclosed + in double quotes (") in order to represent arguments containing spaces. + + The possible keywords and their meanings are as follows (note that + keywords are case-insensitive and arguments are case-sensitive): + + AcceptEnv + Specifies what environment variables sent by the client will be + copied into the session's environ(7). See SendEnv and SetEnv in + ssh_config(5) for how to configure the client. The TERM + environment variable is always accepted whenever the client + requests a pseudo-terminal as it is required by the protocol. + Variables are specified by name, which may contain the wildcard + characters M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be + separated by whitespace or spread across multiple AcceptEnv + directives. Be warned that some environment variables could be + used to bypass restricted user environments. For this reason, + care should be taken in the use of this directive. The default + is not to accept any environment variables. + + AddressFamily + Specifies which address family should be used by sshd(8). Valid + arguments are any (the default), inet (use IPv4 only), or inet6 + (use IPv6 only). + + AllowAgentForwarding + Specifies whether ssh-agent(1) forwarding is permitted. The + default is yes. Note that disabling agent forwarding does not + improve security unless users are also denied shell access, as + they can always install their own forwarders. + + AllowGroups + This keyword can be followed by a list of group name patterns, + separated by spaces. If specified, login is allowed only for + users whose primary group or supplementary group list matches one + of the patterns. Only group names are valid; a numerical group + ID is not recognized. By default, login is allowed for all + groups. AllowGroups is not consulted for groups matched by + DenyGroups. + + See PATTERNS in ssh_config(5) for more information on patterns. + This keyword may appear multiple times in sshd_config with each + instance appending to the list. + + AllowStreamLocalForwarding + Specifies whether StreamLocal (Unix-domain socket) forwarding is + permitted. The available options are yes (the default) or all to + allow StreamLocal forwarding, no to prevent all StreamLocal + forwarding, local to allow local (from the perspective of ssh(1)) + forwarding only or remote to allow remote forwarding only. Note + that disabling StreamLocal forwarding does not improve security + unless users are also denied shell access, as they can always + install their own forwarders. + + AllowTcpForwarding + Specifies whether TCP forwarding is permitted. The available + options are yes (the default) or all to allow TCP forwarding, no + to prevent all TCP forwarding, local to allow local (from the + perspective of ssh(1)) forwarding only or remote to allow remote + forwarding only. Note that disabling TCP forwarding does not + improve security unless users are also denied shell access, as + they can always install their own forwarders. + + AllowUsers + This keyword can be followed by a list of user name patterns, + separated by spaces. If specified, login is allowed only for + user names that match one of the patterns. Only user names are + valid; a numerical user ID is not recognized. By default, login + is allowed for all users. If the pattern takes the form + USER@HOST then USER and HOST are separately checked, restricting + logins to particular users from particular hosts. HOST criteria + may additionally contain addresses to match in CIDR + address/masklen format. AllowUsers is not consulted for users + matched by DenyUsers. + + See PATTERNS in ssh_config(5) for more information on patterns. + This keyword may appear multiple times in sshd_config with each + instance appending to the list. + + AuthenticationMethods + Specifies the authentication methods that must be successfully + completed for a user to be granted access. This option must be + followed by one or more lists of comma-separated authentication + method names, or by the single string any to indicate the default + behaviour of accepting any single authentication method. If the + default is overridden, then successful authentication requires + completion of every method in at least one of these lists. + + For example, "publickey,password publickey,keyboard-interactive" + would require the user to complete public key authentication, + followed by either password or keyboard interactive + authentication. Only methods that are next in one or more lists + are offered at each stage, so for this example it would not be + possible to attempt password or keyboard-interactive + authentication before public key. + + For keyboard interactive authentication it is also possible to + restrict authentication to a specific device by appending a colon + followed by the device identifier bsdauth or pam. depending on + the server configuration. For example, + "keyboard-interactive:bsdauth" would restrict keyboard + interactive authentication to the bsdauth device. + + If the publickey method is listed more than once, sshd(8) + verifies that keys that have been used successfully are not + reused for subsequent authentications. For example, + "publickey,publickey" requires successful authentication using + two different public keys. + + Note that each authentication method listed should also be + explicitly enabled in the configuration. + + The available authentication methods are: "gssapi-with-mic", + "hostbased", "keyboard-interactive", "none" (used for access to + password-less accounts when PermitEmptyPasswords is enabled), + "password" and "publickey". + + AuthorizedKeysCommand + Specifies a program to be used to look up the user's public keys. + The program must be owned by root, not writable by group or + others and specified by an absolute path. Arguments to + AuthorizedKeysCommand accept the tokens described in the TOKENS + section. If no arguments are specified then the username of the + target user is used. + + The program should produce on standard output zero or more lines + of authorized_keys output (see AUTHORIZED_KEYS in sshd(8)). + AuthorizedKeysCommand is tried after the usual AuthorizedKeysFile + files and will not be executed if a matching key is found there. + By default, no AuthorizedKeysCommand is run. This command is + only executed for valid users. + + AuthorizedKeysCommandUser + Specifies the user under whose account the AuthorizedKeysCommand + is run. It is recommended to use a dedicated user that has no + other role on the host than running authorized keys commands. If + AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser + is not, then sshd(8) will refuse to start. + + AuthorizedKeysFile + Specifies the file that contains the public keys used for user + authentication. The format is described in the AUTHORIZED_KEYS + FILE FORMAT section of sshd(8). Arguments to AuthorizedKeysFile + may include wildcards and accept the tokens described in the + TOKENS section. After expansion, AuthorizedKeysFile is taken to + be an absolute path or one relative to the user's home directory. + Multiple files may be listed, separated by whitespace. + Alternately this option may be set to none to skip checking for + user keys in files. The default is ".ssh/authorized_keys + .ssh/authorized_keys2". These files are only checked for valid + users. + + AuthorizedPrincipalsCommand + Specifies a program to be used to generate the list of allowed + certificate principals as per AuthorizedPrincipalsFile. The + program must be owned by root, not writable by group or others + and specified by an absolute path. Arguments to + AuthorizedPrincipalsCommand accept the tokens described in the + TOKENS section. If no arguments are specified then the username + of the target user is used. + + The program should produce on standard output zero or more lines + of AuthorizedPrincipalsFile output. If either + AuthorizedPrincipalsCommand or AuthorizedPrincipalsFile is + specified, then certificates offered by the client for + authentication must contain a principal that is listed. By + default, no AuthorizedPrincipalsCommand is run. This command is + only executed for valid users. + + AuthorizedPrincipalsCommandUser + Specifies the user under whose account the + AuthorizedPrincipalsCommand is run. It is recommended to use a + dedicated user that has no other role on the host than running + authorized principals commands. If AuthorizedPrincipalsCommand + is specified but AuthorizedPrincipalsCommandUser is not, then + sshd(8) will refuse to start. + + AuthorizedPrincipalsFile + Specifies a file that lists principal names that are accepted for + certificate authentication. When using certificates signed by a + key listed in TrustedUserCAKeys, this file lists names, one of + which must appear in the certificate for it to be accepted for + authentication. Names are listed one per line preceded by key + options (as described in AUTHORIZED_KEYS FILE FORMAT in sshd(8)). + Empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are ignored. + + Arguments to AuthorizedPrincipalsFile may include wildcards and + accept the tokens described in the TOKENS section. After + expansion, AuthorizedPrincipalsFile is taken to be an absolute + path or one relative to the user's home directory. The default + is none, i.e. not to use a principals file M-bM-^@M-^S in this case, the + username of the user must appear in a certificate's principals + list for it to be accepted. This file is only checked for valid + users. + + Note that AuthorizedPrincipalsFile is only used when + authentication proceeds using a CA listed in TrustedUserCAKeys + and is not consulted for certification authorities trusted via + ~/.ssh/authorized_keys, though the principals= key option offers + a similar facility (see sshd(8) for details). + + Banner The contents of the specified file are sent to the remote user + before authentication is allowed. If the argument is none then + no banner is displayed. By default, no banner is displayed. + + CASignatureAlgorithms + Specifies which algorithms are allowed for signing of + certificates by certificate authorities (CAs). The default is: + + ssh-ed25519,ecdsa-sha2-nistp256, + ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + If the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified algorithms will be appended to the default set instead + of replacing them. If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y + character, then the specified algorithms (including wildcards) + will be removed from the default set instead of replacing them. + + Certificates signed using other algorithms will not be accepted + for public key or host-based authentication. + + ChannelTimeout + Specifies whether and how quickly sshd(8) should close inactive + channels. Timeouts are specified as one or more M-bM-^@M-^\type=intervalM-bM-^@M-^] + pairs separated by whitespace, where the M-bM-^@M-^\typeM-bM-^@M-^] must be the + special keyword M-bM-^@M-^\globalM-bM-^@M-^] or a channel type name from the list + below, optionally containing wildcard characters. + + The timeout value M-bM-^@M-^\intervalM-bM-^@M-^] is specified in seconds or may use + any of the units documented in the TIME FORMATS section. For + example, M-bM-^@M-^\session=5mM-bM-^@M-^] would cause interactive sessions to + terminate after five minutes of inactivity. Specifying a zero + value disables the inactivity timeout. + + The special timeout M-bM-^@M-^\globalM-bM-^@M-^] applies to all active channels, + taken together. Traffic on any active channel will reset the + timeout, but when the timeout expires then all open channels will + be closed. Note that this global timeout is not matched by + wildcards and must be specified explicitly. + + The available channel type names include: + + agent-connection + Open connections to ssh-agent(1). + + direct-tcpip, direct-streamlocal@openssh.com + Open TCP or Unix socket (respectively) connections that + have been established from an ssh(1) local forwarding, + i.e. LocalForward or DynamicForward. + + forwarded-tcpip, forwarded-streamlocal@openssh.com + Open TCP or Unix socket (respectively) connections that + have been established to an sshd(8) listening on behalf + of an ssh(1) remote forwarding, i.e. RemoteForward. + + session + The interactive main session, including shell session, + command execution, scp(1), sftp(1), etc. + + tun-connection + Open TunnelForward connections. + + x11-connection + Open X11 forwarding sessions. + + Note that in all the above cases, terminating an inactive session + does not guarantee to remove all resources associated with the + session, e.g. shell processes or X11 clients relating to the + session may continue to execute. + + Moreover, terminating an inactive channel or session does not + necessarily close the SSH connection, nor does it prevent a + client from requesting another channel of the same type. In + particular, expiring an inactive forwarding session does not + prevent another identical forwarding from being subsequently + created. + + The default is not to expire channels of any type for inactivity. + + ChrootDirectory + Specifies the pathname of a directory to chroot(2) to after + authentication. At session startup sshd(8) checks that all + components of the pathname are root-owned directories which are + not writable by group or others. After the chroot, sshd(8) + changes the working directory to the user's home directory. + Arguments to ChrootDirectory accept the tokens described in the + TOKENS section. + + The ChrootDirectory must contain the necessary files and + directories to support the user's session. For an interactive + session this requires at least a shell, typically sh(1), and + basic /dev nodes such as null(4), zero(4), stdin(4), stdout(4), + stderr(4), and tty(4) devices. For file transfer sessions using + SFTP no additional configuration of the environment is necessary + if the in-process sftp-server is used, though sessions which use + logging may require /dev/log inside the chroot directory on some + operating systems (see sftp-server(8) for details). + + For safety, it is very important that the directory hierarchy be + prevented from modification by other processes on the system + (especially those outside the jail). Misconfiguration can lead + to unsafe environments which sshd(8) cannot detect. + + The default is none, indicating not to chroot(2). + + Ciphers + Specifies the ciphers allowed. Multiple ciphers must be comma- + separated. If the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified ciphers will be appended to the default set + instead of replacing them. If the specified list begins with a + M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified ciphers (including wildcards) + will be removed from the default set instead of replacing them. + If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y character, then the + specified ciphers will be placed at the head of the default set. + + The supported ciphers are: + + 3des-cbc + aes128-cbc + aes192-cbc + aes256-cbc + aes128-ctr + aes192-ctr + aes256-ctr + aes128-gcm@openssh.com + aes256-gcm@openssh.com + chacha20-poly1305@openssh.com + + The default is: + + chacha20-poly1305@openssh.com, + aes128-gcm@openssh.com,aes256-gcm@openssh.com, + aes128-ctr,aes192-ctr,aes256-ctr + + The list of available ciphers may also be obtained using "ssh -Q + cipher". + + ClientAliveCountMax + Sets the number of client alive messages which may be sent + without sshd(8) receiving any messages back from the client. If + this threshold is reached while client alive messages are being + sent, sshd will disconnect the client, terminating the session. + It is important to note that the use of client alive messages is + very different from TCPKeepAlive. The client alive messages are + sent through the encrypted channel and therefore will not be + spoofable. The TCP keepalive option enabled by TCPKeepAlive is + spoofable. The client alive mechanism is valuable when the + client or server depend on knowing when a connection has become + unresponsive. + + The default value is 3. If ClientAliveInterval is set to 15, and + ClientAliveCountMax is left at the default, unresponsive SSH + clients will be disconnected after approximately 45 seconds. + Setting a zero ClientAliveCountMax disables connection + termination. + + ClientAliveInterval + Sets a timeout interval in seconds after which if no data has + been received from the client, sshd(8) will send a message + through the encrypted channel to request a response from the + client. The default is 0, indicating that these messages will + not be sent to the client. + + Compression + Specifies whether compression is enabled after the user has + authenticated successfully. The argument must be yes, delayed (a + legacy synonym for yes) or no. The default is yes. + + DenyGroups + This keyword can be followed by a list of group name patterns, + separated by spaces. Login is disallowed for users whose primary + group or supplementary group list matches one of the patterns. + Only group names are valid; a numerical group ID is not + recognized. By default, login is allowed for all groups. + AllowGroups is not consulted for groups matched by DenyGroups. + + See PATTERNS in ssh_config(5) for more information on patterns. + This keyword may appear multiple times in sshd_config with each + instance appending to the list. + + DenyUsers + This keyword can be followed by a list of user name patterns, + separated by spaces. Login is disallowed for user names that + match one of the patterns. Only user names are valid; a + numerical user ID is not recognized. By default, login is + allowed for all users. If the pattern takes the form USER@HOST + then USER and HOST are separately checked, restricting logins to + particular users from particular hosts. HOST criteria may + additionally contain addresses to match in CIDR address/masklen + format. AllowUsers is not consulted for users matched by + DenyUsers. + + See PATTERNS in ssh_config(5) for more information on patterns. + This keyword may appear multiple times in sshd_config with each + instance appending to the list. + + DisableForwarding + Disables all forwarding features, including X11, ssh-agent(1), + TCP and StreamLocal. This option overrides all other forwarding- + related options and may simplify restricted configurations. + + ExposeAuthInfo + Writes a temporary file containing a list of authentication + methods and public credentials (e.g. keys) used to authenticate + the user. The location of the file is exposed to the user + session through the SSH_USER_AUTH environment variable. The + default is no. + + FingerprintHash + Specifies the hash algorithm used when logging key fingerprints. + Valid options are: md5 and sha256. The default is sha256. + + ForceCommand + Forces the execution of the command specified by ForceCommand, + ignoring any command supplied by the client and ~/.ssh/rc if + present. The command is invoked by using the user's login shell + with the -c option. This applies to shell, command, or subsystem + execution. It is most useful inside a Match block. The command + originally supplied by the client is available in the + SSH_ORIGINAL_COMMAND environment variable. Specifying a command + of internal-sftp will force the use of an in-process SFTP server + that requires no support files when used with ChrootDirectory. + The default is none. + + This directive does not limit other kinds of access that a client + may request via their connection, such as TCP, agent, socket or + X11 forwarding. If these are not desired, then they must be + explicitly disabled, either individually via their respective + options or all together using the DisableForwarding option. + + GatewayPorts + Specifies whether remote hosts are allowed to connect to ports + forwarded for the client. By default, sshd(8) binds remote port + forwardings to the loopback address. This prevents other remote + hosts from connecting to forwarded ports. GatewayPorts can be + used to specify that sshd should allow remote port forwardings to + bind to non-loopback addresses, thus allowing other hosts to + connect. The argument may be no to force remote port forwardings + to be available to the local host only, yes to force remote port + forwardings to bind to the wildcard address, or clientspecified + to allow the client to select the address to which the forwarding + is bound. The default is no. + + GSSAPIAuthentication + Specifies whether user authentication based on GSSAPI is allowed. + The default is no. + + GSSAPICleanupCredentials + Specifies whether to automatically destroy the user's credentials + cache on logout. The default is yes. + + GSSAPIDelegateCredentials + Accept delegated credentials on the server side. The default is + yes. + + GSSAPIStrictAcceptorCheck + Determines whether to be strict about the identity of the GSSAPI + acceptor a client authenticates against. If set to yes then the + client must authenticate against the host service on the current + hostname. If set to no then the client may authenticate against + any service key stored in the machine's default store. This + facility is provided to assist with operation on multi homed + machines. The default is yes. + + HostbasedAcceptedAlgorithms + Specifies the signature algorithms that will be accepted for + hostbased authentication as a list of comma-separated patterns. + Alternately if the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified signature algorithms will be appended to the + default set instead of replacing them. If the specified list + begins with a M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified signature + algorithms (including wildcards) will be removed from the default + set instead of replacing them. If the specified list begins with + a M-bM-^@M-^X^M-bM-^@M-^Y character, then the specified signature algorithms will be + placed at the head of the default set. The default for this + option is: + + ssh-ed25519-cert-v01@openssh.com, + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + sk-ssh-ed25519-cert-v01@openssh.com, + sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com, + rsa-sha2-256-cert-v01@openssh.com, + ssh-ed25519, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + The list of available signature algorithms may also be obtained + using "ssh -Q HostbasedAcceptedAlgorithms". This was formerly + named HostbasedAcceptedKeyTypes. + + HostbasedAuthentication + Specifies whether rhosts or /etc/hosts.equiv authentication + together with successful public key client host authentication is + allowed (host-based authentication). The default is no. + + HostbasedUsesNameFromPacketOnly + Specifies whether or not the server will attempt to perform a + reverse name lookup when matching the name in the ~/.shosts, + ~/.rhosts, and /etc/hosts.equiv files during + HostbasedAuthentication. A setting of yes means that sshd(8) + uses the name supplied by the client rather than attempting to + resolve the name from the TCP connection itself. The default is + no. + + HostCertificate + Specifies a file containing a public host certificate. The + certificate's public key must match a private host key already + specified by HostKey. The default behaviour of sshd(8) is not to + load any certificates. + + HostKey + Specifies a file containing a private host key used by SSH. The + defaults are /etc/ssh/ssh_host_ecdsa_key, + /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key. + + Note that sshd(8) will refuse to use a file if it is group/world- + accessible and that the HostKeyAlgorithms option restricts which + of the keys are actually used by sshd(8). + + It is possible to have multiple host key files. It is also + possible to specify public host key files instead. In this case + operations on the private key will be delegated to an + ssh-agent(1). + + HostKeyAgent + Identifies the UNIX-domain socket used to communicate with an + agent that has access to the private host keys. If the string + "SSH_AUTH_SOCK" is specified, the location of the socket will be + read from the SSH_AUTH_SOCK environment variable. + + HostKeyAlgorithms + Specifies the host key signature algorithms that the server + offers. The default for this option is: + + ssh-ed25519-cert-v01@openssh.com, + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + sk-ssh-ed25519-cert-v01@openssh.com, + sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com, + rsa-sha2-256-cert-v01@openssh.com, + ssh-ed25519, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + The list of available signature algorithms may also be obtained + using "ssh -Q HostKeyAlgorithms". + + IgnoreRhosts + Specifies whether to ignore per-user .rhosts and .shosts files + during HostbasedAuthentication. The system-wide /etc/hosts.equiv + and /etc/shosts.equiv are still used regardless of this setting. + + Accepted values are yes (the default) to ignore all per-user + files, shosts-only to allow the use of .shosts but to ignore + .rhosts or no to allow both .shosts and rhosts. + + IgnoreUserKnownHosts + Specifies whether sshd(8) should ignore the user's + ~/.ssh/known_hosts during HostbasedAuthentication and use only + the system-wide known hosts file /etc/ssh/ssh_known_hosts. The + default is M-bM-^@M-^\noM-bM-^@M-^]. + + Include + Include the specified configuration file(s). Multiple pathnames + may be specified and each pathname may contain glob(7) wildcards + that will be expanded and processed in lexical order. Files + without absolute paths are assumed to be in /etc/ssh. An Include + directive may appear inside a Match block to perform conditional + inclusion. + + IPQoS Specifies the Differentiated Services Field Codepoint (DSCP) + value for the connection. Accepted values are af11, af12, af13, + af21, af22, af23, af31, af32, af33, af41, af42, af43, cs0, cs1, + cs2, cs3, cs4, cs5, cs6, cs7, ef, le, a numeric value, or none to + use the operating system default. This option may take one or + two arguments, separated by whitespace. If one argument is + specified, it is used as the packet class unconditionally. If + two values are specified, the first is automatically selected for + interactive sessions and the second for non-interactive sessions. + The default is ef (Expedited Forwarding) for interactive sessions + and none (the operating system default) for non-interactive + sessions. + + KbdInteractiveAuthentication + Specifies whether to allow keyboard-interactive authentication. + All authentication styles from login.conf(5) are supported. The + default is yes. The argument to this keyword must be yes or no. + ChallengeResponseAuthentication is a deprecated alias for this. + + KerberosAuthentication + Specifies whether the password provided by the user for + PasswordAuthentication will be validated through the Kerberos + KDC. To use this option, the server needs a Kerberos servtab + which allows the verification of the KDC's identity. The default + is no. + + KerberosGetAFSToken + If AFS is active and the user has a Kerberos 5 TGT, attempt to + acquire an AFS token before accessing the user's home directory. + The default is no. + + KerberosOrLocalPasswd + If password authentication through Kerberos fails then the + password will be validated via any additional local mechanism + such as /etc/passwd. The default is yes. + + KerberosTicketCleanup + Specifies whether to automatically destroy the user's ticket + cache file on logout. The default is yes. + + KexAlgorithms + Specifies the permitted KEX (Key Exchange) algorithms that the + server will offer to clients. The ordering of this list is not + important, as the client specifies the preference order. + Multiple algorithms must be comma-separated. + + If the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified algorithms will be appended to the default set instead + of replacing them. If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y + character, then the specified algorithms (including wildcards) + will be removed from the default set instead of replacing them. + If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y character, then the + specified algorithms will be placed at the head of the default + set. + + The supported algorithms are: + + curve25519-sha256 + curve25519-sha256@libssh.org + diffie-hellman-group1-sha1 + diffie-hellman-group14-sha1 + diffie-hellman-group14-sha256 + diffie-hellman-group16-sha512 + diffie-hellman-group18-sha512 + diffie-hellman-group-exchange-sha1 + diffie-hellman-group-exchange-sha256 + ecdh-sha2-nistp256 + ecdh-sha2-nistp384 + ecdh-sha2-nistp521 + mlkem768x25519-sha256 + sntrup761x25519-sha512 + sntrup761x25519-sha512@openssh.com + + The default is: + + mlkem768x25519-sha256, + sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, + curve25519-sha256,curve25519-sha256@libssh.org, + ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 + + The list of supported key exchange algorithms may also be + obtained using "ssh -Q KexAlgorithms". + + ListenAddress + Specifies the local addresses sshd(8) should listen on. The + following forms may be used: + + ListenAddress hostname|address [rdomain domain] + ListenAddress hostname:port [rdomain domain] + ListenAddress IPv4_address:port [rdomain domain] + ListenAddress [hostname|address]:port [rdomain domain] + + The optional rdomain qualifier requests sshd(8) listen in an + explicit routing domain. If port is not specified, sshd will + listen on the address and all Port options specified. The + default is to listen on all local addresses on the current + default routing domain. Multiple ListenAddress options are + permitted. For more information on routing domains, see + rdomain(4). + + LoginGraceTime + The server disconnects after this time if the user has not + successfully logged in. If the value is 0, there is no time + limit. The default is 120 seconds. + + LogLevel + Gives the verbosity level that is used when logging messages from + sshd(8). The possible values are: QUIET, FATAL, ERROR, INFO, + VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. + DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify + higher levels of debugging output. Logging with a DEBUG level + violates the privacy of users and is not recommended. + + LogVerbose + Specify one or more overrides to LogLevel. An override consists + of one or more pattern lists that matches the source file, + function and line number to force detailed logging for. For + example, an override pattern of: + + kex.c:*:1000,*:kex_exchange_identification():*,packet.c:* + + would enable detailed logging for line 1000 of kex.c, everything + in the kex_exchange_identification() function, and all code in + the packet.c file. This option is intended for debugging and no + overrides are enabled by default. + + MACs Specifies the available MAC (message authentication code) + algorithms. The MAC algorithm is used for data integrity + protection. Multiple algorithms must be comma-separated. If the + specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified + algorithms will be appended to the default set instead of + replacing them. If the specified list begins with a M-bM-^@M-^X-M-bM-^@M-^Y + character, then the specified algorithms (including wildcards) + will be removed from the default set instead of replacing them. + If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y character, then the + specified algorithms will be placed at the head of the default + set. + + The algorithms that contain "-etm" calculate the MAC after + encryption (encrypt-then-mac). These are considered safer and + their use recommended. The supported MACs are: + + hmac-md5 + hmac-md5-96 + hmac-sha1 + hmac-sha1-96 + hmac-sha2-256 + hmac-sha2-512 + umac-64@openssh.com + umac-128@openssh.com + hmac-md5-etm@openssh.com + hmac-md5-96-etm@openssh.com + hmac-sha1-etm@openssh.com + hmac-sha1-96-etm@openssh.com + hmac-sha2-256-etm@openssh.com + hmac-sha2-512-etm@openssh.com + umac-64-etm@openssh.com + umac-128-etm@openssh.com + + The default is: + + umac-64-etm@openssh.com,umac-128-etm@openssh.com, + hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, + hmac-sha1-etm@openssh.com, + umac-64@openssh.com,umac-128@openssh.com, + hmac-sha2-256,hmac-sha2-512,hmac-sha1 + + The list of available MAC algorithms may also be obtained using + "ssh -Q mac". + + Match Introduces a conditional block. If all of the criteria on the + Match line are satisfied, the keywords on the following lines + override those set in the global section of the config file, + until either another Match line or the end of the file. If a + keyword appears in multiple Match blocks that are satisfied, only + the first instance of the keyword is applied. + + The arguments to Match are one or more criteria-pattern pairs or + one of the single token criteria: All, which matches all + criteria, or Invalid-User, which matches when the requested user- + name does not match any known account. The available criteria + are User, Group, Host, LocalAddress, LocalPort, Version, RDomain, + and Address (with RDomain representing the rdomain(4) on which + the connection was received). + + The match patterns may consist of single entries or comma- + separated lists and may use the wildcard and negation operators + described in the PATTERNS section of ssh_config(5). + + The patterns in an Address criteria may additionally contain + addresses to match in CIDR address/masklen format, such as + 192.0.2.0/24 or 2001:db8::/32. Note that the mask length + provided must be consistent with the address - it is an error to + specify a mask length that is too long for the address or one + with bits set in this host portion of the address. For example, + 192.0.2.0/33 and 192.0.2.0/8, respectively. + + The Version keyword matches against the version string of + sshd(8), for example M-bM-^@M-^\OpenSSH_10.0M-bM-^@M-^]. + + Only a subset of keywords may be used on the lines following a + Match keyword. Available keywords are AcceptEnv, + AllowAgentForwarding, AllowGroups, AllowStreamLocalForwarding, + AllowTcpForwarding, AllowUsers, AuthenticationMethods, + AuthorizedKeysCommand, AuthorizedKeysCommandUser, + AuthorizedKeysFile, AuthorizedPrincipalsCommand, + AuthorizedPrincipalsCommandUser, AuthorizedPrincipalsFile, + Banner, CASignatureAlgorithms, ChannelTimeout, ChrootDirectory, + ClientAliveCountMax, ClientAliveInterval, DenyGroups, DenyUsers, + DisableForwarding, ExposeAuthInfo, ForceCommand, GatewayPorts, + GSSAPIAuthentication, HostbasedAcceptedAlgorithms, + HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, + IgnoreRhosts, Include, IPQoS, KbdInteractiveAuthentication, + KerberosAuthentication, LogLevel, MaxAuthTries, MaxSessions, + PAMServiceName, PasswordAuthentication, PermitEmptyPasswords, + PermitListen, PermitOpen, PermitRootLogin, PermitTTY, + PermitTunnel, PermitUserRC, PubkeyAcceptedAlgorithms, + PubkeyAuthentication, PubkeyAuthOptions, RefuseConnection, + RekeyLimit, RevokedKeys, RDomain, SetEnv, StreamLocalBindMask, + StreamLocalBindUnlink, TrustedUserCAKeys, + UnusedConnectionTimeout, X11DisplayOffset, X11Forwarding and + X11UseLocalhost. + + MaxAuthTries + Specifies the maximum number of authentication attempts permitted + per connection. Once the number of failures reaches half this + value, additional failures are logged. The default is 6. + + MaxSessions + Specifies the maximum number of open shell, login or subsystem + (e.g. sftp) sessions permitted per network connection. Multiple + sessions may be established by clients that support connection + multiplexing. Setting MaxSessions to 1 will effectively disable + session multiplexing, whereas setting it to 0 will prevent all + shell, login and subsystem sessions while still permitting + forwarding. The default is 10. + + MaxStartups + Specifies the maximum number of concurrent unauthenticated + connections to the SSH daemon. Additional connections will be + dropped until authentication succeeds or the LoginGraceTime + expires for a connection. + + Alternatively, random early drop can be enabled by specifying the + three colon separated values start:rate:full (e.g. "10:30:60"). + The default is 10:30:100. sshd(8) will refuse connection + attempts with a probability of rate/100 (30%) if there are + currently start (10) unauthenticated connections. The + probability increases linearly and all connection attempts are + refused if the number of unauthenticated connections reaches full + (60). + + ModuliFile + Specifies the moduli(5) file that contains the Diffie-Hellman + groups used for the M-bM-^@M-^\diffie-hellman-group-exchange-sha1M-bM-^@M-^] and + M-bM-^@M-^\diffie-hellman-group-exchange-sha256M-bM-^@M-^] key exchange methods. The + default is /etc/moduli. + + PAMServiceName + Specifies the service name used for Pluggable Authentication + Modules (PAM) authentication, authorisation and session controls + when UsePAM is enabled. The default is sshd. + + PasswordAuthentication + Specifies whether password authentication is allowed. The + default is yes. + + PermitEmptyPasswords + When password authentication is allowed, it specifies whether the + server allows login to accounts with empty password strings. The + default is no. + + PermitListen + Specifies the addresses/ports on which a remote TCP port + forwarding may listen. The listen specification must be one of + the following forms: + + PermitListen port + PermitListen host:port + + Multiple permissions may be specified by separating them with + whitespace. An argument of any can be used to remove all + restrictions and permit any listen requests. An argument of none + can be used to prohibit all listen requests. The host name may + contain wildcards as described in the PATTERNS section in + ssh_config(5). The wildcard M-bM-^@M-^X*M-bM-^@M-^Y can also be used in place of a + port number to allow all ports. By default all port forwarding + listen requests are permitted. Note that the GatewayPorts option + may further restrict which addresses may be listened on. Note + also that ssh(1) will request a listen host of M-bM-^@M-^\localhostM-bM-^@M-^] if no + listen host was specifically requested, and this name is treated + differently to explicit localhost addresses of M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and + M-bM-^@M-^\::1M-bM-^@M-^]. + + PermitOpen + Specifies the destinations to which TCP port forwarding is + permitted. The forwarding specification must be one of the + following forms: + + PermitOpen host:port + PermitOpen IPv4_addr:port + PermitOpen [IPv6_addr]:port + + Multiple forwards may be specified by separating them with + whitespace. An argument of any can be used to remove all + restrictions and permit any forwarding requests. An argument of + none can be used to prohibit all forwarding requests. The + wildcard M-bM-^@M-^X*M-bM-^@M-^Y can be used for host or port to allow all hosts or + ports respectively. Otherwise, no pattern matching or address + lookups are performed on supplied names. By default all port + forwarding requests are permitted. + + PermitRootLogin + Specifies whether root can log in using ssh(1). The argument + must be yes, prohibit-password, forced-commands-only, or no. The + default is prohibit-password. + + If this option is set to prohibit-password (or its deprecated + alias, without-password), password and keyboard-interactive + authentication are disabled for root. + + If this option is set to forced-commands-only, root login with + public key authentication will be allowed, but only if the + command option has been specified (which may be useful for taking + remote backups even if root login is normally not allowed). All + other authentication methods are disabled for root. + + If this option is set to no, root is not allowed to log in. + + PermitTTY + Specifies whether pty(4) allocation is permitted. The default is + yes. + + PermitTunnel + Specifies whether tun(4) device forwarding is allowed. The + argument must be yes, point-to-point (layer 3), ethernet (layer + 2), or no. Specifying yes permits both point-to-point and + ethernet. The default is no. + + Independent of this setting, the permissions of the selected + tun(4) device must allow access to the user. + + PermitUserEnvironment + Specifies whether ~/.ssh/environment and environment= options in + ~/.ssh/authorized_keys are processed by sshd(8). Valid options + are yes, no or a pattern-list specifying which environment + variable names to accept (for example "LANG,LC_*"). The default + is no. Enabling environment processing may enable users to + bypass access restrictions in some configurations using + mechanisms such as LD_PRELOAD. + + PermitUserRC + Specifies whether any ~/.ssh/rc file is executed. The default is + yes. + + PerSourceMaxStartups + Specifies the number of unauthenticated connections allowed from + a given source address, or M-bM-^@M-^\noneM-bM-^@M-^] if there is no limit. This + limit is applied in addition to MaxStartups, whichever is lower. + The default is none. + + PerSourceNetBlockSize + Specifies the number of bits of source address that are grouped + together for the purposes of applying PerSourceMaxStartups + limits. Values for IPv4 and optionally IPv6 may be specified, + separated by a colon. The default is 32:128, which means each + address is considered individually. + + PerSourcePenalties + Controls penalties for various conditions that may represent + attacks on sshd(8). If a penalty is enforced against a client + then its source address and any others in the same network, as + defined by PerSourceNetBlockSize, will be refused connection for + a period. + + A penalty doesn't affect concurrent connections in progress, but + multiple penalties from the same source from concurrent + connections will accumulate up to a maximum. Conversely, + penalties are not applied until a minimum threshold time has been + accumulated. + + Penalties are enabled by default with the default settings listed + below but may disabled using the no keyword. The defaults may be + overridden by specifying one or more of the keywords below, + separated by whitespace. All keywords accept arguments, e.g. + "crash:2m". + + crash:duration + Specifies how long to refuse clients that cause a crash + of sshd(8) (default: 90s). + + authfail:duration + Specifies how long to refuse clients that disconnect + after making one or more unsuccessful authentication + attempts (default: 5s). + + invaliduser:duration + Specifies how long to refuse clients that attempt to log + in with an invalid user (default: 5s). + + refuseconnection:duration + Specifies how long to refuse clients that were + administratively prohibited connection via the + RefuseConnection option (default: 10s). + + noauth:duration + Specifies how long to refuse clients that disconnect + without attempting authentication (default: 1s). This + timeout should be used cautiously otherwise it may + penalise legitimate scanning tools such as + ssh-keyscan(1). + + grace-exceeded:duration + Specifies how long to refuse clients that fail to + authenticate after LoginGraceTime (default: 10s). + + max:duration + Specifies the maximum time a particular source address + range will be refused access for (default: 10m). + Repeated penalties will accumulate up to this maximum. + + min:duration + Specifies the minimum penalty that must accrue before + enforcement begins (default: 15s). + + max-sources4:number, max-sources6:number + Specifies the maximum number of client IPv4 and IPv6 + address ranges to track for penalties (default: 65536 for + both). + + overflow:mode + Controls how the server behaves when max-sources4 or + max-sources6 is exceeded. There are two operating modes: + deny-all, which denies all incoming connections other + than those exempted via PerSourcePenaltyExemptList until + a penalty expires, and permissive, which allows new + connections by removing existing penalties early + (default: permissive). Note that client penalties below + the min threshold count against the total number of + tracked penalties. IPv4 and IPv6 addresses are tracked + separately, so an overflow in one will not affect the + other. + + overflow6:mode + Allows specifying a different overflow mode for IPv6 + addresses. The default it to use the same overflow mode + as was specified for IPv4. + + PerSourcePenaltyExemptList + Specifies a comma-separated list of addresses to exempt from + penalties. This list may contain wildcards and CIDR + address/masklen ranges. Note that the mask length provided must + be consistent with the address - it is an error to specify a mask + length that is too long for the address or one with bits set in + this host portion of the address. For example, 192.0.2.0/33 and + 192.0.2.0/8, respectively. The default is not to exempt any + addresses. + + PidFile + Specifies the file that contains the process ID of the SSH + daemon, or none to not write one. The default is + /var/run/sshd.pid. + + Port Specifies the port number that sshd(8) listens on. The default + is 22. Multiple options of this type are permitted. See also + ListenAddress. + + PrintLastLog + Specifies whether sshd(8) should print the date and time of the + last user login when a user logs in interactively. The default + is yes. + + PrintMotd + Specifies whether sshd(8) should print /etc/motd when a user logs + in interactively. (On some systems it is also printed by the + shell, /etc/profile, or equivalent.) The default is yes. + + PubkeyAcceptedAlgorithms + Specifies the signature algorithms that will be accepted for + public key authentication as a list of comma-separated patterns. + Alternately if the specified list begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified algorithms will be appended to the default set + instead of replacing them. If the specified list begins with a + M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified algorithms (including + wildcards) will be removed from the default set instead of + replacing them. If the specified list begins with a M-bM-^@M-^X^M-bM-^@M-^Y + character, then the specified algorithms will be placed at the + head of the default set. The default for this option is: + + ssh-ed25519-cert-v01@openssh.com, + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + sk-ssh-ed25519-cert-v01@openssh.com, + sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com, + rsa-sha2-256-cert-v01@openssh.com, + ssh-ed25519, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + sk-ssh-ed25519@openssh.com, + sk-ecdsa-sha2-nistp256@openssh.com, + webauthn-sk-ecdsa-sha2-nistp256@openssh.com, + rsa-sha2-512,rsa-sha2-256 + + The list of available signature algorithms may also be obtained + using "ssh -Q PubkeyAcceptedAlgorithms". + + PubkeyAuthOptions + Sets one or more public key authentication options. The + supported keywords are: none (the default; indicating no + additional options are enabled), touch-required and + verify-required. + + The touch-required option causes public key authentication using + a FIDO authenticator algorithm (i.e. ecdsa-sk or ed25519-sk) to + always require the signature to attest that a physically present + user explicitly confirmed the authentication (usually by touching + the authenticator). By default, sshd(8) requires user presence + unless overridden with an authorized_keys option. The + touch-required flag disables this override. + + The verify-required option requires a FIDO key signature attest + that the user was verified, e.g. via a PIN. + + Neither the touch-required or verify-required options have any + effect for other, non-FIDO, public key types. + + PubkeyAuthentication + Specifies whether public key authentication is allowed. The + default is yes. + + RefuseConnection + Indicates that sshd(8) should unconditionally terminate the + connection. Additionally, a refuseconnection penalty may be + recorded against the source of the connection if + PerSourcePenalties are enabled. This option is only really + useful in a Match block. + + RekeyLimit + Specifies the maximum amount of data that may be transmitted or + received before the session key is renegotiated, optionally + followed by a maximum amount of time that may pass before the + session key is renegotiated. The first argument is specified in + bytes and may have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate + Kilobytes, Megabytes, or Gigabytes, respectively. The default is + between M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher. The optional + second value is specified in seconds and may use any of the units + documented in the TIME FORMATS section. The default value for + RekeyLimit is default none, which means that rekeying is + performed after the cipher's default amount of data has been sent + or received and no time based rekeying is done. + + RequiredRSASize + Specifies the minimum RSA key size (in bits) that sshd(8) will + accept. User and host-based authentication keys smaller than + this limit will be refused. The default is 1024 bits. Note that + this limit may only be raised from the default. + + RevokedKeys + Specifies revoked public keys file, or none to not use one. Keys + listed in this file will be refused for public key + authentication. Note that if this file is not readable, then + public key authentication will be refused for all users. Keys + may be specified as a text file, listing one public key per line, + or as an OpenSSH Key Revocation List (KRL) as generated by + ssh-keygen(1). This file may be consulted for each public key + authentication attempt received by sshd(8) and its contents must + be consistent at all times, therefore it should only be + atomically replaced and never modified in place while the server + is running. For more information on KRLs, see the KEY REVOCATION + LISTS section in ssh-keygen(1). + + RDomain + Specifies an explicit routing domain that is applied after + authentication has completed. The user session, as well as any + forwarded or listening IP sockets, will be bound to this + rdomain(4). If the routing domain is set to %D, then the domain + in which the incoming connection was received will be applied. + + SecurityKeyProvider + Specifies a path to a library that will be used when loading FIDO + authenticator-hosted keys, overriding the default of using the + built-in USB HID support. + + SetEnv Specifies one or more environment variables to set in child + sessions started by sshd(8) as M-bM-^@M-^\NAME=VALUEM-bM-^@M-^]. The environment + value may be quoted (e.g. if it contains whitespace characters). + Environment variables set by SetEnv override the default + environment and any variables specified by the user via AcceptEnv + or PermitUserEnvironment. + + SshdAuthPath + Overrides the default path to the sshd-auth binary that is + invoked to complete user authentication. The default is + /usr/libexec/sshd-auth. This option is intended for use by + tests. + + SshdSessionPath + Overrides the default path to the sshd-session binary that is + invoked to handle each connection. The default is + /usr/libexec/sshd-session. This option is intended for use by + tests. + + StreamLocalBindMask + Sets the octal file creation mode mask (umask) used when creating + a Unix-domain socket file for local or remote port forwarding. + This option is only used for port forwarding to a Unix-domain + socket file. + + The default value is 0177, which creates a Unix-domain socket + file that is readable and writable only by the owner. Note that + not all operating systems honor the file mode on Unix-domain + socket files. + + StreamLocalBindUnlink + Specifies whether to remove an existing Unix-domain socket file + for local or remote port forwarding before creating a new one. + If the socket file already exists and StreamLocalBindUnlink is + not enabled, sshd will be unable to forward the port to the Unix- + domain socket file. This option is only used for port forwarding + to a Unix-domain socket file. + + The argument must be yes or no. The default is no. + + StrictModes + Specifies whether sshd(8) should check file modes and ownership + of the user's files and home directory before accepting login. + This is normally desirable because novices sometimes accidentally + leave their directory or files world-writable. The default is + yes. Note that this does not apply to ChrootDirectory, whose + permissions and ownership are checked unconditionally. + + Subsystem + Configures an external subsystem (e.g. file transfer daemon). + Arguments should be a subsystem name and a command (with optional + arguments) to execute upon subsystem request. + + The command sftp-server implements the SFTP file transfer + subsystem. + + Alternately the name internal-sftp implements an in-process SFTP + server. This may simplify configurations using ChrootDirectory + to force a different filesystem root on clients. It accepts the + same command line arguments as sftp-server and even though it is + in-process, settings such as LogLevel or SyslogFacility do not + apply to it and must be set explicitly via command line + arguments. + + By default no subsystems are defined. + + SyslogFacility + Gives the facility code that is used when logging messages from + sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, + LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The + default is AUTH. + + TCPKeepAlive + Specifies whether the system should send TCP keepalive messages + to the other side. If they are sent, death of the connection or + crash of one of the machines will be properly noticed. However, + this means that connections will die if the route is down + temporarily, and some people find it annoying. On the other + hand, if TCP keepalives are not sent, sessions may hang + indefinitely on the server, leaving "ghost" users and consuming + server resources. + + The default is yes (to send TCP keepalive messages), and the + server will notice if the network goes down or the client host + crashes. This avoids infinitely hanging sessions. + + To disable TCP keepalive messages, the value should be set to no. + + TrustedUserCAKeys + Specifies a file containing public keys of certificate + authorities that are trusted to sign user certificates for + authentication, or none to not use one. Keys are listed one per + line; empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are allowed. If + a certificate is presented for authentication and has its signing + CA key listed in this file, then it may be used for + authentication for any user listed in the certificate's + principals list. Note that certificates that lack a list of + principals will not be permitted for authentication using + TrustedUserCAKeys. For more details on certificates, see the + CERTIFICATES section in ssh-keygen(1). + + UnusedConnectionTimeout + Specifies whether and how quickly sshd(8) should close client + connections with no open channels. Open channels include active + shell, command execution or subsystem sessions, connected + network, socket, agent or X11 forwardings. Forwarding listeners, + such as those from the ssh(1) -R flag, are not considered as open + channels and do not prevent the timeout. The timeout value is + specified in seconds or may use any of the units documented in + the TIME FORMATS section. + + Note that this timeout starts when the client connection + completes user authentication but before the client has an + opportunity to open any channels. Caution should be used when + using short timeout values, as they may not provide sufficient + time for the client to request and open its channels before + terminating the connection. + + The default none is to never expire connections for having no + open channels. This option may be useful in conjunction with + ChannelTimeout. + + UseDNS Specifies whether sshd(8) should look up the remote host name, + and to check that the resolved host name for the remote IP + address maps back to the very same IP address. + + If this option is set to no (the default) then only addresses and + not host names may be used in ~/.ssh/authorized_keys from and + sshd_config Match Host directives. + + UsePAM Enables the Pluggable Authentication Module interface. If set to + yes this will enable PAM authentication using + KbdInteractiveAuthentication and PasswordAuthentication in + addition to PAM account and session module processing for all + authentication types. + + Because PAM keyboard-interactive authentication usually serves an + equivalent role to password authentication, you should disable + either PasswordAuthentication or KbdInteractiveAuthentication. + + If UsePAM is enabled, you will not be able to run sshd(8) as a + non-root user. The default is no. + + VersionAddendum + Optionally specifies additional text to append to the SSH + protocol banner sent by the server upon connection. The default + is none. + + X11DisplayOffset + Specifies the first display number available for sshd(8)'s X11 + forwarding. This prevents sshd from interfering with real X11 + servers. The default is 10. + + X11Forwarding + Specifies whether X11 forwarding is permitted. The argument must + be yes or no. The default is no. + + When X11 forwarding is enabled, there may be additional exposure + to the server and to client displays if the sshd(8) proxy display + is configured to listen on the wildcard address (see + X11UseLocalhost), though this is not the default. Additionally, + the authentication spoofing and authentication data verification + and substitution occur on the client side. The security risk of + using X11 forwarding is that the client's X11 display server may + be exposed to attack when the SSH client requests forwarding (see + the warnings for ForwardX11 in ssh_config(5)). A system + administrator may have a stance in which they want to protect + clients that may expose themselves to attack by unwittingly + requesting X11 forwarding, which can warrant a no setting. + + Note that disabling X11 forwarding does not prevent users from + forwarding X11 traffic, as users can always install their own + forwarders. + + X11UseLocalhost + Specifies whether sshd(8) should bind the X11 forwarding server + to the loopback address or to the wildcard address. By default, + sshd binds the forwarding server to the loopback address and sets + the hostname part of the DISPLAY environment variable to + localhost. This prevents remote hosts from connecting to the + proxy display. However, some older X11 clients may not function + with this configuration. X11UseLocalhost may be set to no to + specify that the forwarding server should be bound to the + wildcard address. The argument must be yes or no. The default + is yes. + + XAuthLocation + Specifies the full pathname of the xauth(1) program, or none to + not use one. The default is /usr/X11R6/bin/xauth. + +TIME FORMATS + sshd(8) command-line arguments and configuration file options that + specify time may be expressed using a sequence of the form: + time[qualifier], where time is a positive integer value and qualifier is + one of the following: + + M-bM-^_M-(noneM-bM-^_M-) seconds + s | S seconds + m | M minutes + h | H hours + d | D days + w | W weeks + + Each member of the sequence is added together to calculate the total time + value. + + Time format examples: + + 600 600 seconds (10 minutes) + 10m 10 minutes + 1h30m 1 hour 30 minutes (90 minutes) + +TOKENS + Arguments to some keywords can make use of tokens, which are expanded at + runtime. Tokens are expanded without quoting or escaping of shell + characters. It is the administrator's responsibility to ensure they are + safe in the context of their use. + + The supported tokens in sshd_config are: + + %% A literal M-bM-^@M-^X%M-bM-^@M-^Y. + %C Identifies the connection endpoints, containing four space- + separated values: client address, client port number, server + address, and server port number. + %D The routing domain in which the incoming connection was + received. + %F The fingerprint of the CA key. + %f The fingerprint of the key or certificate. + %h The home directory of the user. + %i The key ID in the certificate. + %K The base64-encoded CA key. + %k The base64-encoded key or certificate for authentication. + %s The serial number of the certificate. + %T The type of the CA key. + %t The key or certificate type. + %U The numeric user ID of the target user. + %u The username. + + AuthorizedKeysCommand accepts the tokens %%, %C, %D, %f, %h, %k, %t, %U, + and %u. + + AuthorizedKeysFile accepts the tokens %%, %h, %U, and %u. + + AuthorizedPrincipalsCommand accepts the tokens %%, %C, %D, %F, %f, %h, + %i, %K, %k, %s, %T, %t, %U, and %u. + + AuthorizedPrincipalsFile accepts the tokens %%, %h, %U, and %u. + + ChrootDirectory accepts the tokens %%, %h, %U, and %u. + + RoutingDomain accepts the token %D. + +FILES + /etc/ssh/sshd_config + Contains configuration data for sshd(8). This file should be + writable by root only, but it is recommended (though not + necessary) that it be world-readable. + +SEE ALSO + sftp-server(8), sshd(8) + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support + for privilege separation. + +OpenBSD 7.8 March 28, 2026 SSHD_CONFIG(5) From 2e6103415630145ec9939b74d005a7b587a8916d Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Mon, 6 Apr 2026 17:36:44 -0400 Subject: [PATCH 677/687] add local debug validation instructions --- .github/agents/merge-upstream.agent.md | 5 +++ .github/instructions/testing.instructions.md | 34 +++++++++++++++++++- .github/prompt/merge.prompt.md | 3 ++ 3 files changed, 41 insertions(+), 1 deletion(-) diff --git a/.github/agents/merge-upstream.agent.md b/.github/agents/merge-upstream.agent.md index 5bfcdd7deea4..775b9fa3b9c3 100644 --- a/.github/agents/merge-upstream.agent.md +++ b/.github/agents/merge-upstream.agent.md @@ -53,6 +53,11 @@ This agent assists with merging upstream OpenSSH commits into the PowerShell for - `NoCleanup` (boolean, optional): Skip cleanup for debugging (default: false) - **If tool unavailable**: ERROR - This tool is required for the merge workflow + **Validation scenario override:** + - If prompt input declares `Validation scenario=entra-id-debug-localhost`, do not use temporary local-user/password validation. + - Instead, run `sshd -ddd` in one terminal and validate with `ssh localhost` from a second terminal. + - Use this only on machines where the Entra-ID admin account already has key-based auth configured. + 4. **Get-ConflictContext MCP Tool** - Three-way conflict context for high-complexity conflicts - **MCP Tool Name**: `mcp_openssh-server_Get_ConflictContext` - **When to use**: ONLY when `assess_conflict_complexity()` returns `HIGH_COMPLEXITY` diff --git a/.github/instructions/testing.instructions.md b/.github/instructions/testing.instructions.md index c4f675b3a83c..8d7d2fd2f47e 100644 --- a/.github/instructions/testing.instructions.md +++ b/.github/instructions/testing.instructions.md @@ -98,6 +98,33 @@ The MCP tool performs comprehensive end-to-end testing including: - Before creating pull requests - When debugging SSH connectivity issues +## Validation Scenario Override: Entra-ID Debug Localhost + +Use this scenario when the prompt explicitly declares `Validation scenario=entra-id-debug-localhost`. + +In this scenario, do not create a temporary local user and random password. Instead, validate using an existing Entra-ID administrator account with key-based auth already configured. + +### Steps +1. Open terminal A in the build output directory and run sshd in foreground debug mode: +```pwsh +cd .\contrib\win32\openssh\x64\Release +.\sshd.exe -ddd +``` + +2. Open terminal B and attempt local key-based connection: +```pwsh +ssh localhost +``` + +3. Confirm validation success by checking both sides: +- Client side: successful login on `ssh localhost` using existing key-based auth +- Server side (terminal A): no fatal errors during authentication/session setup + +### Notes +- This mode is intended for machines that already have admin key-based auth configured. +- Keep `sshd -ddd` running only for validation and stop it after the test. +- Use this scenario instead of `Test-OpenSSHFunctionality` when declared in the prompt. + ## Manual Testing Procedures (For Troubleshooting Only) If the automated MCP tool fails and you need to troubleshoot specific issues manually, follow these procedures: @@ -228,7 +255,7 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} **Testing is successful when:** - [ ] All expected executables are present after build (verified by Test-OpenSSHBuild MCP tool) - [ ] SSH service installs and starts without errors -- [ ] SSH connection with password authentication succeeds +- [ ] SSH validation succeeds via either password authentication (standard) or `ssh localhost` key-based auth (entra-id-debug-localhost) - [ ] Test command executes successfully via SSH connection - [ ] All resources cleaned up properly after testing @@ -248,6 +275,11 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} - **MCP Tool Name**: `mcp_openssh-server_Test_OpenSSHFunctionality` - **Parameters**: (use defaults) + If the prompt declares `Validation scenario=entra-id-debug-localhost`, use the Entra-ID debug localhost flow instead: + - Run `.\sshd.exe -ddd` in one terminal + - Run `ssh localhost` in another terminal + - Report outcome from both client connection behavior and server debug logs + 2. **If test passes**, the merge is validated for basic SSH functionality 3. **If test fails**, use manual procedures and debug mode to diagnose issues diff --git a/.github/prompt/merge.prompt.md b/.github/prompt/merge.prompt.md index 0089b1bcbbba..d5bd78140b6d 100644 --- a/.github/prompt/merge.prompt.md +++ b/.github/prompt/merge.prompt.md @@ -8,12 +8,14 @@ Provide the following when you invoke this prompt: - Upstream remote — optional (default: `upstream`) - Windows fork remote — optional (default: `upstream-pwsh`) - Target branch — optional (default: current branch) +- Validation scenario — optional (default: `standard`); set to `entra-id-debug-localhost` when the machine uses an Entra-ID admin account with existing key-based auth Operating guidance: - Use and follow merge-upstream.agent.md. Treat it as the primary operating guide. - Rely on the provided for repository overview, setup, build, merge strategy, and testing. Do not re-fetch or re-search them; assume they are already attached in context. - Use the two-phase merge workflow: (1) incremental `git merge` on a scratch branch with resolution recording via `git rerere` and Save-MergeResolution, then (2) a single `git merge` on the real branch with resolution replay via `git rerere` and Replay-MergeResolutions. This preserves upstream commit history. - Build using the MCP tools: `mcp_openssh-server_Start_OpenSSHBuild` (Release/x64 by default). If the build fails, analyze with `mcp_openssh-server_Test_OpenSSHBuild`. +- For validation, default to `mcp_openssh-server_Test_OpenSSHFunctionality`. If `Validation scenario=entra-id-debug-localhost` is declared, skip temporary local-user/password validation and instead run sshd in debug mode (`sshd -ddd`) and validate from a second terminal using `ssh localhost`. - Apply Windows compatibility strategies as documented (prefer win32compat layer; guard with `#ifdef WINDOWS` when necessary; update VS projects for build system changes). - Summarize a plan, request approval between batches, and clearly list conflict resolutions and rationale. @@ -27,6 +29,7 @@ Quick start examples: - "Merge from tag `upstream/V_9_8_P1` into my current branch." - "Merge from tag `upstream/V_9_8_P1` to commit `a1b2c3d` into my current branch." - "Merge starting at commit `3a1b2c3`, upstream remote `upstream`, target current branch." +- "Merge from tag `upstream/V_10_0_P2` to `upstream/V_10_3_P1`, validation scenario `entra-id-debug-localhost`." If the Start ref is not provided, ask for it before proceeding. If the End ref is not provided, merging will continue to HEAD (most recent upstream commit). From a98c6bbf54f6805297309d12ba4a77512de3c934 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 15:30:25 -0400 Subject: [PATCH 678/687] Fix Windows build for PKCS#11 header merge Add a fallback to in the win32 compatibility header when the generated SYS_STAT_H macro is not defined. This preserves the new upstream-compatible include indirection without depending on local header-map generation. --- contrib/win32/win32compat/inc/sys/stat.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contrib/win32/win32compat/inc/sys/stat.h b/contrib/win32/win32compat/inc/sys/stat.h index 5e654fa7053b..f95fd2717539 100644 --- a/contrib/win32/win32compat/inc/sys/stat.h +++ b/contrib/win32/win32compat/inc/sys/stat.h @@ -1,7 +1,11 @@ #pragma once #include "..\crtheaders.h" #include "types.h" +#ifdef SYS_STAT_H #include SYS_STAT_H +#else +#include +#endif #define _S_IFLNK 0xA000 // symbolic link #define _S_IFSOCK 0xC000 // socket From fbfc9c8cf6cfcfedabbef0894cdc80a3d41caeb7 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 15:41:25 -0400 Subject: [PATCH 679/687] Fix Windows build for header-map merge updates Add a fallback to in the win32 compatibility header when FCNTL_H is not defined by the generated CRT header map. This keeps the new upstream-compatible include indirection from breaking local Windows builds. --- contrib/win32/win32compat/inc/fcntl.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contrib/win32/win32compat/inc/fcntl.h b/contrib/win32/win32compat/inc/fcntl.h index 94ed0fa3dfe3..009a1a19df2c 100644 --- a/contrib/win32/win32compat/inc/fcntl.h +++ b/contrib/win32/win32compat/inc/fcntl.h @@ -1,5 +1,9 @@ #include "crtheaders.h" +#ifdef FCNTL_H #include FCNTL_H +#else +#include +#endif /*fcntl commands*/ #define F_GETFL 0x1 From 2b460a35dbd7ce263244bb620df11246bb2ff597 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 15:52:18 -0400 Subject: [PATCH 680/687] Fix Windows build for time header indirection Add a fallback to in the win32 compatibility header when the generated TIME_H include path is not usable in the new indirect include form. This preserves the upstream-compatible structure without breaking the Windows build. --- contrib/win32/win32compat/inc/time.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contrib/win32/win32compat/inc/time.h b/contrib/win32/win32compat/inc/time.h index 80c4693105f6..7a88cf42a58d 100644 --- a/contrib/win32/win32compat/inc/time.h +++ b/contrib/win32/win32compat/inc/time.h @@ -1,5 +1,9 @@ #include "crtheaders.h" +#ifdef TIME_H #include TIME_H +#else +#include +#endif #define localtime w32_localtime #define ctime w32_ctime From bca4fcece59d3bb06ceed3b55838d16f5736c38c Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 16:31:22 -0400 Subject: [PATCH 681/687] Fix Windows build after V_10_3_P1 scratch merge - add win32compat wrapper headers for glob/tree/queue - make sftp-usergroup.h include glob.h for glob_t usage - fix Windows scp command loop variable declaration - update sys/types.h fallback include for generated header mapping - include ssherr-libcrypto/ssherr-nolibcrypto split sources in libssh project - align servconf type with upstream u_int --- contrib/win32/openssh/libssh.vcxproj | 7 ++++++- contrib/win32/win32compat/inc/glob.h | 6 ++++++ contrib/win32/win32compat/inc/sys/queue.h | 3 +++ contrib/win32/win32compat/inc/sys/tree.h | 3 +++ contrib/win32/win32compat/inc/sys/types.h | 17 +++++++++++------ servconf.h | 2 +- sftp-usergroup.h | 2 ++ 7 files changed, 32 insertions(+), 8 deletions(-) create mode 100644 contrib/win32/win32compat/inc/glob.h create mode 100644 contrib/win32/win32compat/inc/sys/queue.h create mode 100644 contrib/win32/win32compat/inc/sys/tree.h diff --git a/contrib/win32/openssh/libssh.vcxproj b/contrib/win32/openssh/libssh.vcxproj index c6cfe93058f3..9402f9cf4499 100644 --- a/contrib/win32/openssh/libssh.vcxproj +++ b/contrib/win32/openssh/libssh.vcxproj @@ -387,7 +387,6 @@ - @@ -438,6 +437,12 @@ + + true + + + true + diff --git a/contrib/win32/win32compat/inc/glob.h b/contrib/win32/win32compat/inc/glob.h new file mode 100644 index 000000000000..96c44a12adf1 --- /dev/null +++ b/contrib/win32/win32compat/inc/glob.h @@ -0,0 +1,6 @@ +#pragma once + +/* + * Windows build wrapper: route includes to portable compat header. + */ +#include "../../../../openbsd-compat/glob.h" diff --git a/contrib/win32/win32compat/inc/sys/queue.h b/contrib/win32/win32compat/inc/sys/queue.h new file mode 100644 index 000000000000..9d417e4508e0 --- /dev/null +++ b/contrib/win32/win32compat/inc/sys/queue.h @@ -0,0 +1,3 @@ +#pragma once + +#include "..\..\..\..\..\openbsd-compat\sys-queue.h" \ No newline at end of file diff --git a/contrib/win32/win32compat/inc/sys/tree.h b/contrib/win32/win32compat/inc/sys/tree.h new file mode 100644 index 000000000000..cc3192405c46 --- /dev/null +++ b/contrib/win32/win32compat/inc/sys/tree.h @@ -0,0 +1,3 @@ +#pragma once + +#include "..\..\..\..\..\openbsd-compat\sys-tree.h" \ No newline at end of file diff --git a/contrib/win32/win32compat/inc/sys/types.h b/contrib/win32/win32compat/inc/sys/types.h index 5cba442ece43..a74a620e25e2 100644 --- a/contrib/win32/win32compat/inc/sys/types.h +++ b/contrib/win32/win32compat/inc/sys/types.h @@ -1,6 +1,11 @@ #define __STDC__ 1 #include "..\crtheaders.h" + +#ifdef SYS_TYPES_H #include SYS_TYPES_H +#else +#include +#endif typedef _dev_t dev_t; typedef long long off_t; @@ -15,10 +20,10 @@ typedef int pid_t; typedef unsigned int nfds_t; /* copied from Windows SDK corecrt_wstdio.h to accomodate FILE definition via types.h in Unix */ -#ifndef _FILE_DEFINED -#define _FILE_DEFINED -typedef struct _iobuf -{ - void* _Placeholder; -} FILE; +#ifndef _FILE_DEFINED +#define _FILE_DEFINED +typedef struct _iobuf +{ + void* _Placeholder; +} FILE; #endif diff --git a/servconf.h b/servconf.h index b06db09e1090..ebe881acc5d8 100644 --- a/servconf.h +++ b/servconf.h @@ -223,7 +223,7 @@ typedef struct { u_int num_permitted_listens; char *chroot_directory; - uint num_revoked_keys_files; + u_int num_revoked_keys_files; char **revoked_keys_files; char *trusted_user_ca_keys; char *authorized_keys_command; diff --git a/sftp-usergroup.h b/sftp-usergroup.h index 2711faf3a881..0bb2d9be04b7 100644 --- a/sftp-usergroup.h +++ b/sftp-usergroup.h @@ -16,6 +16,8 @@ /* sftp client user/group lookup and caching */ +#include + /* Lookup uids/gids and populate cache */ void get_remote_user_groups_from_glob(struct sftp_conn *conn, glob_t *g); void get_remote_user_groups_from_dirents(struct sftp_conn *conn, SFTP_DIRENT **d); From f980b2e3c8c7b2cef9100b4eebaac6140f9e39c6 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 16:34:44 -0400 Subject: [PATCH 682/687] Sync clean branch files from scratch resolutions Copy remaining diverged files from scratch-merge-v10.3P1-20260410 to the clean merge branch so the single-merge branch matches the tested scratch conflict/build resolution state. --- clientloop.c | 6 +++ contrib/win32/openssh/config.ps1 | 4 +- contrib/win32/openssh/libssh.vcxproj | 4 +- contrib/win32/openssh/unittest-bitmap.vcxproj | 7 ++- .../win32/openssh/unittest-hostkeys.vcxproj | 7 ++- contrib/win32/openssh/unittest-kex.vcxproj | 7 ++- contrib/win32/openssh/unittest-match.vcxproj | 7 ++- contrib/win32/openssh/unittest-misc.vcxproj | 13 ++++- contrib/win32/openssh/unittest-sshbuf.vcxproj | 7 ++- contrib/win32/openssh/unittest-sshkey.vcxproj | 7 ++- contrib/win32/openssh/unittest-utf8.vcxproj | 7 ++- .../openssh/unittest-win32compat.vcxproj | 7 ++- .../libfido2/portfile.cmake | 9 ++++ contrib/win32/win32compat/inc/dirent.h | 11 +++- contrib/win32/win32compat/inc/ifaddrs.h | 18 +++++++ contrib/win32/win32compat/inc/netgroup.h | 4 ++ contrib/win32/win32compat/inc/paths.h | 13 +++++ contrib/win32/win32compat/inc/signal.h | 1 + contrib/win32/win32compat/inc/util.h | 6 +++ .../win32compat/ssh-agent/keyagent-request.c | 53 ++++++++++++++++--- contrib/win32/win32compat/w32-doexec.c | 6 +-- kexmlkem768x25519.c | 2 + loginrec.c | 4 ++ misc-agent.c | 9 ++++ readpass.c | 2 + regress/unittests/win32compat/tests.c | 6 +++ sftp-common.c | 2 + ssh.c | 2 + umac.c | 2 + 29 files changed, 200 insertions(+), 33 deletions(-) create mode 100644 contrib/win32/win32compat/inc/ifaddrs.h create mode 100644 contrib/win32/win32compat/inc/netgroup.h create mode 100644 contrib/win32/win32compat/inc/paths.h create mode 100644 contrib/win32/win32compat/inc/util.h diff --git a/clientloop.c b/clientloop.c index 96647eff389d..237eec9b7eec 100644 --- a/clientloop.c +++ b/clientloop.c @@ -69,7 +69,9 @@ #include #include +#ifdef HAVE_PATHS_H #include +#endif #include #include #include @@ -107,6 +109,10 @@ /* Uncertainty (in percent) of keystroke timing intervals */ #define SSH_KEYSTROKE_TIMING_FUZZ 10 +#ifndef PLEDGE_EXTRA_INET +#define PLEDGE_EXTRA_INET "" +#endif + /* import options */ extern Options options; diff --git a/contrib/win32/openssh/config.ps1 b/contrib/win32/openssh/config.ps1 index 1befe6828e1a..e3c6ff842845 100644 --- a/contrib/win32/openssh/config.ps1 +++ b/contrib/win32/openssh/config.ps1 @@ -12,8 +12,10 @@ foreach ($header in $headers) { { $entry = "#define " + $header.ToUpper().Replace(".","_").Replace("\","_") + " `"" + (Join-Path $path $header) + "`"" Add-Content -Path $OutCRTHeader -Value $entry + Start-Sleep -Milliseconds 200 break } } -} \ No newline at end of file +} + diff --git a/contrib/win32/openssh/libssh.vcxproj b/contrib/win32/openssh/libssh.vcxproj index 9402f9cf4499..c9fb2ee46cad 100644 --- a/contrib/win32/openssh/libssh.vcxproj +++ b/contrib/win32/openssh/libssh.vcxproj @@ -409,6 +409,7 @@ + @@ -421,9 +422,6 @@ - - true - true diff --git a/contrib/win32/openssh/unittest-bitmap.vcxproj b/contrib/win32/openssh/unittest-bitmap.vcxproj index 506c13718118..2e6eaa8e10d5 100644 --- a/contrib/win32/openssh/unittest-bitmap.vcxproj +++ b/contrib/win32/openssh/unittest-bitmap.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -423,4 +426,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-hostkeys.vcxproj b/contrib/win32/openssh/unittest-hostkeys.vcxproj index 002f2fe8ed8e..b7e832b3049d 100644 --- a/contrib/win32/openssh/unittest-hostkeys.vcxproj +++ b/contrib/win32/openssh/unittest-hostkeys.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -436,4 +439,4 @@ copy /Y "$(SolutionDir)\vcpkg_installed\$(VcpkgTriplet)\$(VcpkgTriplet)\bin\libc - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-kex.vcxproj b/contrib/win32/openssh/unittest-kex.vcxproj index e5a96fe87991..2e1aa1cf233e 100644 --- a/contrib/win32/openssh/unittest-kex.vcxproj +++ b/contrib/win32/openssh/unittest-kex.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -436,4 +439,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-match.vcxproj b/contrib/win32/openssh/unittest-match.vcxproj index 1c02a0c2ea3c..bb515e795296 100644 --- a/contrib/win32/openssh/unittest-match.vcxproj +++ b/contrib/win32/openssh/unittest-match.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -423,4 +426,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-misc.vcxproj b/contrib/win32/openssh/unittest-misc.vcxproj index 51ad471ecb6a..1aca33d5814f 100644 --- a/contrib/win32/openssh/unittest-misc.vcxproj +++ b/contrib/win32/openssh/unittest-misc.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -431,6 +434,12 @@ true + + true + + + true + true @@ -442,4 +451,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-sshbuf.vcxproj b/contrib/win32/openssh/unittest-sshbuf.vcxproj index f62731102ce6..046c2c2bfdb7 100644 --- a/contrib/win32/openssh/unittest-sshbuf.vcxproj +++ b/contrib/win32/openssh/unittest-sshbuf.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -447,4 +450,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-sshkey.vcxproj b/contrib/win32/openssh/unittest-sshkey.vcxproj index 747c7ab12fd1..b9592791d589 100644 --- a/contrib/win32/openssh/unittest-sshkey.vcxproj +++ b/contrib/win32/openssh/unittest-sshkey.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -448,4 +451,4 @@ copy /Y "$(SolutionDir)\vcpkg_installed\$(VcpkgTriplet)\$(VcpkgTriplet)\bin\libc - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-utf8.vcxproj b/contrib/win32/openssh/unittest-utf8.vcxproj index 2f66e53516fc..717b8bc2da76 100644 --- a/contrib/win32/openssh/unittest-utf8.vcxproj +++ b/contrib/win32/openssh/unittest-utf8.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -205,4 +208,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/unittest-win32compat.vcxproj b/contrib/win32/openssh/unittest-win32compat.vcxproj index b13287fc01e6..d67b5b3633c9 100644 --- a/contrib/win32/openssh/unittest-win32compat.vcxproj +++ b/contrib/win32/openssh/unittest-win32compat.vcxproj @@ -1,6 +1,9 @@ - + + + false + Debug @@ -444,4 +447,4 @@ - \ No newline at end of file + diff --git a/contrib/win32/openssh/vcpkg_overlay_ports/libfido2/portfile.cmake b/contrib/win32/openssh/vcpkg_overlay_ports/libfido2/portfile.cmake index ca1a54b1a567..1aae22e8b338 100644 --- a/contrib/win32/openssh/vcpkg_overlay_ports/libfido2/portfile.cmake +++ b/contrib/win32/openssh/vcpkg_overlay_ports/libfido2/portfile.cmake @@ -12,6 +12,14 @@ vcpkg_from_github( string(COMPARE EQUAL "${VCPKG_LIBRARY_LINKAGE}" "static" LIBFIDO2_BUILD_STATIC) string(COMPARE EQUAL "${VCPKG_LIBRARY_LINKAGE}" "dynamic" LIBFIDO2_BUILD_SHARED) +set(LIBFIDO2_MSVC_FLAGS) +if(VCPKG_TARGET_IS_WINDOWS) + list(APPEND LIBFIDO2_MSVC_FLAGS + "-DCMAKE_C_FLAGS_RELEASE=${VCPKG_C_FLAGS_RELEASE} /Z7" + "-DCMAKE_C_FLAGS_RELWITHDEBINFO=${VCPKG_C_FLAGS_RELWITHDEBINFO} /Z7" + ) +endif() + vcpkg_cmake_configure( SOURCE_PATH "${SOURCE_PATH}" OPTIONS @@ -20,6 +28,7 @@ vcpkg_cmake_configure( -DBUILD_STATIC_LIBS=${LIBFIDO2_BUILD_STATIC} -DBUILD_SHARED_LIBS=${LIBFIDO2_BUILD_SHARED} -DBUILD_TOOLS=OFF + ${LIBFIDO2_MSVC_FLAGS} ) vcpkg_cmake_install() diff --git a/contrib/win32/win32compat/inc/dirent.h b/contrib/win32/win32compat/inc/dirent.h index d1441a6c92c2..c4d4fee7e934 100644 --- a/contrib/win32/win32compat/inc/dirent.h +++ b/contrib/win32/win32compat/inc/dirent.h @@ -7,7 +7,16 @@ #ifndef __DIRENT_H__ #define __DIRENT_H__ -#include +/* Undef the mkdir macro before including direct.h so the SDK's one-arg + * mkdir declaration doesn't conflict with our two-arg w32_mkdir macro + * already installed by sys/stat.h. Restore it afterward. */ +#ifdef mkdir +# undef mkdir +# include +# define mkdir w32_mkdir +#else +# include +#endif #include #include #include "..\misc_internal.h" diff --git a/contrib/win32/win32compat/inc/ifaddrs.h b/contrib/win32/win32compat/inc/ifaddrs.h new file mode 100644 index 000000000000..cc553caaaab4 --- /dev/null +++ b/contrib/win32/win32compat/inc/ifaddrs.h @@ -0,0 +1,18 @@ +#pragma once + +/* + * Minimal ifaddrs declarations for builds where HAVE_IFADDRS_H is unset. + * Call sites are typically gated by HAVE_IFADDRS_H. + */ +struct ifaddrs { + struct ifaddrs *ifa_next; + char *ifa_name; + unsigned int ifa_flags; + void *ifa_addr; + void *ifa_netmask; + void *ifa_dstaddr; + void *ifa_data; +}; + +int getifaddrs(struct ifaddrs **ifap); +void freeifaddrs(struct ifaddrs *ifa); diff --git a/contrib/win32/win32compat/inc/netgroup.h b/contrib/win32/win32compat/inc/netgroup.h new file mode 100644 index 000000000000..3df6873258b4 --- /dev/null +++ b/contrib/win32/win32compat/inc/netgroup.h @@ -0,0 +1,4 @@ +#pragma once + +/* netgroup is unavailable on Windows; keep declaration for guarded call sites. */ +int innetgr(const char *netgroup, const char *host, const char *user, const char *domain); diff --git a/contrib/win32/win32compat/inc/paths.h b/contrib/win32/win32compat/inc/paths.h new file mode 100644 index 000000000000..7d8bf8fe9147 --- /dev/null +++ b/contrib/win32/win32compat/inc/paths.h @@ -0,0 +1,13 @@ +#pragma once + +#ifndef _PATH_DEVNULL +#define _PATH_DEVNULL "NUL" +#endif + +#ifndef _PATH_TTY +#define _PATH_TTY "conin$" +#endif + +#ifndef _PATH_STDPATH +#define _PATH_STDPATH "" +#endif diff --git a/contrib/win32/win32compat/inc/signal.h b/contrib/win32/win32compat/inc/signal.h index 8017239081e2..b209534f02bd 100644 --- a/contrib/win32/win32compat/inc/signal.h +++ b/contrib/win32/win32compat/inc/signal.h @@ -45,6 +45,7 @@ typedef void(*sighandler_t)(int); typedef int sigset_t; #define sigemptyset(set) (memset( (set), 0, sizeof(sigset_t))) +#define sigfillset(set) (memset((set), 0xFF, sizeof(sigset_t))) #define sigaddset(set, sig) ( (*(set)) |= (0x80000000 >> (sig))) #define sigismember(set, sig) ( (*(set) & (0x80000000 >> (sig)))?1:0 ) #define sigdelset(set, sig) ( (*(set)) &= (~( 0x80000000 >> (sig)) ) ) diff --git a/contrib/win32/win32compat/inc/util.h b/contrib/win32/win32compat/inc/util.h new file mode 100644 index 000000000000..34e5c0b0dce9 --- /dev/null +++ b/contrib/win32/win32compat/inc/util.h @@ -0,0 +1,6 @@ +#pragma once + +/* + * Windows build compatibility shim for BSD includes. + * OpenSSH portability declarations are provided via openbsd-compat headers. + */ diff --git a/contrib/win32/win32compat/ssh-agent/keyagent-request.c b/contrib/win32/win32compat/ssh-agent/keyagent-request.c index b9b4b036e19b..c200434548a6 100644 --- a/contrib/win32/win32compat/ssh-agent/keyagent-request.c +++ b/contrib/win32/win32compat/ssh-agent/keyagent-request.c @@ -33,6 +33,7 @@ #include "agent-request.h" #include "config.h" #include "match.h" +#include "openbsd-compat/sys-queue.h" #include #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" @@ -54,14 +55,54 @@ extern int remote_add_provider; * while system keys (host keys) in HKLM */ -extern struct sshkey * -lookup_key(const struct sshkey *k); +struct p11_identity { + TAILQ_ENTRY(p11_identity) next; + struct sshkey *key; + char *provider; +}; -extern void -add_key(struct sshkey *k, char *name); +TAILQ_HEAD(p11_idlist, p11_identity); +static struct p11_idlist p11_identities = TAILQ_HEAD_INITIALIZER(p11_identities); -extern void -del_all_keys(); +static struct sshkey * +lookup_key(const struct sshkey *k) +{ + struct p11_identity *id; + + TAILQ_FOREACH(id, &p11_identities, next) { + if (sshkey_equal(k, id->key)) + return id->key; + } + return NULL; +} + +static void +add_key(struct sshkey *k, char *name) +{ + struct p11_identity *id; + + if (lookup_key(k) != NULL) { + sshkey_free(k); + return; + } + id = xcalloc(1, sizeof(*id)); + id->key = k; + id->provider = xstrdup(name); + TAILQ_INSERT_TAIL(&p11_identities, id, next); +} + +static void +del_all_keys(void) +{ + struct p11_identity *id; + + while ((id = TAILQ_FIRST(&p11_identities)) != NULL) { + TAILQ_REMOVE(&p11_identities, id, next); + sshkey_free(id->key); + free(id->provider); + free(id); + } +} static int get_user_root(struct agent_connection* con, HKEY *root) diff --git a/contrib/win32/win32compat/w32-doexec.c b/contrib/win32/win32compat/w32-doexec.c index f996f7ebe5e0..d556c0b82537 100644 --- a/contrib/win32/win32compat/w32-doexec.c +++ b/contrib/win32/win32compat/w32-doexec.c @@ -474,14 +474,12 @@ int do_exec_windows(struct ssh *ssh, Session *s, const char *command, int pty) { */ if (pty) { /* Set interactive/non-interactive mode */ - ssh_packet_set_interactive(ssh, 1, options.ip_qos_interactive, - options.ip_qos_bulk); + ssh_packet_set_interactive(ssh, 1); session_set_fds(ssh, s, pipein[1], pipeout[0], -1, 1, 1); } else { /* Set interactive/non-interactive mode */ - ssh_packet_set_interactive(ssh, s->display != NULL, options.ip_qos_interactive, - options.ip_qos_bulk); + ssh_packet_set_interactive(ssh, s->display != NULL); session_set_fds(ssh, s, pipein[1], pipeout[0], pipeerr[0], s->is_subsystem, 0); } diff --git a/kexmlkem768x25519.c b/kexmlkem768x25519.c index 2585d1db3935..059ace2f1d42 100644 --- a/kexmlkem768x25519.c +++ b/kexmlkem768x25519.c @@ -32,7 +32,9 @@ #include #include #include +#ifndef _WIN32 #include +#endif #include "sshkey.h" #include "kex.h" diff --git a/loginrec.c b/loginrec.c index 7499aa975625..36048c06ea1d 100644 --- a/loginrec.c +++ b/loginrec.c @@ -136,7 +136,9 @@ #include #include #include +#ifdef HAVE_PATHS_H #include +#endif #include #include #include @@ -158,7 +160,9 @@ #include "ssherr.h" #include "misc.h" +#ifdef HAVE_UTIL_H # include +#endif #ifdef USE_WTMPDB # include diff --git a/misc-agent.c b/misc-agent.c index cb61405a7f49..b4f8d1bcd353 100644 --- a/misc-agent.c +++ b/misc-agent.c @@ -263,6 +263,14 @@ socket_is_stale(const char *path) return 0; } +#ifdef _WIN32 +void +agent_cleanup_stale(const char *homedir, int ignore_hosthash) +{ + (void)homedir; + (void)ignore_hosthash; +} +#else #ifndef HAVE_FSTATAT # define fstatat(x, y, buf, z) lstat(path, buf) #endif @@ -355,3 +363,4 @@ agent_cleanup_stale(const char *homedir, int ignore_hosthash) #undef unlinkat #undef fstatat +#endif /* _WIN32 */ diff --git a/readpass.c b/readpass.c index b2e28b47a90a..c0dba6d91281 100644 --- a/readpass.c +++ b/readpass.c @@ -30,7 +30,9 @@ #include #include +#ifndef _WIN32 #include +#endif #include #include #include diff --git a/regress/unittests/win32compat/tests.c b/regress/unittests/win32compat/tests.c index ae27730dc757..de2ec4c79563 100644 --- a/regress/unittests/win32compat/tests.c +++ b/regress/unittests/win32compat/tests.c @@ -27,6 +27,12 @@ tests() miscellaneous_tests(); } +void +benchmarks(void) +{ + printf("no benchmarks\n"); +} + char * dup_str(char *inStr) { diff --git a/sftp-common.c b/sftp-common.c index eb5cc2b8212d..70ae072443be 100644 --- a/sftp-common.c +++ b/sftp-common.c @@ -37,7 +37,9 @@ #include #include #include +#ifdef HAVE_UTIL_H #include +#endif #include "xmalloc.h" #include "ssherr.h" diff --git a/ssh.c b/ssh.c index 0be81a25b946..8eb338d3b938 100644 --- a/ssh.c +++ b/ssh.c @@ -54,7 +54,9 @@ #include #include #include +#ifdef HAVE_PATHS_H #include +#endif #include #include #include diff --git a/umac.c b/umac.c index 66e6ffe3c3b1..e757ea52915f 100644 --- a/umac.c +++ b/umac.c @@ -74,7 +74,9 @@ #include "includes.h" #include +#ifndef _WIN32 #include +#endif #include #include #include From d6ce452e1a9131d3e65daf3d2f04cdbd947f20b9 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 16:37:04 -0400 Subject: [PATCH 683/687] Document V_10_3_P1 merge conflict resolutions Add a reviewer-facing summary of conflict-resolution strategies, build fixes, and validation outcomes for both scratch and clean branch merge phases. --- MERGE_V10_3_P1_CONFLICT_RESOLUTION.md | 122 ++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 MERGE_V10_3_P1_CONFLICT_RESOLUTION.md diff --git a/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md b/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md new file mode 100644 index 000000000000..d5b2256fdf68 --- /dev/null +++ b/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md @@ -0,0 +1,122 @@ +# Merge V_10_3_P1 Conflict Resolution Notes + +Date: 2026-04-10 + +## Workflow Summary + +- Scratch branch: scratch-merge-v10.3P1-20260410 +- Clean branch: merge-v10.3P1-20260410 +- Upstream target: V_10_3_P1 (peeled commit 2d98db98331803cbb820211b2fb0d31a6e71e58e) +- Strategy used: + - Resolve incrementally on scratch branch with build verification after each batch. + - Perform one full merge on clean branch. + - Resolve clean branch conflicts by copying already-resolved files from scratch. + - Apply minimal post-merge fix commits. + +## Conflict Resolution Strategy Patterns + +### 1. Release-generated files: accept upstream + +Used for add/add or generated-content conflicts where upstream release artifacts are authoritative. + +Representative files: +- ChangeLog +- config.h.in +- configure +- moduli.0 +- scp.0 +- sftp-server.0 +- sftp.0 +- ssh-add.0 +- ssh-agent.0 +- ssh-keygen.0 +- ssh-keyscan.0 +- ssh-keysign.0 +- ssh-pkcs11-helper.0 +- ssh-sk-helper.0 +- ssh.0 +- ssh_config.0 +- sshd.0 +- sshd_config.0 + +### 2. .gitignore: combine + +Kept existing fork-specific ignore coverage and merged upstream additions (for example *~), avoiding regressions in Windows fork ignore behavior. + +### 3. Regress script combine for Windows behavior + +File: +- regress/sftp-cmds.sh + +Resolution: +- Took upstream helper refactor. +- Preserved fork-specific Windows shell-output matching behavior to keep test compatibility. + +### 4. Clean branch conflicts: copy from scratch + +For the final single merge on clean branch, unresolved files were copied directly from scratch branch resolved versions, matching the requested process and preserving the reviewed conflict outcomes. + +## Build Fixes Applied + +### Header indirection/fallback compatibility fixes + +Files: +- contrib/win32/win32compat/inc/sys/stat.h +- contrib/win32/win32compat/inc/fcntl.h +- contrib/win32/win32compat/inc/time.h +- contrib/win32/win32compat/inc/sys/types.h + +Resolution: +- Added guarded fallbacks to standard CRT headers when generated header-map macros were not usable in this environment. + +### Missing compatibility wrapper headers for new includes + +Added files: +- contrib/win32/win32compat/inc/glob.h +- contrib/win32/win32compat/inc/sys/queue.h +- contrib/win32/win32compat/inc/sys/tree.h +- contrib/win32/win32compat/inc/ifaddrs.h +- contrib/win32/win32compat/inc/netgroup.h +- contrib/win32/win32compat/inc/paths.h +- contrib/win32/win32compat/inc/util.h + +### Source/build integration adjustments + +Files: +- scp.c +- sftp-usergroup.h +- contrib/win32/openssh/libssh.vcxproj +- contrib/win32/openssh/unittest-*.vcxproj (multiple) +- servconf.h + +Resolution: +- Fixed Windows compile-scope issue in scp command execution path. +- Ensured glob_t declarations are visible where required. +- Synced project file source lists with current upstream/fork code split. +- Applied type alignment in servconf struct field. + +## Validation Results + +### Build validation + +- Scratch branch: build successful after fixes. +- Clean branch: build successful after copying scratch resolutions and applying post-merge fixes. +- Parsed result: all 14 expected artifacts present, no compile/link errors. + +### Warning status + +- Warning set remained at the known baseline pattern (C4047 sites in clientloop/serverloop). +- No additional warning category delta was introduced by merge resolution/fix commits. + +### Functionality test + +- Automated functionality test could not run in this environment due missing Administrator privileges. +- Tool reported: Administrator privileges required for service install/user management. + +## Notes for Review + +Reviewers should focus on: +- Combined resolution behavior in .gitignore and regress/sftp-cmds.sh. +- Windows compatibility header fallbacks and wrapper headers. +- VCXPROJ synchronization changes for source/include expectations. +- Clean branch post-merge sync commit that copies scratch-proven results. From 8de26721737f11d7c48eab9137a93e03a86d4ef7 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Fri, 10 Apr 2026 17:04:05 -0400 Subject: [PATCH 684/687] Fix Windows split sshd-session state flow Keep banner exchange in sshd-auth for the split 10.3 flow and restore the post-auth monitor message ordering expected by the sshd-session -z child. Also update the V_10_3_P1 conflict resolution notes with the successful elevated entra-id-debug-localhost validation result. --- MERGE_V10_3_P1_CONFLICT_RESOLUTION.md | 8 ++++++-- sshd-session.c | 20 +------------------- 2 files changed, 7 insertions(+), 21 deletions(-) diff --git a/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md b/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md index d5b2256fdf68..6cf4358b0868 100644 --- a/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md +++ b/MERGE_V10_3_P1_CONFLICT_RESOLUTION.md @@ -88,12 +88,14 @@ Files: - contrib/win32/openssh/libssh.vcxproj - contrib/win32/openssh/unittest-*.vcxproj (multiple) - servconf.h +- sshd-session.c Resolution: - Fixed Windows compile-scope issue in scp command execution path. - Ensured glob_t declarations are visible where required. - Synced project file source lists with current upstream/fork code split. - Applied type alignment in servconf struct field. +- Corrected the Windows split-session privsep state flow so the post-auth `sshd-session -z` child reads the saved identification-exchange state before the authenticated user context. ## Validation Results @@ -110,8 +112,10 @@ Resolution: ### Functionality test -- Automated functionality test could not run in this environment due missing Administrator privileges. -- Tool reported: Administrator privileges required for service install/user management. +- Validation scenario used: `entra-id-debug-localhost`. +- Ran `sshd.exe -ddd` elevated and validated with the rebuilt `ssh.exe` against `localhost`. +- Result after the follow-up `sshd-session.c` fix: public-key authentication succeeded, `whoami` executed successfully, and the session exited with status 0. +- Observed command output: `NORTHAMERICA+tessgauthier`. ## Notes for Review diff --git a/sshd-session.c b/sshd-session.c index 97ee37807072..3d0284a79c6a 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -650,6 +650,7 @@ privsep_preauth(struct ssh *ssh) #ifdef FORK_NOT_SUPPORTED if (privsep_auth_child) { Authctxt *authctxt = ssh->authctxt; + recv_idexch_state(ssh, PRIVSEP_MONITOR_FD); recv_autxctx_state(authctxt, PRIVSEP_MONITOR_FD); authctxt->pw = getpwnamallow(ssh, authctxt->user); authctxt->valid = 1; @@ -1691,13 +1692,6 @@ main(int ac, char **av) rdomain = ssh_packet_rdomain_in(ssh); -#ifdef WINDOWS - if (privsep_auth_child) { - recv_idexch_state(ssh, PRIVSEP_MONITOR_FD); - goto idexch_done; - } -#endif /* WINDOWS */ - /* Log the connection. */ laddr = get_local_ipaddr(sock_in); verbose("Connection from %s port %d on %s port %d%s%s%s", @@ -1731,18 +1725,6 @@ main(int ac, char **av) fatal("login grace time setitimer failed"); } - if ((r = kex_exchange_identification(ssh, -1, - options.version_addendum)) != 0) -#ifdef WINDOWS - { - send_kex_exch_exit_code_telemetry(r); -#endif /* WINDOWS */ - sshpkt_fatal(ssh, r, "banner exchange"); -#ifdef WINDOWS - } - send_kex_exch_exit_code_telemetry(0); -#endif /* WINDOWS */ -idexch_done: ssh_packet_set_nonblocking(ssh); /* allocate authentication context */ From 9d35123cd89de7065602e5982ea5a393ead8c64d Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Mon, 13 Apr 2026 11:19:07 -0400 Subject: [PATCH 685/687] update instructions --- .../merge/merge-details.instructions.md | 19 +++++++++++++++++++ .github/instructions/testing.instructions.md | 10 ++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index a01f5cd605b4..2f57af4b21eb 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -215,6 +215,20 @@ FUNCTION add_source_to_project(project_file, source_file): insert_into_project_file(project_file, new_line) ``` +### Pattern 4: OpenSSH 10.3 Split-sshd State Ordering (Windows) + +When upstream changes split pre-auth work between `sshd-session` and `sshd-auth`, preserve the state/message ordering exactly. + +- `sshd-session` (listener/monitor side) should not perform banner exchange that upstream moved to `sshd-auth`. +- For Windows `FORK_NOT_SUPPORTED` post-auth child (`sshd-session -z`), monitor message order matters: + - Receive identification-exchange state first. + - Then receive authenticated user context. + +If this ordering is wrong, common symptoms are: +- pre-auth failures such as banner parsing or signature mismatches +- post-auth `Invalid user` with empty username +- monitor keystate errors like `incomplete message` + ## Common Conflict Patterns ### File System Operations @@ -222,6 +236,11 @@ FUNCTION add_source_to_project(project_file, source_file): - **Signal handling** → Use Windows event mechanisms - **File permissions** → Adapt to Windows ACL model +### Privsep and Monitor State Transitions (Windows) +- For split `sshd-session` / `sshd-auth` flows, keep sender/receiver message ordering identical across monitor channels. +- Do not add ad-hoc state shuttling unless both sender and receiver are updated in lockstep. +- When debugging, verify the first protocol failure point (banner exchange vs KEX vs post-auth keystate) before changing multiple stages at once. + ### Build System Changes - **Makefile additions** → Update Visual Studio project files (use `\r\n` line endings) - **New dependencies** → Check Windows compatibility diff --git a/.github/instructions/testing.instructions.md b/.github/instructions/testing.instructions.md index 8d7d2fd2f47e..f4544d8b5877 100644 --- a/.github/instructions/testing.instructions.md +++ b/.github/instructions/testing.instructions.md @@ -107,13 +107,13 @@ In this scenario, do not create a temporary local user and random password. Inst ### Steps 1. Open terminal A in the build output directory and run sshd in foreground debug mode: ```pwsh -cd .\contrib\win32\openssh\x64\Release +cd .\bin\x64\Release .\sshd.exe -ddd ``` 2. Open terminal B and attempt local key-based connection: ```pwsh -ssh localhost +.\ssh.exe localhost ``` 3. Confirm validation success by checking both sides: @@ -124,6 +124,8 @@ ssh localhost - This mode is intended for machines that already have admin key-based auth configured. - Keep `sshd -ddd` running only for validation and stop it after the test. - Use this scenario instead of `Test-OpenSSHFunctionality` when declared in the prompt. +- Use the rebuilt client and server from the same output directory (`.\bin\x64\Release`) to avoid version-mismatch handshake artifacts. +- Do not run extra port probes (for example `Test-NetConnection localhost -Port 22`) between starting `sshd -ddd` and the first `ssh` attempt; probes can consume the one foreground debug session and produce misleading connection-reset/refused behavior. ## Manual Testing Procedures (For Troubleshooting Only) @@ -276,8 +278,8 @@ Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SSH*"} - **Parameters**: (use defaults) If the prompt declares `Validation scenario=entra-id-debug-localhost`, use the Entra-ID debug localhost flow instead: - - Run `.\sshd.exe -ddd` in one terminal - - Run `ssh localhost` in another terminal + - Run `.\sshd.exe -ddd` in one terminal from `.\bin\x64\Release` + - Run `.\ssh.exe localhost` in another terminal from `.\bin\x64\Release` - Report outcome from both client connection behavior and server debug logs 2. **If test passes**, the merge is validated for basic SSH functionality From 276ac7a9be41b6e4a0831a47b5794034ca87b652 Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Mon, 13 Apr 2026 11:27:39 -0400 Subject: [PATCH 686/687] fix workflow merge --- .../merge/merge-details.instructions.md | 18 ++++++++++++++++++ .../merge-process-overview.instructions.md | 10 ++++++++-- .github/workflows/c-cpp.yml | 9 +++++---- .github/workflows/selfhosted.yml | 5 +++-- .github/workflows/vm.yml | 9 +++++---- 5 files changed, 39 insertions(+), 12 deletions(-) diff --git a/.github/instructions/merge/merge-details.instructions.md b/.github/instructions/merge/merge-details.instructions.md index 2f57af4b21eb..27db390e5b1b 100644 --- a/.github/instructions/merge/merge-details.instructions.md +++ b/.github/instructions/merge/merge-details.instructions.md @@ -579,8 +579,26 @@ FUNCTION prepare_pull_request(): labels: ["upstream-merge", determine_complexity_label()], assignees: get_default_reviewers() } + +FUNCTION normalize_fork_workflow_triggers(): + workflow_files = list_files(".github/workflows/*.yml") + + FOR EACH wf IN workflow_files: + // Policy for PowerShell Windows fork: dispatch-only upstream workflows + ensure_trigger_enabled(wf, "workflow_dispatch") + disable_trigger(wf, "push") + disable_trigger(wf, "pull_request") + disable_trigger(wf, "schedule") + + RETURN "workflow triggers normalized for fork policy" ``` +### Workflow Trigger Policy (Windows Fork) +- Upstream workflow files merged into this fork should default to manual invocation only. +- Keep `workflow_dispatch` active. +- Disable automatic triggers (`push`, `pull_request`, `schedule`) unless the Windows fork explicitly depends on them. +- During final merge review, verify `.github/workflows/*.yml` trigger blocks are policy-compliant. + ## Commit Message Template ``` diff --git a/.github/instructions/merge/merge-process-overview.instructions.md b/.github/instructions/merge/merge-process-overview.instructions.md index 43b6eb1606d9..8cfa7b8de472 100644 --- a/.github/instructions/merge/merge-process-overview.instructions.md +++ b/.github/instructions/merge/merge-process-overview.instructions.md @@ -321,12 +321,17 @@ The process consists of several interconnected phases: - Title: `Merge upstream OpenSSH ` - Include comprehensive description of changes and resolutions -16. **Address CI/test failures:** +16. **Normalize upstream workflow triggers for Windows fork:** + - Ensure merged upstream workflow files under `.github/workflows/*.yml` are dispatch-only in this fork. + - Keep `workflow_dispatch` enabled and disable automatic triggers (`push`, `pull_request`, `schedule`) unless explicitly required for this fork. + - Preserve trigger blocks as commented context where practical so future re-syncs are straightforward. + +17. **Address CI/test failures:** - Monitor automated tests - Fix any Windows-specific test failures - Ensure all checks pass -17. **Request review:** +18. **Request review:** - Tag appropriate PowerShell team reviewers - Provide context for complex conflict resolutions @@ -339,6 +344,7 @@ The process consists of several interconnected phases: - [ ] Solution builds successfully on Windows - [ ] Basic SSH connection test passes - [ ] All CI tests pass +- [ ] Upstream workflow triggers normalized to dispatch-only for this fork - [ ] PR approved and ready for merge --- diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 02cd10bfbb6e..ee64e72e214a 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -11,10 +11,11 @@ name: CI # LTESTS: Override the set of tests run. on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/*.sh', '.github/workflows/c-cpp.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/*.sh', '.github/workflows/c-cpp.yml' ] + workflow_dispatch: # disabled for win32-openssh fork + # push: + # paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/*.sh', '.github/workflows/c-cpp.yml' ] + # pull_request: + # paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/*.sh', '.github/workflows/c-cpp.yml' ] jobs: ci: diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml index aa01c8b296a9..40c122480797 100644 --- a/.github/workflows/selfhosted.yml +++ b/.github/workflows/selfhosted.yml @@ -1,8 +1,9 @@ name: CI self-hosted on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/selfhosted.yml' ] + workflow_dispatch: # disabled for win32-openssh fork + # push: + # paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/run_tests.sh', '.github/workflows/selfhosted.yml' ] jobs: selfhosted: diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml index dbfd6c186c33..d3bb5eef0fdb 100644 --- a/.github/workflows/vm.yml +++ b/.github/workflows/vm.yml @@ -10,10 +10,11 @@ name: CI VM on: - push: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] - pull_request: - paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] + workflow_dispatch: # disabled for win32-openssh fork + # push: + # paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] + # pull_request: + # paths: [ '**.c', '**.h', '**.m4', '**.sh', '**/Makefile.in', 'configure.ac', '.github/configs', '.github/workflows/vm.yml' ] jobs: dragonflybsd: From d9816b8c9ef07d1fa924ee7342ecf846a6f5299a Mon Sep 17 00:00:00 2001 From: Tess Gauthier Date: Mon, 13 Apr 2026 11:48:16 -0400 Subject: [PATCH 687/687] Update OpenSSH version to 10.3.0.0 --- contrib/win32/openssh/version.rc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/contrib/win32/openssh/version.rc b/contrib/win32/openssh/version.rc index 6436c00e398f..2a4215f6059e 100644 --- a/contrib/win32/openssh/version.rc +++ b/contrib/win32/openssh/version.rc @@ -51,8 +51,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 10,0,0,0 - PRODUCTVERSION 10,0,0,0 + FILEVERSION 10,3,0,0 + PRODUCTVERSION 10,3,0,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -67,9 +67,9 @@ BEGIN BEGIN BLOCK "040904b0" BEGIN - VALUE "FileVersion", "10.0.0.0" + VALUE "FileVersion", "10.3.0.0" VALUE "ProductName", "OpenSSH for Windows" - VALUE "ProductVersion", "OpenSSH_10.0p2 for Windows" + VALUE "ProductVersion", "OpenSSH_10.3p1 for Windows" END END BLOCK "VarFileInfo"